Geo-locating WiFi data (or Vibe coding with Google, Apple WLS and Wigle) - Justin Williams

[Music] Okay, good morning everybody. [Laughter] >> Okay, so just a little bit about me. I'm Justin. I'm a reformed accountant. I'm also a group CISO at MTN for the last nine and a half years or so. I've had an interest in technology. I think like Jason and many others for quite some time. Started hacking and playing around with the BBC Micro back in the early 80s. So, what am I talking about today? Well, a whole bunch of things. So, I hope I don't lose you along the way. But where does it all start? Well, it starts with some war driving. Now, you know, many years ago, we had big Wi-Fi antennas, chucked them in the back of the car, and

we're driving around looking to see what we could find, running Kismmet on a laptop and a bunch of stuff. You can still do that, but now there's a lot of other options as well. You can do it as simply as running an app on your phone. So, one can see there's my Android phone. I'm running Wiggle Wi-Fi. And since I left home this morning, I've driven or walked past 350 odd Wi-Fi, 13,000 Bluetooth devices, and picked up four cell phone towers I had never seen before. And that's just on one of the phones. There's a couple more sitting in my bag here checking what's going on. Um, so it's something that's easy to do and anybody can do it, but you can also

still, you know, get a large battery pack, get some Raspberry Pies, get some DC powered USB hubs and plug in a whole ton of aerials and drive it around and collect a whole lot more data if you want. Um, but it's easy. You just get the app, start collecting, you can contribute, and you can start competing. And there's a leaderboard on Wiggle, and you can see a whole lot of cool stuff there. you can see over time what you're busy collecting and how you're doing relative to other people in the world. So that's actually quite nice and it gets highly competitive. Um, but then there's the so what. Okay, so that is now a map of

South Africa mapping out all of the Wi-Fi access points that have been collected by people and uploaded to Wiggle Wi-Fi. Looking at it, you can see that Joberg, Victoria, pretty well mapped out. The other major cities, Durban, Cape Town, PE, there's a lot that's there. But there's also large parts of the country where it looks like there's absolutely nothing. Now, is that true or not? Well, we'll see. So there's a little town called Alice. It just so happens that my mother grew up in that town. So when I was on a biking trip from Joberg down to Cape Town, I convinced my buddy that we were going to go through Alice to see what's there. And of course, I've got my

Android phone in my pocket and it's busy collecting Wi-Fi as we're going along. So you can see there's a few tiny little dots over there in Ellis. Um if we zoom in a little bit, you can see there's a few more dots along the main road where we drove. And then we went to see a couple of churches and graveyards. So you can see we've picked up some wifi along there. If if you look top right though, you'll see there's the University of Fort. A university with no Wi-Fi doesn't seem quite likely. So let's go to another little area. Let's go and have a look at Alex. So here you can see Santon and a whole lot of surrounding

areas. And you can see lots and lots of Wi-Fi. But Alex, no Wi-Fi. there's a problem with our data. Okay. So, what can we do about that? So, I came across a black hat talk by a guy by the name of Eric Cry and he did some university research as well as presented at Blackhat and he was talking about surveilling the masses with Wi-Fi positioning systems. So, Wi-Fi positioning systems, what are those all about? Well, there's a number of different ones run by Apple, Google, Microsoft, and the like. So, you know, just now I showed you wiggle and said, "Hey, you can war drive." All of you are war driving right now without even knowing about it. If you've got an

Android phone or an Apple phone, it's collecting all the Wi-Fi data around you and it's uploading it to Google and Apple's databases without you even knowing about it. It's not asking permission. It's just doing it. Okay, sounds scary. It is and it isn't at the same time. We'll have a look at that. So what these guys found is that Apple is particularly unique in terms of what it does. So you can give it the details of a Wi-Fi access point and it'll tell you where that Wi-Fi access point is. So it'll give you the geol location of that the longitude and latitude. But while Google and others do the same thing, what Apple does is it also tells you

about 400 nearest neighbors. and it does you just give it the one and it tells you everything that's close to that one. So that becomes quite interesting. What American team were looking at doing is taking the BSS ids and they were looking to try and see can they download effectively Apple's entire database and map that out to see what exists on the planet. Now doing that through guessing all of the BSS IDs takes a long time. So they then looked at ways of speeding up that process. So the BSS ids are allocated by the ITLE E. You can go onto their website and download a database of all the allocations. So by then only looking at

allocated um BSS ID ranges, they could reduce their search space by 99%. So end result of that is that they downloaded everything and that's pretty much what it looks like. Okay, so you've got global coverage. Now there's some gaps in global coverage. So they've kind of highlighted there for us. Okay, we've got the Amazon rainforest. Makes sense. Not much Wi-Fi there. We've got the Sahara Desert. Not much there either. But hey, we've got this other large country over there where there's no Wi-Fi. Well, guess what? China doesn't allow Apple's services to work there, nor Google's. They've got their own. So, there's nothing in that space. Okay? So, that means we've got kind of geographic places where there's no Wi-Fi, but we've

also got geopolitical. Okay? So, if we go and look at Wiggle Wi-Fi and we look at the equivalent map, we see the same geographic. That makes sense. There's just no Wi-Fi there. But when you go across and look at China now, you find that yes, there are people in China using wiggle Wi-Fi. So we actually have data in China which we didn't have in the Apple database. So just some observations about the Apple WPS. The intent is that if you are in a particular location and you're trying to use Google Maps or Apple Maps or something like that and you can't get a satellite connection, so you've got no GPS location, you need to know where you

are. So if you can look at the Wi-Fi access points around you, send them off to the database, it sends you back a location, you know where you are. So it's a good intent and purpose behind it. And in order to ensure stability of that data and accuracy, Apple apply a whole bunch of things. So if an access point is moving, so there's a number of different locations tied to it that you and I maybe have uploaded, they're going to chuck it out of the database. So it needs to be relatively stable for about 7 days before it gets added in. And if it doesn't get seen for a while, it'll get removed from the database as well.

So generally things like trains, planes, and automobiles won't get included into all of that. Becomes interesting because we see a lot of cars these days have got Wi-Fi access points in the cars by default. I think VW, Toyota, um, most cars these days. If you drive past it, you can see that there's Wi-Fi running in there. So, Wiggle will pick it up and Apple won't. So, quite a few differences then between what Wiggle does and what Apple does. Okay. So, what can we do with this? You know, we could try and download the whole database like Eric did, but I don't think that's particularly polite and Apple might block me eventually, and it's a bit

overkill for what I need to do. So, what can we do? We can start at a known point. We can download the 400 neighbors. We can take each of those and download their neighbors. So we can kind of iterate outwards to get coverage in a particular area. Okay. So now is there a tool that does this? Well, I looked I couldn't find one. The answer is no. So what do we do? You call a friend or you call your child. Okay. And you ask him, "So what do I do here?" And like he's all, "Oh, dad, that's so simple. You just do this and knock this up and write this and you can put it all in Python.

you know, you can set up a Postgress database and there's these cool extensions which do this geospatial stuff. And I'm like, okay, sounds great, but it's many years since I've coded anything serious. So, yeah, I'm not so sure I want to do that. And he didn't seem particularly keen to do it for me. So, next option, ask an AI. Okay, so we see all these ads out there. You know, there's this vibe coding fad and you can do an app in 15 minutes, you know, single prompt and it does all this stuff. So, like, yeah. Okay, is this going to work or not? I don't know. Well, here's an opportunity. Let's test it out and see what this thing is all

about. So, I saw some YouTube videos and some ads for something um that is a Google product, Firebase Studio, and I thought, why the hell not, you know, it's as good as any other one? Let's give it a go. So, build an app in 15 minutes. Simple, you know, simple prompts, no coding. So, does it work? Yeah. Well, you know, you put your first prompt in, you end up with something, and it just doesn't work. And then you keep trying a whole bunch of other things and it writes code, it breaks code, it undoes stuff, it redo stuff and eventually you end up with an app that kind of sort of works. Okay, but now I

want to be able to map things out on a map. And so it now wants a Google API key. And now it's like, okay, hold on. This potentially is a billable thing. Do I really want to do this and give it to an app that I haven't written? So yeah, we see what we want to do on that. Um, and then what I found is that the more I kept developing this app, the more the AI would go rogue. So I'd have something that's working, ask it to add something, and it'll go and break something else. So I ended up doing two apps because I got to a point where it kept breaking my working app, and I

didn't want to do that anymore. So now I had to do the second half of the app in a second app, which is not ideal, but yeah, but nonetheless, we end up with a tool that actually works and it does stuff. Okay. So this is kind of in the kind of green side area around Mark's Park. We take a few starting points and we ask it to go and find all the other Wi-Fi for it. And you can see the different colors there as it iterates outwards and find these things within a certain radius. So the tool actually works and it does some stuff. So that's pretty cool. So you know then I was like okay now I

need to put this presentation together. So what was my initial prompt for this thing? So I ask the AI for it and it it can't tell me. So I was like, okay, that's not helpful. Supposed to remember everything and know everything. Um, so then it's okay, let's go look in the source code now and see what's going on there. And so you can get a list and a source control of all the different prompts, but the initial prompt is not there and it seems like it's not quite complete. But at the same time, looking through that reminded me of some of the challenges I had in getting the AI to do something useful. So the Apple API that we're using here,

it's not a normal textbased API. It uses a Google protocol that's not all that common called Protobuff. And it's more of a binarybased API. So getting the Google um AI to actually write the code to make those calls and interpret the results was really difficult. It took I don't know 15 20 pumps to get it to actually work. And you know me, I'm not a recent coder, so I don't really understand how all these things work anymore. So I had to find sample code that other people had written and feed it into the AI. Now the AI was writing everything in Typescript. And the sample code was not in Typescript. It's in Python and it's in

Go. So I said to well just install Python and just use the Python version and call those libraries. And it's telling me like, I know, but then you got to like manage this whole Python environment and it's going to make the whole server side much heavier and more difficult to maintain. And it's arguing with me and not wanting to do it. And it's like, no, don't worry. I'll rewrite this thing in TypeScript for you. And it just keeps trying and arguing. And eventually it kind of got it sort of there. And we were still struggling a little bit. And then suddenly it realized that hey wait the HTTP call for the API there was a gzip parameter in

the version it was using and there was no gzip in the go version. So what was happening is that we were getting a zipped response of the binary response and it wasn't unzipping it so it wasn't actually able to interpret it. It removed that and suddenly we had something that was working and we would then go forward and that was awesome because then we were starting to get responses. It also struggled in decoding the longitude and latitude because of the format of the numbers, you know, and it got it working and then it would screw it up and, you know, further down the line, you've got a working app and now you want to change the colors of the

pins on the map and now it goes back and it undoes what it had previously done to fix some of the other coding. So now you've got a broken app again because you tried to change the color. So it was quite frustrating in that point. And at one point the thing went completely rogue. It screwed something up. It wouldn't undo it. And now I was like, "Okay, my app's broken. I don't know what to do." So I took the code, so I went into the code view instead of this pro prototyper view. And it was the only time I changed code. And I copied and pasted the code from there into Perplexity AI to say, "Okay, I've got

this buggy code. Please help me find the problem." And it found the problem. So then I went back and changed the line in the code. And then I went to the AI and said, "Hey, I found the bug in your code using another AI. This is what the problem was. I've fixed it. Don't make any changes now. I'm just telling you. And then it goes off and makes a whole lot of changes again. And it's like, you know, ah, yeah. And then it gets to a point where every prompt I'm now doing to the AI, I'm saying to it, okay, please don't make any changes. Let's discuss how we're going to make the next change. What are the options? What do we

do? Please don't make any changes. And eight times out of 10, it doesn't make changes, but two out of 10 it decides it knows the answer and it's going off. It's like a ADHD kid on speed that thinks it knows all the answers. And yeah, most of the time it works and then it screws everything up. Okay, so just a sidebar quickly. I mean a lot of this is around MAC addresses um which is your BSS IDs. What is that? Okay, it's a media access control. It's a unique identifier. The first half is tied to manufacturers and then the second half is unique to each particular device and there's a central database of how these are allocated to

manufacturers. So you can go and download that database and you can use it and that's great and you can do certain things with it. So you can actually see hey here's a whole set of BSS IDs who made what but the information is incomplete in the download version. So there's an API and you can then call these APIs to get additional information like the physical address of the manufacturer. Okay. So there's stuff that we can do with the BSS ID even if that's the only thing we have. So the second app then was now to be able to take the results out of the first app which is a list of BSS ids with the locations and be able to

enhance that information and do some other cool stuff with it. So by now I'd realized you need to keep a copy of your prompt otherwise you'll never get it back again. And the more detailed your initial prompt is the better in terms of the application that's being written. So for my second application this rather lengthy piece here this was the prompt I gave it to build the second app. Then it comes up and gives you a plan and a pro prototype and says okay here's the functionality and this is now actually what the app is going to look like and then you say yes go ahead and write the app and then it does that. So

for the second app 92 prompts later 54 pages of prompts and responses thousands of lines of code I have my second app to now do the analysis. So now it can load the results from the previous one. It can use either the API or the downloaded MAC database to look up the manufacturers. It can get the country details from there. It allows me to edit the countries. And now I want to be able to do a geopolitical alignment. Okay, so we'll come to that in a minute how we do that. But and now you can graph it all on Google Maps and you can see what this all looks like. So some interesting stuff you can do there. But to show it

on a map, you now need to go and activate a Google Maps API key. And so now you can sign up for a free account free. Do they give you $300 for 90 days? Um, and I was a bit nervous. Now, what's it going to do with this API key? Is the API key going to get leaked? So now you ask the AI and it tells you, no, no problem. It won't get leaked. It's, you know, we'll store it securely on the server and nobody else will be able to access it. So you're like, okay, here's the API key. Okay. And then further down the line, you're debugging some issues where some of the API calls

are not working. And then suddenly you find actually it's not storing the API key on the server. It's actually trying to put it to the browser and execute the API calls from the browser. And so stuff is just not working. So you can't trust this thing. Even when it tells you it's doing stuff, it's not doing what it's telling you. So you need to be very careful. And then the way the app works in the prototyping environment is it has a new URL each time you rebuild it and spin the thing up. So, you can't tie your API key to a specific um server environment. So, you're going against Google's guidance in terms of how to use

the key. So, I'll make sure I spin this thing down every time I'm finished so somebody else doesn't get hold of my API key. Okay. So, how can we go about using this then? So, you know, I thought, okay, you know, I once went to the US consulate in Joberg um to apply for a passport, and when I arrived there, they take your phone away and they then put it into a locked safe. Um, and so you can't do war driving in the consulate or any of those kind of buildings. So, but what about staff? Are they not walking around with phones? So, maybe actually we can get some data if we go and look at some of

the embassies and stuff. So, most of them are up in Ptoria. So, we say, "Okay, fine. Let's go and locate that." So there's the US embassy up in Ptoria and next to it is the Indian consulate. And if we go and look on Wiggle Wi-Fi, there's a couple of dots there, but not a whole lot. Okay, so that's not unexpected. Um, so we now want to use the tool to go and have a look at what's in the area. So we go into Wiggle Wi-Fi. We go and look for a dot that's somewhere there for an access point and we get the BSS ID so that we can iterate outwards from there. So now we want to determine the

search radius. We go back to Google Maps and we ask it to measure a distance. So we go and have a look in top right. Okay, that's the Chinese um consulate up there. So let's include that as well just for fun to see what's there. So now we say okay if we start at the central point 550 m and we can go through there. So go back into Firebase, boot up the environment and it starts up the server side takes a couple of minutes and then your whole environment is up and running again. So now we can go and plug in our BSS ID to start. So we put our radius in and then along the

way I I added another feature to the application to say you can do a geoloccated search in Wiggle Wi-Fi. So we don't have just the one seed device because that may have moved somewhere along the line. So we can do a bounded search from wiggle Wi-Fi for a particular area. So let's go and collect a hundred other access points that we think are in that space to help with our seeding process. So we chuck that in there as well and then we get our seeds and then once we've done that we can now use the Apple WPS to iterate through it. So here we said okay let's do 20 iterations for our area. Let's allow

five concurrent API calls and use the Apple um API to do that. So let this thing run and then it starts running and iterating through um picking up stuff. So you can you probably can't see it's a bit small there. Um but it's picking up the first set of Wi-Fi and then it goes and gets the next 400 and the next for all of those. And so you then build out and you end up with the result there. So for our result 2232 API calls um and picking up you know 4,893 access points. The maximum distance from our starting point 15.6 km but we had said we only want 550 m. So what's going on there? Why are we getting access

points that are so far away? So, if we then plot it back on the map, we can see in the center that's what we were actually looking for, but there's a bunch that are to the west and some to the northeast over there. So, those have moved. So, somebody did war driving, uploaded them to Wiggle, but then those actually moved away from their initial point. So, we need to ignore those. But we can see we don't have stability in the data that we're getting from G from Wiggle. So if we zoom in then to our primary area that we're looking at where we have all the embassies, we've now got a whole bunch of access points that we didn't

have when we were looking from Wiggle Wi-Fi. Okay. And if we then zoom it in a bit more, we can then see okay, we've got the US embassy there. There's not a whole lot there. There's a whole lot more for India. Um and yeah, there's data there that we can look at. So that's now just in the satellite view. So you can actually see the building only one access point that's present in the US embassy and it's got a randomized BSS ID. So they're actually doing pretty well at making sure that either there's no Wi-Fi there or that they're not getting their data going into Wiggle and into Apple's database. Um the Indian consulate, okay, that's a little bit

different. And then the Australian one, there's a whole bunch in that space there. Okay, so yeah, we can come back to that and see. If we just quickly look at China, the main Chinese building, there's not much there, but there's a whole bunch of satellite dishes and the like on this on the photo here top right, and there's a whole lot of Wi-Fi over there. Um, and then Thailand, there's a whole bunch there as well. So, quite a difference then between that. So, the results a little bit underwhelming perhaps. Um, significant difference between the different diplomatic properties. The UK had none, the US had one, and the others there were progressively more. But now I was

interested in saying well can we get a geopolitical view of this? Can we see who made that equipment you know and are countries using their geopolitical alignment to align the equipment that's getting potentially deployed onto their premises. So now we need to look at geopolitical alignment. So we want to get a list of all the countries and we want to see who are they aligned to. So now we go to another AI. So we go to Plexity and we ask it to then build us this list of geopolitical alignments and we kind of feed it information say take into account bricks and five eyes and a whole bunch of stuff and build this thing for me. So off it goes and it

gives me a list. Okay. And we can check out and see if some of the key ones are actually reasonably aligned. So China's aligned to the east. Yep. Makes sense. Hong Kong is also there. Russia's to the east. Singapore is neutral. South Africa we align to the east as a South African I'm not sure I'm completely comfortable with that but if we look at what our government is and does that's where we sit we're one of the founding nations of bricks okay and then we can see the US and the UK they all align to the west so we'll take that and we'll use that for our alignment so now you ask the AI okay

give me a JSON file for this because that's the easiest to upload into my application and it won't do gives me a sample of what a JSON would look like with the first five records, then you tell it you want all and then it doesn't do it. And eventually you give up and download the CSV version that it did offer and you upload it to a website that does the conversion for you. So the AI is useful to a point, but you have to know when to give up the fight. Okay. So then we want to boot up our application to go and have a look now at this geopolitical alignment. We load it all up. It does all the

classifications. We can see some graphs about our data set. So we can see who are the manufacturers um which countries they belong to and we can see what the geopolitical alignment looks like. Okay. So now we can go back to our map and we can actually now start to color code our access points based on whichever view you want. So we could look at it from the manufacturer viewpoint. We can look at it from a country viewpoint. And we can look at it from a geopolitical viewpoint. So now we've got yellow being aligned to the east. We've got green being neutral, we've got blue to the west, and we've got the gray where it's randomized. So, you can't actually align

it back to anybody. So, if we then go and look at some of the different um embassies, we can see then for India, it's mostly randomized BSSIDs. The US, the one that we have there is randomized. And the Australians, they're using US or Westernbased equipment. So, no big surprises there. Um UK, absolutely nothing. they do a good job and we can then also see Indonesia, Czech Republic and others. So yeah, if we go and look at zoom in on in Australia so you can actually see a little bit more clearly. We can then see okay so Australia there are nine access points there. Seven of them are Huelet Packard and two of them are unknown. Um

Wiggle had only three coming from Hullet Packard and two unknown. So we can see that we are getting additional supplementary data by using the Apple Wi-Fi positioning system. Okay. And then China, no surprise, all of those are eastern aligned. And then the Thai embassy, mostly west, but some eastern as well. So, a little bit of a mix there. Okay. So, what about Alice and Alex? That's where we started. Okay. So, what was the point of those starting points? Well, let's go back to that and see. So if we then use the Apple system to go and see what's going on um within Alice again we can see that we run it but we end up with data that's not actually

based in Alice. Ellis is the circle in the middle but there's some additional data in a municipality to the left and then we've got East London which is the closest major city and a whole bunch of stuff is moved over there. So again, we've got this issue where data that's sitting in wiggle is actually not accurate in terms of the geoloccation. But when we look at the center now of Ellis, we can actually see a very different picture. You know, um we've actually now got data for the university that top right there where we had nothing before. So we can see that yes, it's actually working and it's finding data and filling out the gaps um from

what we had before. And so when we look at the manufacturers and the details in this particular area, we can see there that Cisco is the predominant manufacturer in that space largely because the university is using Cisco equipment. Um and then when we look at the countries, we can see yes now the US is the leading country primarily because of that Cisco equipment and when we look at the alignment we can see it's more aligned to the west than anything else. So when we go and look then at the actual uh okay just you can in the tool itself you get the full lists of all of the um access points so you can look at

them individually you can go and look at the manufacturers everything's there every API call is logged which just as an aside when you're getting an AI to build tools for you ensure that you put some kind of output log there so you can see everything it's doing and make sure it logs everything because when you're trying to debug it'll not have a clue as to what's gone wrong. If you've got the log, you can copy and paste from the log, feed it back, and that'll actually help the AI debug your tool. Okay, so looking at Ellis then, we've got the university top right, and we can see from a manufacturer point of view, okay, that's all the Cisco equipment there.

But then when you look in the town itself, you can see lots of different manufacturers. So individuals and organizations buying random stuff, okay, and that kind of makes sense in a way. So then we want to look at the geopolitical alignment. So we can see the university completely western aligned when you go into the town largely eastern aligned. So okay that's interesting. Um why could that be? And I suspect it's largely because of cost. If you're buying western manufactured equipment it's a lot more expensive than the eastern. So for large organizations they're probably going to be able to afford it but for individuals andmemes they're not going to pay that. they're going to go with the chief best option

which is going to then mostly be the eastern stuff. So if we then go back to Alex remember initially we had almost no dots in Alex. Now you look at Alex and you can see actually there's a whole lot of Wi-Fi in Alex. It's not that there's nothing there. So where did I get the starting point from? Well the train station is not far from Alex. So you can start with a data point from the crowd train station and you can iterate outwards from there and get then data across almost all of Alex. But you can see that from our recursion loops there there's a small portion of Alex that I didn't cover bottom left. So we then do

a second one where we start with some of the known data and we continue to iterate out from there and then we can cover that additional piece there. So what does that all look like when we then move on to the analysis of those BSSIDs? Well, if we look at the top manufacturers, okay, we can see that Huawei is the top manufacturer across that area. So unlike an Ellis where we had HP um because of the university, now we've gone completely the other way. Um and then so when you move that across to the geopolitical alignment, you can see that it's now eastern as opposed to western over there. So if you then map it all out, it now looks

like this. Okay. So you can see the center of Alex very much eastern aligned. And when you start going across the freeway into some of the industrial areas there, you can see that's all very much western. So you've got this very clear geopolitical divide um tied to these different areas. So yeah, that to me becomes quite interesting. Now what more can you do with it? I haven't figured that out completely yet. You know, my wife is looking at doing a master's degree. She signed up for that and she's looking at using this data to try and predict population densities and the like. And if you go back to what we started with Eric Ry's map of the world, you can see

that it's by and large at a macro level where there's Wi-Fi, there's people. Now, how much can you use that at a local level? We're not sure yet. That's part of what a research will look at. You know, if you go and look at the census data from 2011, you can take a particular area um and you can get a population idea in terms of that. When you look at the most recent census, yeah, it's problematic. It's problematic because they haven't published the data because there's concerns about the integrity of the data. So, now you're working with data from 2011. So, 14y old data. Yeah, we're not quite sure how accurate that will be. You know, if

you've got stable populations in particular areas, you may be able to use it. Um, the other problem is the way that data is presented where it's tied to wards. You know, the political wards back in 2011 are different to the political wards now and they've combined a lot of those. So, you no longer get the granularity of data that you're looking for. So the question then becomes is could you use Wi-Fi data like this to potentially supplement census data to check the accuracy of the census data and potentially even just chuck the census data out completely and use alternate methods of doing things. So there's some interesting things to be able to do around that.

So in conclusion then I the Apple is normally seen as being this organization that's very pro- customer pro privacy. Um in this particular case though with their Wi-Fi positioning system they're in fact the opposite. They're the most permissive out of all in terms of the data that they give you. And while it might seem initially that yeah, okay, all you're getting is a BSS ID and a location, it's potentially problematic when you start to explore what else you could do with that data. Um, and you know, the initial question, can we call across an area from just a starting point? The answer is absolutely yes, we can. And you know, the AI can build the tool to

do that for you. Um, you know, then my question of vibe coding and is it a real thing? Well, to a degree, yes, it is. You know, it can build stuff. It built all of this. I never wrote a single line of code, and I've got these two tools with probably tens of thousands of lines of code, and it does some cool stuff and some cool visualizations. Can I publish this tool? Hell no. Okay, I've got no idea what's in there. And even when I went and looked at the code at one stage to see what it's written, it's like next time I change the color of an icon, it can go and change some

random stuff back earlier in the code. So every time it made a change, I'd have to go and check all of the code to make sure that it's still secure. You know, it lied to me about what it was doing with the API keys. It blatantly lied. You know, it told me what it thought I wanted to hear in terms of where the API keys should be. But as I said, when debugging failed APIs, it became apparent that it hadn't done it there. And then only when it was explicitly instructed again, it then moved it. And for all I know, it could have moved it back again. I don't know. So definitely not production ready. Um,

but the point is that anybody can take an idea, not have any real coding knowledge, and they can go and build something that's cool and just play and experiment. And I would encourage everybody to do that. You don't need to be a coder to help to use these things. But just be very careful in how you do it. You don't want to end up with a massive bill from Google because now somebody's got hold of your API key and done a couple of million queries against that API key. Yeah. And the tool doesn't let you do these things in a secure way or I haven't figured out yet. So lot more to figure out there. But you know

it's extremely interesting to watch this. And even over the period that I was doing this, so it was probably over a two-month period that I was doing this, Google's tool got better and better. You know, there was a new version of Gemini that got launched and then suddenly it was working a little bit better in terms of how it was doing it. And it's probably a whole lot better today than what it was when I last did any development two months ago. So, you know, we can't ignore these things as security people. The scary part now is that anybody in our organizations can be going and building something like this and they can look look how cool this is.

look at all these things it does. But if it's using any of your organization data, then hell, it's going to be a problem. We're going to be in deep trouble. Um, and I also don't know really how it can deal with that. Because if you can build these things a whole lot quicker than what any IT department can build it, then the user base is going to be saying, "Hey, you guys are just not keeping up. Look, I can do all these things." And then we left carrying the can of security people when this all goes pear-shaped. So yeah, to me it was a very interesting exercise. Um, you know, within my organization, we've got a development

team and they're looking at all these things and I keep asking the questions like, how the hell are we going to secure this? And I I don't have answers. I'm waiting to see if we can find some good answers. But right now, more questions than answers. Lots of cool stuff happening. Um, but yeah, we're going to have to figure out how we keep it secure. Okay, we can maybe take some questions here. I'm interested in hearing what other people are doing with some of these things.

[Applause] >> You were talking about using um Wi-Fi access points as a proxy for population. Does that not necessarily require actual internet coverage for valid data to to exist? You're not going to have a Wi-Fi access point if you don't have an internet connection. >> Yes and no. I'm sure you've seen those modified Maslo hierarchy of needs where, you know, Wi-Fi goes at the bottom, you know, beyond food and safety and anything else. Um, you know, from a cell phone company perspective, we have most of the population covered. There's very few areas that are not covered. As we see the likes of Starlink getting deployed, I think, you know, the rest of that's going to be covered. And then as

we move into these low earth orbit satellites um directly to handsets and the like I think people will be covered everywhere. So from a population coverage point of view I I think it's mostly there. So from a macro level yes I think it's okay. From a micro level maybe not quite just yet but it's going to be there pretty soon. And I think if we're looking in the kind of urban areas you've got coverage using one format or another. um in the rural areas maybe not so much but I'll tell you when my wife finished her research and we have a more scientific answer to that question. >> My my other observation was for for Alex

you pointed out that there's a lot of Huawei equipment in Alex. Uh my suspicion is that it's regarding Vimel's um township Wi-Fi access. They run fiber and then they'll choose the the equipment that they put in there. I think that's part of it, but it's more than just that. If one goes and looks at the um Wi-Fi access point names, one can generally see if it's tied to a specific um service provider. So, you know, it not in the slides, but I was also looking at things like saying, you know, could I go and see cars, for example? So what is the Wi-Fi um or if I go and search and wiggle Wi-Fi for a

particular vendor um let's say VW or Toyota or something like that can I then see which BSS IDs tied to that so are they common manufacturers and common sequences between vehicles and can you use that then to do a more granular analysis um so there's a lot more analysis to be done with the data itself to go and see what else can we glean from that um so yeah it could be that could be more um but I think even if you go and look in areas where if you go back to Ellis for example you could see that there were a lot of different manufacturers there and there's definitely a affordability aspect to it that when you

need more affordable equipment you go across to the east >> very interesting thank you Justin >> cool thanks for the talk What would be your advice to embassies or high security areas looking to get themselves black holed on these services? >> Um, so there's a lot that I don't know. So I don't know, for example, if the US embassy and the UK embassy have got some kind of deal with Apple where sensitive areas are masked or removed from the Apple database. Um, so yeah, I'm pretty sure that at that kind of national security level, they've got those arrangements with your Apples, Googles, and the like to prevent the data going in or being publicly accessible in the first place. Um,

they seem to be doing a lot already in terms of not allowing people to bring phones and other similar devices onto the premises. And it looks like they're using more wired than wireless um from a connectivity point of view in those particular buildings. There's some interesting things where some of them it looks like there's not much in there or they're all western aligned and then you'll see a very close nearby eastern one. You go, "Okay, what the heck's that? That why would that be there?" And then you go and look at it and you see, oh, actually this is tied to some kind of solar system or energy production system or something. So you can't just look at the core IT stuff.

You need to look at all of these IoT type things as well around it. So I think it's going to be really hard to keep all of these things um out of your environment if you're concerned about that. But you're going to have to keep looking at all these databases to see what's there. Wiggle's easy. You can just log into it and there's a guey go and zoom in, look at the maps and see what's going on. Um Apple, Google, and the others, there's no guey into it. There's no interface. If you don't write your own tool, you can't see what's in the database. And if you're going to tell all your staff that they can't use

cell phones on the premise, yeah, that's a bit hard. But the moment they bring a cell phone on, it's collecting the data. So, it's either no wireless or engage with Google Apple and get them to not put it into the databases. Um, yeah, it's it's tough.

Pam.

>> Hi Justin, thank you for the talk. Tell me, is there the ability to connect to any of the M data? I would imagine for demographic research, if you could measure the number of handsets connecting to base stations, that would give you very granular data. >> Um, I'm sure you could and I'm sure the Telos have that. I don't work in the department that has that data at MTN. So I didn't have access to any of this. This was so you'll see it's not branded as an MTM presentation. There's no MTN data or anything like that in here. Um yeah, you could do that. It's another data set that could potentially again supplement what we have here.

>> Okay, thanks. I guess there'd also be problems sharing the data across the MS >> with a lot of these things. Yes, I mean privacy is a problem. Gaining access to that data without violating people's rights um is potentially a problem. That's why all of this here is open source data and showing what's out there that anybody can go and use an AI to help you gain access to and people are collecting and inadvertently showing without even knowing what they're doing for good or for bad. Thank you. >> Okay,

>> Justin. Hi. Um, how much time did it take you with to vibe code the the app? Um, and um and what do you how much time and effort and skill do you think it would take to make it production ready? Yeah. So, I think the first app probably took me probably about two weeks or so. Um, but it's not full-time doing it. That's just kind of doing it in spare time and the like. Um, and towards the end of that period, what I found was I was fixing up the AI screw-ups more than I was adding new functions, which is why then I built a second app to take the code out of the

first one. It it seemed like the longer I was going on and the more prompts I had in the kind of the buffer and the history of this thing, the harder the AI found it to actually do what I wanted to do without messing up old stuff. Um >> to make it production ready, >> I have no idea because you know I haven't gone and looked at that code. One would need to so you know to actually publish it right now would be one button on um the platform. Okay, but that doesn't mean it's production ready. It just means it's out there and anybody can go and hack it. Um, but I would never publish it without doing a full

review of um the code itself. And then also the configuration of the hosted environment that it would then be publishing it into because the Google platform does all of that for you right to the point where you know one button it publishes into their environment with Firebase and you can then pay them for hosting and everything's there. So, it's very easy to do. Far too easy. Scarily easy. >> Yeah. >> Um, but yeah, I >> I can't answer the second half of that question. I'm sure my app will get pulled to pieces from a security perspective.

Um, so you showed that the Apple data is a little bit more reliable, like they put some effort into making sure that the devices that they show are sort of stable and have been there for a little while, whereas the wiggle ones are a little bit more like wild west. You know, it would show more hotspots and cars and sort of random things. Um, how similar are they? like would you be able to exclude the entries from wiggle that are also on Apple and then maybe get a list of you know just people's like random hotspots and maybe track them spatially. >> Um so that's kind of what I've done. I mean I didn't spend a lot of time

looking through the logic of it. So what I was doing is using so with Apple if you've never been in the area you won't know a BSS ID of something that's in the area. Okay. Um, so you've got to have a starting point with Apple. With Wiggle, you can, anybody can go there and look and see what's there, but the data is not all that accurate. So by picking a random spot from Wiggle and getting the geol location of that, you can then feed that into Apple. But if that's moved, you're starting in the wrong place. So by applying that boundary circle around it, you're kind of confining things to in there. And by then using a bounded

box search from wiggle, you're searching and saying, "Okay, give me a hundred within that space." And if they're not within that space, it doesn't matter. You just end up with a cluster outside there you can ignore. And then the only ones we're showing then are the ones that we're finding in Apple. So we're kind of filtering the find and doing the search primarily using Apple. But all the seeding is happening from Wiggle. Now Wiggle, you get a whole lot more information. You can see um the SSID, you can see um like which channels it's using and a whole bunch of stuff. Apple is purely BSS ID and location and that's it. So you kind of want to work with

them but understanding the limitations of each um to see how do we get supplemented data um and use any other open source databases to further supplement it. >> Okay, fair. Now I thought it would be quite cool if you could track like you know where I've been based on my little hotspot that I carry around by looking at the different >> So within wiggle you can do that. Um okay I'm seeing a stop sign here. Just one last comment. Um, you know, another potential security use case is that if you move house and you take your Wi-Fi access point with you, your old location will be on Wiggles so a neighbor or somebody can see, hey, you used to live

there. Now, when you move house, if you change your SSID, your BSS ID doesn't change. So, you could take that BSS ID, go and look it up from Apple, and you can go, okay, you're now living over there. If somebody's stolen a device, you can go and find it. And maybe for stolen cars and things as well. If it's parked in one place for seven days and ends up in Apple's database, maybe you could find it, too. I don't know. But there's something there around tracking the movement of things as well. Okay. [Applause]