Re: CoreLocation clone

[Sebastian Reitenbach]

On Tuesday, June 4, 2013 02:45 CEST, Ivan Vučica <address@hidden> wrote:

>
> On 4. 6. 2013., at 01:02, Maxthon Chan <address@hidden> wrote:
>
> > From what I know, you can use Android location services without Google Maps 
> > app as tried on a home-brew Android device - this meant that probably the 
> > locating API is not in the Google Maps app but in the system itself, and 
> > can be safely extracted.
>
> Indeed? What backend does that use? :-)
>
> If the homebrew device has GPS on it, then the location API's functionality 
> does not surprise me. If it, however, does not, then listening to traffic 
> with Wireshark is in order to figure out whose terms of use you want to study 
> before reversing the protocol :-)
>
> From what I can tell, you can't actually check this on a retail device which 
> comes with Google services, because these services can also provide 
> information to the "android.location" API, not just the "Google Location 
> Services for Android":
>     http://developer.android.com/guide/topics/location/index.html
>
> If it turns out it is based on WLAN stations, it still almost certainly uses 
> an API endpoint that comes with terms of service. And if it's Google Maps 
> Location API, then all I can say is -- just because a blind eye is turned 
> when a Google-backed open source project (that is, the "Android Open Source 
> Project" as it's called) uses the API - well, that doesn't mean they'll like 
> GNUstep using it.
>
> > For OpenStreepMap and OpenBmap, this would require a cooperation between 
> > projects - they should be willing to back up our CoreLocation and MapKit 
> > implementation.
>
> Yes. From what little I know about OSM, it's primarily a data source; so we 
> would also need someone to provide tiles (the rendered images themselves). An 
> iOS app I know offers a choice between about 8 different tiling providers; it 
> may be worth looking into that.


I don't think you'd need an extra tiles provider. OSM offers an API to query 
its database, and you get back an XML snippet describing the map. You then can 
just render it on your own.
I use qlandkartegt a lot, which is doing exactly this.

cheers
Sebastian

>
> By the way -- I've just remembered MySTEP also has a MapKit implementation 
> which happens to use OpenStreetMap:
>   http://projects.goldelico.com/p/mySTEP/page/MapKit/
>
> Now, OpenBmap. OpenBmap doesn't actually provide a complete service; it 
> primarily provides a database of MAC-to-geolocation mappings. This is great 
> for what is needed for Core Location; one just needs to develop a good 
> triangulation algorithm based on relative signal strengths of multiple MACs. 
> Upload a list of MACs and signal strengths, get back the geolocation. :-)
>
> > Have you ever noticed that there are lots of 3G network adapters for 
> > computers that plugs onto a computers USB or ExpressCard port? For some 
> > computer models (like Dell Latitude D620, as I have a really old one still 
> > alive, kicking and serves my blog - shameless plug, 
> > http://blog.maxchan.info/ - to everyone over the Internet) there are even 
> > built-in ones?
>
> Sure. Can you issue an AT command that will list all the cell tower 
> identifiers along with signal strength toward that particular tower? Can you 
> issue an AT command to get an identifier of just the tower you're connected 
> to, so you can combine that with the current connection signal strength? :-)
>
> That's the problem: you may be able to find the AT command on a particular 
> dongle, but it's bound to be nonstandard and probably won't exist on whatever 
> garbage operators around the world tend to sell. (For example, I had some... 
> 'experience' with a dongle that came with OS X 10.5 drivers. These included 
> libcurl... which, when overwritten on 10.6, broke loginwindow.app. Not a nice 
> situation to be in. Even worse is spending a few hours on diagnosing that 
> this is, indeed, the problem. *sigh*)
>
> > The MapKit for OS X in question seemed used only public Google Maps API. It 
> > is freely licensed as well, no key required and the author himself is not 
> > in trouble as well.
>
> Did you read Google Maps API terms of service and, more importantly, the 
> billing information? Aside from decision to go "thermonuclear", financials 
> are considered one of the reasons why Apple opted for rolling the infamous 
> Apple Maps service.
>
> Regarding the author of MapKit for OS X being sued: just because a tiger 
> turns a blind eye doesn't mean you should go poking him with a stick :-)
>
> Plus, aside from Google Maps API, you need to consider Google Maps Location 
> API, which has no free tier apart from 100 requests a day. Hardly enough for 
> any serious use.
>
> On 4. 6. 2013., at 01:07, Maxthon Chan <address@hidden> wrote:
>
> > And by what I say as crowd-sourcing, I mean ask users that are willing to 
> > share for information. What we are asking for here is several numbers: AP 
> > BSSID, transmission power, and its geological location (latitude and 
> > longitude, as well as height). The request is done by the device uploading 
> > a list of BSSIDs received and its signal strength, hence BSSID never leaves 
> > our servers, and thus privacy issue avoided.
>
>
> Sure; so the only people violating the privacy are -- we ourselves? :)
>
> Plus, what happens when someone queries for location of MAC "XYZ"? We reveal 
> the location -- which is the purpose of the API. Sure, that happens already: 
> Google's doing it, Apple's doing it, Skyhook's doing it, OpenBmap people seem 
> to be doing it. I'm just saying that it's private information, in a way. :-)
>
> from the things-we-unknowningly-reveal dept:
>
> I really liked it when, at my former workplace, we received a crash report 
> for a game on OS X. Something ticked my curiosity and I playfully passed into 
> Skyhook the several listed AP MAC addresses that OS X dutifully included in 
> "full system report". Imagine my surprise when it turned out that Skyhook 
> claimed the location was just across Apple's campus...
>
> ...and yes, it did turn out it was a crash report from an Apple employee.
>
> --
> Ivan Vučica
> address@hidden - http://ivan.vucica.net/
>