beaconDB is an open, and privacy-friendly network location service, replacing Mozilla's defunct location service - eviltoast

beaconDB is a drop-in replacement for MLS, which uses the same format request that’s used by Mozilla’s Ichnaea.

The source code is available on Codeberg: https://codeberg.org/beacondb/beacondb

You can contribute to the project by using an app like NeoStumbler (GitHub) or Tower Collector (GitHub) to submit location reports. NeoStumbler does Wi-Fi, Bluetooth and GSM, while Tower Collector can only do GSM cell towers. Both are FOSS and available on F-Droid.

It is also recommended by the GrapheneOS project: https://grapheneos.social/@GrapheneOS/112759509558471713

https://grapheneos.org/articles/positon-location-service

Just keep in mind that it’s still in relatively early development, which is why it really needs contributions.

    • Melody Fwygon@beehaw.org
      link
      fedilink
      arrow-up
      6
      ·
      4 months ago

      No.

      It is hard to have both; but not impossible. You can still be privacy friendly without sacrificing necessary functionality.

      It will require that the “provider” of such a dataset constantly scrub, sanitize and remove data that would cause privacy hazards as quickly as reasonably possible however. That in and of itself is a technical challenge; though not impossible.

        • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.comOP
          link
          fedilink
          English
          arrow-up
          6
          ·
          4 months ago

          Using a location service obviously means that this service is going to know your location. beaconDB already minimizes the data that is collected about users. There’s not much else that can be done to make these kinds of services more private. The other options (Google and Apple) are much worse. The only alternative is not using a network location service at all, and simply relying on GNSS + PSDS and SUPL, like GrapheneOS does by default. I’d say beaconDB is the next best option, much better than proprietary alternatives and on par with the now defunct Mozilla Location Service.

          • CaptObvious@literature.cafe
            link
            fedilink
            arrow-up
            1
            ·
            4 months ago

            I don’t really see the need for a location service in the first place. My phone can share my GPS coordinates with first responders in an emergency. For everything else, there’s simply typing in the location I want to know about.

            • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.comOP
              link
              fedilink
              English
              arrow-up
              4
              ·
              4 months ago

              there’s simply typing in the location I want to know about

              That’s not always possible. Imagine you’re visiting a city that you’ve never been to, or you go hiking in the mountains, or you go to another country that uses a different alphabet, so you can’t type in a street name or something like that. There are many more use cases like sharing your location with someone else (for example over Signal), tracking your workout (for example when cycling or going on a run) using an app like OpenTracks, or if you like saving geolocation to your photos.

                • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.comOP
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  ·
                  4 months ago

                  GNSS does work, but it can take a pretty long time to acquire an initial location without PSDS and SUPL. It also uses much more battery. This can especially become an issue if you want to share your live location with somebody, or record your workout over a longer period of time. There are technologies like A-GNSS (Assisted GNSS) that use SUPL (Secure User Plane Location) and PSDS (Predicted Satelite Data Service), but these also require you to send your location to a third party (the default SUPL service on Android is supl.google.com, which is definitely much worse for your privacy than any NLP). GrapheneOS hosts a proxy at supl.grapheneos.org, which is much more private (see GrapheneOS’s privacy policy for all their network services: https://grapheneos.org/faq#privacy-policy). PSDS isn’t much better, as it’s usually provided by the manufacturer of your phone’s SoC (e.g. Qualcomm, Broadcom or Samsung). PSDS also sends a lot of data to the service, including SoC serial number and information on the phone including manufacturer, brand and model. GrapheneOS improves the privacy of PSDS (you can read more about all of this at https://grapheneos.org/faq#default-connections), but I still don’t see how this would be better than a privacy-friendly network location provider. beaconDB is still in a pretty early phase of development, but it’s likely going to be used by GrapheneOS when it becomes more stable. It’s also likely, that the GrapheneOS project will either host their own proxy for the public beaconDB service, or their own server using beaconDB data. That way, it would be even more private, and it would be covered under Graphene’s privacy-policy, which is essentially just the EFF’s privacy-friendly Do Not Track (DNT) policy.

                  • CaptObvious@literature.cafe
                    link
                    fedilink
                    arrow-up
                    2
                    ·
                    4 months ago

                    Thanks for the explanation. I really do appreciate it. We seem to have a fundamental disagreement about whether this can be truly private and, indeed, whether it’s necessary at all. It still seems to me a non-private solution in search of a problem.