Update 3: The short answer is yes and yes, but not without your approval for each. Read on if you want the full story.
By now, you may know that each attendee of Google IO (@googleio) received a limited edition Samsung Galaxy Tab 10.1.
This is a great tablet, slimmer, lighter and seemingly better constructed than the Motorola XOOM, which I’ve also used and liked. After doing an initial setup with my Google Account on Tuesday while tethered to my EVO, I packed the Tab up for further experimentation later.
This afternoon, I broke the Tab out again to continue configuring it. One of the first steps you take with any new device is to put it on your wifi.
Much to my surprise, the Tab was already connected to my wifi, despite that fact that I never explicitly told it to do so.
And the fact that my SSID is hidden.
And the fact that my network is WPA2 encrypted.
Now, I could be missing something obvious here, but this feels a lot like Google attached my wifi information and credentials to my Google Account. How else could a pristine device know to find my hidden network and have the credentials to connect to it?
I figured this had to be my mistake.
So, I did a factory reset and walked through the same steps, i.e. doing the initial association with my Google Account with the Tab tethered to my EVO.
Sure enough, when I went into wifi settings, my network appeared in the list of networks with the status “Remembered, secured with WPA/WPA2 PSK,” and I was able to connect to it without providing any network credentials.
Thinking back, I’ve done a couple data wipes on my EVO to apply CyanogenMod (@cyanogen), and I don’t recall being asked for wifi credentials, at least not the last time, which was last week.
I’m not one to get all upset with privacy issues; I usually enter service provider agreements with eyes open, but this is definitely not something Google should have, especially after last year’s debacle with Street View cars collecting wifi information. This is worse though because those were said to be open networks, and mine is encrypted.
So, I did some digging, ironically enough by Googling.
As with many technical questions and problems, the intertubes had a possible answer, that sticky location collection issue again. When you agree to the location service of Android, which helps target searches and other location-based services, Google saves information about the routers you connect to, even those that are secured or hidden.
There’s no mention of saving credentials, though, and I didn’t find my router’s MAC address in Samy Kamdar’s android map, which shows routers that have been mapped.
Still, I thought it might be location. Testing this theory, I turned off the location services, and told Android to forget my network. After a restart to clear any caching, my network was again invisible, and when I connected, I was prompted for the password.
Not fully convinced, I figured the big test would be turning off location and walking through the configuration steps again. As a test, I did not tell it to forget my tethered network though, just to see if what Google knew about location before I turned it off would persist.
Sure enough, my EVO’s tethered network remained in the wifi list after the factory wipe, but my home network was gone.
I’m not a big terms reader, but I think I’d better start paying more attention. When I agreed to location services, I didn’t think that meant my routers would be tracked and possibly their credentials stored. That’s not good.
In Google’s defense, I could be wrong or missing something obvious. If so, happy to retract.
If not, this is a bummer, and I’m pretty sure most people would agree.
Find the comments and let me know your thoughts.
Update: According to Rich (@rmanalan), this may be a feature of Google Sync, but I can’t find any documentation that it stores your wifi information, including credentials. *If* it does, this feels like a security no-no for unsuspecting networks that allow people with Google Sync onto their networks. Still looking for information.
Update 2: The comments confirm that this is part of the backup option within the Android Privacy settings. I’m glad this isn’t part of the location service, which would have made it a nasty side-loaded feature. The options could be more granular, as Matt (@topperge) suggests. This is a nice feature for me, now that I understand how it works; the vagueness bothered me. The only thing left is the storage of credentials for networks you don’t control. That could be an issue, since the credentials are stored without the knowledge of the network owner and sometimes without the knowledge of the wifi user.
Interesting…do you use Google Sync or whatever it is called? I do, I’m wondering (you know, since I’m rebuilding my phone for the 12th time today) whether mine will show up; will report that fact soon.
I don’t know if I would be too bothered though, assuming of course it is using Google Sync. I store all kinds of personal information in Google Docs; tax information, paychecks, etc.
If it isn’t using Google Sync, that would be more frightening.
I’m differently paranoid with my wifi network in that I limit it to specific MAC addresses. It’s hardly hackproof since MAC addresses can be spoofed. On the other hand I don’t use a hidden SSID since devices have to find it by shouting “Are you there Mr SecretNetworkName” at the top of their voices everywhere they go.
But no new phone, tablet or chromebook will find their way onto my wireless without my say so.
My Kindle is connected to my WiFi, and to my Amazon account. Wonder if they’ve done anything similar.
I call BS I just came home and I had to re-enter my creds for my net and I have Nexus S, Cr-48 and 4 other machines so if it, (Google) were to be doing this mine would be there… The credentials were NOT there…. I was also at Gio and I’m talking about the new tab… I use Google Chrome sync as well but sadly it does not work on Android
It’s the syncing feature, discussed here: http://www.reddit.com/r/Android/comments/g6ctt/just_upgraded_to_nexus_s_am_a_little_freaked_out/
Found it:
ok, that didn’t work…how about this screenshot?
On my Google Nexus One:
Settings > Privacy >
Then there is a checkbox that says: Backup my data, backup application data, Wi-fi passwords, and other settings to google servers.
No need to worry 🙂
Ps. Facebook didnt hire you.. Right? 😉
Thanks for finding that. Glad it’s not part of location. Still a bit buried and not granular enough.
If I did, they’d be awfully desperate by now, given the reach we have 🙂
Excellent, thanks. Looks like a Froyo and later feature.
If you read the other comments, they’ve found the culprit to be a privacy setting within Android, which would explain why your Cr-48 and other machines don’t work. Not sure about the Nexus S.
Creepy, but useful. Better now that I understand how it happened.
Nice. I’m dodgey about my wifi too, so this was a bit odd. I’m relieved it was a setting and not part of a tome of terms I didn’t read, as you can see from the other commenters.
Thanks, they both worked. I knew I could count on you.
Now that you (and others) have found the culprit setting, thanks. I’m glad it was a toggle and not a hidden part of the terms of sync or location services. It’s a bit creepy.
As I mention, I wonder how a company or any semi-restricted organization would feel about that file going up to Google without their authorization, or even the knowledge of the offending, uninformed user like me 🙂
The default option is checked. Unchecking it asks you if you want to stop and ALSO erase all data already on google servers.
On Honeycomb, it asks about backup during initial config, although I don’t recall the wifi passwords bit. I wonder how unchecking affects other devices, i.e. will that option override the setting on my other Android devices. Must test that.
On Honeycomb, it asks about backup during initial config, although I don’t recall the wifi passwords bit. I wonder how unchecking affects other devices, i.e. will that option override the setting on my other Android devices. Must test that.
Jake, I’d guess a company that’s really concerned about network security wouldn’t hand out permanent network passwords that can be written down, stored in the cloud (google or otherwise) or otherwise easily shared. Just look at how, uh, your employer handles Wifi access 😉
I wouldn’t know, since I never use the non VPN wifi 🙂 I was referring more to security companies and government agencies, etc.
I figured it was Google that somehow had stored router informationfrom my phone. I am concerned about this. While it made the setup of my new tablet piece of cake, it is scary to know tht Google is doing this without my knowledge. I had to search for some time (of course using Google) to find your article. I
I think this is a bad idea, to have your passwords stored at a third party cloud storage like google. why not give them the keys to your house.
Its just laziness if you cant look after your passwords yourself, esp when you do a factory restore.
I opted out on my andriod phone when I set up play, but somehow when I checked the options, it said wifi passwords stored at google checked on, so I had to uncheck it again. Real bad. Real bad idea. Remember how google vehicles were getting sensitive information unencrypted info off routers back in the day. Well now they have your wifi passwords.
@al oine: Apple does something similar w iOS and OS X:
http://www.troyhunt.com/2013/04/your-mac-iphone-or-ipad-may-have-left.html
It’s not just your own wifi credentials, but those of any network you join.
But at least Apple is encrypting that data. Whereas Google transmits the data unencrypted and most probably stores it unencrypted as well.
https://code.google.com/p/android/issues/detail?id=57560
This is not just bad. It means Google has the credentials to a big part of the WLANs worldwide. Take the recent news into account…
@Sarkas: No, Apple is not encrypting the data. Read Troy’s post.