Location Publishing

November 22nd, 2011
gps, latitude, logging, tech
Since I now have a phone with gps and internet, I thought I should write something to log my location, for potential future data analysis. It turns out this already exists, implemented by google latitude among others. I just had to tell google maps on my phone "join latitude" and enable historical logging in the settings, and I was all set. Pulling the gps data out again is a bit of a pain, and required jumping through several steps [1] of server side oauth2, similar to what I had to do to set up pulling in facebook comments, but now I have "Current GPS Location: Home" on my main page [2]. I think it's good practice not to rely on privacy, so it doesn't bother me that people can see where I am all the time.

Update 2011-11-23: Two people have said a worry is that public location data makes you more vulnerable to theft. My thought is that there are already multiple ways to tell if someone is home: lights, car, watching the door, looking in the window, calling the house phone and seeing if anyone answers. None of these are that reliable, and neither is this one: there might be other people who live in the house as well.


[1] If you're interested in technical details, I had to:

  1. once: get a client_id from the api console.
  2. once: request a server side code:
          firefox https://accounts.google.com/o/oauth2/auth
            ?scope=https://www.googleapis.com/auth/latitude.all.best
            &redirect_uri=[redirect uri set up in api console]
            &response_type=code
            &client_id=[client id from api console]
            &access_type=offline
          
  3. once: request a refresh token using the code:
          curl -d "code=[code from url previous step redirected to]
            &client_id=[same client id from api console]
            &client_secret=[client secret from api console]
            &redirect_uri=[same redirect uri set up in api console]
            &grant_type=authorization_code"
            https://accounts.google.com/o/oauth2/token
          
  4. every time: request an access token, using the refresh token:
          token_url = "https://accounts.google.com/o/oauth2/token"
          post_body = urllib.urlencode({
            "refresh_token": REFRESH_TOKEN,
            "client_id": CLIENT_ID,
            "client_secret": CLIENT_SECRET,
            "grant_type": "refresh_token"})
          r = urllib2.urlopen(urllib2.Request(token_url, post_body)).read()
          access_token = json.loads(r)["access_token"]
          
  5. every time: request the data from the api:
          url = 'https://www.googleapis.com/latitude/v1/currentLocation?granularity=best'
          headers = { "Authorization": "OAuth " + access_token }
          r = urllib2.urlopen(urllib2.Request(url, None, headers)).read()
          d = json.loads(r)["data"]
          lat, lng = d["latitude"], d["longitude"]
          

This setup makes a lot of sense if you're making something automated that lots of people will need to go through. It doesn't make much sense if you're making something for use just by the developer; it's no more secure than just "sign up, get key, use key".

[2] If you want to do something automated, I also made a raw feed

Comment via: google plus, facebook

Recent posts on blogs I like:

Abigail Shrier's Bad Therapy: Surveys

Surveys matter!

via Thing of Things April 12, 2024

Clarendon Postmortem

I posted a postmortem of a community I worked to help build, Clarendon, in Cambridge MA, over at Supernuclear.

via Home March 19, 2024

How web bloat impacts users with slow devices

In 2017, we looked at how web bloat affects users with slow connections. Even in the U.S., many users didn't have broadband speeds, making much of the web difficult to use. It's still the case that many users don't have broadband speeds, both …

via Posts on March 16, 2024

more     (via openring)