Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Hi Carlos,
We had some discussions about this feature. Seems like only the Probe REQ message is being randomised (the announcement should say Active Scanning btw, as passive scanning does not transmit anything but only listens to AP beacons).
Piers reported to the list that his tests did not show a change in MAC, although I believe this was with a beta version tested before the official iOS8 was announced. It would be worth verifying again.
Cheers,
Juan Carlos
Sent with Good (www.good.com)
________________________________
From: Carlos Jesús Bernardos Cano
Sent: Friday, September 19, 2014 9:59:03 AM
To: STDS-802-PRIVACY@xxxxxxxxxxxxxxxxx
Subject: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Hi,
Not sure if this has been already discussed in the list (apologies if
that was the case). I found out today that iOS8 uses randomized MAC
addresses when scanning [1].
"Randomized Wi-Fi addresses
When you’re out running errands with your phone in your pocket, Wi-Fi
hotspots have the ability to track your movements and behavior by
scanning your Wi-Fi MAC address. A MAC address is a string of characters
that uniquely identifies your device on a network. With iOS 8, we’ve
introduced an innovative feature designed to protect your privacy by
randomizing your device’s MAC address when the device is passively
scanning for Wi-Fi networks. Because your MAC address now changes when
you’re not connected to a network, it can’t be used to persistently
track you. This is in line with Apple’s industry-leading effort to do
away with persistent identifiers, and is unique to iOS devices."
[1] https://www.apple.com/privacy/privacy-built-in/
Do you know if other OSs are also doing this?
Thanks,
Carlos