Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning

To: STDS-802-PRIVACY@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
From: "Zuniga, Juan Carlos" <JuanCarlos.Zuniga@xxxxxxxxxxxxxxxx>
Date: Fri, 19 Sep 2014 15:11:51 +0000

Sure, please do. We will also need to hear from people about the other scripts reported, and others such as:
https://github.com/feross/SpoofMAC

Cheers,

Juan Carlos



Sent with Good (www.good.com)

________________________________
From: Carlos Jesús Bernardos Cano
Sent: Friday, September 19, 2014 11:05:14 AM
To: Zuniga, Juan Carlos
Cc: STDS-802-PRIVACY@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning

Hi Juan Carlos,

I can update my phone with iOS8 and do some simple tests and share the
results with the group, if that's useful.

Cheers,

Carlos

On Fri, 2014-09-19 at 15:02 +0000, Zuniga, Juan Carlos wrote:
> Hi Carlos,
>
> We had some discussions about this feature. Seems like only the Probe REQ message is being randomised (the announcement should say Active Scanning btw, as passive scanning does not transmit anything but only listens to AP beacons).
>
> Piers reported to the list that his tests did not show a change in MAC, although I believe this was with a beta version tested before the official iOS8 was announced. It would be worth verifying again.
>
> Cheers,
>
> Juan Carlos
>
>
>
> Sent with Good (www.good.com<http://www.good.com>)
>
> ________________________________
> From: Carlos Jesús Bernardos Cano
> Sent: Friday, September 19, 2014 9:59:03 AM
> To: STDS-802-PRIVACY@xxxxxxxxxxxxxxxxx
> Subject: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
>
> Hi,
>
> Not sure if this has been already discussed in the list (apologies if
> that was the case). I found out today that iOS8 uses randomized MAC
> addresses when scanning [1].
>
> "Randomized Wi-Fi addresses
> When you’re out running errands with your phone in your pocket, Wi-Fi
> hotspots have the ability to track your movements and behavior by
> scanning your Wi-Fi MAC address. A MAC address is a string of characters
> that uniquely identifies your device on a network. With iOS 8, we’ve
> introduced an innovative feature designed to protect your privacy by
> randomizing your device’s MAC address when the device is passively
> scanning for Wi-Fi networks. Because your MAC address now changes when
> you’re not connected to a network, it can’t be used to persistently
> track you. This is in line with Apple’s industry-leading effort to do
> away with persistent identifiers, and is unique to iOS devices."
>
> [1] https://www.apple.com/privacy/privacy-built-in/
>
> Do you know if other OSs are also doing this?
>
> Thanks,
>
> Carlos

References:
- [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
  - From: Carlos Jesús Bernardos Cano
- Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
  - From: Zuniga, Juan Carlos
- Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
  - From: Carlos Jesús Bernardos Cano

Prev by Date: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Next by Date: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Previous by thread: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Next by thread: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Index(es):
- Date
- Thread