Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning

To: STDS-802-PRIVACY@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
From: "Piers O'Hanlon" <piers.ohanlon@xxxxxxxxxxxx>
Date: Fri, 19 Sep 2014 16:52:58 +0100

Hi,

I first tested using the ios8 gold master which should be the same as the released version. I've now tested with the actual ios8 release and I am still not seeing any randomised MACs.

Piers



> On 19 Sep 2014, at 16:02, Zuniga, Juan Carlos <JuanCarlos.Zuniga@xxxxxxxxxxxxxxxx> wrote:
> 
> Hi Carlos,
> 
> We had some discussions about this feature. Seems like only the Probe REQ message is being randomised (the announcement should say Active Scanning btw, as passive scanning does not transmit anything but only listens to AP beacons).
> 
> Piers reported to the list that his tests did not show a change in MAC, although I believe this was with a beta version tested before the official iOS8 was announced. It would be worth verifying again.
> 
> Cheers,
> 
> Juan Carlos
> 
> 
> 
> Sent with Good (www.good.com)
> 
> ________________________________
> From: Carlos Jesús Bernardos Cano
> Sent: Friday, September 19, 2014 9:59:03 AM
> To: STDS-802-PRIVACY@xxxxxxxxxxxxxxxxx
> Subject: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
> 
> Hi,
> 
> Not sure if this has been already discussed in the list (apologies if
> that was the case). I found out today that iOS8 uses randomized MAC
> addresses when scanning [1].
> 
> "Randomized Wi-Fi addresses
> When you’re out running errands with your phone in your pocket, Wi-Fi
> hotspots have the ability to track your movements and behavior by
> scanning your Wi-Fi MAC address. A MAC address is a string of characters
> that uniquely identifies your device on a network. With iOS 8, we’ve
> introduced an innovative feature designed to protect your privacy by
> randomizing your device’s MAC address when the device is passively
> scanning for Wi-Fi networks. Because your MAC address now changes when
> you’re not connected to a network, it can’t be used to persistently
> track you. This is in line with Apple’s industry-leading effort to do
> away with persistent identifiers, and is unique to iOS devices."
> 
> [1] https://www.apple.com/privacy/privacy-built-in/
> 
> Do you know if other OSs are also doing this?
> 
> Thanks,
> 
> Carlos

Follow-Ups:
- Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
  - From: Mathieu Cunche

References:
- [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
  - From: Carlos Jesús Bernardos Cano
- Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
  - From: Zuniga, Juan Carlos

Prev by Date: Re: [STDS-802-Privacy] Linux macchanger
Next by Date: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Previous by thread: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Next by thread: Re: [STDS-802-Privacy] iOS8 uses randomized MAC addresses when scanning
Index(es):
- Date
- Thread