We learned this past week that Apple’s iOS 8 will offer the ability to randomize the WiFi MAC address while it scans for wireless networks. While the feature itself seems appealing from a privacy perspective it has me seeking to understand how they intend to technically implement this feature.
I’ve seen more than my fair share of duplicate IP address issues over the years and I’m wondering how Apple is going to implement this feature to prevent duplicate MAC addresses? And in that same thought how is this change going to impact other systems. It’s obviously going to impact those solutions that promise to track customers through retail spaces. Although the proposed change by Apple only covers the WiFi SSID scanning, once you connect to a guest/public hotspot iOS 8 will use the real WiFi MAC address which can then be tracked. How will this impact an Access Point or Wireless LAN Controller? What if a wireless network utilizes band steering and probe response spoofing?
Anyone have any technical details regarding how they will actually randomize the MAC address?
Cheers!
A few people have looked at iOS 8 beta behavior, and so far no one can find it happening:
http://listserv.educause.edu/cgi-bin/wa.exe?A2=ind1406&L=WIRELESS-LAN&T=0&F=&S=&P=7008
Anyone actually seen the randomization happening in the wild yet?
Thanks for the comment Frank!
I’d be interested in seeing a few packet traces myself.
Cheers!
As far as I understood, the randomization is only used for probing. When you are actually connecting to the network – you will use a real MAC. However, there are now many Wi-Fi analytics systems that track user presence and location (and gather stats) even when user is not associated to any WLAN. This feature supposedly can protect user identity in such scenarios.
Thanks for the comment!
The MAC address are randomised during the probe phase. This is where the WiFi base stations does auto-discovery as you move around and clients probe for base stations and networks.
Because you haven’t joined the network, you don’t have an IP. And because you haven’t joined th network you haven’t given permission to be monitoring and tracked as you move around public spaces. Offering randomised MAC prevents unknown tracking and forces WiFi trackers to ask for your permission. Most major wireless vendors have this today and offer customer analytics based on BlueTooth and WiFi MAC Addresses regardless of whether you gave permission or not.
Once you join a network, you get an IP and the MAC address is stable. By joining the network it would be assumed that you are giving permission to be tracked.
Thanks for the comment Greg. Looking forward to seeing a few packet traces to see how the feature behaves.