Slashdot Mirror
iOS 8 Strikes an Unexpected Blow Against Location Tracking
schwit1 (797399) writes 'It wasn't touted onstage, but a new iOS 8 feature is set to cause havoc for location trackers, and score a major win for privacy.As spotted by Frederic Jacobs, the changes have to do with the MAC address used to identify devices within networks. When iOS 8 devices look for a connection, they randomize the MAC address, effectively disguising any trace of the real device until it decides to connect to a network.'
Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.
At least according to the prosecutors who went after Aaron Swartz. His laptop got locked out of a network so he changed the MAC address with the built-in MacOS GUI utility and they said that was like filing the serial number off a car. Now all iphones are going to change it randomly during network scan? OMG, that's like a car that files off its own serial number every time you go around the block! Alert the authorities!!!!! Sigh.
The point is that there are many networks out there pinging for MAC addresses that the user DOESN'T connect to.
Most laws, except negligence statuettes, have an intent clause. In Schwartz's case it would have been easy to show that his intent was to circumvent being kicked off the network. Randomizing during search can easily be shown as an intent to remain anonymous.
The point, obviously, is that you can't be identified by the access points you don't connect to.
Of course you're traceable once you've connected; how else could you stay connected and get traffic to your device?
systemd is Roko's Basilisk.
In your example, the prosecutors were able to argue that deliberately using a utility to intentionally change your MAC address was akin to taking steps to file off the serial numbers of a car. This is because Aaron intended to change his MAC address and deliberately took steps to effect the change.
If future iPhones automatically change their MAC address, on their own, without any intervention by their user, where is the crucial element of acting with intent or deliberation?
It is far too soon to cry wolf.
Uh, yeah. MAC filtering will work as well as it ever works, which is to say providing no more than the illusion of security.
What this does accomplish, though, is a real measure of somewhat increased privacy.
Say thank you to the advertisers who make such crap necessary.
Yes, technologically, it would be much better if we didn't have to do things like this. Spam filters and RBLs and greylisting make debugging e-mail delivery problems hell as well. But you can't have working e-mail without them, because if you try, you get flooded by spam.
Same thing. Yes I agree technologically it would be better to not have to do this. Unfortunately, we have to.
Assorted stuff I do sometimes: Lemuria.org
Not, crappy security is not better that no security. When users know there's no security, they may be slightly cautious. If they belive there's security in place, they might let their guard down, so this false sensation of security is actually a bad thing.
Your enterprise networks gets crashed by a [broken?] device that scans for availabe wireless networks?
Looks like your enterprise network has some very serious issues you'll want to look into asap!
that's just it people don't turn off wifi but companies like nordstrom run monitoring software. so whenever you enter their store they know how long you were there, what parts of the store you visited, and how often you come visit. I am surprised more companies aren't doing this as it is a quick way to track customers.
What apple has done is made this method of tracking useless. instead they will be forced to use ibeacon type technology which uses bluetooth. It also provide more accurate tracking as bluetooth is much shorter range.
i thought once I was found, but it was only a dream.
It actually randomised the MAC address. Its been a long time since MACs were burnt into ROM and couldn't be changed. On Linux you can do it using ifconfig or one ioctl() in C.
Why keep Wifi on? It never seems to work well for me. When I did try to use it the data connection would constantly sever and sometimes cause whatever app I'm using to get angry. Furthermore at my house my Wifi is much slower than my mobile connection. Even though I have a data cap (Verizon) I never exceed the cap without Wifi. I also save some battery by keeping it off.
Wish I had mod points for the above.
I disable my WiFi until I'm somewhere I want to use it. The only people that can track me are my cell provider and those people within range of a WiFi network I want to connect to.
You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
What if you have a wifi client whitelist?
With Android, you can see the source code
And you've seen the source code for the Android device in your hand? Right. Didn't think so. Hell, even if you compiled it yourself I seriously doubt you looked. Furthermore 99.9999% of people wouldn't have the foggiest idea where to find the relevant bits of code even if they did have the source code. Which they don't. And even if they did they certainly don't have time to review all the code themselves. I'm as big a supporter of open source as anyone here but I'm under no illusion that it protects me from a company like Google.
Google isn't trying to hide anything from anyone, unlike Apple.
If you believe that I have some property I'd like to sell you. Just because they have a cute motto about not being evil doesn't mean much. Google is no better than Apple when it comes to collecting and selling information about you. They are an advertising company and that is how they make their money. They may not sell all your specific information to specific buyers but they definitely are using that information to make money. And if you think they aren't hiding anything just try waltzing into their headquarters and snooping around sometime. Tell me how that goes for you.
I think you are confusing standards with the real world.
Your device is constantly beaconing to the entire world around it, what networks it knows - and it will often quite happily connect to annyone claiming to be that home network, enabling for all sorts of fun snooping attacks.
Go lookup creepyDOL network and the presentation for same from Def Con.
The NSA wants to know
It's not about intent at all - a MAC address is simply meaningless! A car's serial number is something that is officially alotted
IEEE disagrees with you to an extent. It is the registration authority for blocks of 16.7 million MAC addresses.
They will use locally administered MAC addresses (you know, those with the 7th bit set to 1 instead of the traditional 0) which are not assigned to any manufacturer. (source: image in the twit)
When I buy a Google/ASUS co-branded Nexus 7 tablet from Google Play Store, how am I not the customer?
Google mades a bit over $14 billion revenue. Just under $13 billion of that is from advertisement.
Apple makes the vast majority of its $54 billion revenue on hardware, a small part ($4 billion) on software and iTunes sales and its advertisement revenue is so small it vanishes somewhere under "services" and I couldn't quickly find a number for it.
Ask yourself which company is more likely to sell out your data to advertisers. The one that makes 90% of its money from them and 10% from you, or the one that makes 98% of its profits from you and 2% from them.
Assorted stuff I do sometimes: Lemuria.org
Don't say that like it is a bad thing. I *want* my devices to have predictable identities because that is how the home router knows what IP address to hand out. Same thing at work. Also understand that a repeatable MAC only links sessions locally: your MAC address is not advertised to the internet.
Now, what would be nice would be an option to only use the assigned MAC when associating to selected networks. E.g., home, work, a friend's, etc., but by default use a randomly generated MAC. The hotels I've been at "forget" your device quickly anyway requiring a new acceptance of the terms so using a random MAC per session wouldn't hurt any. That'd be great for hot spots.
More important is the IP6 address selection. I'm not sure of the current state of affairs, but last I knew MS Windows was the only one that respected privacy. Apple used the MAC to generate a predictable suffix which allows global unique device tracking no matter where you go in the world. Now, they were not alone in this and IIRC it was originally a recommended method. But it is ironic, given MS close ties to NSA spying, that MS Windows (Win7 home, I believe) was the one that would generate a new suffix periodically even on a single connection (e.g., each day the suffix would change).
but changing MAC is like filing serial# off a car! At least according to the prosecutors...
Not any more. The Bluetooth Sig just spent four years in heavy sessions to plug the privacy leak from the MAC address tagging every packet with a device "serial number". This was rolled out in Bluetooth 4.0, especially in the Bluetooth Low energy addition.
If the option is turned on, the "MAC address" that labels the packets is pseudo-randomly chosen and constantly mutating. If the other device trying to communicate has a special relation it can access the true MAC address and/or share the secret so it can predict the pattern of mutation.
Apple went one further, though. Even when the remote device has the option turned off and is using the real MAC address for the link label, their stack doesn't export this info to apps over the API. The apps have to have to negotiate with the far end of the link to get it (or find a way to work around the stack, and risk Apple deliberatly breaking it, or removing them from the app store, if they find out), even though it was already "in the air".
I think Apple is sensitive to accusations of privacy violations and is making it hard for independent developers to put them in legal hot water.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Your device has to beacon continuously if you have ANY hidden networks otherwise it won't find them. At least not until it takes GPS location into account to determine if it should be broadcasting to hidden SSIDs.
In other words, any device has a hidden network in its list is always looking. Not to mention that mobile clients DO probe in order to find known networks more quickly than waiting for the WAP beacon.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
At least according to the prosecutors who went after Aaron Swartz. His laptop got locked out of a network so he changed the MAC address with the built-in MacOS GUI utility and they said that was like filing the serial number off a car. Now all iphones are going to change it randomly during network scan? OMG, that's like a car that files off its own serial number every time you go around the block! Alert the authorities!!!!! Sigh.
Sad that you don't understand enough about how WiFi works. There are two phases: In the first phase your device detects routers around it. In that phase, it must give out an MAC address so that the router can respond, but the MAC address is completely irrelevant. And no WiFi router will block out anyone during that discovery phase. The second phase is the connect phase, and in the connect phase, the device does indeed give its own MAC address.
In other words, what you are saying is complete bullshit.