iOS 8 MAC Address Randomization
Frederic Jacobs, regarding an announcement in WWDC 2014 session 715, User Privacy on iOS and OS X (PDF):
iOS 8 randomises the MAC address while scanning for WiFi networks. Hoping that this becomes an industry standard.
Whenever you walk around a major Western city with your phone’s Wi-Fi turned on, you are broadcasting your location to government agencies, marketing companies and location analytics firms.
In shopping malls, for instance, a firm called Euclid Analytics collects, in its own words, “the presence of the device, its signal strength, its manufacturer (Apple, Samsung, etc.), and a unique identifier known as its Media Access Control (MAC) address.” In London last year, one start-up installed a dozen recycling bins that sniffed MAC addresses from passers-by, effectively tracking people through the area via their phones. Such companies go to great lengths to explain that such information in not personally identifiable—except that repeated studies have shown that this data can indeed be used to infer a great deal about your life.
In adding MAC address randomization during Wi-Fi probing, Apple manages to both eliminate a potential privacy leak and drive companies interested in location-based advertising toward a solution it prefers. iOS users who would prefer to opt out of iBeacon can first ensure they have no iBeacon-aware apps installed (like the official Apple Store app), or they can disable Bluetooth. Until iOS 8 arrives, iOS 7 users who would prefer not to have their MAC addresses tracked in public can disable Wi-Fi when they’re out and about.
The new MAC randomization system is the latest in a line of privacy-focused moves from Apple that have come to light as developers digest the wealth of material offered at last week’s Worldwide Developers Conference.
Most visible among those change is iOS 8’s new “While Using” location privacy option. The new setting allows users to restrict apps from determining their location unless the app is in active use, preventing apps from collecting location data in the background unless explicitly authorized to do so.
I think this is a good idea, but I’m skeptical that it will do as much for privacy as people are saying. Julian Bhardwaj:
Most devices use both passive and active discovery in an attempt to connect to known/preferred networks. So it’s very likely that your smartphone is broadcasting the names (SSIDs) of your favourite networks for anyone to see.
[…]
The unfortunate news is there doesn’t appear to be an easy way to disable active wireless scanning on smartphones like Androids and iPhones.
However, you can at least tell your phone to ‘forget’ networks you no longer use to minimise the amount of data leakage.
In other words, with MAC address randomization, the names of your favorite networks become an identifier for you. Secondly, snoopers can use a common network name that your phone will try to auto-connect to, at which point they’ll get your real MAC address.
3 Comments RSS · Twitter
[…] Michael Tsai - Blog - iOS 8 MAC Address Randomization […]
[…] Previously: iOS 8 MAC Address Randomization. […]
The part I don't get is that they are not tracking the user but the device. Making the correlation between a mobile device and an individual solely based on the MAC address does not seem trivial and requires aggregating other data or praying that the user connects through the "evil" router (that would be even more evil by performing some deep packet inspection).
In some cases (like the one describing a store trying to track the movements of a customer _within_ the store), this could also be done via a CCTV system.
And when it comes to "advertising", the ad server does not see your IP or MAC addresses (otherwise, why use cookies?) so how would they make the correlation?
I'm curious about how they perform this LBA thing.