Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

iOS 8 Strikes an Unexpected Blow Against Location Tracking

Unknown Lamer posted about 2 months ago | from the waiting-for-obvious-patents dept.

IOS 323

schwit1 (797399) writes 'It wasn't touted onstage, but a new iOS 8 feature is set to cause havoc for location trackers, and score a major win for privacy.As spotted by Frederic Jacobs, the changes have to do with the MAC address used to identify devices within networks. When iOS 8 devices look for a connection, they randomize the MAC address, effectively disguising any trace of the real device until it decides to connect to a network.'

cancel ×

323 comments

Sorry! There are no comments related to the filter you selected.

Apple Actually Cares About Privacy (3, Insightful)

Anonymous Coward | about 2 months ago | (#47200741)

Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.

Re:Apple Actually Cares About Privacy (5, Insightful)

Anonymous Coward | about 2 months ago | (#47200757)

Apple allready knows who you are and what you are doing and where you are and where you have been ...

Re:Apple Actually Cares About Privacy (5, Insightful)

sonamchauhan (587356) | about 2 months ago | (#47200957)

Correct. The only difference is that they don't like to share...

Re:Apple Actually Cares About Privacy (5, Informative)

Anonymous Coward | about 2 months ago | (#47200987)

The only difference is that they don't like to share..

Yes they do, they even say so in their privacy policy: “[Apple will] make certain personal information available to strategic partners that work with Apple to provide products and services, or that help Apple market to customers.”

In fact, if you read their privacy policy, you'd realize Apple gathers up about as much personal information on users as any other big tech company. The main difference is they say they don't connect the dots.In fact, they've been and are being sued for sharing too much user data...

Personal user data big part of any technology company's business model these days. Even Apple.

http://motherboard.vice.com/bl... [vice.com]

Re:Apple Actually Cares About Privacy (3, Insightful)

sonamchauhan (587356) | about 2 months ago | (#47201017)

Thanks - I suspected that this was the case, but wasn't sure.

Location tracking stays turned off in my iOS device. A nuisance when you want a quick look at the streetmap of the area you're in.

I suspect this entire ploy is so that iBeacons can be marketed more effectively.

Re:Apple Actually Cares About Privacy (4, Informative)

Tom (822) | about 2 months ago | (#47201111)

Location tracking stays turned off in my iOS device. A nuisance when you want a quick look at the streetmap of the area you're in.

You know you can turn it on and off selectively, yes? Allowing certain apps to use it, but others not?

Re:Apple Actually Cares About Privacy (2)

GoddersUK (1262110) | about 2 months ago | (#47201399)

That's GPS based location tracking carried out by your phone. TFA is referring to nasties like this - http://www.telegraph.co.uk/tec... [telegraph.co.uk] - where wifi enabled devices are tracked by wifi hotspots using their mac address.

Re:Apple Actually Cares About Privacy (-1)

Anonymous Coward | about 2 months ago | (#47201419)

The guy he was responding to WAS TALKING ABOUT GPS TRACKING. Follow the fucking thread.

Re:Apple Actually Cares About Privacy (1)

Tom (822) | about 2 months ago | (#47201437)

GP was about GPS location tracking. ;-)

Re:Apple Actually Cares About Privacy (1)

Anonymous Coward | about 2 months ago | (#47201623)

It goes back to the other comments, while others cannot track you. That doesn't mean Apple isn't doing the collecting themselves and selling it off, or being requested by the FBI, NSA to give up what they have. This is nothing more then PR twisting, by a company that is suspected of willfully working with spying/law enforcement agencies.

To me to have the press sit there an report this without highlighting the companies past and current data collecting activities is misleading the public into thinking they are somehow safe, or just to give people a false sense of security as a way to sell more phones then your competitor.

Re:Apple Actually Cares About Privacy (4, Informative)

pmontra (738736) | about 2 months ago | (#47201229)

They don't connect the dots for everybody for free. Become a strategic partner (that is: find a way to bring them more money) and they'll be happy do connect the dots for you. So don't be naive: Apple cares about its customers only when it can turn that care into profit.

BTW, this app [google.com] does the same on a rooted Android device.

Re:Apple Actually Cares About Privacy (1)

LookIntoTheFuture (3480731) | about 2 months ago | (#47201511)

BTW, this app [google.com] does the same on a rooted Android device.

Thank you, thank you, thank you! Mod this up!

Re:Apple Actually Cares About Privacy (1)

LookIntoTheFuture (3480731) | about 2 months ago | (#47201555)

BTW, this app [google.com] does the same on a rooted Android device.

Thank you, thank you, thank you! Mod this up!

Replying to my own post. This app is also available on the 1Mobile Market.

Re:Apple Actually Cares About Privacy (3, Interesting)

jedrek (79264) | about 2 months ago | (#47201503)

Apple's falling out with Google over Maps was about GOOG wanting more data and Apple not wanting them to gather it.

Re:Apple Actually Cares About Privacy (2)

tomhath (637240) | about 2 months ago | (#47201575)

...and Apple not wanting to share it with Google.

Re:Apple Actually Cares About Privacy (5, Interesting)

Anonymous Coward | about 2 months ago | (#47200773)

Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.

No, this is about 3rd parties tracking you - it means your iPhone does not provide its MAC address to the network(s) it has found. This never had anything to do with Apple tracking you nor does not stop Apple from keeping tabs on what networks you have identified while looking for a connection.

Re:Apple Actually Cares About Privacy (2, Insightful)

Anonymous Coward | about 2 months ago | (#47200805)

True. But I think the point is that Google's business plan depends on 3rd parties. It's not exactly a good comparison, but this is one more example of Apple's positive protection of customer's privacy againsts Google's equal number of negative examples.

Re:Apple Actually Cares About Privacy (1)

mlk (18543) | about 2 months ago | (#47201321)

In this case I could see Google doing the same as Google is not part of the loop.

Re:Apple Actually Cares About Privacy (3, Insightful)

mwvdlee (775178) | about 2 months ago | (#47200943)

More specifically this is about 3rd parties tracking you, without paying Apple.
All this does is close up the tracking options that compete with Apple's tracking options.
As for Google, I suspect we'll see this happening on Android phones soon enough as MAC tracking competes with Google as well.

Re:Apple Actually Cares About Privacy (2)

justcauseisjustthat (1150803) | about 2 months ago | (#47201009)

What Apple tracking options? iBeacon I suppose could be used for that but users have the option to enable or not.

Re:Apple Actually Cares About Privacy (5, Informative)

SuricouRaven (1897204) | about 2 months ago | (#47201123)

No, it still provides your MAC to the network. Doing otherwise would break things - static DHCP reservations for one. It means the iPhone won't provide its MAC address *until* it finds a recognised network to connect to - it won't be broadcasting it constantly while you are out traveling or shopping.

Umm, no (3, Informative)

Viol8 (599362) | about 2 months ago | (#47201467)

It actually randomised the MAC address. Its been a long time since MACs were burnt into ROM and couldn't be changed. On Linux you can do it using ifconfig or one ioctl() in C.

Re:Apple Actually Cares About Privacy (4, Informative)

fuzzyfuzzyfungus (1223518) | about 2 months ago | (#47200833)

Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.

I would be more optimistic if it weren't for the fact that Apple went and deliberately developed "iBeacon [wikipedia.org] ", more or less deliberately designed for every sort of horrid 'location based service' and 'relevant offer' crap in the book.

Architecturally, hunting for wifi networks with a spoofed MAC is a good idea; but it sure does look like Apple is cutting an attempt to track their phones the non-blessed way off at the knees, even as they actively provide a blessed way of doing it.

In the same way, they cracked down on apps that used phone serial numbers, IMEIs and similar; but then built an "advertising identifier" right into their OS.

They want to be sure that you find the experience of being sold tasteful and unobtrusive; but they aren't actually your friends, nor do they consider your hardware purchase to be sufficient to exempt you from being the product.

Re:Apple Actually Cares About Privacy (5, Informative)

Anonymous Coward | about 2 months ago | (#47200863)

You make a good point. However, iirc, a user can completely diasable their iPhone's from repsonding to iBeacons. So even under the "blessed" way, a customer's privacy is still within their personal control.

Re:Apple Actually Cares About Privacy (2)

davester666 (731373) | about 2 months ago | (#47201011)

well, to do so means turning off Bluetooth, which sucks because I hate using corded headphones.

And iBeacon hardware can trivially also work the same way as wifi tracking, by just tracking the bluetooth id your phone is emitting all the time instead. it's unique to your phone and can be used to pin down the phones location quite precisely.

while iBeacon itself is quite benign if you just don't download/authorize the stores app to get the iBeacon messages, I'm sure larger stores will spring the extra couple of bucks to do bluetooth tracking, particularly if they are already doing wifi tracking.

Re:Apple Actually Cares About Privacy (1, Funny)

Anonymous Coward | about 2 months ago | (#47201125)

Yeah, sure and you have no way of knowing if it's actually disabled.

With Android, you can see the source code, so you know exactly what everything is doing and you can modify it if you don't like it. Google isn't trying to hide anything from anyone, unlike Apple.

Re:Apple Actually Cares About Privacy (2)

ifiwereasculptor (1870574) | about 2 months ago | (#47201241)

AFAIK, you can't see the source for Google apps like Play Store, Maps etc, tough. Maybe not even for the launcher. I don't know what's part of AOSP and what's a Google add-on, these days. My point being that, for reaping the benefits of being able to see the source code, you must be able to see it all. Unless you have root access and can manage permissions on a per-app basis directly via the base, open OS. That's not Android's case, though - at least not by default.

Re: Apple Actually Cares About Privacy (1, Insightful)

Anonymous Coward | about 2 months ago | (#47201393)

Great selling point. But: Have you looked at the source code? There's a lot of it. Did you understand it all? Did you find any bugs or holes?

Re: Apple Actually Cares About Privacy (1, Interesting)

Anonymous Coward | about 2 months ago | (#47201581)

Why would he do that? Everyone knows that just having source code available makes software free from bugs and hidden security flaws. Nobody actually needs to check it.

Google is no better/worse than Apple (3, Insightful)

sjbe (173966) | about 2 months ago | (#47201573)

With Android, you can see the source code

And you've seen the source code for the Android device in your hand? Right. Didn't think so. Hell, even if you compiled it yourself I seriously doubt you looked. Furthermore 99.9999% of people wouldn't have the foggiest idea where to find the relevant bits of code even if they did have the source code. Which they don't. And even if they did they certainly don't have time to review all the code themselves. I'm as big a supporter of open source as anyone here but I'm under no illusion that it protects me from a company like Google.

Google isn't trying to hide anything from anyone, unlike Apple.

If you believe that I have some property I'd like to sell you. Just because they have a cute motto about not being evil doesn't mean much. Google is no better than Apple when it comes to collecting and selling information about you. They are an advertising company and that is how they make their money. They may not sell all your specific information to specific buyers but they definitely are using that information to make money. And if you think they aren't hiding anything just try waltzing into their headquarters and snooping around sometime. Tell me how that goes for you.

Re:Apple Actually Cares About Privacy (3, Informative)

justcauseisjustthat (1150803) | about 2 months ago | (#47201005)

Big difference iBeacon needs to be enabled per app, the user has control! Here the user was scanned without their consent, this new privacy feature is awesome.

Re:Apple Actually Cares About Privacy (5, Informative)

Tom (822) | about 2 months ago | (#47201087)

Apple went and deliberately developed "iBeacon"

Which works by Bluetooth, not WiFi, and it's basically a Bluetooth broadcaster. Also, it is opt-in.

In the same way, they cracked down on apps that used phone serial numbers, IMEIs and similar; but then built an "advertising identifier" right into their OS.

That you can opt out of [osxdaily.com] .

Re:Apple Actually Cares About Privacy (1)

bluelip (123578) | about 2 months ago | (#47200837)

Pretty much a derp. You don't use 802.1x and mac filtering at home?

Re:Apple Actually Cares About Privacy (0)

Anonymous Coward | about 2 months ago | (#47200841)

Corporation fanboyism is just the modern equivalent of monarch or god fanboyism.

Re:Apple Actually Cares About Privacy (3, Insightful)

Tom (822) | about 2 months ago | (#47201055)

It is true.

The reason is that for Apple, you are the customer. For Google, you are the product, because its customers are the advertisers.

Re:Apple Actually Cares About Privacy (1)

gl4ss (559668) | about 2 months ago | (#47201075)

they care about hiding potential profits from it from other people.

while breaking standards.

they'll still keep a list of where you've been on the phone..

Re:Apple Actually Cares About Privacy (-1, Troll)

Anonymous Coward | about 2 months ago | (#47201113)

lol, your post is a perfect example of why Apple users are universally considered to be naive idiots.

Re:Apple Actually Cares About Privacy (1)

ocean_soul (1019086) | about 2 months ago | (#47201345)

They don't really care about your privacy, they care about knowing more about you than their competitors do.

but changing MAC is like filing serial# off a car! (5, Interesting)

Anonymous Coward | about 2 months ago | (#47200753)

At least according to the prosecutors who went after Aaron Swartz. His laptop got locked out of a network so he changed the MAC address with the built-in MacOS GUI utility and they said that was like filing the serial number off a car. Now all iphones are going to change it randomly during network scan? OMG, that's like a car that files off its own serial number every time you go around the block! Alert the authorities!!!!! Sigh.

Re:but changing MAC is like filing serial# off a c (1)

Anonymous Coward | about 2 months ago | (#47200775)

When it actually connects it's giving the real MAC address.

Re: but changing MAC is like filing serial# off a (0)

Anonymous Coward | about 2 months ago | (#47200973)

Seriously? So close to being useful, yet so far...

Re:but changing MAC is like filing serial# off a c (2)

jklovanc (1603149) | about 2 months ago | (#47200839)

Most laws, except negligence statuettes, have an intent clause. In Schwartz's case it would have been easy to show that his intent was to circumvent being kicked off the network. Randomizing during search can easily be shown as an intent to remain anonymous.

Re:but changing MAC is like filing serial# off a c (0)

Anonymous Coward | about 2 months ago | (#47200865)

Negligence statuettes?

Wonderful wonderful slip!

Lack of intent (4, Insightful)

Camael (1048726) | about 2 months ago | (#47200887)

In your example, the prosecutors were able to argue that deliberately using a utility to intentionally change your MAC address was akin to taking steps to file off the serial numbers of a car. This is because Aaron intended to change his MAC address and deliberately took steps to effect the change.

If future iPhones automatically change their MAC address, on their own, without any intervention by their user, where is the crucial element of acting with intent or deliberation?

It is far too soon to cry wolf.

Re:Lack of intent (1)

jklovanc (1603149) | about 2 months ago | (#47200971)

You are close but the intent issue is not in the act but in what the act was intended to do. It was not the fact that he used a utility to intentionally change his address but that he changed his Mac address with the intent of getting around his being kicked off the network. For example I could draw a dollar bill and use it to buy something as long as I am clear that it is a drawing and not a real bill. I do not "intend" to pass the bill as real money. This is why Boggs [wikipedia.org] has never been convicted of counterfeiting even though he has paid for things using his drawings.

Re:Lack of intent (1)

bytesex (112972) | about 2 months ago | (#47201249)

It's not about intent at all - a MAC address is simply meaningless! A car's serial number is something that is officially alotted, and has all sorts of codified repercussions. A MAC address is simply a number. Prosecutors arguing that changing your MAC address is akin to filing off a car's serial number, are like those that argued that etoy.com had a .com address and therefore was meant to be using in the US only: a complete fabrication intended to pull the wool over the judge's eyes!

Re:Lack of intent (0)

Anonymous Coward | about 2 months ago | (#47201133)

If I intentionally buy an IPhone instead of a non-mac address randomizing phone just for this feature does that show intent?

Can I reasonably argue that I liked the shiny and was ignorant of this feature?

I get that the standard car analogy applies, just because you can buy a car that can exceed the speed limit doesn't make it legal to speed.

If the IPhone has the ability to disable this feature then perhaps in some jurisdictions you must do so and the onus to know what local law applies is on you... best just leave it switched off all the time and brag that you can do so, but never do, just like with the fast car.

but changing MAC is like filing serial# off a car! (1)

Anonymous Coward | about 2 months ago | (#47201509)

I hate this type of analogy people come up with to further their agenda. It doesn't help the public understand what really is the issue and it also perverts the public's view on the subject.

Changing a MAC address is not akin to filing a serial number off of a car. A MAC address is not a security feature, it's an identification number for the physical layer of a network, in which collisions ARE possible (although not likely). So if an NIC has the same MAC address as another NIC, it's not like two cars having the same serial number (which doesn't repeat, because, you know, it's serial).

Good. (1)

Mantrid42 (972953) | about 2 months ago | (#47200767)

Good.

useless; who writes this crap? (-1)

dltaylor (7510) | about 2 months ago | (#47200795)

Once connected to a network, it will use the real MAC, making it utterly traceable.

useless; who writes this crap? (3, Insightful)

Anonymous Coward | about 2 months ago | (#47200821)

The point is that there are many networks out there pinging for MAC addresses that the user DOESN'T connect to.

Re:useless; who writes this crap? (0)

dltaylor (7510) | about 2 months ago | (#47201153)

So, basically, the device is doing something stupid (banging away hoping an AP will talk to it, when the USER has not indicated a need to do so), and Apple is just going to put on a fig leaf, of who knows how much transparency, rather than just stop doing the stupid thing? Are the few milliseconds it takes to connect to a network deliberately really going to ruin the the experience THAT much?

Re:useless; who writes this crap? (5, Informative)

wonkey_monkey (2592601) | about 2 months ago | (#47200861)

The point, obviously, is that you can't be identified by the access points you don't connect to.

Of course you're traceable once you've connected; how else could you stay connected and get traffic to your device?

Re:useless; who writes this crap? (0)

StripedCow (776465) | about 2 months ago | (#47201097)

Of course you're traceable once you've connected; how else could you stay connected and get traffic to your device?

The point is that after you connect *again*, you are linkable to the previous you.

Re:useless; who writes this crap? (1)

tomhath (637240) | about 2 months ago | (#47201593)

Which is the real point; only Apple applications can connect and track.

Re:useless; who writes this crap? (1)

Anonymous Coward | about 2 months ago | (#47200951)

A little long in the tooth to be so naive about wifi networks and tracking mobile devices, aren't you?

Re:useless; who writes this crap? (1)

dltaylor (7510) | about 2 months ago | (#47201179)

no, that's just one of the reasons I don't have one (little utility traded for a lot of work maintaining and securing the thing).

Security (1)

jklovanc (1603149) | about 2 months ago | (#47200855)

When it connects it uses the real MAC address so MAC filtering will work.

Re:Security (1)

viperidaenz (2515578) | about 2 months ago | (#47200899)

Unless your access point is hidden and doesn't respond to MAC's it doesn't know about. The iPhone will never find the network it's looking for.

Re:Security (3, Insightful)

fnj (64210) | about 2 months ago | (#47200927)

Uh, yeah. MAC filtering will work as well as it ever works, which is to say providing no more than the illusion of security.

What this does accomplish, though, is a real measure of somewhat increased privacy.

Re:Security (1)

SuricouRaven (1897204) | about 2 months ago | (#47201109)

Not true. MAC filtering is easily subverted if there is a device nearby already connected, and if the attacker is willing to spend some minutes looking over dumps. It's pathetic security, but it's still better than none at all, as the extra time taken can hold of opportunistic hackers. There's still no good reason to use it, though.

Re:Security (4, Insightful)

hobarrera (2008506) | about 2 months ago | (#47201157)

Not, crappy security is not better that no security. When users know there's no security, they may be slightly cautious. If they belive there's security in place, they might let their guard down, so this false sensation of security is actually a bad thing.

Re:Security (1)

Anonymous Coward | about 2 months ago | (#47201367)

MAC filtering isn't for users, it's for network administrators, so your argument is invalid.

Re:Security (1)

Threni (635302) | about 2 months ago | (#47201023)

> When it connects it uses the real MAC address so that networking will work.

FTFY

all kinds of ways to track people (1)

phantomfive (622387) | about 2 months ago | (#47200905)

Apparently Nordstroms is logging all phones that enter into their stores. Then they can know how many times you've entered, how long you stayed, when you left. I wasn't aware they were starting to do that.

New versions (0)

Anonymous Coward | about 2 months ago | (#47200909)

Wasn't there an update in the SSID discovery which allows to probe for SSID without sending MAC address at all ? I think I read about this some time ago, but I don't find a source (read: I don't have time to search). Of course this require the AP to understand this new version of protocol (so basically useless due to number of old AP)

They are lying - and what about ARP resolution? (0)

peaceful_bill (661382) | about 2 months ago | (#47200911)

I do not have any empirical data to back up this feeling, but considering the cozy and close relationship Apple has demonstrated with our friends in the NSA, this article strikes me as a dishonest attempt to fool us into thinking they actually care about privacy and security.

On a technical note, what does this do to ARP tables? How does that address resolution work?

Re:They are lying - and what about ARP resolution? (0)

Anonymous Coward | about 2 months ago | (#47200967)

It wouldn't matter because ARP tables never come into play as it never connects to the network to get an address.

Re:They are lying - and what about ARP resolution? (0)

peaceful_bill (661382) | about 2 months ago | (#47200985)

"never connects to the network to get an address."

wha huh?

Re:They are lying - and what about ARP resolution? (0)

Anonymous Coward | about 2 months ago | (#47201135)

ARP would translate IP to MAC Right? It clearly states "until it decides to connect to a network" at which point it NEVER has an IP address. So ARP would never come into play with this.

Re:They are lying - and what about ARP resolution? (2)

sabbede (2678435) | about 2 months ago | (#47201535)

What if you have a wifi client whitelist?

I expect my IDS... (0)

Anonymous Coward | about 2 months ago | (#47200921)

will go bonkers because of this. Dell already sends me about a dozen emails a day about new MAC addresses our APs discover.

This is Apple. Everything is proprietary. (1)

Anonymous Coward | about 2 months ago | (#47200923)

So let's not prematurely confuse "we are making tracking more difficult for the benefit of our users" with "we're still happy to violate users' privacy for profit, we're just making it so there's only one implementation for doing so you can buy--ours".

Re:This is Apple. Everything is proprietary. (0)

Anonymous Coward | about 2 months ago | (#47200997)

This is an American company. Everything is under... oh forget it.

Why keep Wifi on? (0)

Anonymous Coward | about 2 months ago | (#47200933)

Why keep Wifi on? It never seems to work well for me. When I did try to use it the data connection would constantly sever and sometimes cause whatever app I'm using to get angry. Furthermore at my house my Wifi is much slower than my mobile connection. Even though I have a data cap (Verizon) I never exceed the cap without Wifi. I also save some battery by keeping it off.

Re:Why keep Wifi on? (2)

MrMickS (568778) | about 2 months ago | (#47201519)

Why keep Wifi on? It never seems to work well for me. When I did try to use it the data connection would constantly sever and sometimes cause whatever app I'm using to get angry. Furthermore at my house my Wifi is much slower than my mobile connection. Even though I have a data cap (Verizon) I never exceed the cap without Wifi. I also save some battery by keeping it off.

Wish I had mod points for the above.

I disable my WiFi until I'm somewhere I want to use it. The only people that can track me are my cell provider and those people within range of a WiFi network I want to connect to.

Users are the product. (0)

Anonymous Coward | about 2 months ago | (#47200981)

It's been said countless times... this is another example. IMO - we are the product.

IMHO, I don't believe this "feature" is for our privacy as much as it is to protect related data points of the hard-earned user base.

This is an Outrage! (0)

Anonymous Coward | about 2 months ago | (#47201007)

How dare it muck with the status quo?

How about malfunctioning devices? (1)

ruir (2709173) | about 2 months ago | (#47201027)

Lets suppose a malfunctioning device is crashing my enterprise wifi system. Tell me again, how in earth will I block it, and much less detect it? This is so wrong in many levels from the technical point of view...

Re:How about malfunctioning devices? (1)

Anonymous Coward | about 2 months ago | (#47201063)

If your enterprise wifi system can be crashed by a device with a random MAC, then you've got problems...

Re:How about malfunctioning devices? (2)

Tom (822) | about 2 months ago | (#47201065)

Say thank you to the advertisers who make such crap necessary.

Yes, technologically, it would be much better if we didn't have to do things like this. Spam filters and RBLs and greylisting make debugging e-mail delivery problems hell as well. But you can't have working e-mail without them, because if you try, you get flooded by spam.

Same thing. Yes I agree technologically it would be better to not have to do this. Unfortunately, we have to.

Re:How about malfunctioning devices? (3, Insightful)

hobarrera (2008506) | about 2 months ago | (#47201163)

Your enterprise networks gets crashed by a [broken?] device that scans for availabe wireless networks?
Looks like your enterprise network has some very serious issues you'll want to look into asap!

Re:How about malfunctioning devices? (0)

Anonymous Coward | about 2 months ago | (#47201413)

Hello,

We've seen it happen... In a dense network environment a certain type of smartphone's (forgot which one, not apple) wifi driver crashed (was later traced to too many networks visible) and started continuously transmitting broken packets. Since it simply used up all the available airtime it was an effective jammer. Of course, this could not be fixed by 'blocking' the device since it did this on it's own.

Lazyiness (0)

Anonymous Coward | about 2 months ago | (#47201033)

Y'know, you could have just turned WiFi OFF when you're not using it - People can't track you and you will extend your rather pathetic battery life that much further. It's win-win!

Spoofing considered criminal when convenient (1)

Anonymous Coward | about 2 months ago | (#47201037)

Charged Aaron Swartz with "MAC Address Spoofing"

http://arstechnica.com/tech-po... [arstechnica.com]

http://archive.org/stream/UsaV... [archive.org]

My question is what other modern tools do admins have for identifying malicious users to restrict access to open networks if automatic MAC address spoofing becomes commonplace?

on related news (0)

Anonymous Coward | about 2 months ago | (#47201047)

Ferrari says it will randomise number plates to anonymise you from police patrols and IRS auditors.

Re:on related news (0)

Anonymous Coward | about 2 months ago | (#47201311)

Old tech. KITT 2000 had already implemented this feature [google.co.jp] in the 1980s.

How do you know the MAC addresses are random? (0)

Anonymous Coward | about 2 months ago | (#47201091)

Apple could doing something as simple XOR of the real MAC against a hash of the current time of day. It might appear to be random, but something that is easily reversible just in case law enforcement or a 3 letter agency needs it.

Users should start asking for privacy (1)

ponos (122721) | about 2 months ago | (#47201139)

The adoption of measures protecting privacy depends on user demand. Online commerce has been considered safe enough for years yet exchanging an email or having any online activity is completely unprotected. I was always surprised by lack of interest from users. Maybe the younger users, if they are not yet addicted to making all their life public on facebook et al would put some pressure for simple technical solutions that guarantee a basic level of privacy. Obviously, I don't expect complete protection against three-letter agencies; that's not the point. In that sense, this looks like a step in a desireable direction, even if it is done for the wrong reasons. As a potential customer, I appreciate this effort.

This is worthless. (1)

poptix (78287) | about 2 months ago | (#47201221)

Unless your device is beaconing for networks in your saved networks list (WHICH ONLY HAPPENS for networks that do not transmit their SSID) a client *never* sends out probes, so there is no opportunity to randomize the MAC address.

If your device is listening for WiFi beacons and finds one in your saved network list, it *must* associate with your actual MAC address.

In other words, the teeny tiny percentage of the population with hidden SSIDs in their WiFi network list will benefit from this, nobody else. It would have been a lot better if they had done this with bluetooth.

Re:This is worthless. (2)

peragrin (659227) | about 2 months ago | (#47201453)

that's just it people don't turn off wifi but companies like nordstrom run monitoring software. so whenever you enter their store they know how long you were there, what parts of the store you visited, and how often you come visit. I am surprised more companies aren't doing this as it is a quick way to track customers.

What apple has done is made this method of tracking useless. instead they will be forced to use ibeacon type technology which uses bluetooth. It also provide more accurate tracking as bluetooth is much shorter range.

Re:This is worthless. (0)

Anonymous Coward | about 2 months ago | (#47201471)

Umm, no. Devices these days beacon continuously for every network on your network list. I suggest you find a program to monitor beacon messages run run it in a busy room. Soon you'll have a list of everyone's home network...

Fixing tracking device (0)

Anonymous Coward | about 2 months ago | (#47201293)

You want to have the real MAC address with your tracking device ? You get a SSID request from MAC "random" for network "this is my great home SSID". Ok. First if "this is my great home SSID" is unique you got it. But if it's not, just says that you are in fact the network "this is my great home SSID" and you got a connection request from MAC "real MAC". I'm not sure if this works. (and if it works, it's more difficult to track a lot of users, because you have to responds to these instead of just listening. And user could have restricted SSID connection to some fixed AP MAC)

There's an obvious response (1)

elvum (9344) | about 2 months ago | (#47201447)

Stores and malls that want to track you still have options - perhaps the most obvious one is to offer free wifi to their customers. Which is probably a win-win situation, although most users probably won't realise that part of the price of the "free" wifi is that they get tracked until they tell their device to forget the network again. There might be some subtle biases introduced into the data captured by this method if some kinds of customer are more likely to accept the offer of free wifi than others, mind you.

Failz0rs... (-1)

Anonymous Coward | about 2 months ago | (#47201463)

move any equipment others what to is the group that were 7aken over BSD addicts, fLame the deal with you same worthless And promotes our they're gone Came

Apple would sell the tracking info (1, Interesting)

140Mandak262Jamuna (970587) | about 2 months ago | (#47201465)

The randomized MAC addresses might not be all that random. Apple might be able to reverse engineer the fake mac address to find the true mac address. That algorithm might be licensed to "business partners" for a fee. Apple is just interested in preventing third parties from tracking you without paying the due share to Apple.

Finally (0)

Anonymous Coward | about 2 months ago | (#47201475)

The straw to break the camel's back, no more idevices on my corporate systems.

Thanks for a new pain in my ass Apple. (1)

sabbede (2678435) | about 2 months ago | (#47201507)

Because what are the odds that someone would need consistent MAC's for something crazy like.. oh, I don't know... DHCP lease assignment/reservations? Did Apple forget how dhcpd works? Do they just not care about us networking people who need their users to be on the right frikking subnets?

Re:Thanks for a new pain in my ass Apple. (1)

MrMickS (568778) | about 2 months ago | (#47201531)

Oops. The quality of poster on Slashdot is going down. Read the article. The real mac address is used once you attempt to join a network. Its only whilst the device is looking for networks that the randomised MAC is used. It won't impact DHCP leases etc.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>