Tuesday, June 10, 2014

iOS8 Randomize MAC address for privacy - Great Win!

Apple announced bunch of privacy & security features in their 2014 WWDC keynote and one of them is randomizing MAC address. This alone is a great feature and would like to see this become industry standard.

With iOS8 all Apple handheld devices will generate random MAC address while it scans for Wi-Fi network. Doing this protects your privacy by on the go as no one can track you uniquely at a given location. Read my other blog on Wi-Fi tracking to know more on how MAC address can be used to map your location.

So what is MAC Address anyway? 
MAC address is unique hardware address of your network device. These are unique within network to identify a device and route network traffic to correct device. It is a 6 byte long ID that maps your network device (iPhone, iPad, Android, Laptop, desktop,  TV, and all devices that connects to network) on network. This does not change and is set by device manufacturer.

How is MAC address used ? 
When your device does connect to any network, it uses MAC address to uniquely identify itself and uses it to communicate over network. With Wi-Fi enabled, your device scans for known Wi-Fi networks that you often connect. When a Wi-Fi scan is done, it sends out your devices MAC address to check if Wi-Fi network is available and if so Wi-Fi router will send you message back to your MAC address.

With continuous Wi-Fi scan, your MAC (unique address is broadcasted) and that can be tracked by anyone around you to know your presence.

Privacy Issue with MAC Address:
As MAC address is unique and does not change, this is actively used to know more about people and track them as they carry smartphone or ipod/ipad. Your device always sends out network packet in air to scan for Wi-Fi network and leaves behind the traces of your device and indirectly you. Any mall or airport or hotel you visit knows you have been there and how long by mere presence of your smartphone.

This data about your smartphone can then be shared among multiple malls/hotels to trace you as an individual and track your footprints. A major privacy issue!

What's the advantage of MAC address randomizing? 

  • Apple device now will generate unique MAC address and thus no one can track your presence and map it to you. You gain high level of privacy by not allowing anyone to know you were present at any location.
  • Malls use Wi-Fi tracking to know more about customers visiting and how long they are in store and how often they visit. This data can then be shared. With MAC randomizing, your individual mapping is broken and there by giving you privacy on the move. 

My earlier blog details about Wi-Fi tracking and this solution from Apple works great. Solution detailed by Apple is going to add privacy support for individuals. I am sure this will be adopted by Android and Microsoft too. Great work Apple!

No comments:

Post a Comment

Transform your $15 router to $200 security router for FREE

Technology is evolving faster and there are more IoT devices at home/office than a few years back. Software Security companies are movi...