or Connect
AppleInsider › Forums › Mobile › iPhone › MAC address randomization joins Apple's heap of iOS 8 privacy improvements
New Posts  All Forums:Forum Nav:

MAC address randomization joins Apple's heap of iOS 8 privacy improvements

post #1 of 36
Thread Starter 
With consumers growing more conscious about protecting their privacy, Apple has begun tackle the issue head on with numerous enhancements to its next-generation mobile operating system including a new feature that makes it more difficult to track and identify individual iOS devices.




Beginning with iOS 8, Apple's handheld devices will generate and use random Media Acccess Control, or MAC, addresses -- rather than their real MAC address -- when scanning for Wi-Fi access points. The change was announced in a closed session at the company's Worldwide Developers Conference and first called out by security researcher Frederic Jacobs.

MAC addresses are unique identifiers that allow devices to distinguish between one another on a network. Typically, every network interface has its own MAC address -- on an iPhone, that means one each for the Bluetooth and Wi-Fi radios.

When scanning for wireless networks, client devices like the iPhone periodically broadcast identifying packets that include the MAC address. In recent years, a number of firms have taken advantage of these broadcasts to track individual devices as they move around -- for example, some retail outlets use MAC address-based tracking to record the path that consumers take as they move through the store, allowing long-term measurement of shopping habits and better placement of sale materials and advertising.
Beginning in iOS 8, Apple's mobile devices will broadcast random MAC addresses to foil long-term tracking
There are also other, more benign uses for MAC address tracking. The city of Houston's TranStar traffic monitoring system, for instance, uses the MAC addresses from Bluetooth devices to measure traffic flow on city streets.

Though it is generally difficult to tie MAC addresses to specific people without some other connection, the privacy implications of MAC address tracking have been the subject of increasing debate. Apple's solution would effectively neuter the practice of long-term tracking by randomizing the MAC address shown during each round of scanning, a feature that many in the privacy community have been pushing for some time.

The new MAC randomization system is the latest in a line of privacy-focused moves from Apple that have come to light as developers digest the wealth of material offered at last week's Worldwide Developers Conference.

Most visible among those change is iOS 8's new "While Using" location privacy option. The new setting allows users to restrict apps from determining their location unless the app is in active use, preventing apps from collecting location data in the background unless explicitly authorized to do so.




Also new in iOS 8 is support for DuckDuckGo, an alternative search engine that promises not to track its users' searches or internet history. Additionally, Apple has opened the iPhone 5s's Touch ID authentication system for use by third-party apps, further enhancing security while increasing convenience.

Taken together, Apple's recent moves suggest a renewed focus on security and privacy that could pay dividends as its competitors come under increasingly heavy fire from governments and privacy advocates.
post #2 of 36
These moves are further differentiating Apple away from evil Google's "big brother" model. The choice for consumers will be pretty simple: you either buy Apple gear that's safe and designed to protect your privacy or you pick Google's gear that's designed to spy on you since that's how Google makes money.
post #3 of 36

Another way to look at this might be that if accurate tracking of iOS users is desired, a fee-based agreement with Apple must be made.

post #4 of 36
Quote:
Originally Posted by Cpsro View Post

Another way to look at this might be that if accurate tracking of iOS users is desired, a fee-based agreement with Apple must be made.

Is there any evidence that Apple wants to sell copy these MAC addresses per device and then sell these lists? Wouldn't that also mean the MAC addresses can't truly be random, but rather just give each device a large pull to pull from in order for the lists to still yield accurate results?

I don't see any reason for Apple to think this paltry gain in sales would outweigh the backlash if they were caught doing this. I think the only reasonable conclusion is that Apple does care about your privacy because they know that will help them sell more devices.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #5 of 36
Quote:
Originally Posted by Cpsro View Post

Another way to look at this might be that if accurate tracking of iOS users is desired, a fee-based agreement with Apple must be made.

They won 't be able to do this of course. It would fly against their historic stance on privacy protection, and future health-related efforts.
post #6 of 36
Google's whole business model is based off of them tracking everything about you, vs this.

Easy choice.
post #7 of 36
Quote:
Originally Posted by elmoofo View Post

Google's whole business model is based off of them tracking everything about you, vs this.

Easy choice.

As privacy gets more and more rare I think companies like Google and Facebook will struggle more and those that don't make their money from ads will find it harder to compete with companies like Apple, which is why I'm surprise Apple doesn't tout these privacy features more.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #8 of 36
Quote:
Originally Posted by patsu View Post


They won 't be able to do this of course. It would fly against their historic stance on privacy protection, and future health-related efforts.

 

Agreed. This random MAC feature makes sense for the forthcoming HealthKit apps. It's bad enough to be bombarded by ads via MAC harvesting (Google), but it's a whole different level of privacy invasion if the ads become "scare tactic" health-related ads ("your blood pressure is too high - buy this now!").

 

It makes me wonder what Tizen does with Samsung Gear's personal health info.

post #9 of 36
Quote:
Originally Posted by patsu View Post

They [Apple] won 't be able to do this of course. It would fly against their historic stance on privacy protection, and future health-related efforts.

Just like Google won't share such information either.

 

Apple isn't demonstrating a distinction between it and Google, other than implementing a mechanism that Google hasn't yet for maintaining proprietary tracking data on users.

post #10 of 36
Quote:
Originally Posted by Cpsro View Post
 

Another way to look at this might be that if accurate tracking of iOS users is desired, a fee-based agreement with Apple must be made.

 

theres not data to indicate that, so that way of looking at it would be incorrect.

post #11 of 36
Quote:
Originally Posted by Cpsro View Post
 

Just like Google won't share such information either.

 

Apple isn't demonstrating a distinction between it and Google, other than implementing a mechanism that Google hasn't yet for maintaining proprietary tracking data on users.

 

please put down the nitrous-filled balloon. your brain needs oxygen...

post #12 of 36
It's pretty despicable that this services offer the so called 'free Wi-Fi' model to lure users to get on their networks but they use the MAC address to track everything associated to that user. It's not hard for them to glean enough data on you to make a profile that they can reverse and figure out exactly who you are. I hate that cities like Seattle, Washington; Boulder, Colorado, etc, have all these wifi devices installed in the areas and they can monitor everything you do. No privacy whatsoever!!!
post #13 of 36
I wonder if we'll have any control of this beyond a simple off/on switch. I lock down my multiple wifi networks not only with the usual WPA passwords, but also a MAC address whitelist, so even with the password, unknown devices still can't access my wifi network. It'd be good if I could make my iPhone use the same MAC address when connected to certain wifi networks, and randomize with any other wifi networks.
post #14 of 36
This will be a huge problem for those whose work authenticates access to the work wifi network by MAC addresses. Does anyone know if this is something a user can turn on or off?
post #15 of 36
Quote:
Originally Posted by jonyo View Post

I wonder if we'll have any control of this beyond a simple off/on switch. I lock down my multiple wifi networks not only with the usual WPA passwords, but also a MAC address whitelist, so even with the password, unknown devices still can't access my wifi network. It'd be good if I could make my iPhone use the same MAC address when connected to certain wifi networks, and randomize with any other wifi networks.

I also use MAC address restrictions to limit access to networks and assign IP addresses via DHCP.

I'm guessing that iOS will be able to pass actual MAC addresses to designated wifi connection points and spoof the others.

This is also interesting, in that developers may no longer ascertain the MAC address of network interfaces on iOS devices their apps are installed on...

This was done to preserve user privacy and prevent unique id / device tracking.
Ask me about.... The 80's!
Reply
Ask me about.... The 80's!
Reply
post #16 of 36
Quote:
Originally Posted by JoshvanHulst View Post

It's pretty despicable that this services offer the so called 'free Wi-Fi' model to lure users to get on their networks but they use the MAC address to track everything associated to that user. It's not hard for them to glean enough data on you to make a profile that they can reverse and figure out exactly who you are. I hate that cities like Seattle, Washington; Boulder, Colorado, etc, have all these wifi devices installed in the areas and they can monitor everything you do. No privacy whatsoever!!!

Apple is closing down this avenue, so only Apple will know your whereabouts... and can improve iAds and iBeacons accordingly. I expect Google will do the same. Neither company likes to entertain freeloaders of the data they collect on users.

post #17 of 36
I think that MAC address randomisation is a good idea, but I would want to know how it's going to work in specific instances.

Where I live, I'm within range of somewhere around 40 wifi networks. I use MAC address filtering to keep strange devices off my network, and don't broadcast my SSID partly out of politeness (so there aren't 41 networks showing up for my neighbours).

How is a random MAC address going to work for me? Even if it knows to broadcast it's "real" MAC address to my home network, it doesn't necessarily know when it's in range of my home network. Am I going to be forced to turn off some part of my security system in order to get my iPhone 6 to work?

I suppose, you could do some elaborate hand-shake where it probes for the home SSID with a random MAC address, then when it gets the rejection switches to the real one, but that seems to be overcomplicating things. Another option could be to geo-fence your home network, but that may not be terribly reliable...
post #18 of 36

I definitely agree with you. I am sure the MAC address masking will be circumvented somehow by advertisers and the like. I really hope someone  makes a tweak that can hide the MAC address and also default Tor protection

post #19 of 36
Quote:
Originally Posted by SolipsismX View Post

As privacy gets more and more rare I think companies like Google and Facebook will struggle more and those that don't make their money from ads will find it harder to compete with companies like Apple, which is why I'm surprise Apple doesn't tout these privacy features more.

These features only exist in the pre-release software for iOS8. You talk like it's already out there being used.

When iOS8 is released along with the new iPhones, THEN it will be news.
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
post #20 of 36
Quote:
Originally Posted by Macky the Macky View Post

These features only exist in the pre-release software for iOS8. You talk like it's already out there being used.

When iOS8 is released along with the new iPhones, THEN it will be news.

This isn't the first time Apple has failed to put in the limelight something I felt was noteworthy for security. Do you want to make a bet on whether devotes presentation time to this feature when they go over iOS 8 again during the iPhone/iPad special event?

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #21 of 36
Quote:
Originally Posted by JoshvanHulst View Post

I definitely agree with you. I am sure the MAC address masking will be circumvented somehow by advertisers and the like. I really hope someone  makes a tweak that can hide the MAC address and also default Tor protection

The only way I could see it circumvented is by an app on the device that someone figures out this MAC address being presented to the WiFi network, but at that point I think it would have gone beyond it's allowed access and would acting as both spyware and a trojan.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #22 of 36
Quote:
Originally Posted by Anome View Post

I think that MAC address randomisation is a good idea, but I would want to know how it's going to work in specific instances.

Where I live, I'm within range of somewhere around 40 wifi networks. I use MAC address filtering to keep strange devices off my network, and don't broadcast my SSID partly out of politeness (so there aren't 41 networks showing up for my neighbours).

How is a random MAC address going to work for me? Even if it knows to broadcast it's "real" MAC address to my home network, it doesn't necessarily know when it's in range of my home network. Am I going to be forced to turn off some part of my security system in order to get my iPhone 6 to work?

I suppose, you could do some elaborate hand-shake where it probes for the home SSID with a random MAC address, then when it gets the rejection switches to the real one, but that seems to be overcomplicating things. Another option could be to geo-fence your home network, but that may not be terribly reliable...


This:

 

Quote:
 In iOS 8, Wi-Fi scanning behavior has changed to use random,locally administered MAC addresses… The MAC address used for Wi-Fi scans may not always be the devices real (universal) address… Once the iOS device is done scanning it will give the real MAC ID.

http://************/2014/06/09/ios-8-randomizes-mac-address-while-scanning-wifi-blocks-marketers-tracking-you/

 

This is a great feature and I applaud Apple for implementing it.

post #23 of 36

I think Apple will have more incentive to promote security/privacy when it unveils its mobile payments system along with the iPhone. The establishment of privacy standards, and the marginalization of the scumbags at google can't come soon enough.

 

I have an ex who unfortunately (for her and me) is having a hard time letting go, so she sends me crazy emails through my gmail (which I'm still trying to wean off of). Of course google doesn't want to miss an opportunity, so I see this just now:

Incredibly invasive, and in my opinion pretty unethical. Not to mention google was fined for posting illegal ads to obtain pharmaceuticals from Canada. The list goes on..

   

Reply

   

Reply
post #24 of 36
"Is he cheating on you ?"
lol - classic. The morons can't even get your gender right.

I hope this can be implemented seamlessly.
post #25 of 36
Quote:
Originally Posted by PatchyThePirate View Post
 

I think Apple will have more incentive to promote security/privacy when it unveils its mobile payments system along with the iPhone. The establishment of privacy standards, and the marginalization of the scumbags at google can't come soon enough.

 

I have an ex who unfortunately (for her and me) is having a hard time letting go, so she sends me crazy emails through my gmail (which I'm still trying to wean off of). Of course google doesn't want to miss an opportunity, so I see this just now:

Incredibly invasive, and in my opinion pretty unethical. Not to mention google was fined for posting illegal ads to obtain pharmaceuticals from Canada. The list goes on..

Not a good situation for you.

I can recommend making the break from Gmail however.  I'm really glad I did it.  Moved to an .icloud email and have never looked back.

..... the greatest fame comes from adding to human knowledge, not winning battles.
Paraphrased from Napolean Bonaparte, 1798
Reply
..... the greatest fame comes from adding to human knowledge, not winning battles.
Paraphrased from Napolean Bonaparte, 1798
Reply
post #26 of 36
Good to know! I won't be updating to iOS 8 because without a fixed MAC address, I will not be able to access the wireless network at my place of work.
post #27 of 36
Originally Posted by Ranchero View Post
Good to know! I won't be updating to iOS 8 because without a fixed MAC address, I will not be able to access the wireless network at my place of work.

 

Yeah, sorry, you didn’t read the article.

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply
post #28 of 36
I didn't know you could randomize the MAC Address. How do you guarantee unique MAC addresses on a network if every device is randomizing their MAC address. This seems to go against what MAC address was for. Of course companies seem to misuse MAC addresses.
post #29 of 36
Originally Posted by Leonard View Post
I didn't know you could randomize the MAC Address. How do you guarantee unique MAC addresses on a network if every device is randomizing their MAC address. This seems to go against what MAC address was for. Of course companies seem to misuse MAC addresses.

 

Did you read the article? This is for pinging networks to which you’re not connected, simply to establish their existence.

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply
post #30 of 36
Quote:
Originally Posted by cnocbui View Post


This:

[URL=http:/2014/06/09/ios-8-randomizes-mac-address-while-scanning-wifi-blocks-marketers-tracking-you/]http://************/2014/06/09/ios-8-randomizes-mac-address-while-scanning-wifi-blocks-marketers-tracking-you/[/URL]

This is a great feature and I applaud Apple for implementing it.
Thanks for clearing that up, although that link doesn't work for me, it just takes me to the forums' index page.

Quote:
Originally Posted by Tallest Skil View Post

Did you read the article? This is for pinging networks to which you’re not connected, simply to establish their existence.
In fairness, the article isn't explicit about that, hence my confusion earlier.
post #31 of 36
Check out "LinkLiar" on GitHub for an OS X version.
post #32 of 36
Quote:
Originally Posted by Anome View Post


Thanks for clearing that up, although that link doesn't work for me, it just takes me to the forums' index page.
In fairness, the article isn't explicit about that, hence my confusion earlier.


That would seem to be because AI are being childish and don't like links to their competitors so messed with the link.

post #33 of 36
Quote:
Originally Posted by cnocbui View Post

That would seem to be because AI are being childish and don't like links to their competitors so messed with the link.

AI is a business, loads of sites do that. Amazon won't let you put outbound links in your product reviews. If you link to a competitor, as far as Google knows, you are promoting them. If one forum promotes another, it will affect their rank in Google, which directly affects click-through revenue.
post #34 of 36
Originally Posted by cnocbui View Post
That would seem to be because AI are being childish and don't like links to their competitors so messed with the link.

 

Nope, it’s just 9to5Mac that gets blocked. Anything else is fine. Wasn’t there a profanity filter initially, too? Can’t remember anything.

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply
post #35 of 36

Denying what I said by confirming it - lol!

post #36 of 36
Originally Posted by cnocbui View Post
Denying what I said by confirming it - lol!

 

Denying that competitors get blocked, yes. Because they don’t. It’s just one website that gets blocked.

 

tuaw.com

macrumors.com

cultofmac.com

patentlyapple.com

************

 

See?

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • MAC address randomization joins Apple's heap of iOS 8 privacy improvements
AppleInsider › Forums › Mobile › iPhone › MAC address randomization joins Apple's heap of iOS 8 privacy improvements