Russell Brandom reports that a new feature in iOS 8 is set to cause havoc for location trackers, and score a major win for privacy: When iOS 8 devices look for a connection, iOS 8 will randomize their MAC address, effectively disguising any trace of the real device until it decides to connect to a network. Why are iPhones checking out Wi-Fi networks in disguise? Because there's an entire industry devoted to tracking customers through that signal. Shops from Nordstrom's to JC Penney have tried out a system that automatically logs any phone within Wi-Fi range, giving stores a complete record of who walked into the shop and when. But any phone using iOS 8 will be invisible to the process, potentially calling the whole system into question. "Now that Apple has embraced MAC spoofing, the practice of Wi-Fi sniffing may stop working entirely," says Brandom. "The result is a privacy win for Apple users and a major blow against data marketing and all it took was an automatic update."
(Score: 5, Interesting) by Anonymous Coward on Wednesday June 11 2014, @12:18PM
This change makes Apple the only party who can track the devices. Call the marketing dept during business hours and have you check book at hand... some win for privacy.
(Score: 5, Informative) by JoeMerchant on Wednesday June 11 2014, @02:29PM
If they played fair, the spoofed addresses really are random and there is no way for Apple to track them either.
Being of marginal value, Apple might actually have weighed the PR value of customer privacy higher than the value of passing tracking info to marketers.
🌻🌻 [google.com]
(Score: 2) by frojack on Wednesday June 11 2014, @05:15PM
Oh, come on, Joe, even YOU don't believe that. Apple has access to far more than a wifi mac address. (And so do the stores using this tracking technology). Phones leak their IMEI, MEID, and ICCID over the air to any and all adjacent towers and any off the shelf femtocells installed for the "customer's convienence".
Apple isn't about to play fair. This protects and extends their walled garden. Your phone will still connect to your iCloud account and a dozen social networks, and many of those are not encrypted.
If you own the wifi network, you can data mine all of that traffic that goes over that network, with nothing more than a seemingly innocuous piece of fine print on the connection page.
No, you are mistaken. I've always had this sig.
(Score: 4, Informative) by keplr on Wednesday June 11 2014, @04:12PM
They're closing this information channel because the information that iOS leaks allows tracking for free. But don't fret, retailers! You'll be happy to know that Apple already produces a replacement [wikipedia.org] that you can license.
I don't respond to ACs.
(Score: 0) by Anonymous Coward on Wednesday June 11 2014, @11:36PM
That is a misleading characterization. The ibeacon thing requires an app on the phone be looking for the beacon, its the reverse of listening for wifi MAC addresses because the ibeacon is the one broadcasting and phone is the one listening. If you don't have an app set up for that specific ibeacon's address, your phone does nothing. If you do have an app, whatever happens next totally depends on the app. The app could just passively record the fact that it saw the ibeacon's broadcast or it could go and try to connect to a website or something else crazy.
But ibecaon itself is only similar to mac address sniffing in the most superficial of ways - they both involve some kind of radio.
(Score: 3, Insightful) by Dunbal on Wednesday June 11 2014, @12:40PM
Randomizing the MAC address will not make you "invisible", it might just make you anonymous. Might.
(Score: 2) by skullz on Wednesday June 11 2014, @02:35PM
You are right but any security / privacy has to be done in layers. If you can always uniquely identify a device before the user decides to connect to the network bang, your goose is already cooked.
At least this starts to give the user the ability to opt in.
(Score: 3, Informative) by bob_super on Wednesday June 11 2014, @03:46PM
Question: Am I the only one who just turns off my phone's WiFi and Bluetooth when I'm not actively using them?
Not only does that protect me from all kinds of tracking and secret backdoors when I'm just walking down the street, but I actually like having three days of battery.
(Score: 3, Informative) by frojack on Wednesday June 11 2014, @05:26PM
Yeah, probably you are one of the few that bothers.
First, having wifi and bluetooth on (Note: this story doesn't mention changing the bluetooth Mac), really doesn't cost that much in terms of battery. Using wifi SAVES battery, because it takes less battery to power a radio that can only reach 30 meters than it does to power one that can reach 10 miles.
If you are NOT using it, wifi takes little power, and by lighting up the screen for 20 seconds to turn wifi off/on, you waste more battery than you save just walking down the street.
If you will be out for the day, it might make a difference. But I guarantee you, that an *honest* test will reveal that turning off wifi will not extend your one day battery to three days.
No, you are mistaken. I've always had this sig.
(Score: 2) by urza9814 on Thursday June 12 2014, @01:45PM
Yeah, I do the same. 8 hours a day at the office with no wifi, plus an hour total commute, when I'm home I'm mostly on my laptop not the phone. So why the heck would I *ever* turn on wifi? Plus my notifications work much better from the cell network since they don't have to navigate through multiple NAT layers. And usually even with fairly heavy usage I can get 20 hours from a full charge so that's more than enough.
Although...on my old phone (Galaxy S3) at least I noticed the wifi liked to turn itself back on all the time. I'd keep turning it off, then an hour or two later it would be on again! Not sure if my new one has been doing that too; haven't had it long enough to notice. I think it might have been this stupid battery saving app I had installed though. So much for that. Sometimes I really do wish these damn things had a 'permanently disable wifi' option though...a hardware switch for it would be fantastic.
And bluetooth...I've never once enabled that on any device I've ever owned. Never found a use for it. If given the option I'd much prefer a device without any bluetooth capability.
(Score: 5, Insightful) by Anonymous Coward on Wednesday June 11 2014, @12:46PM
They may be dropping one method of in-store tracking, but they created another, known as iBeacon:
http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html [yahoo.com]
(Score: 2) by Alfred on Wednesday June 11 2014, @01:11PM
This, very this. Disrupt the norm to sell your next bit.
This works until someone cracks the randomization, which would be a really cool trick with geek cred all over it.
Why post as AC when you are exactly right.
(Score: 3, Insightful) by VLM on Wednesday June 11 2014, @01:33PM
It works in kind of the opposite direction and requires a little cooperation.
So low energy BT lets you use a little coin cell or flashlight battery to transmit a beacon for a long time (years)
Then you need an app on the phone to listen and respond appropriately (well, appropriate as defined by the corporation, perhaps the enduser hates it but who cares about them)
You'd need an app that "everyone uses all the time". Facebook perhaps. So every time you walk past the supermarket feminine hygiene product display, a small ibeacon/BLE transmitter in the base of the display is heard by the FB app, which auto-likes your acct to the product and posts promotional ads under your name for the product.
Could be as simple as a little beacon over the doorway of a legacy brick and mortar retailer which links "social media check in functionality" so its one click or even perhaps automatic in the background.
I am not aware of any apps currently for ibeacon/BLE that aren't big brother-ish or spammy or track-y creep-y. That doesn't mean none could exist...
Anyway the TLDR is one tech uses the phone as a transmitter, the other as a receiver. Also the new tech requires practically zilch electric power, which is nice. That has certain implementation implications.
There are some BLE sensors for "smart-ish" home applications (wireless temp sensor, light sensor, etc) that range from completely open source (The TI sensor tag project) to completely proprietary. As usual the OS products actually work, and the proprietary products totally suck. The available BW is like 300 baud so you're not going to see a BLE webcam / spycam soon.. or will you?
(Score: 2) by VLM on Wednesday June 11 2014, @01:41PM
Oh and followed up based on my research interests, if you want to fool around with the host side (write apps or misterhouse interface or whatever) you want the TI sensor tag project, and if you want to fool around on the other side with weird sensors then you want the seeeeeeeeed studios arduino shield (BLE shield or something like that) and if you're not very concerned about physical size / power or compatibility with the rest of the ecosystem you can buy BLE usb dongles that are linux compatible for like $20 or less.
And other than researching and a tiny bit of screwing around thats all I have on the topic.
Notice how I didn't mention any crypto or spoofing prevention what so ever? Didn't mention any replay prevention tech? Yeah, thats exactly right. Nothing. So I can trivially in like two command lines make my house "look" on a BLE level exactly like my local Apple iStore. Crazy, huh? Hopefully nobody's ever going to rely on this for financial transactions, I mean they've never implemented security thru obscurity before LOL.
(Score: 3, Informative) by EvilSS on Wednesday June 11 2014, @03:21PM
To be fair, the user has to enable iBeacon tracking. It is not on by default.
(Score: 2, Interesting) by Urlax on Wednesday June 11 2014, @12:56PM
Can anybody explain how this tracking works?
I can't fanthom why my phone should respond to ANY WiFi AP which is not known beforehand. AFAIK, the AP broadcasts a beacon message, (with or without SSID) and the phone responds to that if it's configured to do so.
There was a bug in XP, creating an Ad-hoc network on pre-SP3 laptops, https://www.techdirt.com/blog/wireless/articles/20101011/03194311357/the-history-of-the-fake-free-public-wifi-you-always-see-at-airports.shtml/ [techdirt.com]
but that doens't affect any phone out there. so can somebody shed some light on this?
(Score: 1, Informative) by Anonymous Coward on Wednesday June 11 2014, @01:03PM
What you describe is passive discovery of access points. But there's also active discovery: The phone basically sends a message "is there any access point around here?" and the access points answer with their SSIDs.
(Score: 5, Informative) by Foobar Bazbot on Wednesday June 11 2014, @02:33PM
I think you get this, but for clarity's sake: each AP has a unique BSSID (Basic Service Set ID), which is just the MAC address of the AP. There's also the ESSID (Extended Service Set ID), which is an ASCII string up to 32 bytes. Multiple APs connected to the same wired backbone can form an ESS (extended service set) by having the same ESSID, in which case clients can roam amongst them. Note that while, technically, the ESSID of an isolated, non-ESS AP is called "SSID" rather than "ESSID", I find it more useful to call it "ESSID" in both cases, to avoid confusion with BSSID.
What you seem to think happens is to remember BSSIDs, and passively discover known networks by looking at beacons for a known BSSID, instead of (or in addition to) a known ESSID. That certainly seems possible -- although it would break roaming on an ESS, this would work fine on non-ESS configurations, including most home WLANs, where hidden-SSID is most frequently found. However, this isn't how it's normally done, because by design one procedure works for both ESS and isolated configurations, until some idiot breaks it by not broadcasting an ESSID.
Sadly, for years idiots (including some employed by manufacturers of home networking gear) have been advising people to hide ESSIDs to provide a measure of security. Not only does it provide no real security, it also breaks standard passive discovery, for which the universal solution is not bssid-based passive discovery, but active discovery by sending probes for each known ESSID (as described in a sibling post), which then becomes a privacy leak.
The worst part is, because ESSID hiding is so common, because active discovery doesn't break anything with non-hidden SSIDs, and because the incentives for OS vendors favor making everything "just work" in spite of ESSID hiding, rather than discouraging SSID hiding, we get abominations like the old ad-hoc "Free Public Wifi" nuisance, and more recently Android's "helpful" assumption that any network configured by clicking the "Add Network" icon and manually entering an ESSID (as opposed to scanning, clicking the ESSID in the list, and entering other parameters as needed) must be a hidden-SSID WLAN, and thus triggers active discovery. For people like me who, on getting a new device, attempt to manually configure a bunch of networks not currently in range (parents, friends, etc.) from a list of ESSID/key pairs, this is a major annoyance -- suddenly my tablet was spamming probes to a bunch of networks for absolutely no reason, and if I wasn't in the habit of periodically airodump-nging, I might still not know about it.
(Score: 2) by tynin on Wednesday June 11 2014, @01:23PM
Can anyone suggest an MAC spoofer for Android that would be grandma friendly (e.g. doesn't need to be a rooted phone, and just works)?
(Score: 1, Informative) by Anonymous Coward on Wednesday June 11 2014, @01:54PM
> Can anyone suggest an MAC spoofer for Android that would be grandma friendly (e.g. doesn't need to be a rooted phone, and just works)?
No. Because that level of hardware access is not available to normal android apps.
However, for a rooted phone there is pry-fi
(Score: 2) by tynin on Wednesday June 11 2014, @01:57PM
I suspected as much but haven't followed phone OSs pretty much at all. Thanks for the clarification and the pry-fi suggestion.
(Score: 2) by iwoloschin on Wednesday June 11 2014, @01:56PM
I'm not talking legality in terms of government laws (US or otherwise), but more against the governing 802.11 spec? Are you "allowed" to spoof your MAC address? We all know it can be done, otherwise this article wouldn't be here and we'd all have to hand in our nerd cards, but is it explicitly allowed?
Also, what happens when you have identical MACs show up on one network? I suspect this is unlikely, but it's possible, isn't it?
(Score: 3, Insightful) by Grishnakh on Wednesday June 11 2014, @02:34PM
It's doubtful that this is allowed per the 802.11 spec, however companies break specifications all the time for various reasons. As long as it doesn't completely break things, people usually don't complain much. Spoofing the MAC address while doing SSID scans shouldn't cause any problems technically.
(Score: 0) by Anonymous Coward on Wednesday June 11 2014, @09:19PM
802.11 is not some super secret thing, it is just paper. You can look it up. No there is nothing that requires a static MAC.
(Score: 5, Informative) by panachocala on Wednesday June 11 2014, @02:29PM
This little script gives you a new mac address every reboot. Useful for getting around the 30 minute free wifi limits at some coffee chains.
http://excid3.com/blog/random-mac-address-on-start-up-with-ubuntu/ [excid3.com]
(Score: 2, Insightful) by lajos on Wednesday June 11 2014, @03:05PM
let me fix that title for you:
"Apple Strikes a Blow Against Location Tracking That They Can't Charge $$$ For [wikipedia.org] "
(Score: 2) by davester666 on Wednesday June 11 2014, @05:11PM
really? where exactly in iBeacon does Apple start raking in the cash for it?
you don't need to pay Apple to make/deploy the iBeacon hardware [the bluetooth location broadcasting stations]
you need your app in Apple's app store, so there is the $99 fee for that
and that's it.