Slash Boxes

SoylentNews is people

posted by janrinok on Wednesday June 11 2014, @11:53AM   Printer-friendly
from the whats-in-it-for-them? dept.

Russell Brandom reports that a new feature in iOS 8 is set to cause havoc for location trackers, and score a major win for privacy: When iOS 8 devices look for a connection, iOS 8 will randomize their MAC address, effectively disguising any trace of the real device until it decides to connect to a network. Why are iPhones checking out Wi-Fi networks in disguise? Because there's an entire industry devoted to tracking customers through that signal. Shops from Nordstrom's to JC Penney have tried out a system that automatically logs any phone within Wi-Fi range, giving stores a complete record of who walked into the shop and when. But any phone using iOS 8 will be invisible to the process, potentially calling the whole system into question. "Now that Apple has embraced MAC spoofing, the practice of Wi-Fi sniffing may stop working entirely," says Brandom. "The result is a privacy win for Apple users and a major blow against data marketing and all it took was an automatic update."

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by VLM on Wednesday June 11 2014, @01:33PM

    by VLM (445) Subscriber Badge on Wednesday June 11 2014, @01:33PM (#54116)

    It works in kind of the opposite direction and requires a little cooperation.

    So low energy BT lets you use a little coin cell or flashlight battery to transmit a beacon for a long time (years)

    Then you need an app on the phone to listen and respond appropriately (well, appropriate as defined by the corporation, perhaps the enduser hates it but who cares about them)

    You'd need an app that "everyone uses all the time". Facebook perhaps. So every time you walk past the supermarket feminine hygiene product display, a small ibeacon/BLE transmitter in the base of the display is heard by the FB app, which auto-likes your acct to the product and posts promotional ads under your name for the product.

    Could be as simple as a little beacon over the doorway of a legacy brick and mortar retailer which links "social media check in functionality" so its one click or even perhaps automatic in the background.

    I am not aware of any apps currently for ibeacon/BLE that aren't big brother-ish or spammy or track-y creep-y. That doesn't mean none could exist...

    Anyway the TLDR is one tech uses the phone as a transmitter, the other as a receiver. Also the new tech requires practically zilch electric power, which is nice. That has certain implementation implications.

    There are some BLE sensors for "smart-ish" home applications (wireless temp sensor, light sensor, etc) that range from completely open source (The TI sensor tag project) to completely proprietary. As usual the OS products actually work, and the proprietary products totally suck. The available BW is like 300 baud so you're not going to see a BLE webcam / spycam soon.. or will you?

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by VLM on Wednesday June 11 2014, @01:41PM

    by VLM (445) Subscriber Badge on Wednesday June 11 2014, @01:41PM (#54122)

    Oh and followed up based on my research interests, if you want to fool around with the host side (write apps or misterhouse interface or whatever) you want the TI sensor tag project, and if you want to fool around on the other side with weird sensors then you want the seeeeeeeeed studios arduino shield (BLE shield or something like that) and if you're not very concerned about physical size / power or compatibility with the rest of the ecosystem you can buy BLE usb dongles that are linux compatible for like $20 or less.

    And other than researching and a tiny bit of screwing around thats all I have on the topic.

    Notice how I didn't mention any crypto or spoofing prevention what so ever? Didn't mention any replay prevention tech? Yeah, thats exactly right. Nothing. So I can trivially in like two command lines make my house "look" on a BLE level exactly like my local Apple iStore. Crazy, huh? Hopefully nobody's ever going to rely on this for financial transactions, I mean they've never implemented security thru obscurity before LOL.