iOS 8 Strikes an Unexpected Blow Against Location Tracking 323
schwit1 (797399) writes 'It wasn't touted onstage, but a new iOS 8 feature is set to cause havoc for location trackers, and score a major win for privacy.As spotted by Frederic Jacobs, the changes have to do with the MAC address used to identify devices within networks. When iOS 8 devices look for a connection, they randomize the MAC address, effectively disguising any trace of the real device until it decides to connect to a network.'
Apple Actually Cares About Privacy (Score:3, Insightful)
Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.
Re:Apple Actually Cares About Privacy (Score:5, Insightful)
Apple allready knows who you are and what you are doing and where you are and where you have been ...
Re:Apple Actually Cares About Privacy (Score:5, Insightful)
Correct. The only difference is that they don't like to share...
Re:Apple Actually Cares About Privacy (Score:5, Informative)
The only difference is that they don't like to share..
Yes they do, they even say so in their privacy policy: “[Apple will] make certain personal information available to strategic partners that work with Apple to provide products and services, or that help Apple market to customers.”
In fact, if you read their privacy policy, you'd realize Apple gathers up about as much personal information on users as any other big tech company. The main difference is they say they don't connect the dots.In fact, they've been and are being sued for sharing too much user data...
Personal user data big part of any technology company's business model these days. Even Apple.
http://motherboard.vice.com/bl... [vice.com]
Re:Apple Actually Cares About Privacy (Score:4, Insightful)
Thanks - I suspected that this was the case, but wasn't sure.
Location tracking stays turned off in my iOS device. A nuisance when you want a quick look at the streetmap of the area you're in.
I suspect this entire ploy is so that iBeacons can be marketed more effectively.
Re:Apple Actually Cares About Privacy (Score:5, Informative)
Location tracking stays turned off in my iOS device. A nuisance when you want a quick look at the streetmap of the area you're in.
You know you can turn it on and off selectively, yes? Allowing certain apps to use it, but others not?
Re: (Score:2)
Re: (Score:2)
GP was about GPS location tracking. ;-)
Re:Apple Actually Cares About Privacy (Score:4, Insightful)
It goes back to the other comments, while others cannot track you. That doesn't mean Apple isn't doing the collecting themselves and selling it off, or being requested by the FBI, NSA to give up what they have.
This makes for a pointless argument. Essentially you are saying that turning tracking off completely somehow gets respected, but turning it off selectively somehow doesn't. That makes absolutely no sense. If they want to sell you out, it doesn't matter how you disable tracking.
Re:Apple Actually Cares About Privacy (Score:4, Insightful)
This is nothing more then PR twisting, by a company that is suspected of willfully working with spying/law enforcement agencies.
To me to have the press sit there an report this without highlighting the companies past and current data collecting activities is misleading the public into thinking they are somehow safe, or just to give people a false sense of security as a way to sell more phones then your competitor.
First, *every* US company is suspected to work together with the NSA. So Apple isn't worse off in that regard.
Second, this feature is not about avoiding the NSA. The spooks can just utilize the cell network to track you. This feature is about *everyone else* trying to track you. Because, you know, not everyone is able to spoof a cell tower. But everyone *is* able to put up a WiFi hotspot.
Third, *of course* this is about selling more devices. And what's wrong with trying to make money by offering something actually useful?
Re: (Score:3)
When I first saw this I thought "finally Apple has given folks a good reason to shell out the extra cash. Now if they were only waterproof and shock resistant like my cheap Kyocera..."
I keep location services shut off as well, but on my phone turning it on or off is just a swipe and a touch. And it's extremely annoying that apps with no real use except stalking me keep nagging me to turn it on. It's why I refuse to upgrade my TuneIn app, the upgrade wants my address book! WTF? Stupid developers writing stup
Re:Apple Actually Cares About Privacy (Score:5, Informative)
They don't connect the dots for everybody for free. Become a strategic partner (that is: find a way to bring them more money) and they'll be happy do connect the dots for you. So don't be naive: Apple cares about its customers only when it can turn that care into profit.
BTW, this app [google.com] does the same on a rooted Android device.
Re: (Score:2)
BTW, this app [google.com] does the same on a rooted Android device.
Thank you, thank you, thank you! Mod this up!
Re: (Score:2)
BTW, this app [google.com] does the same on a rooted Android device.
Thank you, thank you, thank you! Mod this up!
Replying to my own post. This app is also available on the 1Mobile Market.
Re:Apple Actually Cares About Privacy (Score:5, Informative)
Apple doesn't care as much about profit after the fact because they got 45% off of you as soon as you bought their phone.
Even if you turn off every function on your phone--including the phone--and kept it in airplane mode the whole time like some sort of absurdly expensive iPod, Apple already made a profit.
Apple cares about your privacy insofar as it allows them to put a bullet-point on the box that they can use to distinguish themselves from Google's model. Google needs information to make a profit. They make virtually no money off of Android itself; that's why buying a Nexus is so cheap.
Essentially, Apple can afford to be stingy with information, and can afford for YOU to be stingy with YOUR information. Google can't.
I'm sure Apple will turn your information into profit if it can, don't get me wrong. But it's not their primary business model. As long as the phone costs a lot of money, you can count on them being less interested in what you have to offer after the sale.
Re:Apple Actually Cares About Privacy (Score:4, Interesting)
I'm sure Apple will turn your information into profit if it can, don't get me wrong. But it's not their primary business model. As long as the phone costs a lot of money, you can count on them being less interested in what you have to offer after the sale.
In other words, you are Apple's customer. You are Google's product.
Re:Apple Actually Cares About Privacy (Score:4, Interesting)
Apple's falling out with Google over Maps was about GOOG wanting more data and Apple not wanting them to gather it.
Re: (Score:3)
Re: (Score:2)
Apple is fine with gathering the data, and sharing it, they just want to sell it themselves.
Re: (Score:3)
There's two sides to every disagreement.
Apple wanted turn-by-turn. Google, IN EXCHANGE FOR PROVIDING THAT SERVICE, wanted more control and data.
Re:Apple Actually Cares About Privacy (Score:5, Informative)
Privacy Policy
Your privacy is important to Apple. So we’ve developed a Privacy Policy that covers how we collect, use, disclose, transfer, and store your information. Please take a moment to familiarize yourself with our privacy practices and let us know if you have any questions.
...
Disclosure to Third Parties
At times Apple may make certain personal information available to strategic partners that work with Apple to provide products and services, or that help Apple market to customers. For example, when you purchase and activate your iPhone, you authorize Apple and your carrier to exchange the information you provide during the activation process to carry out service. If you are approved for service, your account will be governed by Apple and your carrier’s respective privacy policies. Personal information will only be shared by Apple to provide or improve our products, services and advertising; it will not be shared with third parties for their marketing purposes.
Service Providers
Apple shares personal information with companies who provide services such as information processing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. These companies are obligated to protect your information and may be located wherever Apple operates.
Others
It may be necessary by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence for Apple to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party.
Re: (Score:3)
Re: (Score:2)
They like to share with people who shove enough money into their hands. It's the same as with the rest of their OS, which is a hodgepodge of features designed to funnel business to specific partners. Apple "cares about your privacy" in the same sense that a pimp cares about the virginity of his ladies: their customers should be able to enjoy the illusion of it.
Re: (Score:3)
They like to share with people who shove enough money into their hands.
Care to name just one?
Re:Apple Actually Cares About Privacy (Score:5, Interesting)
Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.
No, this is about 3rd parties tracking you - it means your iPhone does not provide its MAC address to the network(s) it has found. This never had anything to do with Apple tracking you nor does not stop Apple from keeping tabs on what networks you have identified while looking for a connection.
Re: (Score:2, Insightful)
True. But I think the point is that Google's business plan depends on 3rd parties. It's not exactly a good comparison, but this is one more example of Apple's positive protection of customer's privacy againsts Google's equal number of negative examples.
Re:Apple Actually Cares About Privacy (Score:4, Insightful)
More specifically this is about 3rd parties tracking you, without paying Apple.
All this does is close up the tracking options that compete with Apple's tracking options.
As for Google, I suspect we'll see this happening on Android phones soon enough as MAC tracking competes with Google as well.
Re: (Score:2)
Re: (Score:2)
iBeacons is just one small part of what they do. Apple's devices (like everybody else's) constantly determine your location, and unless you're very careful about disabling it, transmit it. Whether this bothers you or whether it should bother you is another question, but it is happening.
Re: (Score:2, Informative)
They actually don't. CoreLocation does not operate unless an app has requested it. If it does operate, it doesn't send anything to apple unless you specifically opted in. If you did specifically opt in, it sends anonymised, randomised data, rather than actually tracking you.
Re:Apple Actually Cares About Privacy (Score:5, Insightful)
really? I know they were roundly accused of this with no evidence ever provided other than a bug which caused excessive *local* retention of location data. Interestingly, it came out at about the same time that *google* was in fact shipping the location data back to the mothership (something Apple doesn't do) with no retention limits evident.
As a company, Google *depends* on eliminating privacy -- it is the source of their revenue. Apple depends on hardware sales. So while they make some money by selling aggregated data (and try to foist obnoxious things like itunes radio on their users) that is not actually their core business nor a significant part of their revenue stream. When Apple advertised an earlier incarnation of icloud as being better privacy they didn't call out Google specifically -- they didn't need to. The people who cared already knew who they are talking about.
But somehow Apple is the anti-privacy company and google is okay. I never understand the fanboys.
If you want to bust on Apple, great, I'm all for it. Just bust them on things they are actually guilty of and don't try to misrepresent them. They've definitely done some bad things, but strangely they don't seem to get beat up for things they've really done (or the issue is misrepresented).
What I'm saying is that while it may be fun to trot out things like the "640K should be enough for everyone" to bust on Bill Gates that is an urban myth and he never said it. Instead, bust on him for things that he *did* do (like hire someone else to pirate CPM). Same for Apple and Jobs (I just have a somewhat better memory for the Microsoft end of things, hence using MS-centric example).
Re: (Score:2)
Apple's devices (like everybody else's) constantly determine your location, and unless you're very careful about disabling it, transmit it.
Source please. Otherwise this is just FUD.
iOS devices determine your location if you agreed to at least one app using that information. The device also doesn't transmit this information. An app might if you opted in to location tracking. For something like "find my friends" that's kind of the point, you know.
(Of course, *every* active cell phone can be tracked by the cell phone network. But I don't think that's what you were referring to.)
Re:Apple Actually Cares About Privacy (Score:5, Informative)
No, it still provides your MAC to the network. Doing otherwise would break things - static DHCP reservations for one. It means the iPhone won't provide its MAC address *until* it finds a recognised network to connect to - it won't be broadcasting it constantly while you are out traveling or shopping.
Umm, no (Score:4, Informative)
It actually randomised the MAC address. Its been a long time since MACs were burnt into ROM and couldn't be changed. On Linux you can do it using ifconfig or one ioctl() in C.
Re:Umm, no (Score:4, Informative)
RTFA, It only randomizes on scan and goes back to the original MAC address when it connects.. You are correct that it is easy to change the MAC address, but that doesn't change the fact that randomizing the mac address on connect would break things like DHCP reservations or MAC based white lists.
Re: (Score:2)
Of course, they could randomize except when connecting to selected networks.
Re: (Score:2)
But trying to sidestep the fundamentals of the network design isn't a wise choice. Using a random MAC when scanning doesn't matter except for someone tracking devices by their MAC identifier. Using a random one when _connecting_ to a network could lead to problems...
Re: (Score:3)
"Using a random one when _connecting_ to a network could lead to problems..."
Never caused me any problems. I have a script that randomizes the wlan0 MAC address on my netbook for when I'm staying in hotels. Stops them tracking me between different locations.
Re: (Score:2)
that isn't very hard. I have no special information and haven't read TFA, but presumably they select an Apple prefix and use an algorithm to generate the rest. It'll actually be pseudo-random, but that isn't a particularly relevant distinction as very few systems have true random number generation and approximate it by collecting entropy from various sources to see the algorithm.
Given the large space represented by just Apple prefixes, the odds of a collision are incredibly small. If they used other prefixe
Re:Apple Actually Cares About Privacy (Score:4, Informative)
Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.
I would be more optimistic if it weren't for the fact that Apple went and deliberately developed "iBeacon [wikipedia.org]", more or less deliberately designed for every sort of horrid 'location based service' and 'relevant offer' crap in the book.
Architecturally, hunting for wifi networks with a spoofed MAC is a good idea; but it sure does look like Apple is cutting an attempt to track their phones the non-blessed way off at the knees, even as they actively provide a blessed way of doing it.
In the same way, they cracked down on apps that used phone serial numbers, IMEIs and similar; but then built an "advertising identifier" right into their OS.
They want to be sure that you find the experience of being sold tasteful and unobtrusive; but they aren't actually your friends, nor do they consider your hardware purchase to be sufficient to exempt you from being the product.
Re:Apple Actually Cares About Privacy (Score:5, Informative)
You make a good point. However, iirc, a user can completely diasable their iPhone's from repsonding to iBeacons. So even under the "blessed" way, a customer's privacy is still within their personal control.
Re: (Score:2)
well, to do so means turning off Bluetooth, which sucks because I hate using corded headphones.
And iBeacon hardware can trivially also work the same way as wifi tracking, by just tracking the bluetooth id your phone is emitting all the time instead. it's unique to your phone and can be used to pin down the phones location quite precisely.
while iBeacon itself is quite benign if you just don't download/authorize the stores app to get the iBeacon messages, I'm sure larger stores will spring the extra couple o
Re: (Score:3)
AFAIK, you can't see the source for Google apps like Play Store, Maps etc, tough. Maybe not even for the launcher. I don't know what's part of AOSP and what's a Google add-on, these days. My point being that, for reaping the benefits of being able to see the source code, you must be able to see it all. Unless you have root access and can manage permissions on a per-app basis directly via the base, open OS. That's not Android's case, though - at least not by default.
Google is no better/worse than Apple (Score:4, Insightful)
With Android, you can see the source code
And you've seen the source code for the Android device in your hand? Right. Didn't think so. Hell, even if you compiled it yourself I seriously doubt you looked. Furthermore 99.9999% of people wouldn't have the foggiest idea where to find the relevant bits of code even if they did have the source code. Which they don't. And even if they did they certainly don't have time to review all the code themselves. I'm as big a supporter of open source as anyone here but I'm under no illusion that it protects me from a company like Google.
Google isn't trying to hide anything from anyone, unlike Apple.
If you believe that I have some property I'd like to sell you. Just because they have a cute motto about not being evil doesn't mean much. Google is no better than Apple when it comes to collecting and selling information about you. They are an advertising company and that is how they make their money. They may not sell all your specific information to specific buyers but they definitely are using that information to make money. And if you think they aren't hiding anything just try waltzing into their headquarters and snooping around sometime. Tell me how that goes for you.
Re: (Score:3, Informative)
Re: (Score:3)
Big difference iBeacon needs to be enabled per app, the user has control! Here the user was scanned without their consent, this new privacy feature is awesome.
It's better than that. For every set of iBeacons, you have to specifically download, install and run an app that reacts to that iBeacon, or nothing will happen at all. The beacons themselves have no hardware to receive any data from the device. On stackoverflow.com you will find people asking all the time how to receive data from _any_ beacon, and are surprised when they are told there is no API for that.
Re:Apple Actually Cares About Privacy (Score:5, Informative)
Apple went and deliberately developed "iBeacon"
Which works by Bluetooth, not WiFi, and it's basically a Bluetooth broadcaster. Also, it is opt-in.
In the same way, they cracked down on apps that used phone serial numbers, IMEIs and similar; but then built an "advertising identifier" right into their OS.
That you can opt out of [osxdaily.com].
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
Proof?
APL has been caught lying so many times, I'd like to see someone else do an in depth analysis proving that it is impossible.
Log in, then maybe someone will provide some.
Otherwise, why bother?
Re:Apple Actually Cares About Privacy (Score:4, Insightful)
It is true.
The reason is that for Apple, you are the customer. For Google, you are the product, because its customers are the advertisers.
Re: (Score:2)
Re: (Score:2)
I refer to my reply to the other guy. Sure, one-liners always simplify facts, but in this case, it's pretty clear cut.
How is a paying customer the product? (Score:2)
Re:How is a paying customer the product? (Score:5, Informative)
When I buy a Google/ASUS co-branded Nexus 7 tablet from Google Play Store, how am I not the customer?
Google mades a bit over $14 billion revenue. Just under $13 billion of that is from advertisement.
Apple makes the vast majority of its $54 billion revenue on hardware, a small part ($4 billion) on software and iTunes sales and its advertisement revenue is so small it vanishes somewhere under "services" and I couldn't quickly find a number for it.
Ask yourself which company is more likely to sell out your data to advertisers. The one that makes 90% of its money from them and 10% from you, or the one that makes 98% of its profits from you and 2% from them.
Re: (Score:2)
Re: (Score:2)
they care about hiding potential profits from it from other people.
while breaking standards.
they'll still keep a list of where you've been on the phone..
Re: (Score:2)
they'll still keep a list of where you've been on the phone..
Settings -> Privacy -> Location Services -> System Services -> Frequent Locations -> Off
There are several good privacy related options in there.
Re: (Score:2)
They don't really care about your privacy, they care about knowing more about you than their competitors do.
Re: (Score:2)
You don't use 802.1x and mac filtering at home?
I imagine that most people don't. What percentage of home APs support 802.1x, especially integrated modem/router/APs provided by local DSL, cable, or fiber ISPs?
but changing MAC is like filing serial# off a car! (Score:5, Interesting)
At least according to the prosecutors who went after Aaron Swartz. His laptop got locked out of a network so he changed the MAC address with the built-in MacOS GUI utility and they said that was like filing the serial number off a car. Now all iphones are going to change it randomly during network scan? OMG, that's like a car that files off its own serial number every time you go around the block! Alert the authorities!!!!! Sigh.
Re: (Score:3)
Most laws, except negligence statuettes, have an intent clause. In Schwartz's case it would have been easy to show that his intent was to circumvent being kicked off the network. Randomizing during search can easily be shown as an intent to remain anonymous.
Lack of intent (Score:5, Insightful)
In your example, the prosecutors were able to argue that deliberately using a utility to intentionally change your MAC address was akin to taking steps to file off the serial numbers of a car. This is because Aaron intended to change his MAC address and deliberately took steps to effect the change.
If future iPhones automatically change their MAC address, on their own, without any intervention by their user, where is the crucial element of acting with intent or deliberation?
It is far too soon to cry wolf.
Re: (Score:2)
You are close but the intent issue is not in the act but in what the act was intended to do. It was not the fact that he used a utility to intentionally change his address but that he changed his Mac address with the intent of getting around his being kicked off the network. For example I could draw a dollar bill and use it to buy something as long as I am clear that it is a drawing and not a real bill. I do not "intend" to pass the bill as real money. This is why Boggs [wikipedia.org] has never been convicted of counterfe
Re: (Score:2)
It's not about intent at all - a MAC address is simply meaningless! A car's serial number is something that is officially alotted, and has all sorts of codified repercussions. A MAC address is simply a number. Prosecutors arguing that changing your MAC address is akin to filing off a car's serial number, are like those that argued that etoy.com had a .com address and therefore was meant to be using in the US only: a complete fabrication intended to pull the wool over the judge's eyes!
MAC address blocks (Score:3)
It's not about intent at all - a MAC address is simply meaningless! A car's serial number is something that is officially alotted
IEEE disagrees with you to an extent. It is the registration authority for blocks of 16.7 million MAC addresses [ieee.org].
Re: (Score:2)
do yourself a favor and don't ever try to represent yourself in a legal setting. Get a lawyer and follow their advice.
In BLE (Bluetooth Low Energy) it's standard. (Score:3)
but changing MAC is like filing serial# off a car! At least according to the prosecutors...
Not any more. The Bluetooth Sig just spent four years in heavy sessions to plug the privacy leak from the MAC address tagging every packet with a device "serial number". This was rolled out in Bluetooth 4.0, especially in the Bluetooth Low energy addition.
If the option is turned on, the "MAC address" that labels the packets is pseudo-randomly chosen and constantly mutating. If the other device trying to communic
Re: (Score:3)
At least according to the prosecutors who went after Aaron Swartz. His laptop got locked out of a network so he changed the MAC address with the built-in MacOS GUI utility and they said that was like filing the serial number off a car. Now all iphones are going to change it randomly during network scan? OMG, that's like a car that files off its own serial number every time you go around the block! Alert the authorities!!!!! Sigh.
Sad that you don't understand enough about how WiFi works. There are two phases: In the first phase your device detects routers around it. In that phase, it must give out an MAC address so that the router can respond, but the MAC address is completely irrelevant. And no WiFi router will block out anyone during that discovery phase. The second phase is the connect phase, and in the connect phase, the device does indeed give its own MAC address.
In other words, what you are saying is complete bullshit.
Good. (Score:2)
Security (Score:2)
When it connects it uses the real MAC address so MAC filtering will work.
Re: (Score:2)
Unless your access point is hidden and doesn't respond to MAC's it doesn't know about. The iPhone will never find the network it's looking for.
Re: (Score:2)
Why would you be scanning for a hidden network? If you know where the network is, no scanning is needed.
Re:Security (Score:4, Insightful)
Uh, yeah. MAC filtering will work as well as it ever works, which is to say providing no more than the illusion of security.
What this does accomplish, though, is a real measure of somewhat increased privacy.
Re: (Score:2)
Not true. MAC filtering is easily subverted if there is a device nearby already connected, and if the attacker is willing to spend some minutes looking over dumps. It's pathetic security, but it's still better than none at all, as the extra time taken can hold of opportunistic hackers. There's still no good reason to use it, though.
Re:Security (Score:5, Insightful)
Not, crappy security is not better that no security. When users know there's no security, they may be slightly cautious. If they belive there's security in place, they might let their guard down, so this false sensation of security is actually a bad thing.
all kinds of ways to track people (Score:2)
How about malfunctioning devices? (Score:2)
Re: (Score:3)
Say thank you to the advertisers who make such crap necessary.
Yes, technologically, it would be much better if we didn't have to do things like this. Spam filters and RBLs and greylisting make debugging e-mail delivery problems hell as well. But you can't have working e-mail without them, because if you try, you get flooded by spam.
Same thing. Yes I agree technologically it would be better to not have to do this. Unfortunately, we have to.
Re:How about malfunctioning devices? (Score:4, Insightful)
Your enterprise networks gets crashed by a [broken?] device that scans for availabe wireless networks?
Looks like your enterprise network has some very serious issues you'll want to look into asap!
Re: (Score:2)
It was actually Apple on the first version of the iPhone with the Cisco systems. However, it was when the device was actually connected to the network, not in broadcast mode to discover networks.
I forget it the root cause was later traced to Cisco or Apple.
Re: (Score:2)
If your network can be crashed by a device not connected to it, but broadcasting packets with its MAC address spoofed for the purposes of compliance with 802.11 specifications then you have a real problem.
Once the device authenticates with and connects to your network, it broadcasts it's real MAC address.
The only thing I can see this messing up other than user tracking is using net stumbler to see who/what is in your area. Hopefully they don't use MAC addresses outside of their legitimate manufacturer IDs
Re: (Score:3)
They will use locally administered MAC addresses (you know, those with the 7th bit set to 1 instead of the traditional 0) which are not assigned to any manufacturer. (source: image in the twit)
Users should start asking for privacy (Score:2)
The adoption of measures protecting privacy depends on user demand. Online commerce has been considered safe enough for years yet exchanging an email or having any online activity is completely unprotected. I was always surprised by lack of interest from users. Maybe the younger users, if they are not yet addicted to making all their life public on facebook et al would put some pressure for simple technical solutions that guarantee a basic level of privacy. Obviously, I don't expect complete protection agai
There's an obvious response (Score:2)
Stores and malls that want to track you still have options - perhaps the most obvious one is to offer free wifi to their customers. Which is probably a win-win situation, although most users probably won't realise that part of the price of the "free" wifi is that they get tracked until they tell their device to forget the network again. There might be some subtle biases introduced into the data captured by this method if some kinds of customer are more likely to accept the offer of free wifi than others,
Apple would sell the tracking info (Score:2, Interesting)
Random or pseudo-random? (Score:4, Funny)
master random list (Score:2)
useless; who writes this crap? (Score:3, Insightful)
The point is that there are many networks out there pinging for MAC addresses that the user DOESN'T connect to.
Re:useless; who writes this crap? (Score:5, Informative)
The point, obviously, is that you can't be identified by the access points you don't connect to.
Of course you're traceable once you've connected; how else could you stay connected and get traffic to your device?
Re: (Score:2)
Re: (Score:3)
Don't say that like it is a bad thing. I *want* my devices to have predictable identities because that is how the home router knows what IP address to hand out. Same thing at work. Also understand that a repeatable MAC only links sessions locally: your MAC address is not advertised to the internet.
Now, what would be nice would be an option to only use the assigned MAC when associating to selected networks. E.g., home, work, a friend's, etc., but by default use a randomly generated MAC. The hotels I've been
Re: (Score:2)
no, that's just one of the reasons I don't have one (little utility traded for a lot of work maintaining and securing the thing).
Re: (Score:3)
that's just it people don't turn off wifi but companies like nordstrom run monitoring software. so whenever you enter their store they know how long you were there, what parts of the store you visited, and how often you come visit. I am surprised more companies aren't doing this as it is a quick way to track customers.
What apple has done is made this method of tracking useless. instead they will be forced to use ibeacon type technology which uses bluetooth. It also provide more accurate tracking as blu
Re:This is worthless. (Score:4, Informative)
I think you are confusing standards with the real world.
Your device is constantly beaconing to the entire world around it, what networks it knows - and it will often quite happily connect to annyone claiming to be that home network, enabling for all sorts of fun snooping attacks.
Go lookup creepyDOL network and the presentation for same from Def Con.
Re: (Score:3)
Your device has to beacon continuously if you have ANY hidden networks otherwise it won't find them. At least not until it takes GPS location into account to determine if it should be broadcasting to hidden SSIDs.
In other words, any device has a hidden network in its list is always looking. Not to mention that mobile clients DO probe in order to find known networks more quickly than waiting for the WAP beacon.
Re: (Score:3)
Why keep Wifi on? It never seems to work well for me. When I did try to use it the data connection would constantly sever and sometimes cause whatever app I'm using to get angry. Furthermore at my house my Wifi is much slower than my mobile connection. Even though I have a data cap (Verizon) I never exceed the cap without Wifi. I also save some battery by keeping it off.
Wish I had mod points for the above.
I disable my WiFi until I'm somewhere I want to use it. The only people that can track me are my cell provider and those people within range of a WiFi network I want to connect to.
Re: (Score:2)
Ahrem.. and anyone listening for your cell signal or any other electronic device you have, that will happily ping away its presence. Good for you for turning off WiFi, but trust me, it's not the only thing bad guys and good guys will be listening for. NFC, RFID, BT - if its broadcasting, someone will be trying to pick it up.
(Yes, it is indeed close to impossible to listen in on your conversation, but the fact that your phone is communicating with a tower means there is a signal that can be fingerprinted to
Re: (Score:2)
Oops. The quality of poster on Slashdot is going down. Read the article. The real mac address is used once you attempt to join a network. Its only whilst the device is looking for networks that the randomised MAC is used. It won't impact DHCP leases etc.
Re: (Score:2)