Private Mac addresses in IOS14

JKnott · Sep 18, 2020, 9:46 PM

I just checked my Pixel 2 with my guest SSID and see it does use a random MAC for new SSIDs. However, anything I had set up on previous phones uses device MAC. I hadn't even known about that setting.

stephenw10 · Sep 19, 2020, 1:06 AM

Ah that's good to know.

It was also unclear if it does this now by default on either OS but I think it does.

Steve

JKnott · Sep 19, 2020, 1:08 AM

@stephenw10

My Pixel 2 with Android 10 has it, but not my Asus tablet with Android 7. Random is default, except for previously configured connections. So, any that were inherited from my Nexus 5 use the device MAC.

Vollans · Sep 20, 2020, 7:14 PM

@stephenw10 said in Private Mac addresses in IOS14:

It was also unclear if it does this now by default on either OS but I think it does.

It certainly turned on by default on my iPad Pro and iPhone 11 Max.

NollipfSense · Sep 20, 2020, 7:14 PM

@Vollans said in Private Mac addresses in IOS14:

@stephenw10 said in Private Mac addresses in IOS14:

It was also unclear if it does this now by default on either OS but I think it does.

It certainly turned on by default on my iPad Pro and iPhone 11 Max.

I upgraded last night just to see what's about ... seems like much to do about nothing even if turned on by default.

johnpoz · Sep 21, 2020, 1:55 AM

Yeah not sure who it would cause headache for - other than someone that doesn't under how dhcp reservations work..

So it turned it on for networks your phone had already been connected too?

JKnott · Sep 21, 2020, 1:55 AM

@johnpoz said in Private Mac addresses in IOS14:

So it turned it on for networks your phone had already been connected too?

My understanding is it picks a new random MAC when connecting to a new SSID. It shouldn't change when you connect again.

Vollans · Sep 21, 2020, 2:01 AM

@johnpoz yes, my pre-existing learnt networks have it switched on automatically. For me, that's not a problem.

Derelict · Oct 3, 2020, 7:50 PM

Apple seems to have a pretty good POLA violation on their hands here, IMHO. Considering it uses the same MAC address every time it connects to the same network it shouldn't break things like Captive Portals or DHCP pools. But static mappings, etc will certainly break.

The user should have at least been asked if they want new MAC addresses for existing networks, while the blank stares at the screen from the majority would be funny to montage.

johnpoz · Oct 3, 2020, 7:57 PM

@Derelict said in Private Mac addresses in IOS14:

The user should have at least been asked

Yeah no shit ;) First thing I had to go and turn off on my 3 apple devices as I updated them to 14 the other day.. Not a peep from the thing that it was doing this..

Why do these OS makers continue to treat their users like idiots.. The last sort of thing that was pissing me off is windows with its update to 2004.. Just saying your machine is not ready -- well why and the F not?? Clearly you know why its not updating, because your not letting it... But what is the specific reason.. So possible it can be corrected.

Finally had to just do a freaking clean install.. Works fine..

Derelict · Oct 3, 2020, 7:59 PM

@johnpoz said in Private Mac addresses in IOS14:

Why do these OS makers continue to treat their users like idiots..

JKnott · Oct 4, 2020, 1:25 AM

@johnpoz said in Private Mac addresses in IOS14:

Why do these OS makers continue to treat their users like idiots..

Maybe because they bought iPhones. <ducking>

With Android, it appears to generate a random MAC when first connected to an SSID and then use it for all future connections.

NogBadTheBad · Oct 4, 2020, 10:21 AM

@JKnott said in Private Mac addresses in IOS14:

@johnpoz said in Private Mac addresses in IOS14:

Why do these OS makers continue to treat their users like idiots..

Maybe because they bought iPhones. <ducking>

With Android, it appears to generate a random MAC when first connected to an SSID and then use it for all future connections.

LOL no ****, it’s in the interest of Google to be able to track you by MAC address when ever you join a Wi-Fi network if the MAC stays consistent per SSID they are sorted.

stephenw10 · Oct 4, 2020, 11:19 AM

Both Android and iOS appear to do the same for new networks; use a random MAC but that keep using that for re-connections to that same network.
The only thing that seems unclear is their behaviour when connecting to already known networks.
It seems iOS is using a random MAC there too potentially breaking stuff.
Android seems to retain the real MAC for existing networks as reported above.

Steve

JKnott · Oct 4, 2020, 12:48 PM

@stephenw10

Yes, when I got my Pixel 2 and synced it to my previous phone, it also received my WiFi connections. They use the hardware MAC. A connection I set up a couple of weeks ago uses the random number.

AKEGEC · Oct 4, 2020, 4:25 PM

It is so funny to see some Netgate forum members always bring up TIN FOIL HAT every time someone asks or says about privacy & security.

@bcruze, Mac Private address is just a layer of security. The same as T2 chip and read-only system volume in Catalina. Apple is aware that their previous devices were easy target for hacking. Not to mention the leaking on intel chip issue.

Oct 4, 2020, 5:06 PM

Security and Privacy are not the same thing. Just saying...

AKEGEC · Oct 5, 2020, 1:26 PM

@jwj said in Private Mac addresses in IOS14:

Security and Privacy are not the same thing. Just saying...

Let me explain the differences between them;

Security = Protection of a person, building, organization, or country against threats such as crime or attacks.

Privacy = Someone's right to keep their personal matters and relationships secret.

Everyone has the right for security and privacy.

Oct 5, 2020, 2:31 PM

@AKEGEC

Interested in your thoughts about things like:

Random MAC addresses may prevent you being identified across public WIFI networks (at the mall or airport, in whole foods) but that is small comfort when your cell service provider is handing over location data in bulk, with little or no legal process, to any interested party.

Targeted exploits are rare. The bad actors don't care about you unless you are a celebrity or other notable individual. It's much more likely, however, that you will get caught up in an exploit of some widely used service or device. It's not personal ;)

Risk vs Benefit. It shouldn't be as hard as it is to work that analysis through. It's understandable that a lot of people spend at least some amount of time in tin foil hat territory.

I've been intentionally vague to facilitate conversation. Of course I would prefer to not have Amazon ~~forcing~~ preventing me from using my cell providers network while in Whole Foods AND my cell provider to not be coughing up my location data.

I'm certain that I do regularly suffer from cognitive distortions and well informed conversation is the best way to mitigate that.

Derelict · Oct 5, 2020, 2:01 PM

@jwj said in Private Mac addresses in IOS14:

Of course I would prefer to not have Amazon forcing me onto their network in Whole Foods

Forcing?