Private Mac addresses in IOS14

JKnott

@johnpoz said in Private Mac addresses in IOS14:

So it turned it on for networks your phone had already been connected too?

My understanding is it picks a new random MAC when connecting to a new SSID. It shouldn't change when you connect again.

Vollans

@johnpoz yes, my pre-existing learnt networks have it switched on automatically. For me, that's not a problem.

Derelict

Apple seems to have a pretty good POLA violation on their hands here, IMHO. Considering it uses the same MAC address every time it connects to the same network it shouldn't break things like Captive Portals or DHCP pools. But static mappings, etc will certainly break.

The user should have at least been asked if they want new MAC addresses for existing networks, while the blank stares at the screen from the majority would be funny to montage.

johnpoz

@Derelict said in Private Mac addresses in IOS14:

The user should have at least been asked

Yeah no shit ;) First thing I had to go and turn off on my 3 apple devices as I updated them to 14 the other day.. Not a peep from the thing that it was doing this..

Why do these OS makers continue to treat their users like idiots.. The last sort of thing that was pissing me off is windows with its update to 2004.. Just saying your machine is not ready -- well why and the F not?? Clearly you know why its not updating, because your not letting it... But what is the specific reason.. So possible it can be corrected.

Finally had to just do a freaking clean install.. Works fine..

Derelict

@johnpoz said in Private Mac addresses in IOS14:

Why do these OS makers continue to treat their users like idiots..

JKnott

@johnpoz said in Private Mac addresses in IOS14:

Why do these OS makers continue to treat their users like idiots..

Maybe because they bought iPhones. <ducking>

With Android, it appears to generate a random MAC when first connected to an SSID and then use it for all future connections.

NogBadTheBad

@JKnott said in Private Mac addresses in IOS14:

@johnpoz said in Private Mac addresses in IOS14:

Why do these OS makers continue to treat their users like idiots..

Maybe because they bought iPhones. <ducking>

With Android, it appears to generate a random MAC when first connected to an SSID and then use it for all future connections.

LOL no ****, it’s in the interest of Google to be able to track you by MAC address when ever you join a Wi-Fi network if the MAC stays consistent per SSID they are sorted.

stephenw10

Both Android and iOS appear to do the same for new networks; use a random MAC but that keep using that for re-connections to that same network.
The only thing that seems unclear is their behaviour when connecting to already known networks.
It seems iOS is using a random MAC there too potentially breaking stuff.
Android seems to retain the real MAC for existing networks as reported above.

Steve

JKnott

@stephenw10

Yes, when I got my Pixel 2 and synced it to my previous phone, it also received my WiFi connections. They use the hardware MAC. A connection I set up a couple of weeks ago uses the random number.

AKEGEC

It is so funny to see some Netgate forum members always bring up TIN FOIL HAT every time someone asks or says about privacy & security.

@bcruze, Mac Private address is just a layer of security. The same as T2 chip and read-only system volume in Catalina. Apple is aware that their previous devices were easy target for hacking. Not to mention the leaking on intel chip issue.

A Former User

Security and Privacy are not the same thing. Just saying...

AKEGEC

@jwj said in Private Mac addresses in IOS14:

Security and Privacy are not the same thing. Just saying...

Let me explain the differences between them;

Security = Protection of a person, building, organization, or country against threats such as crime or attacks.

Privacy = Someone's right to keep their personal matters and relationships secret.

Everyone has the right for security and privacy.

A Former User

@AKEGEC

Interested in your thoughts about things like:

Random MAC addresses may prevent you being identified across public WIFI networks (at the mall or airport, in whole foods) but that is small comfort when your cell service provider is handing over location data in bulk, with little or no legal process, to any interested party.

Targeted exploits are rare. The bad actors don't care about you unless you are a celebrity or other notable individual. It's much more likely, however, that you will get caught up in an exploit of some widely used service or device. It's not personal ;)

Risk vs Benefit. It shouldn't be as hard as it is to work that analysis through. It's understandable that a lot of people spend at least some amount of time in tin foil hat territory.

I've been intentionally vague to facilitate conversation. Of course I would prefer to not have Amazon forcing preventing me from using my cell providers network while in Whole Foods AND my cell provider to not be coughing up my location data.

I'm certain that I do regularly suffer from cognitive distortions and well informed conversation is the best way to mitigate that.

Derelict

@jwj said in Private Mac addresses in IOS14:

Of course I would prefer to not have Amazon forcing me onto their network in Whole Foods

Forcing?

A Former User

@Derelict said in Private Mac addresses in IOS14:

@jwj said in Private Mac addresses in IOS14:

Of course I would prefer to not have Amazon forcing me onto their network in Whole Foods

Forcing?

Yup. They block cell signals. I've never been able to get a cell signal inside a Whole Foods. If you want to use your prime account you have no choice but to use their wifi network. So, point taken, I could just pay full price and not access their network.

I'm not a RF engineer but it appears to be passive blocking (faraday cage). Step outside the building and I get a full strength signal.

johnpoz

I don't really recall noticing this last time I was in a whole foods.. Last time was before covid.. Quite often stop at their in store taverns.. Tuesday's is 2$ bottle and can day at their instore bars.. And they normally have a decent selection..

So stop there after work many a tuesday for couple of cold ones ;)

But sure it behooves stores like this to control your internet access while your in the store, can prevent you from doing price compares, etc. Or atleast make it way more difficult - since hey odd how you can't get to store xyz site while on the whole foods wifi ;)

Problem could also be cell coverage in the middle of a HUGE store might just be spotty? But do believe amazon a few years back had a patent on such thing as controlling people in their stores internet access..

But force prob not the right word, more like direct you to their connection ;) Nothing saying you can't just leave your phone at home or in the car, or just turn it off, or put in airplane mode, etc.

A Former User

@johnpoz said in Private Mac addresses in IOS14:

I don't really recall noticing this last time I was in a whole foods.. Last time was before covid.. Quite often stop at their in store taverns.. Tuesday's is 2$ bottle and can day at their instore bars.. And they normally have a decent selection..

So stop there after work many a tuesday for couple of cold ones ;)

But sure it behooves stores like this to control your internet access while your in the store, can prevent you from doing price compares, etc. Or atleast make it way more difficult - since hey odd how you can't get to store xyz site while on the whole foods wifi ;)

Problem could also be cell coverage in the middle of a HUGE store might just be spotty? But do believe amazon a few years back had a patent on such thing as controlling people in their stores internet access..

As I remember Best Buy was doing that at some point in time. Blocking access to mitigate using Best Buy stores as an Amazon showroom. Haven't been in a Best Buy in a dogs age so I can't comment on the current situation.

johnpoz

@jwj said in Private Mac addresses in IOS14:

using Best Buy stores as an Amazon showroom

hehehe - yeah this true.. Oh lets go see how the picture looks on tv xyz - then just order it on amazon for X $ cheaper ;)

Derelict

@jwj Force is still a strong word. If you don't like their policies don't shop there.

A Former User

@Derelict said in Private Mac addresses in IOS14:

@jwj Force is still a strong word. If you don't like their policies don't shop there.

Maybe you missed the part where I said I got your point. I'll repeat it here: "So, point taken, I could just pay full price and not access their network."