MAC地址隨機化介紹
Apple’s newest beta version of iOS 14 has a setting that will change the way people connect and stay connected to Wi-Fi networks. While other operating systems, including Android 10, already had this feature, it has much broader implications for Apple devices because the adoption rate of new iOS versions is so much higher than on Android. Also, Apple has gone a step further with iOS 14 and added automatic randomization of the MAC address every 24 hours, whereas on Android, it stays consistent for each network after joining. The way the industry has been trending, this really isn’t that surprising.
What is a MAC address?
Let’s back up a little bit. A media access control (MAC) address is a unique string of letters and numbers that is used to identify a device on a network and allow it to communicate with other devices. MAC addresses are usually assigned when the device is manufactured and, unlike IP addresses, they generally do not change when moving from one network to another. In other words, MAC addresses have historically been static and unique to each device.
How are MAC addresses used for Wi-Fi networks today?
The assumption and practice of having a static MAC address resulted in many networks leveraging it for a variety of purposes. There are well-known hospitality brands that have implemented automatic authentication programs for loyalty customers based on storing and recognizing a device’s static MAC address. In the hospitality and multifamily markets, the use of a static MAC address is far reaching in current network architectures. The notion of a dynamic MAC address changing through time by virtue of a device’s operating system will significantly alter the connectivity experience, unless they adopt solutions that plan for and address this, such as ElevenOS.
What is MAC address randomization and why is it used?
MAC address randomization is the increasing trend of device operating systems using a random, anonymous device identifier instead of the real address when connecting to wireless networks. The goal of doing this is to increase user privacy by preventing network operators from being able track devices using the real address as a consistent device identifier.
For many years now, most operating systems (iOS 8+, Android 8+, Windows 10, etc.) have implemented some form of MAC randomization. However, most of these operating systems only use a randomized MAC address when scanning for access points and SSIDs (known as probe requests), but still have used a consistent, genuine MAC address when actually connecting to networks. This has successfully mitigated some forms of tracking (footfall tracking in retail stores for example), but more advanced tracking methods have surfaced since these changes were introduced. In late 2019, Google released Android 10 which made MAC randomization the default behavior when both scanning for wireless networks and connecting to them. This was a major change that was intended to prevent tracking across networks.
Historically, MAC addresses have been a reliable identifier. However, as we learn more about privacy and security, we now know that spoofing other people's MAC addresses has been a serious network vulnerability on visitor-based Wi-Fi for some time. These changes by handset manufacturers are going to force everyone to fix this, which is ultimately a really good thing for everyone.
What is changing with iOS 14 on Apple devices?
In the latest beta version of iOS 14, Apple implemented their own improved version of MAC randomization for devices running iOS. Similar to Android 10, iOS 14 devices will use a randomized MAC address by default when both scanning and connecting to most wireless networks. Additionally, iOS has added an extra layer of privacy protection: devices with the randomization feature turned on will rotate their MAC address every 24 hours after connecting to a wireless network. This means that, by default, when an Apple device running iOS14 connects to a new network, the network will never be aware of the real, genuine MAC address of the device, but only an anonymous, temporary identifier that changes every day. There are variations to this behavior that we have been testing in lab environments. For example, migrating an existing device from iOS 13 to iOS 14 results in previously remembered WPA2 networks NOT being set to randomized. The new system default applies primarily to new networks going forward.
This “Private MAC Address” feature is network-specific and will be enabled by default on most new wireless networks that users join after they update to iOS 14. When enabled, this feature will randomize the MAC address that is used when connecting to a wireless network for the first time, randomize it every 24 hours after the user has connected, and randomize it immediately if the user forgets the network and rejoins. iOS 14 will not randomize the MAC address if the user is mid-session and actively passing traffic, even if it has been 24 hours since joining the network.
Many networks currently rely on the MAC address as a consistent identifier for the duration of the visitor’s stay at the venue. Some networks rely on the MAC address to be consistent across Wi-Fi venues as well, which previously allowed their visitors to roam between multiple venues and be automatically authenticated. This experience will not be possible for users of iOS 14 with the Private MAC Address feature enabled.
It’s important to note that just because the Private MAC Address feature is enabled by default in Beta 1 of iOS14, that doesn’t necessarily mean it will be this way in the general release. It is also worth noting that past adoption of Apple’s latest iOS has been relatively high. For example over 77% of Apple devices introduced in the last four years (estimated at 1 billion) are running some version of iOS 13, which was first released in Q4 of 2019. If iOS 14 sees similar adoption rates, there could be hundreds of millions of users impacted by this change within months of its release.
Toggling “Use Private Address” is the switch that effectively turns on and off MAC Address Randomization (here called “Wi-Fi Address”). Toggled “On” the MAC Address is changed by the device’s OS every twenty four hours. This setting is network specific. In other words, more sophisticated users can and likely will turn it on for some networks and off for others. The default setting in the Beta Version of iOS 14 has it enabled for most ALL newly added networks. That is significant. The issue would be far smaller if this setting was present, but not enabled by default. It is the default nature of this new capability that makes it broadly impactful to all iOS 14 users.
Instructing users to disable the “Use Private Address” setting has the additional challenge in that it could be perceived as compromising the user’s privacy. The iOS 14 screen says, “Private Wi-Fi address prevents network operators from tracking your iPhone.” Instructing users to disable this feature could be misconstrued as the operator’s intent to track users, even when the intent might just be to allow users to stay automatically connected to the network rather than having to manually connect via the captive portal page each day.
MAC地址隨機化的方案導致了現有的探針裝置抓取到大量的偽隨機MAC地址,增強了裝置的安全性;但同時也會導致基於MAC地址跨網路認證的大範圍WIFI技術對裝置失效(IOS14裝置,安卓裝置同一個SSID保持虛擬MAC地址不變不受影響);找到一篇關於偽MAC地址的破解預印本A Study of MAC Address Randomization in Mobile Devices and When it Fails,有空看一看學習一下。
轉自:How MAC Address Randomization Can Affect the Wi-Fi Experience
相關文章
- 瞭解 “MAC 地址隨機化” 刻不容緩Mac隨機
- Linux 修改MAC地址的四種方法介紹LinuxMac
- 電腦mac地址在哪看 win7win10mac地址查詢方法介紹MacWin7Win10
- 印表機ip地址哪裡看 印表機ip地址和埠檢視方法介紹
- win10電腦怎麼查詢mac地址 win10系統mac地址查詢方法介紹Win10Mac
- IP-COM 無線路由器MAC地址克隆設定介紹路由器Mac
- An Introduction to Conditional Random Fields[條件隨機場介紹]random條件隨機場
- IBM ThinkPad 隨機軟體的介紹說明IBMThinkPad隨機
- Mac利器Homebrew介紹Mac
- Conflux 網路地址介紹UX
- Win10系統使用隨機無線網路卡MAC地址的方法Win10隨機Mac
- 隨機學習簡介隨機
- Java獲取本機名稱、本機MAC地址、IP地址JavaMac
- RabbitMQ系列隨筆——介紹及安裝MQ
- Solidity 教程系列2 - 地址型別介紹Solid型別
- Ubuntu系統下配置IP地址方法介紹Ubuntu
- 簡明條件隨機場CRF介紹 | 附帶純Keras實現條件隨機場CRFKeras
- AX6000 Zerotier 開機自啟 & 持久化虛擬 MAC 地址持久化Mac
- 靜態路由介紹(雲端計算隨筆)路由
- 計算機網路之二:IP地址與MAC地址計算機網路Mac
- jQuery實現的生成隨機密碼程式碼例項簡單介紹jQuery隨機密碼
- Movie Collector pro for Mac入門介紹Mac
- Mac OS X常用軟體介紹Mac
- 隨機化演算法隨機演算法
- lodash已死?radash庫方法介紹及原始碼解析 —— 隨機方法 + 字串篇原始碼隨機字串
- MAC 地址與IP地址Mac
- firefox火狐瀏覽器介紹及下載地址Firefox瀏覽器
- Ubuntu各大分支版本功能介紹及下載地址Ubuntu
- 檢視hyper-v主機mac地址Mac
- Android模組化框架介紹Android框架
- javascript效能優化技巧介紹JavaScript優化
- Oracle效能優化--Latch介紹Oracle優化
- Oracle效能優化---鎖介紹Oracle優化
- 詳細介紹CentOS 7 掛載NTFS 隨身碟CentOS
- 介紹1個簡單好用的隨機動物網站,關鍵還免費隨機網站
- Python 基礎練習 —— 獲取本機 Mac 地址、ip 地址和主機名PythonMac
- 隨機化處理技術隨機
- 一個奇特的mac地址自動變化Mac