• Apple to Utilize MAC Address Randomization in iOS 8 in an Effort to Improve Privacy



    With consumers growing increasingly conscious about protecting their privacy, Apple has begun to tackle the issue head on with a number of enhancements to its next-generation mobile operating system including a new feature that makes it more difficult to track and identify individual iOS devices.

    Starting with iOS 8, Apple’s handheld devices will generate and use random Media Access Control, or Mac, addresses rather than their real MAC address, when scanning for Wi-Fi access points. The change was announced in a closed session at the company’s Worldwide Developers Conference and first called out by security researcher Frederic Jacobs. For those of you who didn’t already know, MAC addresses are unique identifiers that allow devices to distinguish between one another on a network. Typically, every network interface has its own MAC address, on an iPhone, this means one each for the Bluetooth and Wi-Fi radios.

    When scanning for wireless networks, client devices such as the iPhone periodically broadcast identifying packets that include the MAC address. In recent years, a number of firms have taken advantage of these broadcasts to track individual devices as they move around, for example, some retail outlets use MAC address-based tracking to record the path that consumers take as they move through the store. This allows for long-term measurement of shopping habits and better placement of sale materials and advertising. There are also smaller uses for MAC address tracking. The city of Houston’s TranStar traffic monitoring system for instance, uses the MAC address from Bluetooth devices to measure traffic flow on city streets.

    Although it is generally difficult to tie MAC addresses to specific people without some other connection, the privacy implications of MAC address tracking have been the subject of increasing debate. Apple’s solution would effectively neuter the practice of long-term tracking by randomizing the MAC address shown during each round of scanning, a feature that many in the privacy community have been pushing for some time.

    The idea and planned implementation of a MAC address randomization system is the latest in a line of privacy-focused moves from Apple that have come to light as developers digest the wealth of material offered at last week’s Worldwide Developers Conference.

    Of all of the iOS 8 changes, the most visible one is the new “While Using” location privacy option. The new setting allows users to restrict apps from determining their location unless the app is in active use, preventing apps from collecting location data in the background unless explicitly authorized to do so. Another new feature in iOS 8 is support for DuckDuckGo, which is an alternative search engine that promises not to track its users’ searches or internet history. Additionally, Apple has opened the iPhone 5S’ Touch ID authentication system for use by third-party apps, strengthening security while increasing convenience.

    Apple’s recent moves suggest a renewed focus on security and privacy that could pay dividends as its competitors come under increasingly heavy fire from governments and privacy advocates.

    Source: Frederic Jacobs (Twitter) via AppleInsider
    This article was originally published in forum thread: Apple to Utilize MAC Address Randomization in iOS 8 in an Effort to Improve Privacy started by Akshay Masand View original post
    Comments 2 Comments
    1. Zokunei's Avatar
      Zokunei -
      Well, we all know Google is certainly not going to make any steps to protect anyone's privacy.
    1. RandyTG's Avatar
      RandyTG -
      I can understand this for when the device is roaming and does advanced association to the APs around it, but when the device does connect to the network does the idevice use its real MAC?
  • Connect With Us

  • Twitter Box

  • Facebook