iOS 8 will randomize devices' MAC address to increase privacy
Posted on 11 June 2014.
The next major release of Apple's iOS mobile operating system will include an important change: when local wireless networks scan for devices in range, devices running iOS 8 will provide random, locally administrated MAC addresses.

Why is that important, you ask? Well, so far each device has only one unique Media Access Control (MAC) address, with which it identifies itself to every Wi-Fi network whether the user tries to connect to it or not. This allows marketing companies, location analytics firms, and and stores to track the movements of users.

This information is extremely valuable to them, as it allows them to form a relatively accurate picture of what a user does and when, and what he or she is interested in.

But with iOS 8, which is set to be released later this year, that advantage will be gone unless the user decides to connect to the network.

Ars Technica's Lee Hutchinson posits that this change has not been made by Apple just to protect users' privacy, but also to drive companies toward iBeacon, the company's own location-based advertising service.

"iOS users who would prefer to opt out of iBeacon can first ensure they have no iBeacon-aware apps installed (like the official Apple Store app), or they can disable Bluetooth," Hutchinson advises. "Until iOS 8 arrives, iOS 7 users who would prefer not to have their MAC addresses tracked in public can disable Wi-Fi when they're out and about."

It's interesting to note that with iOS 7 Apple has made it impossible for app developers to collect MAC addresses of users in order to see how many have installed their app(s). They also prevented them from targeting ads.

Apple is definitely making a shift towards privacy, responding to the hightened user awareness about the issue.

The company has also announced that they will be including DuckDuckGo, the search engine that doesn't track its users, in the future versions of Safari on iOS and OS X.


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th