* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Friday, September 26, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    ‘Today’: Sheinelle Jones Thanks Katie Couric for Support After Husband’s Death – CBS 19 News

    Sheinelle Jones Expresses Heartfelt Thanks to Katie Couric for Support After Husband’s Passing

    Sate your hunger at DBA’s Taste of Downtown – Bakersfield.com

    Indulge Your Cravings at DBA’s Taste of Downtown!

    Caesars Entertainment (CZR): Assessing Valuation After Times Square Casino Setback and Mounting Investor Concerns – simplywall.st

    Caesars Entertainment Faces Times Square Casino Hurdles as Investor Concerns Mount

    Why Hilaria Baldwin Has Found the ‘DWTS’ Process ‘Embarrassing’ At Times – WFXG

    Hilaria Baldwin Opens Up About the Embarrassing Moments on Her ‘DWTS’ Journey

    Harvest Fest 2025 – yadkinripple.com

    Celebrate the Bounty: Harvest Fest 2025 is Coming!

    Fox News Entertainment Newsletter: Kate Middleton stuns during Trump state visit, Brett James dead at 57 – Fox News

    Kate Middleton Stuns During Trump State Visit; Remembering Brett James at 57

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Autonomous Solutions shows off cutting-edge technology for the public – Cache Valley Daily

    Autonomous Solutions Unveils Cutting-Edge Technology for the Public

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    What are we really gaining from technology? – Fast Company

    What Are We Really Gaining from Technology?

    TOMI Environmental Solutions, Inc. Expands SteraMist iHP Technology Services in Healthcare Sector with New Provider Partnership – Quiver Quantitative

    TOMI Environmental Solutions Accelerates SteraMist iHP Technology Expansion in Healthcare with New Provider Partnership

    Indiana County Technology Center’s Joint Operating Committee looks to the future as program plans began to take shape – Indiana Gazette Online

    Indiana County Technology Center’s Joint Operating Committee Charts an Exciting Path Forward as New Program Plans Take Shape

    Meta to expand Montgomery data hub, pushing total investment to $1.5 billion – Alabama Department of Commerce

    Meta to Supercharge Montgomery Data Hub with $1.5 Billion Investment

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    ‘Today’: Sheinelle Jones Thanks Katie Couric for Support After Husband’s Death – CBS 19 News

    Sheinelle Jones Expresses Heartfelt Thanks to Katie Couric for Support After Husband’s Passing

    Sate your hunger at DBA’s Taste of Downtown – Bakersfield.com

    Indulge Your Cravings at DBA’s Taste of Downtown!

    Caesars Entertainment (CZR): Assessing Valuation After Times Square Casino Setback and Mounting Investor Concerns – simplywall.st

    Caesars Entertainment Faces Times Square Casino Hurdles as Investor Concerns Mount

    Why Hilaria Baldwin Has Found the ‘DWTS’ Process ‘Embarrassing’ At Times – WFXG

    Hilaria Baldwin Opens Up About the Embarrassing Moments on Her ‘DWTS’ Journey

    Harvest Fest 2025 – yadkinripple.com

    Celebrate the Bounty: Harvest Fest 2025 is Coming!

    Fox News Entertainment Newsletter: Kate Middleton stuns during Trump state visit, Brett James dead at 57 – Fox News

    Kate Middleton Stuns During Trump State Visit; Remembering Brett James at 57

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Autonomous Solutions shows off cutting-edge technology for the public – Cache Valley Daily

    Autonomous Solutions Unveils Cutting-Edge Technology for the Public

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    What are we really gaining from technology? – Fast Company

    What Are We Really Gaining from Technology?

    TOMI Environmental Solutions, Inc. Expands SteraMist iHP Technology Services in Healthcare Sector with New Provider Partnership – Quiver Quantitative

    TOMI Environmental Solutions Accelerates SteraMist iHP Technology Expansion in Healthcare with New Provider Partnership

    Indiana County Technology Center’s Joint Operating Committee looks to the future as program plans began to take shape – Indiana Gazette Online

    Indiana County Technology Center’s Joint Operating Committee Charts an Exciting Path Forward as New Program Plans Take Shape

    Meta to expand Montgomery data hub, pushing total investment to $1.5 billion – Alabama Department of Commerce

    Meta to Supercharge Montgomery Data Hub with $1.5 Billion Investment

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

iPhones have been exposing your unique MAC despite Apple’s promises otherwise

October 27, 2023
in Technology
iPhones have been exposing your unique MAC despite Apple’s promises otherwise
Share on FacebookShare on Twitter

THANKS, APPLE —

“From the get-go, this feature was useless,” researcher says of feature put into iOS 14.

Dan Goodin
– Oct 26, 2023 9:48 pm UTC

Private Wi-Fi address setting on an iPhone.

Enlarge / Private Wi-Fi address setting on an iPhone.

Apple

Three years ago, Apple introduced a privacy-enhancing feature that hid the Wi-Fi address of iPhones and iPads when they joined a network. On Wednesday, the world learned that the feature has never worked as advertised. Despite promises that this never-changing address would be hidden and replaced with a private one that was unique to each SSID, Apple devices have continued to display the real one, which in turn got broadcast to every other connected device on the network.

The problem is that a Wi-Fi media access control address—typically called a media access control address or simply a MAC—can be used to track individuals from network to network, in much the way a license plate number can be used to track a vehicle as it moves around a city. Case in point: In 2013, a researcher unveiled a proof-of-concept device that logged the MAC of all devices it came into contact with. The idea was to distribute lots of them throughout a neighborhood or city and build a profile of iPhone users, including the social media sites they visited and the many locations they visited each day.

In the decade since, HTTPS-encrypted communications have become standard, so the ability of people on the same network to monitor other people’s traffic is generally not feasible. Still, a permanent MAC provides plenty of trackability, even now.

As I wrote at the time:

Enter CreepyDOL, a low-cost, distributed network of Wi-Fi sensors that stalks people as they move about neighborhoods or even entire cities. At 4.5 inches by 3.5 inches by 1.25 inches, each node is small enough to be slipped into a wall socket at the nearby gym, cafe, or break room. And with the ability for each one to share the Internet traffic it collects with every other node, the system can assemble a detailed dossier of personal data, including the schedules, e-mail addresses, personal photos, and current or past whereabouts of the person or people it monitors.

In 2020, Apple released iOS 14 with a feature that, by default, hid Wi-Fi MACs when devices connected to a network. Instead, the device displayed what Apple called a “private Wi-Fi address” that was different for each SSID. Over time, Apple has enhanced the feature, for instance, by allowing users to assign a new private Wi-Fi address for a given SSID.

On Wednesday, Apple released iOS 17.1. Among the various fixes was a patch for a vulnerability, tracked as CVE-2023-42846, which prevented the privacy feature from working. Tommy Mysk, one of the two security researchers Apple credited with discovering and reporting the vulnerability (Talal Haj Bakry was the other), told Ars that he tested all recent iOS releases and found the flaw dates back to version 14, released in September 2020.

“From the get-go, this feature was useless because of this bug,” he said. “We couldn’t stop the devices from sending these discovery requests, even with a VPN. Even in the Lockdown Mode.”

When an iPhone or any other device joins a network, it triggers a multicast message that is sent to all other devices on the network. By necessity, this message must include a MAC. Beginning with iOS 14, this value was, by default, different for each SSID.

To the casual observer, the feature appeared to work as advertised. The “source” listed in the request was the private Wi-Fi address. Digging in a little further, however, it became clear that the real, permanent MAC was still broadcast to all other connected devices, just in a different field of the request.

Mysk published a short video showing a Mac using the Wireshark packet sniffer to monitor traffic on the local network the Mac is connected to. When an iPhone running iOS prior to version 17.1 joins, it shares its real Wi-Fi MAC on port 5353/UDP.

Upgrade to iOS 17.1 to prevent your iPhone from being tracked across Wi-Fi networks.

In fairness to Apple, the feature wasn’t useless, because it did prevent passive sniffing by devices such as the above-referended CreepyDOL. But the failure to remove the real MAC from the port 5353/UDP still meant that anyone connected to a network could pull the unique identifier with no trouble.

The fallout for most iPhone and iPad users is likely to be minimal, if at all. But for people with strict privacy threat models, the failure of these devices to hide real MACs for three years could be a real problem, particularly given Apple’s express promise that using the feature “helps reduce tracking of your iPhone across different Wi-Fi networks.”

Apple hasn’t explained how a failure as basic as this one escaped notice for so long. The advisory the company issued Wednesday said only that the fix worked by “removing the vulnerable code.”

This post has been updated to add paragraphs 3 and 11 to provide additional context.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Ars Technica – https://arstechnica.com/?p=1979099

Tags: exposingiphonestechnology
Previous Post

Sam Bankman-Fried testifies, says he “skimmed over” FTX terms of service

Next Post

Gaza Hospitals, Shelters Cut Back on Services as Fuel Runs Short

Ecological burns slated for Corvallis area this weekend – NPR for Oregonians

Ecological Burns Set for This Weekend to Revitalize Corvallis Habitats

September 26, 2025
Beijing International Week for Science Literacy Wraps Up with Focus on AI-Driven Communication – The Korea Herald

Beijing International Week for Science Literacy Wraps Up Highlighting AI-Powered Communication Innovations

September 26, 2025
Science & Society: September 2025 – Yale School of Public Health

Science & Society: September 2025 – Yale School of Public Health

September 26, 2025
New Mexico Prickly Pear Festival expands to two-day event – Albuquerque Journal

New Mexico Prickly Pear Festival Grows into Exciting Two-Day Celebration

September 26, 2025
Autonomous Solutions shows off cutting-edge technology for the public – Cache Valley Daily

Autonomous Solutions Unveils Cutting-Edge Technology for the Public

September 26, 2025
Iowa Sports Betting: Best IA Sportsbooks, Apps, and Promos – FOX Sports

Iowa Sports Betting: Best IA Sportsbooks, Apps, and Promos – FOX Sports

September 26, 2025
Botswana Minister outlines ‘Diamonds, Democracy, and Development’ vision at World Leaders Forum – Columbia Daily Spectator

Botswana Minister Unveils Inspiring Vision of Diamonds, Democracy, and Development at World Leaders Forum

September 26, 2025
US economy grows at fastest pace in nearly two years as spending roars back – New York Post

US Economy Surges at Fastest Rate in Nearly Two Years as Consumer Spending Booms

September 26, 2025
Best 9: Top events for the week ahead in Santa Cruz County arts & entertainment, Sept. 25-Oct. 2 – Lookout Santa Cruz

Discover the Top 9 Can’t-Miss Arts & Entertainment Events in Santa Cruz County This Week (Sept. 25-Oct. 2)

September 26, 2025
Their son was ‘too unstable to function outside of hospital.’ Insurance denied his mental health treatment anyway. – NBC News

Denied Mental Health Care: When a Son Too Unstable to Leave the Hospital Was Left Without Support

September 26, 2025

Categories

Archives

September 2025
MTWTFSS
1234567
891011121314
15161718192021
22232425262728
2930 
« Aug    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (838)
  • Economy (858)
  • Entertainment (21,733)
  • General (17,254)
  • Health (9,901)
  • Lifestyle (871)
  • News (22,149)
  • People (860)
  • Politics (868)
  • Science (16,068)
  • Sports (21,358)
  • Technology (15,841)
  • World (841)

Recent News

Ecological burns slated for Corvallis area this weekend – NPR for Oregonians

Ecological Burns Set for This Weekend to Revitalize Corvallis Habitats

September 26, 2025
Beijing International Week for Science Literacy Wraps Up with Focus on AI-Driven Communication – The Korea Herald

Beijing International Week for Science Literacy Wraps Up Highlighting AI-Powered Communication Innovations

September 26, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version