Three years ago, Apple introduced a privacy-enhancing feature that hid the Wi-Fi address of iPhones and iPads when they were online. However, Arstechnica reported that Apple devices still displayed their real addresses to all connected devices on the network.
MAC is a Wi-Fi media access control address, which can be used to track devices from network to network, much like using license plates to track individuals and vehicles as they move around a city. In 2013, a researcher announced a prototype device that could record the MAC addresses of all the devices it came into contact with.
A decade later, HTTPS encryption is the norm, so it’s generally not possible for people on the same network to monitor each other’s traffic. But MAC addresses still provide plenty of tracking capabilities.
In 2020, Apple released iOS 14 with a feature that hides the MAC address by default when the iPhone connects to a network. Instead, the device displays a "private Wi-Fi address" as described by Apple, which will appear differently for each SSID.
Apple recently released iOS 17.1, which includes a patch for a vulnerability CVE-2023-42846 that prevents this security feature from working. One of the two security researchers who discovered and reported this vulnerability said that they tested all recent iPhone operating systems and discovered that this vulnerability existed since iOS 14, released in September 2020.
When an iPhone or any device joins a network, it triggers a multicast message that is sent to all other devices on the network with the outgoing MAC address information. As of iOS 14, this value is different for each SSID by default.
Although it was launched 3 years ago, the new Private Address feature is really useful on iOS 17.1
The researcher posted a short video showing a Mac using Wireshark to monitor traffic on the local network it's connected to. On an iPhone running iOS prior to version 17.1, it shares its real MAC address over port 5353.
This feature is not useless, however, as it prevents network sniffing programs from being used. But failing to strip the real MAC from port 5353/UDP means that anyone connecting to the network can get the unique identifier without any difficulty.
The security flaw has minimal impact on most iPhone and iPad users, but for those who are extremely privacy-conscious, the fact that devices can't hide their MAC addresses for three years is a problem, especially since Apple explicitly promises that using the feature will make it harder for users to track their iPhones across different Wi-Fi networks.
Source link
Comment (0)