Apple's private Wi-Fi MAC addresses were a security theater until iOS 17.1.

Private Wi-Fi Address

Apple introduced a feature that hides a user's permanent MAC address in 2020, but it was virtually useless before iOS 17.1 due to a fixed vulnerability.

When a device connects to the network, it performs the necessary handshake by transmitting its unique MAC address. If an organization can access network access MAC addresses on a large enough scale, it can track users as they move between networks.

According to a report from Ars Technica, Apple has implemented a feature that prevents MAC address tracking, but the vulnerability has rendered it virtually useless since its debut in iOS 14. The private Wi-Fi address feature is enabled. by default and promises to assign a separate MAC address to each unique SSID, which is what was done in practice.

The problem is that the persistent MAC address that this function was supposed to hide was still being used on port 5353/UDP. Basic MAC address analysis has been reduced, but anyone who searched could easily find the real MAC address, which is a problem for those expecting this feature to work.

The report suggests this would have been a simple fix, and it's unclear why it took Apple three years to implement it. Regular users don't need to worry about this vulnerability, but anyone who needed to hide their MAC address and expected this feature to work could have their MAC address compromised.

Apple says the vulnerability has been fixed in iOS 17.1. It was tracked as CVE02923-42846 and attributed to Talal Haj Bakri and Tommy Mysk.

Leave a Reply

Your email address will not be published. Required fields are marked *