Wi-Fi MAC Randomization

MAC Randomization / Wi-Fi Privacy on iOS:
iOS 8 only randomizes MAC only when screen is off:
iOS 9 increases the amount of MAC Randomization:


In order to track Wi-Fi Devices the device must:
1. Have Wi-Fi enabled
2. If they run iOS 8 they must have the screen on or connect to WiFi
3. If they run iOS 9 they must connect to any WiFi network
4. NOT be in the Global Opt-out list (https://account.meraki.com/optout)
How Meraki handles Privacy enabled MAC address:
1. We ignore all random MAC addresses. This is a Privacy feature by Apple.
2. Any device that transmits a locally assigned MAC address bit will be ignored.

Workarounds to MAC randomization:
1. Enable BLE scanning to detect fitness trackers, key trackers, smart watches, and bluetooth headsets
2. Approximate the number of iOS 9 devices by measuring the percentage of connected customers using iOS 9.

User Privacy on iOS (see slide 18 for brief) – Apple WWDC Announcement

http://devstreaming.apple.com/videos/wwdc/2014/715xx4loqo5can9/715/715_user_privacy_in_ios_and_os_x.pdf?dl=1

iOS MAC Randomisation Analysed – Part I

http://blog.airtightnetworks.com/ios8-mac-randomization-analyzed/

iOS MAC Randomisation Analysed – Part II

http://blog.airtightnetworks.com/ios8-mac-randomgate/