Security

Reply
Frequent Contributor I
Posts: 73
Registered: ‎08-16-2011

iOS 8 & MAC Address Randomization

http://www.cso.com.au/article/547177/apple_randomises_mac_addresses_ios_8_killing_off_key_ad-tracking_tool/

 

 

Has anyone played w/ iOS 8 beta & have you ran into any issues w/ Airwave monitoring, or with any logging or tracking functionality?  

--Raf

--Raf
Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: iOS 8

It's only for probing. The device associates with its own MAC address.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 1,110
Registered: ‎10-11-2011

Re: iOS 8

Even so, will this not affect ClientMatch as it utilizes client probes?  I see this as potentially causing more issues, especially when troubleshooting a client association issue.  If you suspect a client probing issue, how are you going to identify the client probes with a packet capture?

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
Occasional Contributor II
Posts: 48
Registered: ‎05-23-2014

Re: iOS 8

Does anyone know if this will prevent MAC authentication from taking place?

 

If it probes the network with a random MAC but authenticates with its own correct MAC, i dont see that this should prevent MAC authentication from taking place.

 

On the other hand, if MAC authentication is in place as part of a layered security model, should the random MAC be in the list (is this going to be chosen from the Apple agreed list??) this could in effect authenticate a non authorised device, causing a security breach to the network

 

TIA

G

Super Contributor I
Posts: 274
Registered: ‎04-04-2014

Re: iOS 8

 

I think that's the burning question -- how will these devices play with virtual beacons/11k, and legacy-mode client-match?  Apples already are one of the rockier platforms for match/steering and this feature doesn't bode well.  Hopefully it completely turns off while enterprise authed.

 

 

 

 

 

MVP
Posts: 517
Registered: ‎05-11-2011

Re: iOS 8

Still remains to be seen what the effects will be, but once the device is actively associated to your wireless network it use it's own MAC-address. There is no ClientMatch etc before association right?

 

Tho - a system counting the number of MAC-addresses "probing the Air" will/might be worthless since all i-devices will probe with different MAC-address each time.

 


Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Search Airheads
Showing results for 
Search instead for 
Did you mean: