IEEE 802 Privacy Recommendation Study Group - MAC Address Randomization Tests

From 802-privacy
Jump to: navigation, search

IEEE 802 EC Privacy Recommendation Study Group

The IEEE 802 EC Privacy Recommendation SG studies privacy issues related to IEEE 802 technologies. More information about the group can be found here:

IEEE 802 MAC privacy tests

There exist different ways to modify the Link-Layer address (i.e. the MAC address) of a wireless interface. Differently from a wired Ethernet interface, a wireless interface must be "down" in order to apply a MAC address change.

The following table collects a list of results from tests conducted with different software tools for various platforms:

MAC changing tools
Tool Platform MAC changeable bits Addr. generation mode Tester Notes
ip Ubuntu 14.04 - Intel iwlwifi/iwldvm drivers 47 Manually set Fabio Giust built-in command in most GNU/Linux distros
interface must be down

"multicast" bit cannot be set

Fedora 20 - Intel iwlwifi/iwldvm drivers
ifconfig Ubuntu 14.04 - Intel iwlwifi/iwldvm drivers 47 manually set Fabio Giust built-in command in most GNU/Linux distros, obsoleted by ip
interface must be down

"multicast" bit cannot be set

macchanger Ubuntu 14.04 - Intel iwlwifi/iwldvm drivers 47++ manually set

random vendor part (OUI)
random non-OUI part
full random

Fabio Giust imports source code from the ip command
interface must be down

"multicast" bit cannot be set
++the tool also allows to change the "local" bit, although it is not recommended

Fedora 20 - Intel iwlwifi/iwldvm drivers
SpoofMAC Ubuntu 14.04 - Intel drivers(Windows) 47 manually and random set Fabio Giust Python script based on ifconfig for GNU/Linux
Mac OSX 10.7.5 47 Manually and random set Dan Harkins Python script based on ifconfig for Mac

random lower 24 bits and VMWare OUI as the upper 24
U/L bit manually specified
Need to manually re-associate after

Mac OSX 10.7.5
(MacBook, WiFi:Atheros 5416)
47 Manually and random set Piers O'Hanlon Sets MAC address in ifconfig only. Does not work at WiFi level: Original HW MAC address seen in probe packets on external monitor-mode capture machine.
WiFiSpoof MAC OSX 47 Manually or random set Carlos J. Bernardos User-friendly GUI

After MAC change, the system auto-connects to the preferred network

Mac OSX 10.7.5
(MacBook, WiFi:Atheros 5416)
47 Manually and random set Piers O'Hanlon Sets MAC address in ifconfig only. Does not work at WiFi level: Original HW MAC address seen in probe packets on external monitor-mode capture machine.
Network Manager version 0.9.8.8 on Ubuntu 14.04 - Intel iwlwifi/iwldvm drivers -wpa_supplicant 2.1 Fabio Giust Allows random MAC as system boot

MAC changes either with the GUI or with init.d-level scripts make wpa_supplicant enter a locked loop

version 0.9.10.0 on Debian Jessie - Intel iwlwifi/iwldvm drivers - wpa_supplicant 2.3 47 Manually set Carlos J. Bernardos Manually set MAC from the GUI
Configurable MAC per connection/ESSID
version 0.9.9.1 on Fedora 20 - Intel iwlwifi/iwldvm drivers - wpa_supplicant 2.0 Fabio Giust
Pry-Fi Custom Android 4.2.2 on Nexus 4 and Nexus 7 manually set Dan Harkins Target MAC address not used in real traffic

Requires "root" device

PowerShell Windows Christian Huitema Requires reloading the driver
iOS8 MAC Randomization iPhone 4s and iPad Mini v1 iOS 8 N/A N/A Piers O'Hanlon Only reported working on iPhone 5s (and later) in limited scenarios
iPhone 5s iOS 8.0.2 Carlos Bernardos
wpa_supplicant GNU/Linux Jouni Malinen

Scripts for automatic MAC randomization

Here are collected the tutorials to generate a random MAC address for each WLAN connection. The scripts are collected per OS, since the instructions may vary depending on the platform

Tests on Android devices (must be root)

MAC address change tutorial

Personal tools
Namespaces

Variants
Actions
Navigation
Tools