I was in the space 10 years ago with a product. Primarily Bluetooth, later BLE and WiFi. At that time most consumer devices were constantly discoverable. About 3-5% of traffic would have a disoverable MAC. These days not so many. iPhones never are discoverable unless you are in pairing mode. BLE broadcasts beacons much more consistently and generates a lot of data to filter, but they also change MACs.
Most WiFi chipsets use hardware based MAC layer, so promiscuous monitoring / sniffing is not possible on virtually every embedded module. There were a few chipsets, known as SoftMAC where linux drivers did the MAC layer, in which you could truly sniff the air for all traffic and capture a whole lot of MAC addresses. That was much more useful, but requires more CPU and specific older hardware. If you have a permanent power source like in a ALPR that isn't as much of a concern. I don't know of any companies that really did this though. Almost all our competitors used solutions that only supported the usual device discovery, which relies on BT being discoverable, or AP mode WiFi in order to track a MAC address. It's really easy to market though, it sounds great on paper. In practice the results are less than stellar and with time got even worse as vendors stopped being discoverable by default, and handsets started using used dynamic MAC addresses
According to the graphic, all RFID/NFC tags including pet microchips and your company badge will be associated with you too.
I can remember in the late 1990's Berkeley Public Library was considering adding RFID tags to the books as asset tags. The public push-back was significant and surprising at the time. Freedom-loving library patrons were concerned about nefarious tracking. Proponents of the new tags thought that the concept of tracking people or the books they read was rooted in paranoia.
Program your flipper0 to record all wireless identifications for a few weeks. hook broadcaster to amplifier and attach to your car playing all the time. Every time you drive by one of these, it'll look like a parade just went by.
Probably do the same thing when you go into retail stores. just flood the place with every possible identification.
Maybe an easier solution is just write something that spoofs hundreds of fake ids and sends them out constantly where ever you go; bonus points if you can create IDs that can break the devices when they try to parse it.
MAC randomization is all well and good but that extra security is undercut if people name their device with their full name. It seems to be common with Apple devices especially. After seeing just how much data my neighbors were leaking with their device names, I name all of mine with nondescript names that do not identify me or the device.
The annoying thing about this kind of thing is that it's still possible for the equipment to last a week on the streets.
There has to be a way to solve the coordination problem. One person going around destroying stuff is a "notorious vandal" who can be hunted down and made an example of. Ten percent of the population doing it is game over for any scumbag who wants to deploy this crap.
18 comments
[ 3.0 ms ] story [ 45.3 ms ] threadUnless they're hoping my AirPods are in pairing mode all of the time and they're going to track the name "mikeocool's AirPods."
Most WiFi chipsets use hardware based MAC layer, so promiscuous monitoring / sniffing is not possible on virtually every embedded module. There were a few chipsets, known as SoftMAC where linux drivers did the MAC layer, in which you could truly sniff the air for all traffic and capture a whole lot of MAC addresses. That was much more useful, but requires more CPU and specific older hardware. If you have a permanent power source like in a ALPR that isn't as much of a concern. I don't know of any companies that really did this though. Almost all our competitors used solutions that only supported the usual device discovery, which relies on BT being discoverable, or AP mode WiFi in order to track a MAC address. It's really easy to market though, it sounds great on paper. In practice the results are less than stellar and with time got even worse as vendors stopped being discoverable by default, and handsets started using used dynamic MAC addresses
https://www.teslaradar.com/
"Tesla cars with enabled 'Phone Key' feature transmit a unique identifier, that can be detected using Bluetooth® Wireless Technology." ...
I can remember in the late 1990's Berkeley Public Library was considering adding RFID tags to the books as asset tags. The public push-back was significant and surprising at the time. Freedom-loving library patrons were concerned about nefarious tracking. Proponents of the new tags thought that the concept of tracking people or the books they read was rooted in paranoia.
Probably do the same thing when you go into retail stores. just flood the place with every possible identification.
Maybe an easier solution is just write something that spoofs hundreds of fake ids and sends them out constantly where ever you go; bonus points if you can create IDs that can break the devices when they try to parse it.
It's illegal in most states to place a listening device in public that captures private conversations, this is basically no different.
There has to be a way to solve the coordination problem. One person going around destroying stuff is a "notorious vandal" who can be hunted down and made an example of. Ten percent of the population doing it is game over for any scumbag who wants to deploy this crap.