Become a fan of Slashdot on Facebook


Forgot your password?
Networking Privacy Wireless Networking IT Linux

Tracking Protection In Wi-Fi Networks Coming Soon To Linux 112

prisoninmate writes: Fedora contributor and NetworkManager developer Lubomir Rintel explains how your devices are being identified on a network by a unique number that most of us know by the name of MAC address. Same goes for mobile networking, as your laptop's or mobile phone's MAC address is, in most cases, broadcasted everywhere you go before you even attempt a connection to a wireless network. And that's a problem for your privacy. The solution? Randomization of the MAC address while scanning for Wi-Fi networks. Apple is already using this method on iOS 8 and later mobile operating systems, and so is Microsoft in Windows 10, so Linux users will ["likely"] get it in the upcoming NetworkManager 1.2 release.
This discussion has been archived. No new comments can be posted.

Tracking Protection In Wi-Fi Networks Coming Soon To Linux

Comments Filter:
  • My ancient pocket dino (a Nokia N900) has had this feature for ages. And yes, it runs Linux.
  • by marnues ( 906739 ) on Tuesday January 19, 2016 @11:21AM (#51329213)
    Please don't. My company is building tools that help businesses understand their customers through WiFi. We're having to waste a lot of time building heuristics that determine whose MAC switched when they blip off and a new one randomly appears. We're barely off the ground with this stuff, now we're probably going to have to build new heuristics for Android devices.

    I will say that the good part of this is the product managers now understand we can't track real people, which was never our intent, but was possible given the long-lived nature of MACs. I just wish they'd randomize in the middle of the night when charging.
    • by Anonymous Coward

      What do we gain, what makes it worth our while to let others track us?

      • by KGIII ( 973947 )

        As someone who has modeled pedestrian traffic, specifically for retail outlets - including stores. Well, you get things optimized and more easily found. Of course, you're rooted through the store like cattle. Ever notice how almost everyone goes in the same direction and the people who don't go the "right" way get ugly looks. There's a reason for that but, alas, I'm too ill to explain it and, frankly, I don't like you that much.

        Hmm... They said this Prednizone (sp) would make me grumpy. They're right. So, s

    • You'll be able to track real people as soon as some hipster startup paid RESTful API company from The Valley starts providing this service. They will gleam this information from Apps, some ISPs will bury a provision in their T&C that allows them sell this information to the said hipster company. Static MAC addresses are bad news in this big brother-infested world. It was grand in the 80's and 90's when a machine sat on a private LAN and never left it and 'big data' was a twinkle in someone's eye but th
    • Please don't. My company is building tools that help businesses understand their customers through WiFi. We're having to waste a lot of time building heuristics that determine whose MAC switched when they blip off and a new one randomly appears. We're barely off the ground with this stuff, now we're probably going to have to build new heuristics for Android devices.

      How about if the businesses "understand" that their customers don't want to be fucking tracked?

      Thank you.

    • Re: (Score:3, Interesting)

      by cfalcon ( 779563 )

      Don't listen to murnues, above.

      > My company is building tools that help businesses understand their customers through WiFi.

      No, your company is building a tracker program by trying to make use of an oversight in the spec. In fact, shit like that is why this needs to happen, and why the lifespan of announced MACs needs to be short enough to render any information you may gather useless.

      Did you pay for all those phones that the businesses customers are using? Like, do you own them? Or do they belong to p

    • You forgot the blue-eyes emoticon, BlueTrace fucker.
      It is your intent to track & analyse people.
    • by Anonymous Coward

      Who gives a rat's ass about your company. Unless we own stock or getting kickbacks how is your problem any of our concern other than you are trying to profit by tracking us. GFY

    • by AmiMoJo ( 196126 )

      Doesn't demand for this feature kind of tell you that customers don't want to be understood through tracking their mobile devices? What do they get out of allowing it to happen?

      Have you considered sweetening the deal? Offer them a discount or cash in return for connecting to your wifi hotspot to download a coupon. Or just pivot and become a manufacturer of signs that say "we don't track you" and sell them to ethical businesses (admittedly a small market).

      • I think the assumption is that you can offer customers more useful discounts, but honestly I'd prefer the store be explicit and give me some way to provide direct feedback on the 'personalized' discounts. Things like "Oh, I loved seeing this pop up...except I couldn't wedge it into today's budget so it wasn't used" and "Why do you keep trying to sell me bacon did you not notice I only buy kosher/halal/veg* food?" would be useful feedback for the store, and short of somebody finding out what to browse while

    • by c ( 8461 )

      Please don't.

      While I have no sympathy for your plight, I have to admit genuine curiosity... what, exactly, did you expect as a reaction from Slashdot commenters to that request? " marnues says he needs this, so Linus, buddy, cancel that merge." ?

    • by orlanz ( 882574 )

      I think what you are trying to do is still do able. Just that the old game of getting identifiable information without giving anything is going away. And rightfully so, there have been too many businesses that have abused what is the equivalent of dumpster diving. Asking people not to shred their trash isn't going to go anywhere.

      However, why not setup an intranet at each location. Provide people the ability to scan bar codes and get pricing information on the spot on their phone (Macys). Provide a layo

    • I don't like being tracked, so I randomize my MAC with Pry-Fi []. If you would be so kind to tell us who you work for, we can all enable the "Go to war!" mode to flood you with bogus MACs. Game?

  • what is happend here?
    • by Anonymous Coward

      Someone set up us the bomb.

  • by Anonymous Coward

    Because systemd sucks.

    • Re: (Score:3, Informative)

      by caseih ( 160668 )

      You are confused. I'm not sure why you were modded up here. NetworkManager is not part of systemd, and doesn't require systemd either. Your linux machines have been using it for years, several years longer than systemd has ever existed. Please get your facts straight before posting.

      Sounds like your knee jerked and you mistook NetworkManager for networkd, which is a part of systemd. But networkd is intended only to provide simple network functionality for containers like Docker or virtual machines. ne

  • Use ifconfig:

    ifconfig eth0 hw ether

    Its had this option for years. I presume it'll work for the wlan0 device though I've never tried it.

    • Re: (Score:3, Informative)

      by Anonymous Coward

      The MAC randomization used here is only while scanning, not while connecting, in order to not break MAC whitelisting where it may be used.

      "What seems like a viable option is randomizing the MAC address while scanning, chainging it every now and then, but still use the hard-wired MAC address for association and actual connectivity. Apple pioneered this approach with its mobile operating system, iOS version 8. Since the worst thing that can happen in an unlikely event of MAC address clash is that your AP list

    • Its better to use ip: ip link set wlan0 address 66:66:66:66:66:66 (ifconfig is deprecated)
  • Just won't work.

    Mostly due to java creep in browsers - []

    If you want to get unwarranted attention - randomly flip your MACs - makes you look like a spook.

    What we really need is a browser that looks very common via finger-print - the page is not shown - only an OCR document created from the page with links that have tracking information removed. Once the OCR doc is created the instance of the browser is removed.

    I really miss web sites that don't use java..

  • I support the idea, but please make it optional for those of us who have reasons not to want to do it. One example of why you might not want to do this: if you restrict MAC addresses on your home wifi, this will break it.

  • by enriquevagu ( 1026480 ) on Tuesday January 19, 2016 @01:37PM (#51330427)

    If you want to keep your privacy, you'd better employ passive scanning. Avoids any MAC transmission at all and saves some power while disconnected.

    Link in []

    • by AmiMoJo ( 196126 )

      Smarter Wifi Manager for Android uses your location to keep the wifi turned off until you get to a place where you were previously connected to a known network. It saves a lot of battery power, and protects your privacy.

  • Screw NetworkManager, its broken anyways and wpa_supplicant can already do everything one might want there:

    Add 'mac_addr=1' and 'preassoc_mac_addr=1' to your /etc/wpa_supplicant.conf. Then your MAC-address will be randomized during the Scanning/Preassociation phase and afterwards.

    For networks that need a static MAC address for filtering, add 'mac_addr=0' in the appropriate 'network' section. You also want to make sure you are using 'dhcpcd' instead of 'dhclient' (alias isc-dhcp-client). The latter can't dea

The moon may be smaller than Earth, but it's further away.