• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Can I Have Both Privacy and Security? MAC Address Privacy in Public

October 12, 2020 By Matthew Terry

MAC address

For those running the latest operating systems for your computers, phones, and tablets, you may have noticed the changes to how your device connects to wireless networks. Apple has made headlines for their iOS 14 update that enables randomized Mac addresses by default. While this implementation is somewhat unique in that it does more to protect user privacy, this is not the first time this feature has been added to operating systems.

The mechanism to generate private MAC addresses hasn’t changed, making it possible for access points and network equipment to determine if the address that a device is probing with is real or fake. For a simple rule, any MAC address where the first octet ends with 2, 6, A, or E is a random MAC address. WatchGuard already uses this knowledge to determine if a client device is using its real MAC address or not and filters out these addresses in some analytics reports.

In private and corporate networks, MAC address randomization is seen as a hindrance to policy enforcement and a nuisance on the network. This is especially true if the network relies on MAC address controls or DHCP reservations with specific policies tied to IP addresses or IP address ranges. Even in guest networks, MAC addresses and DHCP leases play a role in identifying devices that have or have not completed a captive portal login.

Companies like Apple, Google, and Microsoft, who are making the operating systems we use daily, have good reasons to include this privacy measure and I genuinely support them. For network administrators and marketing analysts it means that we must change the way that we do things. Policies can be user-bound instead of IP-bound. Marketing campaigns can provide incentives for guest users to provide data. One of the goals of better privacy controls, outlined in a video from the WWDC 2020 conference, is to better balance the personal information that users provide with the features that the service provides. This is a great way for organizations to build trust with their users.

To respond to these changes, we will have to teach our devices how to tell the difference between private home or work networks and public guest networks. When on private networks, it’s okay to disable private MAC addresses, and for corporations use group policy to disable private MAC addresses on Domain and Private networks. By doing this, you can maintain the DHCP reservation list and firewall policies based on IP addresses or address ranges.

For providers of public and guest Wi-Fi networks, these changes will impact the data that can be made available “for free” when devices do not connect to the guest Wi-Fi networks. It’s up to businesses to choose what incentives to provide when trying to collect personal information, but users want to have a better balance of the services provided when giving up this valuable data. This doesn’t mean that we can’t get aggregate information on the number of people who are on premises, but when tracking loyalty of a customer, using a name will be more efficient than trying to track by a rotating set of numbers.

 

Share This:

Related

Filed Under: Editorial Articles, Featured Tagged With: guest wi-fi, iOS 14 update, MAC address, public wi-fi, secure wi-fi

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • CISA Warns of Weaponized RMM Software
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Report Roundup
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use