iPhones have been exposing your unique MAC despite Apple’s promises otherwise
Enlarge / Private Wi-Fi address setting on an iPhone. (credit: Apple)
Three years ago, Apple introduced a privacy-enhancing feature that hid the Wi-Fi address of iPhones and iPads when they joined a network. On Wednesday, the world learned that the feature has never worked as advertised. Despite promises that this never-changing address would be hidden and replaced with a private one that was unique to each SSID, Apple devices have continued to display the real one, which in turn got broadcast to every other connected device on the network.
The problem is that a Wi-Fi media access control address-typically called a media access control address or simply a MAC-can be used to track individuals from network to network, in much the way a license plate number can be used to track a vehicle as it moves around a city. Case in point: In 2013, a researcher unveiled a proof-of-concept device that logged the MAC of all devices it came into contact with. The idea was to distribute lots of them throughout a neighborhood or city and build a profile of iPhone users, including the social media sites they visited and the many locations they visited each day.
In the decade since, HTTPS-encrypted communications have become standard, so the ability of people on the same network to monitor other people's traffic is generally not feasible. Still, a permanent MAC provides plenty of trackability, even now.