Dan Goodin studies by way of Ars Technica: Three years in the past, Apple launched a privacy-enhancing characteristic that hid the Wi-Fi deal with of iPhones and iPads after they joined a community. On Wednesday, the world realized that the characteristic has by no means labored as marketed. Regardless of guarantees that this never-changing deal with can be hidden and changed with a personal one which was distinctive to every SSID, Apple units have continued to show the true one, which in flip received broadcast to each different related system on the community. […]
In 2020, Apple launched iOS 14 with a characteristic that, by default, hid Wi-Fi MACs when units related to a community. As an alternative, the system displayed what Apple known as a “personal Wi-Fi deal with” that was completely different for every SSID. Over time, Apple has enhanced the characteristic, as an illustration, by permitting customers to assign a brand new personal Wi-Fi deal with for a given SSID. On Wednesday, Apple launched iOS 17.1. Among the many varied fixes was a patch for a vulnerability, tracked as CVE-2023-42846, which prevented the privateness characteristic from working. Tommy Mysk, one of many two safety researchers Apple credited with discovering and reporting the vulnerability (Talal Haj Bakry was the opposite), instructed Ars that he examined all current iOS releases and located the flaw dates again to model 14, launched in September 2020. “From the get-go, this characteristic was ineffective due to this bug,” he stated. “We could not cease the units from sending these discovery requests, even with a VPN. Even within the Lockdown Mode.”
When an iPhone or every other system joins a community, it triggers a multicast message that’s despatched to all different units on the community. By necessity, this message should embrace a MAC. Starting with iOS 14, this worth was, by default, completely different for every SSID. To the informal observer, the characteristic appeared to work as marketed. The “supply” listed within the request was the personal Wi-Fi deal with. Digging in a bit of additional, nevertheless, it grew to become clear that the true, everlasting MAC was nonetheless broadcast to all different related units, simply in a unique discipline of the request. Mysk printed a brief video displaying a Mac utilizing the Wireshark packet sniffer to observe visitors on the native community the Mac is related to. When an iPhone working iOS previous to model 17.1 joins, it shares its actual Wi-Fi MAC on port 5353/UDP.
