Remember the release of iOS 14 in 2020? Apple has introduced a new feature called “Private Wi-Fi Addresses” that promises to replace fixed MAC addresses. (Think of the MAC address as a physical address, but instead of being used to find your home, it’s used to find your device on the network and the Internet.) Starting with iOS 14, this private Wi-Fi address was by default a random one for each Wi-Fi A was created for the network to which a device was connected
The feature promised iPhone users protection from tracking, which in turn offered greater anonymity.
Also: Apple Just Released iOS 17.1, MacOS 14.1, and WatchOS 10.1 – Here’s What’s New
The feature was broken and useless from the start.
Last week Apple pushed out iOS 17.1 for iPhone, a long-awaited update that patches a raft of bugs and headaches. How to patch a bug”A device can be passively tracked by its Wi-Fi MAC address“
Security researchers Tommy Maisk and Talal Hodge Bakri discovered the bug and reported it to Apple, and Maisk released a video showing how to use a tool to figure out a device’s real MAC address. WiresharkAnd how this security feature was broken from the start.
talking Ars TechnicaMyske states that “[f]rom the get-go, this feature was useless due to this error. We were unable to stop devices from sending these discovery requests, even with a VPN Even in lockdown mode.”
Also: Now even Android and Windows devices are not safe from Flipper Zero
And it’s not just the iPhone that’s affected. The bug also affected the iPad, Apple Watch, and AppleTV.
For devices stuck on iOS 16, Apple released iOS and iPadOS 16.7.2 to fix this and other issues.
ZDNET has confirmed that this issue was present in iOS 17 and earlier, and that iOS 17.1 fixes this vulnerability.
Need to update your iPhone? tap settings And then general And Software Updated. Then, follow the prompts to get your device up to date
Also: What is passkey? Experience the life-changing magic of going passwordless
Okay, time for a reality check. Is this a big deal?
Yes and no. For most iPhone users, this has no effect. However, for those who want maximum anonymity, this is a major setback and makes them potentially vulnerable to being tracked by those who believe they are safe.
This is a problem because it undermines trust in Apple’s coding. If a bug like this goes undetected for three years, how many other data-leaking bugs are in the company’s code?
As for Android, since the release of Android 8 in 2017, the platform has had a similar feature. Based on tests conducted by both Mysk And ZDNET, this platform doesn’t seem to be affected.