Millions of Mobile Devices are Vulnerable to Tracking due to MAC Randomization Weaknesses

Most consumers are well aware of how governments and service provider can track their actions and location while using a mobile device. It turns out this type of “attack” is only facilitated by MAC randomization. Through this process, mobile devices should be protected from being tracked, but it appears the implementation of this technique has the opposite effect these days.

MAC Randomization Exposes User Information

When a mobile device – phone, tablet, or otherwise – hops between WiFi networks, a technique known as MAC address randomization is used. Rather than allowing networks to identify said device based on its wireless hardware number, a randomly generated value is presented to authenticate with the network. On paper, this sounds like a solid concept, yet the implementation leaves a lot to be desired.

Rather than preventing third parties from tracking users as they move between networks, the technology exposes sensitive information. MAC Address randomization has become a necessary tool ever since store owners and government facilities installed hardware to log mobile device information. In doing so, businesses can recognize and identify specific users every time they walk into their store. Selling that data to the markets and ad companies is usually the result of collecting this information, without asking for consumer consent.

A combination of different flaws makes MAC address randomization nothing more than a sales protocol. Moreover, most devices do not even have this randomization process enabled in the first place. Manufacturers should turn this setting on by default, yet hardly any choose to do so. It is unclear as to why that choice is made, though. Exposing millions of Android and iOS devices to data harvesting for no apparent reason is not something to be proud of.

To make matters worse, a new research paper indicates 100% of devices using MAC address randomization can still be tracked. This is done by exploiting a flaw in the way wireless chipsets handle low-level control frames. This effectively deanonymizes mobile device owners in the process. Moreover, several other such techniques have been discovered which will work against specific devices. All of this results in very disturbing findings which need to be resolved sooner rather than later.

It is possible for device manufacturers to put together a unique 48-bit MAC address for any device. Moreover, this address can be randomized whenever needed, although none of the major mobile manufacturers implement this tool right now. It takes an Organizationally Unique Identifier – issued to manufacturers – combined with a three-byte identifier which can be set to any value. Combining these two will ensure every mobile device in the world has a unique MAC address, making them impossible to track.

The way things stand right now, very few Android mobile devices implement the available randomization capabilities built into the operating system itself. Security researchers are not sure why this happens or how it can be fixed by the user. It is possible this has to do with firmware incompatibilities, albeit that has yet to be confirmed. Even Apple devices are vulnerable, as iOS 10 broke MAC address randomization altogether. However, the technology giant handles randomization correctly, unlike the manufacturers active in the Android ecosystem.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.