undefined | Better HN

0 pointshoistbypetard6y ago0 comments

Right. I understand what MAC addresses are. In addition to the characteristics you named, they are also entirely at the discretion of the client and therefore are trivially spoofable so long as no one else on the same media currently has the address you're spoofing. And because the advertisers and the trackers are a step removed from the LAN, they have no way to detect an attack where someone just shits tens of millions of nonsense addresses at them.

So I'm suggesting that if we know what they are using those for, there could be something fun (like a CCC talk) to be gained from tainting their data in a creative, easy way. Like a few hundred dollars worth of junk devices in a suitcase sending a bunch of carefully crafted MACs :-)

0 comments

toyg6y ago

The amount of people who routinely spoof their own MAC when on public wifi is so minuscule to be objectively irrelevant to any mass-data-gatherer out there. Unless this becomes something that the OS can automatically randomize for you (are you listening, Apple...?), even a creative attack won’t move the needle.

hoistbypetardOP6y ago

Of course. (And I think Apple does/might do that?)

I'm suggesting that if we discover/think that these advertisers/trackers are using it for anything interesting, there could be some fun to be had at their expense by picking up a suitcase full of junk wifi devices, configuring them to deliberately spoof their own MAC, and visiting that airport. I think you'd only need to spend hundreds on junk devices to taint their system with tens of millions of addresses.

If there's any observable result, I think it'd be fun to do and write it up/present it at a Chaos Computing Congress (or similar) event.

j / k navigate · click thread line to collapse