Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

The case for disconnecting "Smart" stuff from the internet

NASbox

FreeNAS Experienced
Joined
May 8, 2012
Messages
479
Also, some hardware suppliers like Apple allegedly randomize BT and WIFI MACs until the device is paired to prevent this sort of snooping. Hence the rise of in-store WiFi networks.
I don't know too much about the Bluetooth protocol, but would random MAC addresses break pairing with non-apple devices? Every time the MAC changes, woluldn't the device need to be repaired? Another great win for Apple... make it hard to use non-crapple devices
 

seb101

Newbie
Joined
Jun 29, 2019
Messages
69
No, it doesn't break interoperability and I belive Android does this too now.

The way it works is that when you 'search for a network' on your device, any pre-encryption association traffic on the air link uses temporary randomized MAC addresses, so that anyone snooping would only see an ephemeral address. Once the link is encrypted during association it switches back to it's 'true' MAC address, which is what gets authorised with the remote host. Any future comms is done with the real mac address (over the now encrypted air link).
 

NASbox

FreeNAS Experienced
Joined
May 8, 2012
Messages
479
Is a BT connection much like WiFi where the MAC is level 2, and the contents of an encrypted tunnel is Level 3 (or highter)? Is this a recent change or did it always work that way? I'm assuming that the MAC address was just sent inside the packet like a user id and not extracted from the packets (which is level 2)??? Do I have this right or not?
 
Top