Hiya, I don't agree with that conclusion...
On 30/09/2020 18:16, Michael Richardson wrote: > My take home from your work is that MAC address randomization is a useless > waste of time. It causes significant costs to the network operator(s) without > actually providing any benefit to the mobile phone owner, because the > adversary is inside the device, invited in by the owner. > In such a situation, MAC randomization feels like security theatre to me. I think MAC address randomisation *alone* isn't very useful but even so still has some utility as it makes some forms of tracking (based purely on a static MAC) harder. IIRC exactly that form of tracking was reported as being done by the security services in Canada linking MACs seen in Pearson with those later seen downtown or something. (I didn't go find the reference so that may be inaccurate.) MAC address randomisation, when well-coupled to changes at other layers can be more beneficial. That is how the GAEN system is designed - the beacon payload (the RPI) is intended to change with the BLE MAC address about every 10 minutes. Getting similar benefits for randomised WiFi MAC addresses with IP and more layers above is hard, but it's still worth having the basic mechanism so that people can try address those harder problems over time. So, no, not "theatre" but far from complete. I'd probably also disagree with you on the practicality of depending on 802.1X outside enterprise environments, but that's a different topic too. Cheers, S.
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
_______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
