On Tue, Sep 22, 2020 at 02:06:48PM -0700, Peter Yee wrote:
> I believe that the address randomization (Private Address) can be turned off 
> in iOS 14,
> but it seems to be a manual operation per ESSID only.

Sort of yes and no.

I happened to notice it this morning, having got IOS 14 on a device.
There is a manual configuration knob, it defaults to on.

Despite that it did (eventually) detect that the network does not support 
and operationally disabled it, with a warning message about the privacy feature
being disabled or incompatible with the network, but with the 'private address' 
the built in MAC address.  Or at least it did initially before I manually 
the randomisation after noticing the warning, now it seems to only operate as a
manual on/off knob with no fallback operational disabling.

Also I happen to have a LAN, with 3 ESSIDs operating on it.
All currently using MAC filtering (yeah I know they can be spoofed).

Apple have a document describing what they desire for WiFi:

Where amongst other things, they mention not using different SSIDs for
different frequencies on the same LAN.

I guess the issue here is that when roaming between ESSIDs they'll change MAC,
affecting DHCP allocations and/or SLAAC and thereby break ongoing IP 
or force ARP and/or NDP re-resolution.

I'll have a go at disabling the MAC filter at some point,
and see how that affects the roaming behaviour.
Given the prevalence of broken NATs, I suspect lots of apps will just recover,
at worst after a delay.


Captive-portals mailing list

Reply via email to