I've changed the thread so reflect this hijacking of the original topic. On Fri, Jun 13, 2014 at 12:17:11PM +0200, Tom Gundersen wrote: > On Fri, Jun 13, 2014 at 12:43 AM, Dan Williams <d...@redhat.com> wrote: > > On Thu, 2014-06-12 at 23:22 +0200, Mark Elkins wrote: > >> I hear that the latest Apple IOS uses a random MAC address when scanning > >> local wifi hotspots - so "people" can not track the device so easily... > >> seems like a good addition. > >> > >> It would also be interesting if I could automatically change my MAC > >> address every so many configurable minutes - both on wifi and wired > >> interfaces... a bit like I can do with my IPv6 address... > > > > We've been discussing this upstream with kernel developers too. The > > short answer is that yes, it can happen, but it'll take some work in the > > kernel and wpa_supplicant to make that happen. Once that's done, > > NetworkManager can use it. > > > > Note that this behavior is only for randomized MAC addresses when > > *scanning*. The device must still use a stable MAC address when it > > connects to a network, and that address cannot change during the > > connection without breaking the connection entirely and reconnecting. > > And that wouldn't work well for hotspots, since they often cache your > > "logged-in" status based on your MAC address. For wired it would > > probably greatly confuse switches and bridges, and would trigger > > re-authentications for 802.1x-enabled switches. > > > > So yeah, randomized MAC when scanning is coming. But randomized MAC > > every few minutes wouldn't work well in many normal WiFi and ethernet > > cases, so that's probably not going to happen soon (if ever)... > > One option would be to use a random mac address for scanning, and also > generate a random MAC address for each AP you connect to, but keep the > same MAC address as long as you are connected to the same AP (and > remember it for next time you connect).
That would break any network larger than a coffeshop or home, where there are multiple APs connected to the same controller, or to the same back-end network (router). Really, MAC addresses need to be stable or lots of bad things happen to the network and your connection to it. There are many things in networking that could potentially be used to track you (MAC, DUID, Bluetooth). If you don't like that, don't scan or connect to untrusted networks, and keep your phone in a metal cage. _______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
