5

Certain smartphones and laptops, one of which my Windows 10 Phone and Laptop (Windows 10, redstone 1 update) have a function called "Random Hardware Access" under the WiFi settings.

The settings has the following explanation for this function:

Use Random Hardware Addresses to make it harder for people to track your location when you connect to different WiFi networks. This setting applies to new connections.

From the explanation, we could assume the phone (or laptop) utilizes it's WiFi antenna or MAC address to spoof info.

But the question is still there, How exactly does Random Hardware Access work? Does it use random MAC addresses? does it lie when asked for location or fake the WiFi Antenna's broadcast range?

And how effective would it be? would it indeed, for example, protect my privacy by making it harder for free-wifi spot's tracking functions?

Lighty
  • 2,368
  • 1
  • 23
  • 36

2 Answers2

6

This feature randomly changes the MAC address reported by the phone. Nothing else. The MAC address is available to the Wi-Fi network but also, potentially, to software running on the device. E.g. a browser.

MAC addresses are actually in two parts. The first part tells you what manufacturer the device (strictly speaking the manufacturer of the network component of the device) is from. The second part is unique to each network device.

So any unfriendly network can track "you" in the form of the hardware address of your device. As this normally doesn't change, there is a potential for interconnected networks to track your device anywhere. Unscrupulous operators including advertising networks can grab the MAC address into a super-cookie too allowing even wider tracking of where you have been and what you have done.

By randomising the MAC address, all of this is at least made a lot harder if not impossible.

Julian Knight
  • 7,092
  • 17
  • 23
3

In addition to Julian Knight´s answer, thers more to dig when doing wardriving.

If the device has the wifi active, its sending proves looking for known networks/open ap´s.

This probes contains info about the networks that the device is looking for.

So that means we can create a pretty unique identifier of you/your device: mac + list of networks that mac is looking for.

This is a great paper from the SANS people about the topic:

https://www.sans.org/reading-room/whitepapers/wireless/guide-wardriving-detecting-wardrivers-174

So yes, using a random MAC makes this alot harder, so it empowers your privacy.

jmingov
  • 844
  • 5
  • 11