"Three years ago, Apple introduced a privacy-enhancing feature that hid the Wi-Fi address of iPhones and iPads when they joined a network. On Wednesday, the world learned that the feature has never worked as advertised."
@evacide This stuff is complicated. At least it got fixed eventually. It has been working since release except for more sophisticated packet sniffer. I'm not making excuses for Apple but bugs are bugs. What's important is that they get fixed when found and that happened.
@evacide I feel like that article is a little more provocative than it needed to be. “Apple hasn’t explained how a failure as basic as this one escaped notice for so long. “ - probably the same reason why it’s taken so long for anyone else to notice. It did work at the basic level of tracking through dhcp requests which was the primary vector. Wasn’t completely useless 😅
@spla és "igual" que s'hagués "descobert" o no... el cas és que els aparells no eren anònims com Apple assegurava. Bàsicament, pagar per una funcionalitat inexistent i seguir sent rastrejat com tothom.
@retiolus no hi ha evidències que s'hagi "rastrejat" cap dispositiu ja que ningú ho sabia fins que Apple ha aplicat l'actualització. Si Apple no hagués dit res cap mitjà hauria publicat "Apple enganya als seus usuaris".Parlar malament d'Apple genera visites...
@spla no cal que hi hagi evidències? El wifi públic que ja rastrejava per raons comercials els parells connectats a la seva xarxa doncs... ho haurà seguit fent?
I "no hi ha evidències" fins que es faci públic que durant 3 anys tal empresa o tal govern ho ha utilitzat. El que passa sempre bàsicament 😂
@evacide “From the get-go, this feature was useless because of this bug,”
This is incorrect.
“never worked as advertised” is correct, though. Passive MAC address snooping was prevented, but information was leaked when you connected to a network.
@evacide ”In 2013, a researcher unveiled a proof-of-concept device that logged the MAC of all devices it came into contact with.”
This seems to refer to a Black Hat 2013 demonstration in the summer of 2013. We had already exhibited an artwork doing this at Art Hack Day in Stockholm in the spring, and we probably weren’t the first ones.
Dear friends and fiends of privacy,
As we know Apple are liars and can not be trusted. Sad but true. Just like facebook and Google, Hex-twitter and mis-governments etc. they have turned us into data to be sold the latest set of 'Billionaires are your friends', 'War is for your welfare' and other ownership lies. They have failed. They are not fit to wank, swank or shank ... :ablobcatwave:
There are solutions, here is one in its early stages. :blobheart: https://veilid.com/
In the words of The Prisoner, Joseph Pat McGoohan, 'I'm not a number, I am a free lobster'
Have a great day everyone. Save the world if you can-can. Support the screaming if you are able. Join the silent, that will not be silenced And stay sane (if possible) It's a crazy #world.
I mean I can absolutely see how it could happen -- the decision of what MAC to stuff in the source address could easily come from a slightly different path than the information stuffed in the discovery packet, etc.
But you'd also think for a Serious Security/Privacy Feature, one might do a bit more extensive testing, and just observing beacon/discovery/arp/etc traffic to see if all is well would be a pretty reasonable thing.
@evacide I'm not one of those hyper Apple hater types, but it's getting pretty exhausting seeing that so much of their alleged privacy-preserving innovations have turned out to be cosmetic theater. App labels, the "do not track" toggle, now this. /sigh
Add comment