Apple’s iOS8 set to improve Wi-Fi privacy

Apple’s iOS8 uses randomly generated MAC addresses in scanning for Wi-Fi to make it difficult for advertisers to spy on users

Apple’s newly-announced iOS8 includes several privacy enhancements that will make it more difficult for advertisers and others to spy on users.

Unlike its predecessors, the latest version of Apple’s mobile operating system (OS), due in September 2014, will keep private the device's location, past Wi-Fi connections and Media Access Control (MAC) address.

In current versions of iOS, whenever Wi-Fi is turned on, a device’s MAC address is visible to nearby wireless access points.

But, as announced at the recent Apple Worldwide Developer Conference in San Francisco, iOS8 will use randomly generated MAC addresses while scanning for Wi-Fi networks.

This means the marketing firms that gather those MAC addresses will no longer be able to track users and serve them ads based on their profile, location and preferences.

According to security firm Sophos, Wi-Fi sniffing tracking technology has been used by marketing location analytics (MLA) firms to create profiles of shoppers and serve ads from vending machines, for example.

Read more about Apple iOS

  • Apple iOS security secrets revealed: Is iOS truly enterprise-ready?
  • Apple adds home and health access to iOS 8
  • Apple opens APIs, adds more IT capabilities in iOS 8
  • IOS testing: Expert offers practical strategies for testing on iPhone

However, although iOS 8 will obscure device identity when it scans for wireless networks, it will not provide perfect privacy protection, points out Sophos blogger John Zorabedian.

“Once you decide to connect to a hotspot, iOS 8 will use your real MAC address,” he wrote in blog post. This could expose users to unwanted tracking, using past Wi-Fi hotspots.

Sophos warns that, if mobile users automatically connect to networks, they are vulnerable to Wi-Fi sniffers, including criminals.

This means an attacker could also create a network with the same name and use it to launch a man-in-the-middle attack.

Apple’s planned change to the way iOS handles MAC addresses has prompted calls for this to become an industry standard and for other operating systems, such as Google’s Android, to offer similar protection.

How to protect yourself from snoopers

Sophos provides some recommendations on how mobile users can protect themselves from unwanted snooping for better security and privacy:

  • Turn off Wi-Fi and Bluetooth when not in use;
  • Turn of geo-tagging in apps such as Facebook;
  • Do not accept prompts to remember Wi-Fi networks;
  • Encrypt devices and data;
  • Always use a VPN (virtual private network) for a secure connection;
  • Use WPA2 encryption on wireless networks, not the outdated WEP or WPA encryption protocols.

Read more on Endpoint security