Daily Shaarli
March 12, 2017
This is very similar to our earlier work on the security of MAC address randomization: http://papers.mathyvanhoef.com/asiaccs2016.pdf They provide some more practical details if you want to implement our probe request fingerprint tracking mechanism. This is a passive tracking technique.
Their method to track all devices requires actively sending packets for every single MAC address that is being tracked. The (imperfect) passive tracking techniques can be used to reduce the number of MAC addresses you have to try though. Nice finding overall! And it will likely be hard to patch this issue..
Sometimes there are also silly driver bugs that allow you to get the real MAC address of a device when the user is using a spoofed MAC address :) http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html
A Tactical Tech project which aims to increase transparency about the online data industry by illustrating who tracks us when we browse the internet.
Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. While you are not connected to a Wi-Fi network, the MAC address will constantly be pseudo-randomized, following a pattern that still makes the trackers think you are a real person, but they will not encounter your MAC address again. This will slowly poison their tracking database with useless information.
Le chercheur Antonio Casilli explique comment, derrière des services en apparence gratuits, Facebook, Amazon, Google… ont créé une « économie du clic ».
With every click on Facebook, you leave a little trail of your social life. Now researchers are saying they can piece those clues together, and pick out who your closest friends are.