
Why MAC address randomization is not enough (2016) [pdf] - wglb
http://papers.mathyvanhoef.com/asiaccs2016.pdf
======
sillysaurus3
"The three golden rules to ensure computer security are: do not own a
computer; do not power it on; and do not use it"

[https://en.wikipedia.org/wiki/Robert_Morris_(cryptographer)](https://en.wikipedia.org/wiki/Robert_Morris_\(cryptographer\))

~~~
ploxiln
Without being facetious, that strategy does work for this particular problem:
_turn off your wifi_ if you are walking around, traveling, or not in range of
a network you intend to connect to.

I also have Bluetooth and NFC off most of the time since I rarely use them.
(But then there's the cellular connection of my phone ...)

~~~
coin
I wish the mobile OS could do that automatically based on the location.

Under iOS' settings it does hint at this as Wifi is one of the system services
that uses locations services.

~~~
mortehu
WiFi is used to speed up geolocation, sometimes a lot if you're in a dense
city with poor satellite reception.

[https://en.m.wikipedia.org/wiki/Wi-
Fi_positioning_system](https://en.m.wikipedia.org/wiki/Wi-
Fi_positioning_system)

------
p4bl0
By some of the same people, also interesting on the same subject: "Defeating
MAC Address Randomization Through Timing Attacks"
[http://papers.mathyvanhoef.com/wisec2016.pdf](http://papers.mathyvanhoef.com/wisec2016.pdf)

~~~
jwilk
[https://news.ycombinator.com/item?id=14782777](https://news.ycombinator.com/item?id=14782777)

------
voltagex_
Is new hardware required for these "Hotspot 2.0" things?

~~~
nuand
Nope, it's all in the MAC and additional usermode services that help phones
identify to the network using, in most cases, its SIM.

