
Marauder’s Map: Sniffing MAC addresses in the MIT wireless network [pdf] - phwd
https://courses.csail.mit.edu/6.857/2016/files/34.pdf
======
jswrenn
The characterization of the adversary here being some malicious third party,
though traditional, is something of a bogeyman as far as actual risk is
concerned. Institutions running large mesh networks are in a privileged
position to track users in this way.

At Brown University, complete connection logs for each wireless access point
have been kept for no less than two years. A group of students last year were
given this data and produced a (historical) map of student movement. There is
no reason to believe that the University could not or is not rendering such a
map in real-time.

------
Kadin
Neat idea.

As a general aside, when publishing documents that start off as LaTeX, putting
them on Github (or some other Git hosting service) would potentially allow
others to contribute corrections. There are a bunch of typos in the paper that
would be trivial to correct, but of course there's no easy way to submit
corrections to a PDF.

------
wyldfire
Narry a "solemnly swear" nor "mischief managed" to be found in the entire
paper. Tsk.

~~~
aliamir27
This is actually a draft and the final version does have both :P
[https://www.dropbox.com/s/3tyuuerizap21el/6-857-final.pdf?dl...](https://www.dropbox.com/s/3tyuuerizap21el/6-857-final.pdf?dl=0)

~~~
wyldfire
Excellent!

------
dstyvsky33
I have made something at least similar.

There is another post on my site about integrating live visualization with D3
as well.

I found that the metadata pertaining to signal strength to be too variable
based on device manufacturer to be accurately used for a distance calculation
without a lot of individual fine tuning or at the very least triangulation.

Triangulation runs into its problems though because of the inaccuracies of usb
timing.

[http://www.coderecon.com/pages/post_4](http://www.coderecon.com/pages/post_4)

------
borgel
Interestingly, Apple has already started randomizing MAC addresses [1] on iOS
(8?) and newer devices. Though maybe not quite as successfully as it seemed at
first.

[1] [http://www.imore.com/closer-look-ios-8s-mac-
randomization](http://www.imore.com/closer-look-ios-8s-mac-randomization)

~~~
drzaiusapelord
I believe this only works for broadcast packets. When you've chosen to connect
to a wifi network, then your real mac address gets used. It would be a
nightmare for shops that use mac filtering and other tools that expect
standard mac behavior if the mac was randomized all the time. What Apple is
doing is stopping broadcast packets being a unique value to track on.

~~~
borgel
Excellent point.

