
How to randomize your MAC address on OS X - FredericJ
http://www.zdziarski.com/blog/?p=2738
======
FootballMuse
How I've been doing it for years:

[https://github.com/feross/SpoofMAC](https://github.com/feross/SpoofMAC)

> spoof-mac randomize en0

~~~
skeoh
Feross has also done a node.js version:
[https://github.com/feross/spoof](https://github.com/feross/spoof)

------
column
Hi, isn't Python now shipping with OSX? I haven't tested it, but wouldn't this
also work while being more readable? (DISCLAIMER: I haven't tested it. Also, I
haven't tested it.)

    
    
        from random import randint
        from os import getenv
        from subprocess import call
        from sys import argv
        
        if len(argv) > 1:
        # get network interface from cmdline parameter
            intf = argv[1]
        else:
        # get network interface from ENVIRONMENT variables
            intf = getenv('INTERFACE', '')
        
        if intf:
        # generate random mac address
            r = lambda: randint(0,255)
            randmac = '%02X:%02X:%02X:%02X:%02X:%02X' % (r(),r(),r(),r(),r(),r())
        # change mac address
            call(["ifconfig", "%s hw ether %s" % (intf, randmac)])
        else:
            print "Couldn't determine network interface"

~~~
lmb
This code will lead to a nice, self-inflicted bug that will sometimes break
your network connection. The low two bits of the first byte of the MAC have a
special purpose and should be kept at 0 [1]. Learned this the hard way when
developing on an embedded TCP stack. The switch silently discarded packets
from multicast or local MAC addresses.

[1]
[http://en.wikipedia.org/wiki/MAC_address#Address_details](http://en.wikipedia.org/wiki/MAC_address#Address_details)

~~~
majke
You can use tricks based on multicast ethernet to detect interfaces in
promiscuous mode:

[http://www.securityfriday.com/promiscuous_detection_01.pdf](http://www.securityfriday.com/promiscuous_detection_01.pdf)

[http://nmap.org/nsedoc/scripts/sniffer-
detect.html](http://nmap.org/nsedoc/scripts/sniffer-detect.html)

~~~
lmb
That's pretty cool, thanks for the hint. The original PDF seems to be from
2001, does this still work?

------
zufallsheld
On Linux, you can use macchanger[0], a tool which does this automatically for
you. I wrote about it here[1].

[0][https://github.com/alobbs/macchanger](https://github.com/alobbs/macchanger)
[1][https://www.zufallsheld.de/2013/08/07/mac-spoofing-under-
lin...](https://www.zufallsheld.de/2013/08/07/mac-spoofing-under-linux/)

~~~
tombrossman
I'll try this again, but on a recent clean install of Ubuntu 14.04 macchanger
didn't appear to do anything (it worked perfectly on 12.04). I was interested
in the option to randomly spoof a different one at reboot but didn't get it
working after several tries.

------
jackgavigan
Alternatively...

    
    
      sudo ifconfig en1 ether `openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/.$//'`
    

Credit where it's due: [http://osxdaily.com/2012/03/01/change-mac-address-
os-x/](http://osxdaily.com/2012/03/01/change-mac-address-os-x/)

------
eliot_sykes
Elsewhere on HN in case you missed it - random MAC addresses are coming to
iOS8:
[https://news.ycombinator.com/item?id=7864813](https://news.ycombinator.com/item?id=7864813)

~~~
smsm42
Just was going to comment that is someone wants to track you they'd probably
track your mobile device which is much harder to customize. Looks like
somebody at Apple had the same thought.

------
jarin
If I'm not mistaken, the author recommends saving the file to

    
    
        /opt/local/etc/oui.txt
    

but the plist runs

    
    
        bash /opt/local/bin/macrandomize.sh
    

I think one or the other probably needs to be changed, unless I'm missing
something here.

~~~
LeoPanthera
Saving stuff into /opt/local is a terrible idea anyway, it's the default path
for MacPorts.

~~~
aroch
Honestly using MacPorts is a terrible idea. If you need non-standard packages
uses homebrew -- which goes out of its way not to break system components,
unlike MacPorts.

~~~
LeoPanthera
Huh? The whole point of MacPorts is that it builds its own dependencies,
thereby not touching the "system components" at all. It's entirely self-
contained in /opt/local, or /Applications/MacPorts for GUI apps. I've been
using it for many years and it's never broken anything. (Except occasionally
itself.)

I would argue that you're far more likely to have stuff already installed in
/usr/local than in /opt/local.

Homebrew is currently trendy but there was nothing wrong with MacPorts.
Declaring the entire project to be "a terrible idea" is simply ignorant.

~~~
aroch
I've been using MacPorts for the better part of decade and some ports in it
clobber system files without warning. I've been bitten one too many times by
that

------
zurn
You want unpredictable random numbers, so using bash $RANDOM is no good.
hexdump + /dev/urandom + sed would work, incantation left as an exercise to
reader as I don't have a Mac around to check limitations of their
hexdump(1)...

(Same goes for the Python solution posted in another comment here).

~~~
elasticdog
Here's the way to properly grab a random line from a file using Bash:
[http://mywiki.wooledge.org/BashFAQ/026](http://mywiki.wooledge.org/BashFAQ/026)

------
fascinated
Does this even work on the wireless interface on a mbp? The driver used to
prevent you from setting the MAC addr to anything you wanted, vs the ethernet
driver for the wired interface that lets you play with it freely.

~~~
o0-0o
I tried to get this to work on my MBPr, and sadly it did not work. It might
have been my lack of prowess, but it's pretty straightforward.

~~~
zhovner
First you need to disassociate wireless card using Apple80211.framework:

    
    
      /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -z
    

Then you can change MAC-address:

    
    
      ifconfig en0 ether aa:aa:aa:aa:aa:aa

------
vrikis
I wrote my own little terminal commands back when I had a 5 hour lay-over in
Charles de Gaulle Airport (Paris). At the time, they offered 15 minute free
wifi, so I just ran my little tool and it worked a treat.

------
ohwp
I was wondering: why did they decide to randomize the address? Why not use the
same address for every device?

~~~
FredericJ
MAC addresses are heavily used for routing purposes on a link layer.
[Ethernet, WiFi ...]

~~~
csixty4
^ This. A MAC address is a link-layer network address, just like an IP
address. For example, the ARP protocol[1] uses it to identify devices with a
given IP address on a network.

[1]
[http://en.wikipedia.org/wiki/Address_Resolution_Protocol#Exa...](http://en.wikipedia.org/wiki/Address_Resolution_Protocol#Example)

------
desertjedi
Hey, is there a way this could be done under Windows? Run from a batch file
for example?

------
Throw67F4D509
Be careful. Randomizing your MAC address may make your computer stick out more
than if you pick a single legitimate looking MAC address and stick with it for
a while. Not all 16 million MAC prefixes have been sold to manufacturers yet.

------
erkose
I prefer adapting the method described in Unique Local IPv6 Unicast Addresses
[https://tools.ietf.org/html/rfc4193](https://tools.ietf.org/html/rfc4193)

------
kccqzy
One of my friends also told me Dropbox uses MAC address to identify computers.
He wrote a similar script to get lots of referrals and free space on Dropbox.
Probably against their Terms though.

~~~
victorhooi
Hmm, I wonder how this works.

MAC addresses are OSI Layer 2, so your one wouldn't normally get passed
through to Dropbox's servers.

I'm guessing their client reads in your computer's MAC address and sends it as
part of the login?

I wonder if it's possible to spoof it just for their client.

------
TheLoneWolfling
I have my computer set up to randomize MAC address on boot, on both
partitions.

There are some downsides (having to relogin to certain wireless networks every
boot) but by-and-large it's worth it.

------
mwfunk
Tangential, but it's actually heartwarming to me that so far every commenter
seems to understand that the "MAC" in the title refers to Media Access
Control, rather than a comically incorrect way of spelling the name of the
computers that OS X runs on.

~~~
devindotcom
Wait, I thought the Mac Address was 1 Infinite Loop

------
dmmalam
Does OSX Yosemite have the mac randomization like ios8?

------
zomg
i use linkliar
[https://github.com/halo/LinkLiar](https://github.com/halo/LinkLiar)

