$ grep 00-20-91 oui.txt
00-20-91 (hex) J125, NATIONAL SECURITY AGENCY
$ egrep -ic 'army|force|navy|secur|secret|private' oui.txt
macchanger -r <interface>
Interesting article about macchanger on the Arch Wiki: https://wiki.archlinux.org/index.php/MAC_address_spoofing
Apparently, if it ever works at all, you have to run settings that nobody uses - including, iirc, not being connected to a cell tower. I used to spread the same FUD of "iOS does this!", but the truth is it's a lie.
If you want random MACs everytime I recommend Linux + a fairly recent NetworkManager.
The best solution would be to make up a random but persistent MAC per connection, but that seems to be too difficult for some reason.
This only addresses tracking when your phone is in the pocket and sending probe requests to scan for AP's.
side note/question: do I need to actively connect to a WIFI network for them to know my MAC or does it leak even when my phone scans for neighbouring SSIDs? EDIT: looks like MAC would leak even if I don't connect to any access point, but my Wifi is on... At least according to 
EDIT 2: looks like iPhone and Android use MAC randomization when scanning WIFI. (not sure after they connect though). But even this randomization can be defeated?
Some access points need your real mac to connect because they use that to authorize you, I think schools/universities use this method a lot.
You can contribute to the development of this project by helping to integrate it with your favorite WiFi manager.
NetworkManager also includes more advanced modes which make the MAC address stable for a given hotspot, but random between them.
From the post: "I learned that NetworkManager 1.4.1+ can do MAC address randomization right out the box. If you’re using Ubuntu 17.04 upwards, you can get most of the way with this config file."
new_mac=$(openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/:$//; s/./0/2') # from stackoverflow
sudo ifconfig $interface ether $new_mac
new_mac=$(openssl rand -hex 4 | sed 's/\(..\)/\1:/g; s/:$//; s/./0/2'; s/^/02:/)
> I also used to randomize my local hostname
Great idea, missed that. I'll integrate that in the future.
For example, calling the hotel desk to get your device to work.
I only know about mac whitelisting in protected networks managed by wary administrators.
Wouldn't make any sense for properly securing a network. As an attacker you could just create an evil twin (same ESSID), let some students connect to it and just use their mac addresses (and even drop their connections when they try to use the university wifi).
Edit: You don't even necessarily need an evil twin to get their mac addresses. You only have to listen to the wifi traffic and get some - even encrypted data packets still contain the raw mac address as far as I know. airodump-ng is the perfect tool to do that.
# ifconfig iwn0 lladdr random
“I learned that NetworkManager 1.4.1+ can do MAC address randomization right out the box. If you’re using Ubuntu 17.04 upwards, you can get most of the way with this config file.”
I would advise to use a VPN connection. In this case it doesn't matter that you've randomized your mac address in a way which can be clearly identified as random. And even then you can see the VPN server IP in the logs so you should also make precautions and buy your VPN connection anonymously (and even then - you'll never know if you're really anonymous).
Changing your mac address seems to be sufficient (in addition to the VPN usage) to prevent easy tracking through something unique like your real mac address. But I agree that this is just 1-3 lines of code for realistic mac address generation so it should be unproblematic to add.
Edit: If you have fears of being uncovered by random-looking mac addresses without vendor prefixes, changing your mac address will probably not help you. Your threat model is different - maybe APT-level - and you have to do way more than changing your mac address.
Unless avoiding this becomes common practice and then the whole story changes.
> Unless avoiding this becomes common practice and then the whole story changes
If that means that everyone starts to use random mac addresses, you still can't identify specific persons based on their randomized mac addresses when they change them every time they reconnect.
Takes 5 minutes to configure your OpenWRT router to log all DNS requests: https://superuser.com/questions/632898/how-to-log-all-dns-re...
Or if you are an attacker without control over that router: search for dns spoofing. I did this several times to demonstrate companies that their public networks can be hijacked.
As @_fink on Twitter pointed out, colliding with a real existing MAC address is not ideal.
See page 7: https://www.wired.com/images_blogs/threatlevel/2012/09/swart...
Changing your Mac address, or wearing a fake beard, are both fine.
Changing your Mac address to trick a Wi-Fi hotspot which gives out one hour free per device per day, or using a fake beard to trick a shop keeper into letting you get "one free bagel per person" twice, is a crime.
And then what? You're under further suspicion? If you're innocent, that shouldn't be your concern. But all you gotta do is STFU. Don't talk to the police either way.
What you said shouldn't be enough proof except in a banana republic.
If you were always spoofing your MAC address however, then you can use that as your defense.
Your argument is akin to it being suspicious that you use Tor. As if that means your computer should be seized because you might have WMDs. Tor usage might make you suspicious only if other credible factors exist.
What effect does being a banana republic have on this?
BTW if it's really the feds you're worried about, this article probably isn't for you.
Depending on implementation the MAC will have a specific bit set to indicate it is user supplied and not necessarily universally unique but I'm not sure if NM does that.
"If you're on your home network, this has no impact what so ever." Yes, I'm fairly happy with my own tracking policies :D
iPhone - "Researchers Break MAC Address Randomization and Track 100% of Test Devices"
Android - "Only an estimated 6% of Android phones randomize MACs, and they do it poorly."
If your only concern is passive tracking, then a randomized MAC being used for SSID probes (because whitelist-only hidden SSIDs are rare enough that those people can manually connect) will be sufficient.
If you're looking to keep an open Wifi provider from tracking you over the course of days, then using a different MAC for each connect is going to be sufficient.
If you're looking to avoid tracking by people doing traffic analysis to correlate by behaviour no amount of MAC trickery will help you.
If one is looking to avoid having to pay for overstaying their visit at a coffee house or similar capture portal, maybe what needs to be changed is one's sense of ethics, and changing a MAC won't help with that.
So, you can say "it should be a default" all you like, but everyone's going to have a different idea of what the default is for and they're going to throw a fit about it not being "the right default". Better to be conservative like Android and avoid inciting the newbs.
You're welcome to contribute to https://bugs.debian.org/849077 and https://bugs.debian.org/849875.