Hacker News new | comments | show | ask | jobs | submit login
How to randomize your MAC address on OS X (zdziarski.com)
81 points by FredericJ 1111 days ago | hide | past | web | 56 comments | favorite



How I've been doing it for years:

https://github.com/feross/SpoofMAC

> spoof-mac randomize en0


Feross has also done a node.js version: https://github.com/feross/spoof


i like how spoof-mac has the reset option too!

  spoof-mac reset en0


This solution looks way more elegant to me, thx for the link


Hi, isn't Python now shipping with OSX? I haven't tested it, but wouldn't this also work while being more readable? (DISCLAIMER: I haven't tested it. Also, I haven't tested it.)

    from random import randint
    from os import getenv
    from subprocess import call
    from sys import argv
    
    if len(argv) > 1:
    # get network interface from cmdline parameter
        intf = argv[1]
    else:
    # get network interface from ENVIRONMENT variables
        intf = getenv('INTERFACE', '')
    
    if intf:
    # generate random mac address
        r = lambda: randint(0,255)
        randmac = '%02X:%02X:%02X:%02X:%02X:%02X' % (r(),r(),r(),r(),r(),r())
    # change mac address
        call(["ifconfig", "%s hw ether %s" % (intf, randmac)])
    else:
        print "Couldn't determine network interface"


This code will lead to a nice, self-inflicted bug that will sometimes break your network connection. The low two bits of the first byte of the MAC have a special purpose and should be kept at 0 [1]. Learned this the hard way when developing on an embedded TCP stack. The switch silently discarded packets from multicast or local MAC addresses.

[1] http://en.wikipedia.org/wiki/MAC_address#Address_details


You can use tricks based on multicast ethernet to detect interfaces in promiscuous mode:

http://www.securityfriday.com/promiscuous_detection_01.pdf

http://nmap.org/nsedoc/scripts/sniffer-detect.html


That's pretty cool, thanks for the hint. The original PDF seems to be from 2001, does this still work?


Thank you for pointing this out.


I found this link to be more easily understandable than Wikipedia :

http://packetsdropped.wordpress.com/2011/01/13/mac-address-u...


I feel like it should be outlawed to post untested code that must run as root. :/


It's not like this is obfuscated code. I clearly mentioned this is untested, and it turns out it contains a major bug. But it starts a conversation, and made me learn about that significant bit in the mac address, should I pay a fine for starting a conversation?


Please do not advocate for prior restraint, even jokingly.


Er. But you're advocating prior restraint of advocacy of prior restraint.


Asking someone not to talk about something isn't the same thing as advocating that talking about something should be "outlawed".


Hi again, here is a version that corrects the bug addressed by lmb:

    from random import randint
    from random import choice
    from os import getenv
    from subprocess import call
    from sys import argv

    if len(argv) > 1:
    # get network interface from cmdline parameter
        intf = argv[1]
    else:
    # get network interface from ENVIRONMENT variables
        intf = getenv('INTERFACE', '')

    if intf:
    # generate random mac address
        r = lambda: randint(0,255)
    # Universally or Locally Administered Bit and Individual/Group Bit
    # See http://packetsdropped.wordpress.com/2011/01/13/
    # mac-address-universally-or-locally-administered-bit-and-individualgroup-bit/
        sbyte = choice(['%02X' % i for i in range(255) \
                              if bin(i)[-2] == '0' and \
                                 bin(i)[-1] == '0'])
        randmac = sbyte + ':%02X:%02X:%02X:%02X:%02X' % (r(),r(),r(),r(),r())
    # change mac address
        call(["ifconfig", "%s hw ether %s" % (intf, randmac)])
    else:
        print "Couldn't determine network interface"


that really should be a bash script, not a python one.


why?


Because mostly you are just shelling out. Also you can't just use any mac addr as some bits are reserved, e.g. multicast.

But you can collapse that as so or suchlike:

    ifconfig  eth34 hw ether $(openssl rand 6 | xxd -p | sed 's/\(..\)/\1:/g; s/:$//')
Obviously doing this is wrong anyway but that will do what your script does.


To each his own, my point was readability, but some might prefer a one-liner such as yours.


Well the whole point of scripting is to get the job done.


On Linux, you can use macchanger[0], a tool which does this automatically for you. I wrote about it here[1].

[0]https://github.com/alobbs/macchanger [1]https://www.zufallsheld.de/2013/08/07/mac-spoofing-under-lin...


I'll try this again, but on a recent clean install of Ubuntu 14.04 macchanger didn't appear to do anything (it worked perfectly on 12.04). I was interested in the option to randomly spoof a different one at reboot but didn't get it working after several tries.


Elsewhere on HN in case you missed it - random MAC addresses are coming to iOS8: https://news.ycombinator.com/item?id=7864813


Just was going to comment that is someone wants to track you they'd probably track your mobile device which is much harder to customize. Looks like somebody at Apple had the same thought.


Alternatively...

  sudo ifconfig en1 ether `openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/.$//'`
Credit where it's due: http://osxdaily.com/2012/03/01/change-mac-address-os-x/


If I'm not mistaken, the author recommends saving the file to

    /opt/local/etc/oui.txt
but the plist runs

    bash /opt/local/bin/macrandomize.sh
I think one or the other probably needs to be changed, unless I'm missing something here.


Saving stuff into /opt/local is a terrible idea anyway, it's the default path for MacPorts.


Honestly using MacPorts is a terrible idea. If you need non-standard packages uses homebrew -- which goes out of its way not to break system components, unlike MacPorts.


Huh? The whole point of MacPorts is that it builds its own dependencies, thereby not touching the "system components" at all. It's entirely self-contained in /opt/local, or /Applications/MacPorts for GUI apps. I've been using it for many years and it's never broken anything. (Except occasionally itself.)

I would argue that you're far more likely to have stuff already installed in /usr/local than in /opt/local.

Homebrew is currently trendy but there was nothing wrong with MacPorts. Declaring the entire project to be "a terrible idea" is simply ignorant.


I've been using MacPorts for the better part of decade and some ports in it clobber system files without warning. I've been bitten one too many times by that


The file that you download is oui.txt. The shell script visible on that page is what you're supposed to save as macrandomize.sh. My guess is that he leaves a few steps out so that only people who know what they're doing actually attempt this.


You want unpredictable random numbers, so using bash $RANDOM is no good. hexdump + /dev/urandom + sed would work, incantation left as an exercise to reader as I don't have a Mac around to check limitations of their hexdump(1)...

(Same goes for the Python solution posted in another comment here).


Here's the way to properly grab a random line from a file using Bash: http://mywiki.wooledge.org/BashFAQ/026


Does this even work on the wireless interface on a mbp? The driver used to prevent you from setting the MAC addr to anything you wanted, vs the ethernet driver for the wired interface that lets you play with it freely.


In my experience, my macbook pro MAC address can be changed with the bash command listed in the file for wifi (sudo ifconfig en1 ether [addr]), but it will not let me change it to any arbitrary address I want, just some of them, including addresses that start with aa:[rest], ab:[rest], etc., which is what I usually go for. Just tested it and en0 doesn't seem to have the same limitations.


I tried to get this to work on my MBPr, and sadly it did not work. It might have been my lack of prowess, but it's pretty straightforward.


First you need to disassociate wireless card using Apple80211.framework:

  /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -z
Then you can change MAC-address:

  ifconfig en0 ether aa:aa:aa:aa:aa:aa


I wrote my own little terminal commands back when I had a 5 hour lay-over in Charles de Gaulle Airport (Paris). At the time, they offered 15 minute free wifi, so I just ran my little tool and it worked a treat.


I was wondering: why did they decide to randomize the address? Why not use the same address for every device?


Maybe first ask yourself why have a MAC address at all, then the answer will come to you.

I find it interesting how many people will stumble over this concept. A lot of technically minded people know that a MAC address is a "unique identifier" for the network card. They have that phrase "unique identifier" fixed in their heads and they know that MACs are this. Pull out a question like "why would you want a unique identifier?" and you get a lot of blank looks. It's almost like it's too easy to latch onto a phrase like "unique identifier" and get distracted from its practical purpose. (That thing that tells you whose packet this is.)


MAC addresses are heavily used for routing purposes on a link layer. [Ethernet, WiFi ...]


^ This. A MAC address is a link-layer network address, just like an IP address. For example, the ARP protocol[1] uses it to identify devices with a given IP address on a network.

[1] http://en.wikipedia.org/wiki/Address_Resolution_Protocol#Exa...


That won't work super well if there is more than one of that device in the area.


I don't know if this was a concern, but some restaurants set time limits on internet access during certain hours based off of mac addresses. You need a different mac addy to bypass the restriction.


Be careful. Randomizing your MAC address may make your computer stick out more than if you pick a single legitimate looking MAC address and stick with it for a while. Not all 16 million MAC prefixes have been sold to manufacturers yet.


I prefer adapting the method described in Unique Local IPv6 Unicast Addresses https://tools.ietf.org/html/rfc4193


One of my friends also told me Dropbox uses MAC address to identify computers. He wrote a similar script to get lots of referrals and free space on Dropbox. Probably against their Terms though.


Hmm, I wonder how this works.

MAC addresses are OSI Layer 2, so your one wouldn't normally get passed through to Dropbox's servers.

I'm guessing their client reads in your computer's MAC address and sends it as part of the login?

I wonder if it's possible to spoof it just for their client.


I have my computer set up to randomize MAC address on boot, on both partitions.

There are some downsides (having to relogin to certain wireless networks every boot) but by-and-large it's worth it.


Hey, is there a way this could be done under Windows? Run from a batch file for example?


Tangential, but it's actually heartwarming to me that so far every commenter seems to understand that the "MAC" in the title refers to Media Access Control, rather than a comically incorrect way of spelling the name of the computers that OS X runs on.


Wait, I thought the Mac Address was 1 Infinite Loop


how to randomize your Mac MAC


Does OSX Yosemite have the mac randomization like ios8?





Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: