MAC Randomizer: Counter WiFi Tracking/Spying

After reading one of many that simply track your MAC address around town, I thought a little bit more security was appropriate. Your MAC address can be tracked regardless of whether or not you actually connect to a WiFi network, as your laptop is almost always scanning for nearby WiFi access points.

Below is a simple bash script I wrote that runs on OSX (and can be easily adapted to other OS’s) that will randomize your MAC address every 30 seconds, and help prevent MAC-based tracking such as what the NSA and friends are testing out. It only does this if you’re not currently connected to a WiFi access point, otherwise your connection would get reset. Copy this somewhere and run it as root when you log in.

NOTE: You’ll need to download this file and put it into /opt/local/etc/oui.txt.

#!/bin/bash

INTERFACE=en0
OUI="/opt/local/etc/oui.txt"
OUI_LEN=19004

while [ true ]; do
    STATUS=`ifconfig ${INTERFACE} | grep status: | awk '{print $2}'`
    if [ "$STATUS" = "inactive" ]; then
        R=$(((RANDOM % ${OUI_LEN})+1))
        PREFIX=`head -$R $OUI | tail -1`
        CMD="sudo ifconfig ${INTERFACE} ether ${PREFIX}:"
        for i in `seq 1 6`; do
            R=$(((RANDOM % 15)+1))
            C=`echo "obase=16; $R" | bc`
            CMD="$CMD$C"
            if [ $((i % 2)) = 0 ] && [ $i != 6 ]; then
                CMD="$CMD:"
            fi
        done
        RESULT=`$CMD`
        echo $CMD
    fi
    sleep 30
done

You can have this script automatically run at system boot by creating a simple launch script at /Library/LaunchDaemons/com.zdziarski.macrandomize.plist. This will run it in the background, and will also randomize your MAC every time you boot your computer.

NOTE: You might want to turn this off when paying for hotel or airport WiFi, until you’re finished with your session.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
 <dict>
   <key>Label</key>
   <string>com.zdziarski.macrandomize</string>
   <key>ProgramArguments</key>
   <array>
   <string>bash</string>
   <string>/opt/local/bin/macrandomize.sh</string>
   </array>
   <key>RunAtLoad</key>
   <true/>
   <key>UserName</key>
   <string>root</string>
   <key>GroupName</key>
   <string>wheel</string>
 </dict>
</plist>

About Jonathan Zdziarski

Respected in his community as an iOS forensics expert, Jonathan is a noted security researcher, penetration tester, and hacker. Author of many books ranging from machine learning to iPhone hacking and software development, Jonathan frequently trains many federal and state law enforcement agencies in digital forensic techniques and assists law enforcement and the military in high profile cases. Jonathan is also inventor on several US patent applications, father of DSPAM and other language classification technology, and an App Store developer. All opinions expressed on this website are the author's own. Follow Jonathan on Twitter: @JZdziarski
This entry was posted in General. Bookmark the permalink.