Connecting to a Wi-Fi network is something very normal and part of our daily lives. What we hope with this is to be able to browse the Internet and not have any security or privacy problems. But, according to a report that we echo, a error in apple has allowed them to track you when connecting to a wireless network. Therefore, if you have an iPhone or iPad, your privacy may have been at stake. We are going to tell you what it consists of.
This is not a recent vulnerability, but has been present for the last few years. It has allowed Apple devices to expose the MAC address when connecting to a Wi-Fi network. In fact, the company itself introduced a feature that prevented this from happening, but it seems that it has not worked all this time.
Apple has exposed the MAC when using Wi-Fi
It should be noted that, three years ago, Apple presented a function that aimed improve privacy by hiding Wi-Fi connections on your iPhone and iPad devices. This allowed, on paper, to improve privacy when connecting these devices to the network. It hid the MAC address of each device and, with this, could prevent those users from being tracked.
The problem is that, as has now been demonstrated, that function has not worked. They incorporated it in iOS 14, but since then it has not worked correctly and therefore the MAC address has been exposed when connecting the devices to a Wi-Fi network. Keep in mind that a user can be tracked through the MAC address. It is, so to speak, like the license plate or ID of each device.
It was in 2020 when they launched this feature for hide MAC addresses Wi-Fi when connecting an iPhone or iPad to the network. What it showed was a private Wi-Fi address that was different for each network name or SSID. Now, a few days ago Apple released a patch, through iOS 17.1, to correct the CVE-2023-42846 vulnerability. This failure prevented that function that we mentioned from working normally.
Failed function
This indicates that there was some problem with that function. A group of security researchers got to work to perform tests and they confirmed that, indeed, since the iOS 15 version, released in 2020, it has not worked. This error has meant that this function has not fulfilled what was expected for three years.
They carried out tests, even through VPN, and found that the devices leaked that information. They verified that the real and permanent MAC address was sent in each request when connecting to a Wi-Fi network. However, they do indicate that this feature worked partially, although not to remove the actual MAC. It is possible to see the IP and MAC of a connected device.
But is this really a major problem for users? If we talk about domestic users, the masses, the truth is that no. If you have an iPhone or iPad, don’t worry because, in the vast majority of cases, it hasn’t affected you in the slightest. Yes, it can be a problem for users or companies that need maximum privacy and worry about every detail.
Once again, it demonstrates the importance of have everything up to date and with the corresponding patches. This time it is a bug that Apple has corrected and that has been present for three years, but it could be any other vulnerability that affects devices of all types and puts your security at risk. Therefore, we recommend that you always keep everything up to date and not take risks. To solve this specific problem, you just have to have the latest version of iOS installed.
