Randomizing Wi-Fi MAC address in Ubuntu?

[barbaz]

Currently Apple's iOS uses randomized MAC address of the Wi-Fi card for each scan for Wi-Fi networks, then (I think) uses a "static" MAC address only when actually connecting the desired Wi-Fi network.
How to do something like this in [L]Ubuntu 14.04 with NetworkManager? And how to test this is actually working given that changing MAC address after having connected to a network, results in no ability to connect to the network?

The point is that I've recently learned that simply scanning for Wi-Fi networks, which is unavoidable for anyone using Wi-Fi, reveals your MAC address to *all* the networks - not just the one(s) you connect to.

[Grumpus]

If you look at Edit connections in your Network Manager, Mac address should be anonymous but is specific for your hardware.
Your named connection is shorter and unless you are allowing others to access (setting in Network Connections part of Network Manager)
You can still see them but not connect if you see the little lock icon next to their named connection, also this is what they will see if your system is secured.
Changing the hardware changes what your wireless provider knows for your account.
If you download Network Tools from the Ubuntu repository it should provide some more information about your various remote and local connection(s).
The static address for wifi is the same for your region but there is another anonymous IP number which is hidden.
Best guess.

[barbaz]

Sorry, I wasn't quite clear. What I'm wondering is if it's possible to use a "dynamic" random (spoofed) MAC address when scanning for Wi-Fi networks, and only use the "real" MAC address for interacting with a Wi-Fi network I actually want to connect to and use?

I know it's possible to set a "cloned MAC" in Network Manager but that seems only per-connection

If you download Network Tools from the Ubuntu repository it should provide some more information about your various remote and local connection(s).

Not seeing a package "network-tools" listed in Synaptic What is it called in the package managers?

[Grumpus]

gnome-nettool 3.8.1-1 works under Linux Mint and also Ubuntu flavors.

If you are trying to scan and intend to connect while using the spoofed MAC address it is beyond me for the most part.
General sense of it would make me think it would be difficult to fork out to the real one off the spoofed conditions for a connection.
It seems doable though if you had a program to automatically change network connection information but it might require a complete connection spoof in network connections list.
It might also have to operate in a promiscuous mode and might create a vulnerability.

I've been looking at the stingray setup and believe it has to operate in the promiscuous mode.
Picks up on a wireless connection (any for the most part), causes an audio visualization, records or "listens" on the connection under warrant.
BUT. . . and it's a curious one, individual surveillance may be left entirely up to the good graces and moral character of the listener.
You may be delving into an area where it could cause you real world problems if it conflicts with government or law enforcement realms.
Again . . . it's beyond me.

[barbaz]

gnome-nettool 3.8.1-1 works under Linux Mint and also Ubuntu flavors.

Found it, thanks!

It seems doable though if you had a program to automatically change network connection information but it might require a complete connection spoof in network connections list.

I do have a random MAC address generator script, maybe it can be used alongside ifconfig?

I've been looking at the stingray setup and believe it has to operate in the promiscuous mode.

Pretty sure the people I'm trying to thwart here don't have access to that type technology... if they did and got caught they'd get arrested by law enforcement, and rightfully so:

This ought to throw a pretty significant wrench into some advertisers' and marketers' plans—if iOS 8 devices broadcast their Wi-Fi probe requests under constantly shifting unique MAC addresses, tracking devices across stores or other venues by MAC address becomes impossible. A significant amount of behavioral inferences (and thus valuable marketing metadata) can be drawn from location maps built out of MAC address detection over time, and obfuscating this information is a big step toward increasing iOS users' privacy.

[Grumpus]

Probably simpler to turn the phone off while doing things you want private or leave the thing at home during short jaunts.

Platform differences and how to develop a multiplicity with ifconfig might cause you some thought.
Granted you could create any number of anonymous connection IDs but can they switch fast enough and even if random numbers run a course it would have to have a bracket which in turn could become and ID situation. Making a multiple ID on one end is not going to stop the singularity at the wireless ISP end otherwise the ISPs own time, signal and use information would be bollixed.
I like the idea but like I said it's beyond me.

[Drumbrake]

Maybe asking here Forum: Networking & Wireless or here Forum: Security may gather more answers on your specific question?

I do have a random MAC address generator script, maybe it can be used alongside ifconfig?

Since you already have this, maybe someone may tell you how to integrate it with ifconfig or possibly wpa_supplicant, bypassing network manager altogether?

On the other hand, I somehow doubt that distros such as Ubuntu may have readily available tools to randomly (dinamically) spoof the MAC address, but who knows

[barbaz]

Wow, I had no idea this was such a specialized concept

Maybe asking here Forum: Networking & Wireless or here Forum: Security may gather more answers on your specific question?

I'm not registered there atm and would have to create yet another account Thanks for the advice but that will have to wait for when I can go through their non-trivial account creation procedure.

I do have a random MAC address generator script, maybe it can be used alongside ifconfig?

Since you already have this, maybe someone may tell you how to integrate it with ifconfig or possibly wpa_supplicant, bypassing network manager altogether?

On the other hand, I somehow doubt that distros such as Ubuntu may have readily available tools to randomly (dinamically) spoof the MAC address, but who knows

Well, I did find https://help.ubuntu.com/community/Anony ... CAddresses but I don't think that will work here given that A) I'd prefer having a static MAC address to use across desirable Wi-Fi networks, B) IIRC NetworkManager does background scans even while connected to a Wi-Fi network, C) it anyway didn't say anything about Wi-Fi scanning, so applicability is unknown.
Plus I had tested out macchanger on a VM but something else was interfering with it such that the MAC address it set didn't stick.

[Grumpus]

@Drumbrake - it may be beyond some tools in Ubuntu but it's not beyond programming tools, it's still Debian based so there may be stuff out there.
By-passing the Network Manager is where the issue is because of the numerous account connections, real or otherwise.


@barbaz - take the time to register, pretty good wireless answers.
Your ISP(s) may be part of the issue if intention is to use providers a la carte.

[Frenzie]

Didn't this already land as a standard thing? https://blogs.gnome.org/lkundrak/2016/0 ... -networks/

I seem to have NetworkManager 1.2.2 in Debian/Stretch, in any case. Ubuntu 16.04 comes with 1.1.93, but it looks like the feature landed in 1.1.90.

I realize the OP says Ubuntu 14.04, but an upgrade to 16.04 could surely be considered.

[barbaz]

Didn't this already land as a standard thing? https://blogs.gnome.org/lkundrak/2016/0 ... -networks/

I seem to have NetworkManager 1.2.2 in Debian/Stretch, in any case. Ubuntu 16.04 comes with 1.1.93, but it looks like the feature landed in 1.1.90.

I realize the OP says Ubuntu 14.04, but an upgrade to 16.04 could surely be considered.

Cool, thanks! As far as switching to 16.04, something I've been looking at but would need to play with it more in a VM to make sure I know what I'm doing, plus due to stability requirements I'd like it to be in production for at least some more months for bugs to get worked out etc before I use it as my main environment. Calling my current setup non-standard would be a massive understatement.

In the mean time I will ask at ubuntuforums if there is a way to go about it in 14.04