Privacy: Upgrade to iOS 17.1 to prevent your iPhone from being tracked across Wi-Fi networks

In iOS 14, Apple introduced a privacy feature that hides the device’s WiFi address, or MAC address, from WiFi routers. This helps to reduce tracking across different networks. Ever since it was introduced, the feature was completely useless. While iOS replaces the device’s real MAC address in the data link layer with a generated address per network, it includes the real MAC address in the AirPlay discovery requests that an iPhone starts sending when it joins a network. There is no way to prevent iPhones and iPads from sending AirPlay discovery requests, even when connected to a VPN. Apples devices do this to discover AirPlay-capable devices in the network. We reported this issue to Apple and now it is fixed in iOS 17.1, iPadOS 17.1, watchOS 10.1, and tvOS 17.1. The CVE number of this issue is CVE-2023-42846. In addition, Apple released iOS to fix this issue for old devices that can only run iOS 16. However, devices running iOS 14 or 15 remain vulnerable. For more content like this, you can find us here: Twitter/X: @mysk_co Mastodon: @mysk Threads: @mysk_co TIMESTAMPS 00:00 Introduction 00:30 Network Packet Inspection 00:53 MAC Address Leak 01:04 Apple addresses the Bug 01:19 Final Remarks