Anonymity MAC-Address: Surveillance Tool.

[Fixxx]

Every device in your pocket or bag, whether it's a smartphone, laptop or tablet, carries a unique digital fingerprint, invisible to the naked eye but clearly visible in the radio spectrum: the MAC address. For an OSINT specialist, understanding the nature of this identifier and how it can be used is key to accessing a wealth of data about people's movements and behaviors. Let's explore how this seemingly technical detail transforms into a powerful surveillance tool.

​

What is a MAC Address?​

A MAC address (Media Access Control) is not just a random string of six pairs of hexadecimal digits (e.g, 00:1A:79:4F:3C:12). It's a strictly structured identifier:

• First 3 bytes (OUI - Organizationally Unique Identifier): These are permanently assigned to a specific manufacturer of network equipment.
• Last 3 bytes: This is a unique serial number assigned to a specific device at the factory.

Key Points for OSINT​

Once you activate WiFi on your device, it begins broadcasting its MAC address into the air. This feature is exploited by systems known as WiFi radars (or WiFi trackers). These devices, often disguised as regular access points or simple sensors, perform the following functions:

• Passively scan the air: They record all MAC addresses within their range.
• Log data: They note which MAC address was detected, at what time and with what signal strength.
• Transmit data: They send this information to a centralized system.

For instance, one sensor might show that a device with MAC XX:XX:XX:YY:YY:YY was in a café at 15:00. However, if such sensors are installed throughout a city: in shopping malls, on public transport and in office buildings - the picture becomes much more interesting, allowing for tracking movements, behavioral analysis and database creation.

Privacy Measures and Limitations​

Modern operating systems (iOS, Android) have implemented MAC address randomization to enhance privacy. However, this is not foolproof:

• Randomization works when the device is not connected to a WiFi network and is merely searching for networks. At this point, it may broadcast a random MAC.
• Advanced WiFi radar systems use algorithms that can accurately (close to 100%) identify and filter out random MAC addresses.
• Even with randomization, smartphones periodically send out their true, "factory" MAC address, which can be captured by the radar.
• The proportion of smartphones that consistently use randomization, even in large cities, doesn't exceed 30%.

Marketing and Advertising Implications​

Advertising and marketing platforms like myTarget build detailed user profiles based on aggregated data from WiFi radars and other sources:

• User habits: Where they live, work, where they go in the evenings and on weekends, which stores they visit and what routes they take.
• Demographics: Estimated gender, age and interests based on visited locations.

Targeted advertising based on MAC addresses (ADINT) allows for tracking user's locations at the moment ads are displayed.