Hacker News new | ask | show | jobs
by heatish 3957 days ago
Yeah that same line made me laugh a bit as well. "Your non-identifying, SUPER personal, burned onto your phones hardware, is never going to change Mac Address is recorded as you walk by."

I think the idea is a great one, it's unfortunate there isn't a better way (that I can think of atm) to do it, or like you said just some transparency on what they do with it. As simple as: "At the end of each day the encrypted mac addresses are completely erased from our system."

Seems like they do keep the info though, it says the Cincinnati airport kept it and used it for data analysis. In the end, I think this kind of thing most people will be okay with foregoing a bit of privacy for.

Edit: Interesting article on mobile MAC addresses down the comments: https://news.ycombinator.com/item?id=10097882#up_10098108
2 comments
mlaretallack 3957 days ago
I work in the traffic industry and over the last 8 years I have seen the rise of WIFI and Bluetooth journey time monitoring kit and after looking at every solution, I have found that the method of "encrypting" the data has always been just a MD5 hash, or SHA if you are lucky. With with result Hash just been http'ed over to a server on the internet. This usually leads to to question, "OK, so I can just hash the victims MAC address and the look for that in the data stream to find out where the person is instead of just using the MAC directly?" The same is done for ANPR based systems. The word "encrypted" seems to be added to some how make it secure without the solution being secure.
link
mlaretallack 3957 days ago
I work in the traffic industry and over the last 8 years I have seen the rise of WIFI and Bluetooth journey time monitoring kit and after looking at every solution, I have found that the method of "encrypting" the data has always been just a MD5 hash, or SHA if you are lucky. With with result Hash just been http'ed over to a server on the internet. This usually leads to to question, "OK, so I can just hash the victims MAC address and the look for that in the data stream to find out where the person is insteadvof just using the MAC directly?"
link