researchers found that "the overwhelming majority of
Android devices are not implementing the available
randomization capabilities built into the Android OS,"
which makes such Android devices trivial to track.
[...]
Apple, meanwhile, introduced MAC address randomization in
iOS 8, only to break it in iOS 10. [...] its network probe
broadcasts to include a distinct Information Element (IE),
data added to Wi-Fi management frames to extend the Wi-Fi
protocol.
four scholars from the US Naval Academy say they've
managed to track 100% of all test smartphones, despite
the devices using randomized MAC addresses.
[...]
The novelty in our method is that we are sending RTS
frames to IEEE 802.11 client devices, not APs, to
extract a CTS response message which we derive the true
global MAC address of that device.