|
|
|
|
|
|
by icameron
2 days ago
|
|
|
I was in the space 10 years ago with a product. Primarily Bluetooth, later BLE and WiFi. At that time most consumer devices were constantly discoverable. About 3-5% of traffic would have a disoverable MAC. These days not so many. iPhones never are discoverable unless you are in pairing mode. BLE broadcasts beacons much more consistently and generates a lot of data to filter, but they also change MACs. Most WiFi chipsets use hardware based MAC layer, so promiscuous monitoring / sniffing is not possible on virtually every embedded module. There were a few chipsets, known as SoftMAC where linux drivers did the MAC layer, in which you could truly sniff the air for all traffic and capture a whole lot of MAC addresses. That was much more useful, but requires more CPU and specific older hardware. If you have a permanent power source like in a ALPR that isn't as much of a concern. I don't know of any companies that really did this though. Almost all our competitors used solutions that only supported the usual device discovery, which relies on BT being discoverable, or AP mode WiFi in order to track a MAC address. It's really easy to market though, it sounds great on paper. In practice the results are less than stellar and with time got even worse as vendors stopped being discoverable by default, and handsets started using used dynamic MAC addresses |
|
|
Hah! I wish this were true. The overwhelming majority of BLE widgets don't use resolvable random private addresses. They could, they just don't. A huge share of the industry is just copy-pasting Nordic sample code until they have a shippable product, and last I checked, exactly one (1) Nordic sample project enables RRPAs. Nordic treats it as an edge case, and everyone else follows along.
And that's besides the issue that the RRPA rotation algorithm is pretty contrived. I'd be shocked if some three-letter hasn't already built a tool for tracking devices that use it.