_Your device’s MAC address can be used to track you across the WiFi networks you connect to. That data can be shared and sold, and often identifies you as an individual. It’s possible to limit this tracking by using pseudo-random MAC addresses._
_Image courtesy of[Cloudessa][4]_
Every network device like a WiFi or Ethernet card has a unique identifier called a MAC address, for example`b4:b6:76:31:8c:ff`. It’s how networking works: any time you connect to a WiFi network, the router uses that address to send and receive packets to your machine and distinguish it from other devices in the area.
The snag with this design is that your unique, unchanging MAC address is just perfect for tracking you. Logged into Starbucks WiFi? Noted. London Underground? Logged.
If you’ve ever put your real name into one of those Craptive Portals on a WiFi network you’ve now tied your identity to that MAC address. Didn’t read the terms and conditions? You might assume that free airport WiFi is subsidised by flogging ‘customer analytics’ (your personal information) to hotels, restaurant chains and whomever else wants to know about you.
I don’t subscribe to being tracked and sold by mega-corps, so I spent a few hours hacking a solution.
### MAC addresses don’t need to stay the same
Fortunately, it’s possible to spoof your MAC address to a random one without fundamentally breaking networking.
I wanted to randomize my MAC address, but with three particular caveats:
1. The MAC should bedifferent across different networks.This means Starbucks WiFi sees a different MAC from London Underground, preventing linking my identity across different providers.
2. The MAC shouldchange regularlyto prevent a network knowing that I’m the same person who walked past 75 times over the last year.
3. The MACstays the same throughout each working day. When the MAC address changes, most networks will kick you off, and those with Craptive Portals will usually make you sign in again - annoying.
### Manipulating NetworkManager
My first attempt of using the`macchanger`tool was unsuccessful as NetworkManager would override the MAC address according to its own configuration.
I learned that NetworkManager 1.4.1+ can do MAC address randomization right out the box. If you’re using Ubuntu 17.04 upwards, you can get most of the way with[this config file][7]. You can’t quite achieve all three of my requirements (you must choose_random_ or_stable_but it seems you can’t do_stable-for-one-day_ ).
Since I’m sticking with Ubuntu 16.04 which ships with NetworkManager 1.2, I couldn’t make use of the new functionality. Supposedly there is some randomization support but I failed to actually make it work, so I scripted up a solution instead.
Fortunately NetworkManager 1.2 does allow for spoofing your MAC address. You can see this in the ‘Edit connections’ dialog for a given network:
NetworkManager also supports hooks - any script placed in`/etc/NetworkManager/dispatcher.d/pre-up.d/`is run before a connection is brought up.
### Assigning pseudo-random MAC addresses
To recap, I wanted to generate random MAC addresses based on the_network_and the_date_ . We can use the NetworkManager command line, nmcli, to show a full list of networks:
That produced bytes which can be substituted in for the last octets of the MAC address.
Note that the first byte`02`signifies the address is[locally administered][8]. Real, burned-in MAC addresses start with 3 bytes designing their manufacturer, for example`b4:b6:76`for Intel.
It’s possible that some routers may reject locally administered MACs but I haven’t encountered that yet.
On every connection up, the script calls`nmcli`to set the spoofed MAC address for every connection:
As a final check, if I look at`ifconfig`I can see that the`HWaddr`is the spoofed one, not my real MAC address:
```
> ifconfig
wlp1s0 Link encap:Ethernet HWaddr b4:b6:76:45:64:4d
