08-11-2020, 10:31 AM
(This post was last modified: 10-05-2020, 08:59 PM by RTP.
Edit Reason: updated information/new function into description
)
Edited: added new smartphone mimic -p
A script I wrote (bash) called WiPri (WiFi Privacy: I use it on Mobian/Arch so wifi tracking beacons/public wifi do not track my phone movements and thought I would share with other Pinephone privacy interested users (since mac addresses generally stay static and easily trackable by default).
It works on default Mobian install (no extras needed) (Arch was easy to install a missing prerequisite bash command) and has various options for different types of MAC address/network device disinformation. The install.sh part gives you the option of installing as a command or optionally as a systemd service (systemd service starts at boot- by default the .service file sets a new unique, randomly generated (with valid OUI) mac address identity at each boot (valid OUI imho superior to false OUI as tracking many times weeds out nonvalid OUI mac addresses to track down true mac address leaks).
If installed as systemd service the default is the above command (sets device wlan0 [change to match your device name if not wlan0] and -i sets a randomly generated new mac address identity to be held for remainder of command run (or if systemd by default the above changes the mac address identity at each boot and holds it until next power off)
Currently -i [new static random identity] by default checks current mac address every 20sec to ensure firmware doesn't reset mac address (on standard mac changers some cards try to leak/reset address). if the mac address changes during one of the regular checks it sets it back to the original chosen, randomly generated mac identity to be held.
Other commandline options:
The above -p generates/sets a single random, valid MAC address either Apple or Samsung (to mimic smartphones the most common wifi devices in area). It holds that single randomly generated valid mac.
The above -P flag is similar to -p but instead of holding a single Apple/Samsung mac address, it continuously changes mac addresses every so often (continuously randomized changing times), at continuously changing randomized mac addresses with Apple/Samsung OUI. Again, to blend in with smartphones
The above sets wlan0 as device and continually randomizes mac address (again, valid OUI's) to be changed at continually changing randomized times, at continually changing randomized mac addresses. The -h flag generates a randomly generated hostname using a standard set of randomly chosen bases with a randomized extension. Example: PC-27423 or My-iPhone (will be adding Apple OUI list in near future to mimic iphones)
The above is nice for travelling ime (continually changing randomized addresses at randomized times make more difficult to do pattern analysis)
The above lets you select any mac address of your choice and by default checks every 20sec to ensure firmware doesn't crash or reset it.
The above -r flag like earlier changes the mac address to continually changing randomized mac addresses at continually changing randomized times. The -s is an experimental feature that makes the txpower signal change strengths (while staying connected) giving wifi tracker beacons changing signal strengths, giving the impression your device is moving and attempts to confuse trackers.. The -h again changes the hostname to a randomized address (hostname is another fingerprint on networks).
The above changes mac address at continually changing randomized times while simultaneously changing hostname and txpower at randomized strengths at continually changing randomized times (to give impression of new devices: new hostname at same time as new txpower as same time as new mac address).
Video installing WiPri on Mobian/Pinephone:
https://youtu.be/1j-AtFtsqH4
If you want to check out latest: https://github.com/Aresesi/wipri
To make a copy of the files:
The install.sh does all the work (and asks if you want it as command or optional systemd boot service)
Hope someone finds it useful
A script I wrote (bash) called WiPri (WiFi Privacy: I use it on Mobian/Arch so wifi tracking beacons/public wifi do not track my phone movements and thought I would share with other Pinephone privacy interested users (since mac addresses generally stay static and easily trackable by default).
It works on default Mobian install (no extras needed) (Arch was easy to install a missing prerequisite bash command) and has various options for different types of MAC address/network device disinformation. The install.sh part gives you the option of installing as a command or optionally as a systemd service (systemd service starts at boot- by default the .service file sets a new unique, randomly generated (with valid OUI) mac address identity at each boot (valid OUI imho superior to false OUI as tracking many times weeds out nonvalid OUI mac addresses to track down true mac address leaks).
Code:
Wipri -d wlan0 -iIf installed as systemd service the default is the above command (sets device wlan0 [change to match your device name if not wlan0] and -i sets a randomly generated new mac address identity to be held for remainder of command run (or if systemd by default the above changes the mac address identity at each boot and holds it until next power off)
Currently -i [new static random identity] by default checks current mac address every 20sec to ensure firmware doesn't reset mac address (on standard mac changers some cards try to leak/reset address). if the mac address changes during one of the regular checks it sets it back to the original chosen, randomly generated mac identity to be held.
Other commandline options:
Code:
wipri -d wlan0 -pThe above -p generates/sets a single random, valid MAC address either Apple or Samsung (to mimic smartphones the most common wifi devices in area). It holds that single randomly generated valid mac.
Code:
wipri -d wlan0 -PThe above -P flag is similar to -p but instead of holding a single Apple/Samsung mac address, it continuously changes mac addresses every so often (continuously randomized changing times), at continuously changing randomized mac addresses with Apple/Samsung OUI. Again, to blend in with smartphones
Code:
wipri -d wlan0 -r -hThe above sets wlan0 as device and continually randomizes mac address (again, valid OUI's) to be changed at continually changing randomized times, at continually changing randomized mac addresses. The -h flag generates a randomly generated hostname using a standard set of randomly chosen bases with a randomized extension. Example: PC-27423 or My-iPhone (will be adding Apple OUI list in near future to mimic iphones)
The above is nice for travelling ime (continually changing randomized addresses at randomized times make more difficult to do pattern analysis)
Code:
wipri -d wlan0 -m [mac address here]The above lets you select any mac address of your choice and by default checks every 20sec to ensure firmware doesn't crash or reset it.
Code:
wipri -d wlan0 -r -s -hThe above -r flag like earlier changes the mac address to continually changing randomized mac addresses at continually changing randomized times. The -s is an experimental feature that makes the txpower signal change strengths (while staying connected) giving wifi tracker beacons changing signal strengths, giving the impression your device is moving and attempts to confuse trackers.. The -h again changes the hostname to a randomized address (hostname is another fingerprint on networks).
Code:
wipri -d wlan0 -aThe above changes mac address at continually changing randomized times while simultaneously changing hostname and txpower at randomized strengths at continually changing randomized times (to give impression of new devices: new hostname at same time as new txpower as same time as new mac address).
Video installing WiPri on Mobian/Pinephone:
https://youtu.be/1j-AtFtsqH4
If you want to check out latest: https://github.com/Aresesi/wipri
To make a copy of the files:
Code:
git clone https://gitlab.com/Aresesi/wipriThe install.sh does all the work (and asks if you want it as command or optional systemd boot service)
Hope someone finds it useful
- RTP
"In the beginner's mind there are many possibilities, in the expert's mind there are few." -Shunryu Suzuki
[ Pinephone Original | Pinetab v1 / v2 Enjoyer ]
Linux Device Privacy / Security Playlist
"In the beginner's mind there are many possibilities, in the expert's mind there are few." -Shunryu Suzuki
[ Pinephone Original | Pinetab v1 / v2 Enjoyer ]
Linux Device Privacy / Security Playlist
