Apple uses a variety of scans for wireless LAN/physical location information. There are Preferred Network Offload (PNO) Scans, Enhanced Preferred Network Offload (ePNO) Scans, Location Scans and Auto Join Scans. Each of these scans, while mostly identical in frame format, are used at different times and for different reasons by the device. In order to decrease tracking (of you) based on MAC addresses, Apple and other vendors (Microsoft, Android) have implemented MAC randomization. We wanted to know more about how the feature works on iOS 9.x so we did a little Wireshark / airodump-ng packet capturing of our own. In this video, we break down what we learned.
[embedyt] http://www.youtube.com/watch?v=dxj7bqe7wag[/embedyt]
Here’s a link to the drone that we use in the video. If you don’t have one already…they sure are a lot of fun to play with!
