XPost: misc.phone.mobile.iphone, alt.privacy   
   From: andrew@spam.net   
      
   Alan Browne wrote on Thu, 30 May 2024 19:18:55 -0400 :   
      
   > The "general" case is that it is absolutely not an Apple issue.   
   > SSID/BSSID's are OPENLY AND LOUDLY BROADCAST WORLDIWDE IN THE BILLIONS.   
      
   The fact is you're defending Apple's holes, to the death, no matter what.   
      
   Every desperate excuse you make for the flaws in Apple's implementation   
   show you not understand what only Apple does that's different here.   
      
   Worse, you were not aware the outward facing MAC address cannot be cloned   
   (in almost all routers and particularly in the tested travel routers).   
      
   And you were not aware that the SSID is meaningless for this exploit, other   
   than the workaround that Apple suggested (of appending _nomac to the SSID).   
      
   Furthermore, you're still not aware that a "hidden broadcast" has been a   
   feature of nearly every router since the dawn of Wi-Fi, where the mere act   
   of clicking that checkbox prevents the BSSID from being *uploaded* to the   
   Google and Apple and Mozilla and Wigle databases, by default. (See notes in   
   the sig, given the Apple religious zealots don't understand this issue).   
      
   While you're frantically desperate to fabricate excuses for Apple's   
   vulnerabilities, you don't ever show any understanding of them.   
      
   Notes in the sig given Apple religious zealots don't understand anything.   
   --   
   Note 1: The hidden broadcast won't hide the BSSID from a seasoned attacker   
   (such as a Google or Apple transit vehicle - depending on how its code is   
   written); but the mere act of hiding the SSID broadcast packet has been   
   proven to prevent the normal users' device (i.e., mobile phones) from   
   uploading your BSSID using the typical software that we are speaking about   
      
   Note 2: Since the Apple religious zealots act only out of franctic   
   desperation to make excuses for all Apple's vulnerabilities, it should be   
   noted that an intelligent person knows the difference between the upload of   
   the BSSID (which is a first-order issue) vs the deletion of the BSSID from   
   the Internet databases (which requires second-order software processing).   
      
   Note 3: There's no way the Apple religious zealots will understand the two   
   notes above, but for the intelligent people reading this thread, it should   
   be noted that if you do hide your broadcast packets, then you often might   
   want to set your client (such as a phone) to "remember" and "reconnect";   
   but this has other issues - where the Apple zealots won't understand but   
   you might understand that the "remember" is fine (unless you're worried   
   about your phone being stolen) but the "automatic reconnect" should be   
   turned off because that setting causes the phone to seek out the named AP.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)