Skip to content
Randomise the WiFi MAC address on your Android device to defeat passive tracking.
Java
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
libs
res
src/uk/co/danhawkes/machopper
.gitignore
AndroidManifest.xml
LICENSE
README.md
ant.properties
build.xml
ic_launcher-web.png
proguard-project.txt
project.properties
release.keystore

README.md

mac-hopper

mac-hopper logo

Randomise the WiFi MAC address on your Android device to defeat passive location tracking.

What? Why?

While you're walking around with your WiFi-enabled phone, it's periodically searching for networks to connect to.

The range of WiFi being what it is, this leaks a significant amount of information about where you've been (and also, where you live and work (1)).

A number of advertisers, businesses and analytics companies have realised the value in tracking people using this information. Notable examples that made the press include:

(1): When searching for known networks, phones often send 'probe requests' to BSSIDs of known networks. BSSIDs uniquely identify routers, and mapping providers like Google and Apple have comprehensive databases of router locations thanks to crowd-sourced data from Android and iOS devices.

Download the app, forget it's installed

MacHopper uses the linux ip program to set the public MAC address to a random value at a configurable interval.

To a tracking network, this means your device periodically disappears, and shortly after, a new and apparently different device appears.

Limitations and outlook

  • MacHopper can only help protect against 'passive' tracking in which your device is scanning for networks but is not connected.
  • Your device may leak other personally-identifiable information as part of network discovery. See "ArsTechica - Anatomy of an iPhone leak" for more information.
  • MAC randomisation should be sufficient to defeat naive tracking if done frequently enough, but if it MAC randomisation were to become a serious concern to tracking companies it would be easy to 'join up' disconnected sessions by inference or other leaked information.
  • At this stage, MacHopper is only a rough prototype, and has not been tested on many devices. It's likely that support for the ip command varies between manufacturers and firmware versions. To make sure it works on your device, I'd recommend inspecting your network traffic with WireShark.
  • A better solution would involve OS-level support for randomisation (ala iOS 8). If you're interested, consider starring the Android feature request, but don't hold your breath because better privacy controls are at odds with Google's business model.
You can’t perform that action at this time.