| ▲ | drnick1 2 hours ago |
| It is hard to disagree with this approach. While I still use WiFi, it is a separate subnet and only whitelisted MACs are allowed to use it. Cameras and microphones are always unplugged when not in use, and my phone runs GrapheneOS. I also removed the hands-free microphone in my car, as well as the cellular modem. |
|
| ▲ | kayson 2 hours ago | parent [-] |
| Is MAC whitelisting anything but security theater? Isn't it trivial to determine a valid client MAC then spoof it? |
| |
| ▲ | drnick1 2 hours ago | parent [-] | | What makes you say that? It does not seem trivial at all to guess a valid MAC. | | |
| ▲ | tirant an hour ago | parent | next [-] | | The MAC addresses of all the Wi-Fi clients are broadcasted in plain radio format all over the 2.4GHz. It is trivial. | |
| ▲ | ProllyInfamous 2 hours ago | parent | prev | next [-] | | It's not just a guess. Any decent sniffer (e.g. airsnort) can immediately identify all associations between all WiFi/Bluetooth devices. DD-WRT (router firmware/OS) has this WiFi-associations detector built-in ("local WiFi map"). There is no need to attempt any sort of hack — associations are publicly-broadcast information. Then, just pick any authorized MAC and duplicate as your own. | |
| ▲ | 0x457 an hour ago | parent | prev [-] | | It's in managmenet frames that you can sniff. |
|
|
