Comments (9)
halo
commented on August 23, 2024
Hi!
Thanks for reporting. It seems to me that this is happening:
- You power on your Macbook
- You get to the login screen
- Your Airport interface is powered up as part of the boot process
- Your Airport connects to a known network
- You log in
- LinkLiar starts
- LinkLiar dutifully changes the MAC address of the Airport
- Your Airport is confused (rightfully so)
I suggest that you turn on debugging in LinkLiar. You can do this by simply holding down the option key (or alt depending on your keyboard), while the LinkLiar menu in the top bar is open. The log messages will appear in the Console app, just along the log messages that you posted. This will help us to verify that what happens is what I think happens :) The debug setting is remembered upon reboot.
Another thing I would like you to test is to change the MAC address of your Airport manually to something else right now. Do you see the same behavior as on log in? Or can it reconnect all by itself now? Again, this is just to verify.
Ok, first of all - just to think out of the box here for a moment - I'm curious as to why you shut down your Macbook at all. Do you need to do this? Most people only go to sleep mode or simply log out (which is why nobody reported this issue yet). I believe that the Airport MAC address is only reset when actually shutting down your Mac (or does this happen even if you just "log out"?).
I usually assume that the network has gone down, but eventually my computer will realize that it's not getting any connection to the internet and tries to reconnect. At this point it gets stuck infinitely trying to do so.
So far, this is expected behavior. Changing the MAC address of an Interface is like changing the street number of your house from 42 to 55. The mail man will be totally confused as to where the building with number 42 went. And no letters arriving to your home basically means no Internet.
Not long ago, Mac OS prevented any change the MAC address of an Airport that was currrently powered on (just for the mail man reason, I guess). Only recently a MAC address could be changed on the fly, which is what LinkLiar happily will do. Of course, this comes at a cost. I believe there is a popup message that warns you about this behavior the first time you try to modify any MAC address. (In fact, the same problem that the Airport has applies to all interfaces. But cable interfaces tend to "catch themselves" much faster than the Airport does.)
Now, one thing I thought I would do is to issue a airport --disassociate command (the airport executable is usually located in the directory /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources). But the --disassociate flag would not force your Airport to reconnect. It would only disconnect from the base station. Also, thag flag is listed in the "legacy commands" section of the airport tool, so I should probably not use it. I was hoping for a --reconnect flag, but that does not seem to exist.
The only option I see then, is to teach LinkLiar to do what you do: Turn off your Airport and turn it on again whenever the MAC address changes. That would roughly correspond to issuing sudo ifconfig en0 down; sudo ifconfig en0 up on the Terminal.
I find that this behavior is too invasive for LinkLiar to be enabled by default. Because, imagine someone is connected to a custom network, the MAC changes, and Airport suddenly connects to some known network instead. That would be frustrating.
But I clearly see your use case so I would make it configurable. So, yes, it should be possible :)
Ok, many words for a simple question: Do you really need to shut down your Mac? ;)
(PS: You might be interested in https://github.com/iSECPartners/yontma-mac for your list on https://ajkblue.github.io :)
from linkliar.
ajkblue
commented on August 23, 2024
Hello,
Thanks for your response. First of all, I wouldn't say that I turn off my computer all that often (maybe once or twice a week?), as I do put it to sleep most of the time. It just seems that whenever I do shut it down and turn it back on the problem from earlier occurs. Manually forcing a new MAC address (via sudo ifconfig en0 ether 00:25:01:c5:d6:ae) doesn't cause a reconnect. Here are some pieces of the log on boot with LinkLiar's debugging enabled (I only kept items related to LinkLiar, AirPort, en0, and Wi-Fi) (Again, actual BSSIDs and my MAC were removed):
2/16/16 6:58:00.000 PM kernel[0]: AirPort: Link Up on en0
2/16/16 6:58:00.000 PM kernel[0]: en0: BSSID changed to
2/16/16 6:58:00.000 PM kernel[0]: en0: channel changed to 6
2/16/16 6:58:00.000 PM kernel[0]: en0::IO80211Interface::postMessage bssid changed
2/16/16 6:58:00.000 PM kernel[0]: AirPort: RSN handshake complete on en0
2/16/16 6:58:00.000 PM kernel[0]: Unexpected payload found for message 9, dataLen 0
2/16/16 6:58:01.059 PM Link[424]: Awoke from NIB
2/16/16 6:58:01.309 PM Link[424]: Observing Interface changes...
2/16/16 6:58:01.310 PM Link[424]: Going to refresh...
2/16/16 6:58:01.335 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:01.335 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:01.335 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:01.335 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:01.335 PM Link[424]: Establishing NSXPCConnection...
2/16/16 6:58:01.335 PM Link[424]: NSXPCConnection instantiated
2/16/16 6:58:01.336 PM Link[424]: Resuming connection...
2/16/16 6:58:01.336 PM Link[424]: Connection resumed.
2/16/16 6:58:01.336 PM Link[424]: running command...
2/16/16 6:58:01.404 PM taskgated[171]: no application identifier provided, can't use provisioning profiles [pid=447]
2/16/16 6:58:01.439 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:02.986 PM Link[424]: Interface change detected...
2/16/16 6:58:02.991 PM Link[424]: Going to refresh...
2/16/16 6:58:03.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from SUSPENDED to AUTO
2/16/16 6:58:03.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlAutoMode Resuming AWDL
2/16/16 6:58:03.007 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:03.007 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:03.007 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:03.007 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:03.007 PM Link[424]: running command...
2/16/16 6:58:03.048 PM Link[424]: Interface change detected...
2/16/16 6:58:03.048 PM Link[424]: Going to refresh...
2/16/16 6:58:03.062 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:03.062 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:03.062 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:03.062 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:03.062 PM Link[424]: running command...
2/16/16 6:58:02.824 PM Link[424]: Choosing random MAC prefix among 19747 vendor prefixes...
2/16/16 6:58:02.830 PM Link[424]: Randomizing hardware MAC of Wi-Fi ∙ en0 to MAC 00:60:6B:ad:5c:7b
2/16/16 6:58:02.830 PM Link[424]: applyAddress to BSD...
2/16/16 6:58:02.830 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:02.830 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:02.831 PM Link[424]: running command...
2/16/16 6:58:02.927 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:02.942 PM Link[424]: Choosing random MAC prefix among 19747 vendor prefixes...
2/16/16 6:58:02.945 PM Link[424]: Randomizing hardware MAC of Wi-Fi ∙ en0 to MAC 00:40:22:8b:55:20
2/16/16 6:58:02.945 PM Link[424]: applyAddress to BSD...
2/16/16 6:58:02.945 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:02.945 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:02.945 PM Link[424]: running command...
2/16/16 6:58:02.948 PM sudo[526]: root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/sbin/ifconfig en0 ether 00:60:6B:ad:5c:7b
2/16/16 6:58:02.961 PM sudo[528]: root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/sbin/ifconfig en0 ether 00:40:22:8b:55:20
2/16/16 6:58:03.049 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:03.102 PM Link[424]: A MAC address has been updated...
2/16/16 6:58:03.102 PM Link[424]: Going to refresh...
2/16/16 6:58:03.118 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:03.118 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:03.118 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:03.118 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:03.118 PM Link[424]: running command...
2/16/16 6:58:03.142 PM Link[424]: reply = 1
2/16/16 6:58:03.142 PM Link[424]: A MAC address has been updated...
2/16/16 6:58:03.142 PM Link[424]: Going to refresh...
2/16/16 6:58:03.156 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:03.156 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:03.156 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:03.156 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:03.157 PM Link[424]: running command...
2/16/16 6:58:03.183 PM Link[424]: reply = 1
2/16/16 6:58:03.183 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:03.199 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:04.000 PM kernel[0]: ARPT: 16.116712: wlc_dump_aggfifo:
2/16/16 6:58:04.000 PM kernel[0]: ARPT: 16.116738: framerdy 0x0 bmccmd 1 framecnt 1024
2/16/16 6:58:04.000 PM kernel[0]: ARPT: 16.116771: AQM agg params 0xfef maxlen hi/lo 0x0 0x2254 minlen 0x10 adjlen 0x8
2/16/16 6:58:04.000 PM kernel[0]: ARPT: 16.116815: AQM agg results 0x8001 len hi/lo: 0x0 0xec BAbitmap(0-3) 0 0 0 0
2/16/16 6:58:04.000 PM kernel[0]: Unexpected payload found for message 34, dataLen 2
2/16/16 6:58:04.000 PM kernel[0]: payload Data 06 00
2/16/16 6:58:05.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from AUTO to SUSPENDED
2/16/16 6:58:05.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlSuspendedMode() Suspending AWDL, enterQuietMode(true)
2/16/16 6:58:08.000 PM kernel[0]: ARPT: 20.061275: wl0: Roamed or switched channel, reason #2, bssid , last RSSI -65
2/16/16 6:58:08.000 PM kernel[0]: en0: BSSID changed to
2/16/16 6:58:08.000 PM kernel[0]: en0: channel changed to 6
2/16/16 6:58:08.000 PM kernel[0]: en0::IO80211Interface::postMessage bssid changed
2/16/16 6:58:08.246 PM symptomsd[263]: -[NetworkAnalyticsEngine _writeJournalRecord:fromCellFingerprint:key:atLOI:ofKind:lqm:isFaulty:] Hashing of the primary key failed. Dropping the journal record.
2/16/16 6:58:08.254 PM Link[424]: Interface change detected...
2/16/16 6:58:08.254 PM Link[424]: Going to refresh...
2/16/16 6:58:08.270 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:08.270 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:08.270 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:08.270 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:08.270 PM Link[424]: running command...
2/16/16 6:58:08.271 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:08.324 PM symptomsd[263]: -[NetworkAnalyticsEngine _writeJournalRecord:fromCellFingerprint:key:atLOI:ofKind:lqm:isFaulty:] Hashing of the primary key failed. Dropping the journal record.
2/16/16 6:58:09.507 PM Link[424]: Going to refresh...
2/16/16 6:58:09.517 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:09.517 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:09.517 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:09.517 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:09.517 PM Link[424]: running command...
2/16/16 6:58:09.518 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:09.563 PM Link[424]: Going to refresh...
2/16/16 6:58:09.575 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:09.575 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:09.575 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:09.575 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:09.575 PM Link[424]: running command...
2/16/16 6:58:09.576 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:15.296 PM Link[424]: Going to refresh...
2/16/16 6:58:15.310 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:15.310 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:15.310 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:15.310 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:15.310 PM Link[424]: running command...
2/16/16 6:58:15.311 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:15.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from SUSPENDED to AUTO
2/16/16 6:58:15.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlAutoMode Resuming AWDL
2/16/16 6:58:17.508 PM Link[424]: Going to refresh...
2/16/16 6:58:17.521 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:17.521 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:17.521 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:17.521 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:17.521 PM Link[424]: running command...
2/16/16 6:58:17.524 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:17.565 PM Link[424]: Going to refresh...
2/16/16 6:58:17.576 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:17.576 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:17.576 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:17.576 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:17.576 PM Link[424]: running command...
2/16/16 6:58:17.577 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:23.297 PM Link[424]: Going to refresh...
2/16/16 6:58:23.310 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:58:23.310 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:58:23.310 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:58:23.310 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:58:23.310 PM Link[424]: running command...
2/16/16 6:58:23.310 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:58:25.949 PM Link[424]: CoreAnimation: warning, deleted thread with uncommitted CATransaction; set CA_DEBUG_TRANSACTIONS=1 in environment to log backtraces.
2/16/16 6:58:35.697 PM Link[424]: CoreAnimation: warning, deleted thread with uncommitted CATransaction; set CA_DEBUG_TRANSACTIONS=1 in environment to log backtraces.
2/16/16 6:58:35.698 PM Link[424]: CoreAnimation: warning, deleted thread with uncommitted CATransaction; set CA_DEBUG_TRANSACTIONS=1 in environment to log backtraces.
2/16/16 6:58:35.698 PM Link[424]: CoreAnimation: warning, deleted thread with uncommitted CATransaction; set CA_DEBUG_TRANSACTIONS=1 in environment to log backtraces.
2/16/16 6:58:53.000 PM kernel[0]: ARPT: 65.780255: wlc_dump_aggfifo:
2/16/16 6:58:53.000 PM kernel[0]: ARPT: 65.780322: framerdy 0x0 bmccmd 7 framecnt 1024
2/16/16 6:58:53.000 PM kernel[0]: ARPT: 65.780382: AQM agg params 0xfc0 maxlen hi/lo 0x0 0xffff minlen 0x0 adjlen 0x0
2/16/16 6:58:53.000 PM kernel[0]: ARPT: 65.780429: AQM agg results 0x8001 len hi/lo: 0x0 0x22 BAbitmap(0-3) 0 0 0 0
2/16/16 6:58:53.000 PM kernel[0]: Unexpected payload found for message 34, dataLen 2
2/16/16 6:58:53.000 PM kernel[0]: payload Data 06 00
2/16/16 6:58:53.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from AUTO to SUSPENDED
2/16/16 6:58:53.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlSuspendedMode() Suspending AWDL, enterQuietMode(true)
2/16/16 6:58:57.000 PM kernel[0]: ARPT: 69.313992: wl0: Roamed or switched channel, reason #2, bssid , last RSSI -65
2/16/16 6:58:57.000 PM kernel[0]: en0: BSSID changed to
2/16/16 6:58:57.000 PM kernel[0]: en0: channel changed to 6
2/16/16 6:58:57.000 PM kernel[0]: en0::IO80211Interface::postMessage bssid changed
2/16/16 6:59:01.000 PM kernel[0]: Unexpected payload found for message 34, dataLen 2
2/16/16 6:59:01.000 PM kernel[0]: payload Data 02 00
2/16/16 6:59:01.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from SUSPENDED to AUTO
2/16/16 6:59:01.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlAutoMode Resuming AWDL
2/16/16 6:59:02.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from AUTO to SUSPENDED
2/16/16 6:59:02.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlSuspendedMode() Suspending AWDL, enterQuietMode(true)
2/16/16 6:59:06.000 PM kernel[0]: ARPT: 78.222415: wl0: Roamed or switched channel, reason #4, bssid , last RSSI -65
2/16/16 6:59:06.000 PM kernel[0]: en0: BSSID changed to
2/16/16 6:59:06.000 PM kernel[0]: en0: channel changed to 6
2/16/16 6:59:06.000 PM kernel[0]: en0::IO80211Interface::postMessage bssid changed
2/16/16 6:59:10.000 PM kernel[0]: Unexpected payload found for message 34, dataLen 2
2/16/16 6:59:10.000 PM kernel[0]: payload Data 02 00
2/16/16 6:59:10.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from SUSPENDED to AUTO
2/16/16 6:59:10.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlAutoMode Resuming AWDL
2/16/16 6:59:15.000 PM kernel[0]: ARPT: 87.250954: wl0: Roamed or switched channel, reason #4, bssid , last RSSI -65
2/16/16 6:59:15.000 PM kernel[0]: en0: BSSID changed to
2/16/16 6:59:15.000 PM kernel[0]: en0: channel changed to 149,+1
2/16/16 6:59:15.000 PM kernel[0]: en0::IO80211Interface::postMessage bssid changed
2/16/16 6:59:15.456 PM Link[424]: Interface change detected...
2/16/16 6:59:15.456 PM Link[424]: Going to refresh...
2/16/16 6:59:15.468 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:59:15.468 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:59:15.469 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:59:15.469 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:59:15.469 PM Link[424]: running command...
2/16/16 6:59:15.469 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:59:19.000 PM kernel[0]: Unexpected payload found for message 34, dataLen 2
2/16/16 6:59:19.000 PM kernel[0]: payload Data 02 00
2/16/16 6:59:19.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from SUSPENDED to AUTO
2/16/16 6:59:19.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlAutoMode Resuming AWDL
2/16/16 6:59:20.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation mode from AUTO to SUSPENDED
2/16/16 6:59:20.000 PM kernel[0]: IO80211AWDLPeerManager::setAwdlSuspendedMode() Suspending AWDL, enterQuietMode(true)
2/16/16 6:59:22.488 PM Link[424]: Going to refresh...
2/16/16 6:59:22.501 PM Link[424]: Proxying from Synchronizer to Intercom...
2/16/16 6:59:22.502 PM Link[424]: Intercom is going to check HelperTool version...
2/16/16 6:59:22.502 PM Link[424]: connectAndExecuteCommandBlock
2/16/16 6:59:22.502 PM Link[424]: Connecting to Helper Tool...
2/16/16 6:59:22.502 PM Link[424]: running command...
2/16/16 6:59:22.503 PM Link[424]: Yeah, this is the Helper I want.
2/16/16 6:59:24.000 PM kernel[0]: ARPT: 96.346196: wl0: Roamed or switched channel, reason #4, bssid , last RSSI -70
2/16/16 6:59:24.000 PM kernel[0]: en0: BSSID changed to
2/16/16 6:59:24.000 PM kernel[0]: en0: channel changed to 6
2/16/16 6:59:24.000 PM kernel[0]: en0::IO80211Interface::postMessage bssid changed
I don't know if that'll be of any help, but it's there! Maybe there could be an option in the LinkLiar to force a reconnect by sudo ifconfig en0 down; sudo ifconfig en0 up if it recognizes there is no connection? I'm not really sure what the best way to go with this is. The address is reset upon reboot, but it is NOT reset upon logout, with or without "Reopen windows when I log back in" option enabled.
Oh, and I'll be sure to add Yontma to my list soon (I didn't know anyone had actually looked at that site - but then again this is the internet! :)
from linkliar.
halo
commented on August 23, 2024
I'm sorry, it doesn't look like I'll find the time in the nearest future to implement this, though I really would like to.
It involves changing the HelperTool which is the only process allowed to run sudo commands. Somewhere here I would have to check whether the MAC changed on an Airport and, if so desired by some configuration, reboot the interface.
As a side note: upgrading the helper tool unfortunately requires the end user to manually run some commands in the Terminal. I suppose that would be OK, though.
Another problem ist, that there are no tests for LinkLiar. That is really painful. I'm planning on migrating to swift so that maintainability and testing ability will increase. I'm rather afraid that introducing a change like we discussed - without test coverage - will rather break something than fix something :(
from linkliar.
theredspoon
commented on August 23, 2024
Is this something you're open to updating at this point?
from linkliar.
halo
commented on August 23, 2024
Hi @theredspoon, thank you for your kind inquiry :)
As I understand it there are two possible solutions to this problem.
The first is to teach LinkLiar to disassociate from the network and try to reconnect to the same network whenever the MAC address is modified. This, however, requires good portion of luck (for the reconnecting due to edge-cases) and, frankly, it does not solve the problem. On the login screen, you'd still leak the Wi-Fi's MAC address. On top of that, I'm uncertain of whether wired devices should also have this feature. So scratch that.
The proper (albeit less complex) solution that I'm willing to try out is this.
- If you look at an interface in LinkLiar, there should be a checkbox ☑️
Apply before login. - If that is checked, LinkLiar will persist a small preference file at
/Library/Preferences. This is at system-level so the root user has access to it. LinkLiar has root privileges so it may write to that directory - Create a system-level launchd agent at
/Library/LaunchAgentsthat is run on boot, finds that preference file, and changes the MAC addresses accordingly - as soon as the interface is up, that is, even before any user logs in.
EDIT: Uh, do I need to disassociate then, too?
I'm left wondering though, should this preference be per interface? Or should there only be one checkbox such as ☑️ Apply everything for all users? The latter would be more proper, I guess.
Lastly, if two users install LinkLiar, there will be conflicts (last one wins). But that should not be a problem, because you won't activate "apply to all users" in that case.
Does that sound like a plan? I'm hesitant to committing to a definite timeframe though. It's a step-by-step progress I guess to see how it evolves. But I'm willing to try.
from linkliar.
halo
commented on August 23, 2024
I just wanted to let you know that I'm working on this. I cannot invest many hours per week into it, but I've come quite far.
Basically, I'm rewriting everything from scratch to move the MAC changing logic from userland to a root launch daemon that will be active even before any uer logs in. Yet the GUI to configure everything will look and feel just the same as today.
It's only going to work on Sierra and later though. Because I'm planning on using Swift 3 and some API's that were introduced in Sierra.
from linkliar.
ajkblue
commented on August 23, 2024
This all sounds quite interesting! I'm excited to see how it all pans out. This also seems to be giving users increased security, as now the MAC address changing is being applied before login. Does this mean that it will now mitigate ANY leak of your actual MAC address since it is running the very moment the WiFi interface is up?
from linkliar.
halo
commented on August 23, 2024
Does this mean that it will now mitigate ANY leak of your actual MAC
When it comes to your USB/Thunderbolt Ethernet, it will likely not prevent a leak. Because every time you unplug and plug in such an external interface, there will be traffic immediately. Too fast for LinkLiar to spoof the MAC via ifconfig. The main problem here is that the spoofed MAC is not persisted across unplugs and that cables are very very fast.
As for the Airport, unfortunately the MAC cannot be spoofed while it is turned off. That would be really great. When you turn it on, I'll have LinkLiar randomize the MAC at once. And whether you leak the hardware MAC depends on a few factors. Firstly, you will only really leak it before login. If you are logged in over a longer period of time (i.e. don't reboot your laptop) you won't of course leak much if you spoofed your MAC when you logged in.
Secondly, and here I would need more research, the Airport probably begins listening when turned on and as soon as a known network is detected, it starts sending (leaking the MAC if this happens before the ifconfig spoof went through). What also could happen is that the Airport starts sending packets even without a known network, in case you connect to a hidden hotspot. iPhones, for example, often won't connect to hidden SSIDs so as to protect privacy. It's both a bug and a feature :)
Since much of this happens before login, I'll have to come up with a way of logging everything on boot so as to get a picture of what's happening. I'm not sure I can detect a leak programmatically before login. Could be.
from linkliar.
halo
commented on August 23, 2024
Closing this because it is implemented in current master and published as 2.0.0.
from linkliar.
Related Issues (20)
- Donation link? HOT 1
- How to confirm its working? HOT 1
- No longer works with the 2018 MBPs HOT 13
- Spoof as early as possible during boot (when deamon starts up) HOT 3
- For USB/Thunderbolt Ethernet, it will likely not prevent a leak? HOT 1
- Implement Geo-fencing (or a workaround such as scripting access) HOT 3
- Add option to not warn about leakage for certain interfaces HOT 1
- LinkLiar always says I'm slipping HOT 8
- Give every AP an unique address HOT 19
- Possibly broken in Monterey HOT 17
- Update README and Helpbook for 3.0.0 HOT 1
- update app icon to fit Big Sur HOT 11
- Fix CI
- bug? wifi unable to connect on sleep-wake HOT 7
- wrong mac displayed in menu bar HOT 3
- “LinkLiar.app” can’t be opened because Apple cannot check it for malicious software. HOT 1
- Unable to write to config.json HOT 3
- the latest beta is just not working HOT 1
- It's still in Background apps list HOT 5
- 4.0.0 Sonoma Experimental Beta - The changed mac address is not updated in the UI after sleep and relogin HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from linkliar.