Windows 10 Random Mac Address

Arran Cudbard-Bell a.cudbardb at freeradius.org
Sat Aug 29 15:43:58 CEST 2015


> On 29 Aug 2015, at 09:36, Alan DeKok <aland at deployingradius.com> wrote:
> 
> On Aug 28, 2015, at 11:42 PM, Danner, Mearl <jmdanner at samford.edu> wrote:
>> FYI. Haven't seen it mentioned here. Will create many headaches for folks using MAC authorization.
>> 
>> https://www.ietf.org/proceedings/93/slides/slides-93-intarea-5.pdf
>> 
>> Apple IOS 8 also.
> 
>  I've been following that for a while, and was at the meeting in Prague.
> 
>  For personal security and privacy, it's a good idea.  The end device can still be identified via other means, but they're not as good / unique.
> 
>  MAC auth was always a hack.  People should use 802.1X instead.

Mac authentication is for the random crap on the *WIRED* network which either doesn't support 802.1X or has a broken 802.1X supplicant.

This will force people to move to better security practices, performing proper machine and user authentication.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150829/6d6b219c/attachment.sig>


More information about the Freeradius-Users mailing list