Android Marshmallow changed the behavior for WifiInfo's getMacAddress() due to privacy concerns. The API wasn't removed or deprecated instead was just updated to return a default address 02:00:00:00:00:00. The intention is to block access to device's hardware identifier using WiFi and Bluetooth APIs. In addition, any background wifi or bluetooth scan is shown as being generated by random mac address starting from Android 6.0. This doesn't let tracking softwares like the ones used in coffee shops, malls do what they used to do, study customer behavior without their knowledge, just because they had their wifi or bluetooth turned on by default. This is similar to what Apple did to iOS8. In Android 6.0, there are still few apps like Settings which continue to have access to the mac address. This is accessed via Settings > About Phone > Status or via Settings > WiFi > Advanced.
Is there any other hidden API that might return the actual mac address? A quick look at Settings code in AOSP reveals the very same API, WifiInfo.getMacAddress(). So how does settings app continue to have exclusive access to the mac address? Turns out, this is controlled by a permission LOCAL_MAC_ADDRESS. Obviously, this permission is hidden from the SDK to deny access for third party applications.
<!-- @SystemApi Allows applications to read the local WiFi and Bluetooth MAC address.
<permission android:name="android.permission.LOCAL_MAC_ADDRESS"
android:protectionLevel="signature|privileged" />
Settings application doesn't actually request for this permission in the manifest and yet this works due to the permission's prerequisites. Any application signed with the same certificate as that of the system declaring the permission would get an implicit grant.
Is there any other hidden API that might return the actual mac address? A quick look at Settings code in AOSP reveals the very same API, WifiInfo.getMacAddress(). So how does settings app continue to have exclusive access to the mac address? Turns out, this is controlled by a permission LOCAL_MAC_ADDRESS. Obviously, this permission is hidden from the SDK to deny access for third party applications.
<!-- @SystemApi Allows applications to read the local WiFi and Bluetooth MAC address.
<permission android:name="android.permission.LOCAL_MAC_ADDRESS"
android:protectionLevel="signature|privileged" />
Settings application doesn't actually request for this permission in the manifest and yet this works due to the permission's prerequisites. Any application signed with the same certificate as that of the system declaring the permission would get an implicit grant.
No comments:
Post a Comment