Baw Chng

Ever since the nascent days of computer networking, system interface identifier and interface address assignment schemes have always been key considerations for any networking protocol and system architecture design.

Core to the IEEE 802 family of networking standards is the "MAC address" that is widely used as an interface identifier and as a networking address for such popular technologies as Wi-Fi, Ethernet, and Bluetooth.

Being an "address" means it needs to maintain certain properties (e.g., some level of "uniqueness" and "permanence") to be usable for data delivery. Being an "identifier" means it may be exploited in ways that weaken consumer privacy (e.g., Internet activity and real-life geographic tracking) -- especially when that type of "identifier" is ubiquitous among consumer products.

As part of the recent trend to strengthen consumer privacy protection, major consumer technology suppliers have more aggressively employed a tactic that randomizes the MAC address for Wi-Fi (e.g., Apple with iOS, Google with Android), pushing MAC address randomization into the mainstream.

This presentation looks at issues that might arise from randomizing MAC addresses on a massive scale, analyzes how likely it is for such issues to arise, talks about what these mean to the various systems that rely on "MAC addresses" to provide networking services, discusses potential mitigation measures, and touches on secondary effects that may come with such measures.

Biography:

Baw Chng (IEEE Senior Member) is the President of BAWMAN LLC with a consulting practice in the networking and telecommunications industry. Mr. Chng has over two decades of experience in the industry and primarily consult for large telecommunications and Internet service providers, their strategic technology providers, industry trade groups, and Standards organizations, domestic and international. Mr. Chng has thus far been awarded 11 patents spanning the areas of network architecture, mobile networking, wireless communications, authentication and access control, network fault management, and related user experience designs. Mr. Chng has published in various peer-reviewed avenues such as the IEEE Transactions and various conference and symposium proceedings. Through his consulting practice, Mr. Chng provides such services as strategic and business consulting, technology consulting, and Standards consulting and representation in the networking and telecommunications industry.