I’m currently working on a small project with the goal of using an iOS App to provide a secure, centralized login for a network of WiFi hotspots in small and medium sized businesses. The plan was to configure the routers as open networks and DHCP forward all the traffic from the router to our (cloud-hosted) server, where each query is authenticated and the user’s query is allowed to pass to its intended destination.
Our current problem is that in order to configure the server to know which users are accessing it we need the Mac Addresses of the users, which the Apple API requires they type in manually the first time they use the app (which is a lot of work) so we are trying to come up with a work around.
Any thoughts or suggestions would be hugely appreciated.
Thanks,
Alex
:)
Since iOS 7 you can no longer get the MAC Address. Based on what you are trying to do, I would recommend using one of the device identifiers available through iOS like identifierForVendor which will give you an unique id.
as per Apple Docs:
In iOS 7 and later, if you ask for the MAC address of an iOS device,
the system returns the value 02:00:00:00:00:00. If you need to
identify the device, use the identifierForVendor property of UIDevice
instead. (Apps that need an identifier for their own advertising
purposes should consider using the advertisingIdentifier property of
ASIdentifierManager instead.)
Related
I'm writing some code (C++) for ESP32, to act as a BLE beacon. The problem is this: the iPhone doesn't send out its real MAC address, but does a random-generated MAC address, for security. The thing I'm confused about is how do you know if it's a device you've previously paired with?
So let's say I detect a new BLE MAC address, and looking at the manufacturer data I can determine it's an Apple device (first 2 bytes are "4C").
Now I need to know if I've previously paired with that device, so that I can allow the ESP32 to initiate an action (for simplicity let's just say turn on an LED). If that MAC address is in a list of known devices, then I can continue, and if not, I ignore it.
The problem is, if the iPhone is not giving up the real MAC address, the detected MAC address will never match anything. As this is a security situation I'm sure the algorithm for generating those MAC addresses is not known.
To be clear: this code is being written for the ESP32, not the iPhone.
It is in fact not possible to tell if a device has been previously seen, unless you pair and establish a bond with it. Once you pair with the device, long-term keys are exchanged and are used to quickly re-establish the connection.
This is by design. MAC addresses were originally unique, but this allowed tracking people and devices without their consent. You can read more about this in the following ESP-IDF guides:
GATT security server walkthrough
GATT security client walkthrough
So are you using esp32 as a beacon? This dose not involve any pairing or iOS MAC addresses. iOS will just be able to listen and the esp32 will not even know someone is "listening" to its broadcast.
Probably iOS application can store which services it is interested to hear to; may looks like pairing.. but it is a high level application managed technique and not any related to what BT standard calls pairing.
From Android documentation:
Caution: When a user pairs their device with another device using BLE, the data that's communicated between the two devices is accessible to all apps on the user's device.
For this reason, if your app captures sensitive data, you should implement app-layer security to protect the privacy of that data.
Is this also true for iOS? I haven't found anything on it and I assumed because iOS doesn't show the true MAC addresses of devices this wouldn't be an issue, but just wanted to check. Thanks
Yes, iOS also works in a similar way. And if you want private communication, you also need to maintain app layer security. Thus android wear, galaxy watch, and other similar devices use encrypted communication in the app layer.
If you already know the details. BLE communication works via Gatt Characteristics.
Consider there are two health applications running on an iOS device and the user also using an activity tracker device. In that case if the user wants to connect both of the health apps with that tracker, he certainly can do it. Both apps will be able to communicate with the activity tracker and get sensor data using the CBCentral module. Look at the diagram for Details.
On the other hand, In general, vice versa will not possible. Because if both iOS apps use Peripheral Role they will register two different instances of BLE-Service even if using the same UUID. Thus it will force two apps to communicate with completely different characteristics instances. However, it is also possible to work with two peripheral apps with the same UUID but this is not what the BLE developers ever wanted.
you need to provide app level security based on Service UUID, so that devices having the app with only same service UUID can connect.
I have written a Solution that contains two Apps,
the first app acts like a remote control app and the second app display some stuff depending on the selection of the first app.
State Now:
Currently, both apps communicate over a Bluetooth connection using the MultipeerConnectivity.framework.
Problem:
I have always to pair both apps manually starting the apps.
Solution:
Starting both apps, they should detect each other and be paired automatically.
How could I solve my Problem, is there any alternative to the Bluetooth connection or can I set up the connection to have trusted devices or something like that?
It's up to you as the developer how the pairing is implemented. You could even code a solution which requires no approval from the user; the app could pair automatically with any device looking for other peers (although this probably wouldn't be a good idea for a variety of reasons).
One possible solution for your problem:
The first time your devices pair, you generate a random UUID and save it on both devices for later use.
The next time your devices discover one another, they check to see if they have any matching UUIDs stored; if they do find a matching pair then you can let them connect automatically.
I would like to know if it is a way to to manage a wifi configuration with metro apps ?
Basically I want my application to list and retrieve information about all the available wifis the phone detects. I saw that it was possible so far using the wlanapi.h but I can't figure out how to use it in this metro style app context.
If you have any idea, please tell me.
Cheers
According to this MSDN thread - it is not possible to list all wifi networks in range, but you can call NetworkInformation.GetConnectionProfiles() to list the known networks (or connection profiles) or NetworkInformation.GetInternetConnectionProfile() to access the one currently used for Internet access.
I want to get to know how I can transfer data easily between 2 iPhones, over wifi. I would like to know if I could do that without having a server or database, but within an app (so without using email).
Game Kit has support for Peer-to-Peer-Connectivity and is, despite the name, not only usable for games:
The GKSession class allows your application to create and manage an
ad-hoc Bluetooth or local wireless network, as shown in Figure 1.
Copies of your application running on multiple devices can discover
each other and exchange information, providing a simple and powerful
way to create multiplayer games on iOS. Further, sessions offer all
applications an exciting mechanism to allow users to collaborate with
each other.
You can also check out Bonjour API from Apple. I am not sure if you need a static IP for it to work or it can just work over wifi. Just trying to give a pointer.
Based on your exact usecase, it can work well.
Check it out here, Game center is also there.
http://developer.apple.com/technologies/ios/networking.html