Apple announced at WWDC that they are starting to randomize MAC addresses of location scans and auto join scans in iOS 9, in addition to Unassociated PNO and ePNO scans (see the video around 8:00 for details).
While PNO and ePNO scans are well-defined, I could not find any details on location scans and auto join scans – they don't seem to be any official (IEEE) terms.
They sound like scans to determine location or automatically join known networks – but from what I understood, this is precisely what PNO scans and ePNO scans are used for.
Could someone please clarify these terms for me?
Best Answer
This document from Apple KB provides some background on Location scans.
It looks like that part of iOS is scanning for WiFi networks in the background and sending this data to Apple, enabling them to crowdsource a geo tagged map of WiFi access points to help with positioning accuracy in other apps.
EG: Your phone is at GPS co-ordinates Latitude:37.330558° and -122.029675° and reports to apple that it can see 8 wifi networks which it has discovered via the Location services scan. The phone then reports this data to Apple which it will compare to other devices data from the same area and, probably using signal strength data, will tri-laterate the AP location.
Why? So they can use the location of WiFi AP's to enhance positioning data so your apps/device can use that to send you useful data/ads/services.
Auto Join scans (I'm making an educated guess here) will be the scans that the device performs in order to discover commonly used and remembered networks eg; ClemensimHomeWiFi.
Basically it looks like Apple are extending the conditions when the device will use an obfuscated MAC address in these scans. Following the original release of this functionality in iOS8 it was discovered that randomisation only occurred under a VERY specific set of circumstances that most users would not enable/experience.
It has to use it's real mac address as soon as authentication occurs in order to maintain compatibility with WiFi standards that rely on mac filtering/auth.
As one of those people who is measuring foot traffic via the standard WiFi probes that Apple is altering this is an area of significant interest.
One thing is clear, Apple intend to aggressively pursue this path as a way to increase use of iBeacon and Apple services for advertisers wishing to reach consumers, it is NOT about user privacy. However, there is only so much they can do until the consequences start affecting performance on different WiFi networks and/or breaking the 802.11 specification.