In a discussion, a member was talking about experiences he had with XM and TVT shipping devices with the same MAC address.
It is shocking to me since it is not a hard thing to avoid.
Anyone have any idea why they are doing this? Incompetence? Does it save money on something or?
OUI's cost money. It's not a lot, but it is a few thousand dollars.
One OUI can generate ~16.7M unique MAC addresses. Maybe they ship more than that and just recycle MAC's over time from a single registration.
Maybe they ship more than that and just recycle MAC's over time from a single registration.
Wow, that would be about the most shortsighted move ever! It can't be ruled out considering some of their security gaffes, but I think a miscommunication between factories might be more likely. It would explain why they are getting dupes on new products as well. Still a reputable company would stop shipping them once they became aware...
If XM/TNT actually is hell-bent on saving OUI fees, a better strategy for soneone with such low scruples might be reappropriation of someone elses OUI, one that you are unlikely (or less likely) to come across.
For instance, maybe 48-DA-96 (hex), Eddy Smart Home Solutions Inc?
No offense, Eddy.
I worked on a very early campus wire wireless project where we deployed around 500 access points, in 2009. We received several APs with duplicate MAC addresses, and only one would register at a time to the master switch. We were told they used the same MACs for devices going to different countries knowing they would never be on the same network, but since we ordered so many we got a batch that was intended for another country to fulfill the order.
Tyler, very interesting, thanks for sharing!
It still strikes me as weird, it is not as if MAC addresses are such an expensive / precious commodity.
its something like 1/64 of a penny per device.
if you were shipping dupe MACS to Greenland and Australia, it still wouldn't be worth it, I bet.
Some manufacturers use a default MAC address on the network board, and during assembly of the entire/final camera product they program in the mac address, print it on the box, etc.
Maybe some cameras skipped the unique programming step and shipped with the default Mac?
Or maybe they are b stock units that have been repaired and the network board replaced, and the unique mac programming step was skipped?
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.
