Open thedeco opened 4 years ago
The earliest pcaps were gathered and anonymized by overwriting the lower three bytes of the MAC addresses (leaving only the OUI), but I neglected to update the packet CRC. This is not great both because they are invalid packets and also because it provides a leg up in de-anonymizing the pcaps. As those early traces were devices from QA labs and dev lending labs, I didn't worry too much about de-anonymization as a threat.
I'm not really enthused about removing the pcaps, they are not just examples they are part of the tests to make sure device signatures don't get broken by later signatures. I understand that other packet tools won't necessarily like those packets, but as they will just look like corrupted frames where the CRC check fails (which happens all the time in Wi-Fi pcaps) I don't think it will be especially troublesome either.
I didn't mean to suggest removing the entire pcap, just those 4 specific pkts in those two files and then reuploading. I'm not concerned about invalid CRCs either.
Samsung Galaxy S2+ 2.4GHz Google Wifi An4.2.2 GT-I9105P Specific Probe.pcap pkt # 3 is invalid
Chromecast Ultra 5GHz Google Wifi sw 1.21.74997 hw NC2-6A5-D Broadcast Probe.pcap pkts #37,45,56
These pckts can break parsing tools like scapy if not handled properly and should probably be removed from these example pcaps