How to get BSSID Wifi is connected to from command line past 15.3+?

hnykda wrote:

Ok, thanks everyone, that's what I thought...

I am a hobbyist, wanted to do a seemingly very simple thing (which was true for the last 20 years?), now it's not. I know no one cares, but this is really discouraging me from building stuff for Apple users... I can see I am far from being the only one struck by this. It really does remind that "over-baby sitting" users (specifically that it can't be turned off in any way, even if I am an admin).

Every platform has gotten more complex in the past decades, yes. Techniques and assumptions and solutions from 2005 variously don't or won’t hold in 2025, including around privacy and security. Same as it’s always been.

Malware and shenanigans have evolved too, with various of what I’d consider to be intrusive at best and potentially malware offered as “security” tools, or tracking embedded in games, or in other apps. There are enough third-party developers around that are seeking to covertly track and identify users too, which makes development in related areas more involved for those of us not seeking to implement tracking.

For those unfamiliar with the tracking infrastructure built upon BSSID in the past twenty years:

• https://www.ieee-security.org/TC/SP2013/posters/Muhammad_Naveed.pdf

For those unfamiliar with some arcane and obscure particular part of macOS, option-clicking on the Wi-Fi icon in the menu bar can get most Wi-Fi networking details, and System Settings > Networking can also get useful networking details.

Networking-related information links: https://forums.developer.apple.com/forums/thread/734348

Privacy, which is what you’re meeting: TN3179: Understanding local network privacy | Apple Developer Documentation

Yes, Apple has been locking down access to network details like the BSSID for privacy and security reasons in recent macOS releases, especially starting with Sequoia. The usual commands like airport -I, ioreg, and wdutil are either restricted or return obfuscated data.

I can only think of two options, you can try; however, neither may be beneficial for your app:

1. If captured in a log, you can try this command in the Terminal: log stream --predicate 'subsystem == "com.apple.wifi"' --info
2. Use a third-party tool, like Wireshark, to perform a data capture between the computer and the AP.

Usual path is via an app and Core WLAN and location services, and the user must permit the app access to that data. Yes, BSSID is considered location data. Scripts aren’t going to work all that well for this, nor stuff running independent of the GUI, whether wdutil or otherwise. Scripts within an app bundle, sure.

Some potential options: https://snelson.us/2024/09/determining-a-macs-ssid-like-an-animal/ as well as NetworkView.

If Linux better meets your needs and your power users’ needs, by all means use that.

This would also best fit as a question over in the Apple Developer forums, and not here in ASC.

No Apple employees are participating in these public, user-supported communities. MacOS is not based on Android, Windows, or Linux, and as Apple licenses it to us, they own and determine the future security provisions they will adopt for the operating system. We are simply along for the ride, whether we agree to the tighter security or not.

That said, I can remember writing code on my Sun workstation running SunOS 4.2 in 1986 which, like my 1969 Olds 442 W-30 without an engine bay full of emissions crap, was far easier to work on. Sooner or later, time f-bombs us all…

hnykda wrote:

I fail to see how e.g. a sudo-protected command is less safe than effectively sudo-protected UI toggle.

But even if it was, this is not the tradeoff I would personally want to do. I understand Apple wants to, but let's not pretend this is not a tradeoff or that it's "better for everyone".

I understand you are trying to make a point with the poster - but come on, just closing _all_ CLI access to this in MacOS because there was a what I would consider a serious bug back in 2013 in Android... Yes, it's a bug - fix it, don't just nuke the whole thing.

The BSSID is sensitive data. Different from a password hash sure, but an unintended disclosure of location can be somewhere between problematic and catastrophic for some.

Computing has changed from the era of 6502, PDP-11, and ilk too, yes. As have the risks and exposures and attacks and exploits arising. Computing is easier in many ways, and much more difficult in others.

Developers too can and usually do face different risks and exposures than users of their apps, and that can disconnect cause massive issues for the users. Risks for users and their locations can include thieves, abusive exes, stalkers, and worse.

As for the BSSID and other privacy-related data, you clearly have an idea of how to provide security and particularly privacy of that data against malicious apps, and against incautious and vulnerable apps, so I would suggest sending your design along to Apple.

Want full control as a developer? That’s Linux, the BSDs, and other fine choices. Definitely not macOS, iOS, or iPadOS.