[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Mac?


On Thursday, September 08, 2011 7:32 PM, "Seth David Schoen"
<schoen@xxxxxxx> wrote:
> Andre Risling writes:
> > I've some questions about MAC address and changing it
> > 
> > - Why would someone want to change ("spoof") their MAC address?
> The MAC address usually identifies a particular physical computer
> to a local area network.  If someone doesn't want their physical
> computer to be recognized by a network, they might want to change
> the address.
> The most common reasons for this in practice are probably
> * Some networks let people use the network for free, but only for
>   a limited period of time, or only on one occasion; this is
>   enforced using MAC addresses, so changing MAC addresses lets
>   people get around the restriction and continue using the
>   network.  For example, an airport or university wifi network
>   might let a "guest" use the network for 30 minutes without
>   paying or registering.
> * Some networks might ban someone they consider abusive or
>   unwelcome using the MAC address (for example, an open wifi
>   network where someone has used it in a way that the operator
>   considered abusive or excessive).  In that case, the person
>   who was banned might change their MAC address to get around
>   the ban.
> * ISPs might record or log MAC addresses, which could be used for
>   commercial or law enforcement purposes, so someone who doesn't
>   want to end up in such logs might use a false or random MAC
>   address.  In some places, law enforcement might pressure or
>   require the ISPs to keep these logs as a way of trying to catch
>   people accused of breaking the law, or as a way of providing
>   corroborating evidence after-the-fact when a suspect is caught.
> * Although it's not known to happen on a large scale, other people
>   on a LAN with you could detect and log your MAC address to
>   monitor when your computer is physically present on the LAN
>   (perhaps to learn or make a profile of when you're present at
>   a certain place that you're known to visit periodically?), so
>   changing your MAC address would let you avoid this kind of
>   monitoring.
> * Some ISPs use a clumsy policy where the subscriber's observed
>   MAC address is not allowed to change frequently (sometimes
>   because of somewhat obsolete ISP billing systems that used the
>   MAC address to identify the subscriber, or sometimes because
>   of old ISP policies meant to discourage people from using more
>   than one computer with a single account).  In this case,
>   people may change the MAC address of one computer (or a wifi
>   router) to match the address of a different computer (which
>   is called "cloning").  This could also be used by someone
>   who has paid for a certain amount of Internet access on a paid
>   wifi network (say, in an airport or hotel) let a friend take
>   over using the access when the first person is all done.
> > - Is a computers MAC address sent out whenever you connect to the web?
> > 
> >    -If it is, how often is it sent out?
> It's "sent out" to the local router but not out over the Internet,
> so web servers, for example, can't observe it.  You have to be on
> the same LAN in order to observe it.
> > - Who stores the MAC address of the computer you're using?  The ISP?  An
> > Webmail service?
> Whoever operates the local router can store it (e.g., if you're on a
> friend's wifi, the friend could store it; if you're on a commercial
> wifi network, the commercial wifi operator could store it; if you're
> directly plugged into a cable modem owned by an ISP, the ISP could
> program the cable modem to store it; ...).
> An exception is that some software could deliberately choose to
> transmit the MAC address for its own reasons, like enforcing
> anti-copying restrictions or because of a weird choice to use the
> MAC address to identify individual computers for some other reason.
> There's nothing about how the Internet works that _requires_ any
> software to do this, and it's probably not common.
> > -Does the Tor network capture and store Mac addresses?
> Nope, never.
> -- 
> Seth Schoen  <schoen@xxxxxxx>
> Senior Staff Technologist                       https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Excellent!  Thank you for the thorough answers.

http://www.fastmail.fm - The way an email service should be

tor-talk mailing list