[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Mac?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Mac?
From: "Andre Risling" <andre76@xxxxxxxxxxx>
Date: Fri, 09 Sep 2011 04:47:06 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 08 Sep 2011 22:47:21 -0400
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=B5l7tnTeliM8V85j+PgwieRj5ok=; b=KAA 0vXhEDCnMIhNus12cc6Q+iWAMXkLvCrpbERmYpMmnJqY2PuutUZr35D9bumIeipm 53RdeFVwE9qYswjxQLd2UtyBua2PgPsc3snREQjRMq7Ke6RqolTcF+4tJXaNj1jP JiOWjF+as7vGlUPDvRuDD0uAflHtVKrzDPjpuMoo=
In-reply-to: <20110909023210.GD2169@sescenties>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1315533776.6749.140258139015821@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20110909023210.GD2169@sescenties>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

-- 
  
  andre76@xxxxxxxxxxx


On Thursday, September 08, 2011 7:32 PM, "Seth David Schoen"
<schoen@xxxxxxx> wrote:
> Andre Risling writes:
> 
> > I've some questions about MAC address and changing it
> > 
> > - Why would someone want to change ("spoof") their MAC address?
> 
> The MAC address usually identifies a particular physical computer
> to a local area network.  If someone doesn't want their physical
> computer to be recognized by a network, they might want to change
> the address.
> 
> The most common reasons for this in practice are probably
> 
> * Some networks let people use the network for free, but only for
>   a limited period of time, or only on one occasion; this is
>   enforced using MAC addresses, so changing MAC addresses lets
>   people get around the restriction and continue using the
>   network.  For example, an airport or university wifi network
>   might let a "guest" use the network for 30 minutes without
>   paying or registering.
> 
> * Some networks might ban someone they consider abusive or
>   unwelcome using the MAC address (for example, an open wifi
>   network where someone has used it in a way that the operator
>   considered abusive or excessive).  In that case, the person
>   who was banned might change their MAC address to get around
>   the ban.
> 
> * ISPs might record or log MAC addresses, which could be used for
>   commercial or law enforcement purposes, so someone who doesn't
>   want to end up in such logs might use a false or random MAC
>   address.  In some places, law enforcement might pressure or
>   require the ISPs to keep these logs as a way of trying to catch
>   people accused of breaking the law, or as a way of providing
>   corroborating evidence after-the-fact when a suspect is caught.
> 
> * Although it's not known to happen on a large scale, other people
>   on a LAN with you could detect and log your MAC address to
>   monitor when your computer is physically present on the LAN
>   (perhaps to learn or make a profile of when you're present at
>   a certain place that you're known to visit periodically?), so
>   changing your MAC address would let you avoid this kind of
>   monitoring.
> 
> * Some ISPs use a clumsy policy where the subscriber's observed
>   MAC address is not allowed to change frequently (sometimes
>   because of somewhat obsolete ISP billing systems that used the
>   MAC address to identify the subscriber, or sometimes because
>   of old ISP policies meant to discourage people from using more
>   than one computer with a single account).  In this case,
>   people may change the MAC address of one computer (or a wifi
>   router) to match the address of a different computer (which
>   is called "cloning").  This could also be used by someone
>   who has paid for a certain amount of Internet access on a paid
>   wifi network (say, in an airport or hotel) let a friend take
>   over using the access when the first person is all done.
> 
> > - Is a computers MAC address sent out whenever you connect to the web?
> > 
> >    -If it is, how often is it sent out?
> 
> It's "sent out" to the local router but not out over the Internet,
> so web servers, for example, can't observe it.  You have to be on
> the same LAN in order to observe it.
> 
> > - Who stores the MAC address of the computer you're using?  The ISP?  An
> > Webmail service?
> 
> Whoever operates the local router can store it (e.g., if you're on a
> friend's wifi, the friend could store it; if you're on a commercial
> wifi network, the commercial wifi operator could store it; if you're
> directly plugged into a cable modem owned by an ISP, the ISP could
> program the cable modem to store it; ...).
> 
> An exception is that some software could deliberately choose to
> transmit the MAC address for its own reasons, like enforcing
> anti-copying restrictions or because of a weird choice to use the
> MAC address to identify individual computers for some other reason.
> There's nothing about how the Internet works that _requires_ any
> software to do this, and it's probably not common.
> 
> > -Does the Tor network capture and store Mac addresses?
> 
> Nope, never.
> 
> -- 
> Seth Schoen  <schoen@xxxxxxx>
> Senior Staff Technologist                       https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> 
Excellent!  Thank you for the thorough answers.

-- 
http://www.fastmail.fm - The way an email service should be

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Mac?
  - From: Andre Risling
- Re: [tor-talk] Mac?
  - From: Seth David Schoen

Prev by Author: [tor-talk] Mac?
Next by Author: Re: [tor-talk] Mac?
Previous by thread: Re: [tor-talk] Mac?
Next by thread: Re: [tor-talk] Mac?
Index(es):
- Author
- Thread