Internet privacy and security course
About translation
Previous Next

Chapter 110

What is MAC address and how is it related to your anonymity?

Reading Materials on the Internet about MAC address, you can find many statements that MAC address does not affect the anonymity, that a person cannot be identified with help of it, their activity cannot be tracked as well, their location cannot be determined with it...

These are all myths, and I will try to debunk them, but let's start with the theory. If you are reading my publications, in particular, you have read the chapter on VPN, you must know well that exchange information on the Internet happens thanks to IP addresses.

IP-address is at your Wi-Fi the router from which it sends data to the IP address of the web site server, and the site returns response to the IP address of the router. Then, the Wi-Fi router should exchange data with devices connected to it, but how this should be done?

Imagine that from the site server the information packet was sent and by fiber optic cable it reached the router, so how can the router understand which device to transfer it to? How does the router distinguish connected devices in general?

And then MAC address enters the game, which is a unique identifier of each device having access to the device’s network. It is six pairs of letters / numbers (six-byte number), where information about the manufacturer is encrypted (the first three high bytes) and models of network devices. One can determine manufacturer of devices by MAC address, for example, by the site. The MAC address is also called physical address, because it is registered in the device, but it was not assigned virtually as IP-address.

mac

We told you how to find out your MAC address in this chapter.

Frankly speaking, this is extremely simplified model that does not stand the criticism of colleagues, but it perfectly reveals the role of the MAC address for a beginner user. We will consider deeper about working principle of Wi-Fi router in the chapter on Wi-Fi.

So, all of the devices, going to the network, have MAC address, but it is not transmitted further than router, as in the Internet data exchange occurs based on IP-addresses. You must have a question: What is the danger of MAC addresses?

The danger is that when Wi-Fi module is turned on any device you have, whether it is a laptop, tablet or phone, they reveal the MAC address to everyone wanting to get it. It is a publicly affordable information which, unfortunately, cannot be hidden without giving up the use of Wi-Fi module in your device.

Disconnection of Wi-Fi module prevents unaddressed distribution of information about your MAC address, as well as switching off Bluetooth stops unaddressed distribution of Bluetooth-ID.

Supposing you are sitting in a cafe and you want find out the IP addresses of all sitting in one institution with you, but no matter how much you would try, it will not work. To find out the phone numbers of other guests, you can by using some special equipment that is prohibited in most countries and is mainly used by law enforcement agencies. But if to speak about the MAC addresses, you can find them out without any problems by simple perimeter scanning with a device having Wi-Fi.

This is the basis for some systems for analysis of visitors to resort towns. Sensors are installed in shopping centers, hotels, entertainment places, in the end, the information such as how long, how often, and what places the users visited is gathered.

There are such systems in large shopping malls and they monitor which stores within the mall and how long the visitors attend; thanks to the received data, some popular routes are formed, as well as other statistics in the form of time and regularity of the visits. As you might have guessed, the main one is your smartphone with activated Wi-Fi module.

Based on the MAC address, marketers are trying to estimate financial state of the tracked user. An owner of the Apple phone with a high probability will turn out to be better off than an owner of the Meizu phone.

Within our course we use MAC addresses to scan homemade Wi-Fi network for uninvited guests. If a neighbor connects to your router, we will know their MAC address, and then you can try to find which one out of neighbors may have a phone or computer that connects to your Wi-Fi.

And if you become seriously angry, you can get a specialist in and transform your Wi-Fi into a trap that will start recording traffic, use the attack "man in between" and DNS substitution, thereby one can identify the neighbor and access their personal data. But I got too into…

In some countries there are working systems for searching criminals with MAC address analysis. Imagine the situation when a hacker connected to the public Wi-Fi router in the city park and made a bad deed. He used VPN, but the authentic IP address was set with connection mapping method.

So, law enforcement organs went to Wi-Fi router in the park used by the criminal to access the network, and received MAC address of the malefactor’s computer, saved in logs of the router. Forensic experts withdraw Wi-Fi routers, which is a regular practice, and in some cases, they manage to get information about the MAC addresses of devices that were connected to it.

At the same time, data cellular operators were checked on whether the criminal at this moment was using a mobile phone. But the hacker disconnected his mobile on purpose before entering the park.

There was one clue, i.e. the MAC address. The hacker's MAC address was added to the tracing system. Criminal lay low, but a month later in another park he switched on his laptop and... right away was identified by the system that discovered the wanted MAC address.

Sometimes the MAC address is used by software as one of components for generating HWID, that is unique hardware identifier, thanks to which the computer can always be find out. We spoke in detail about this in the chapter on the information about you that is collected by software.

I think I told enough about MAC address for introductory chapters in the next part we will talk how you can set the location by MAC address of owner’s devices with an accuracy of 10 meters.

Previous
6386
Next