I'm Being Watched, I'm Being Watched, I'm Being Watched by the CIA, CIA

Marceline · Feb 21, 2015

For about $30 per year, you can get an anonymizing VPN service that will encrypt all your traffic. If you are concerned about privacy, I would highly recommend this.

I have one called privateinternetaccess.com and I use it whenever I'm logged into a public network anywhere.

Yes, the MAC address is a unique identifier. It's only visible to the local network you're on, not to any of the remote Web sites you visit.

If you encrypt your traffic via VPN, anyone on the local network won't be able to know anything you're doing other than that you're encrypting stuff, so they wouldn't be able to tie your MAC to any specific activity. Likewise, the sites you visit won't know where you've reached them from - you can even have it appear that you're from another country if you wanted.

Anyway, I would recommend this as a fairly easy solution that addresses 99% of your privacy concerns in this case.

charlieoscar · Feb 21, 2015

Of course, there is the secret spyware that NSA has been implanting in hard drives. See headlines from Google News.

https://www.google.com/search?hl=en&gl=us&tbm=nws&authuser=0&q=nsa+hard+drives&oq=nsa+hard+drives&gs_l=news-cc.1.0.43j43i53.3008.6845.0.9461.15.5.0.10.10.0.85.410.5.5.0...0.0...1ac.1.97q5KVZZUcg

tonyandpals · Feb 21, 2015

riboflav said:
Extra points to those who can tell me what the thread title is in reference to. UGH! You probably just googled it. I hate what America has become!

Anti-Flag from Pittsbuuuuuuuurgh peeeeennncillll.......vaaaaaaniiiaaa.

crystalline · Feb 21, 2015

charlieoscar said:
Of course, there is the secret spyware that NSA has been implanting in hard drives. See headlines from Google News.

https://www.google.com/search?hl=en&gl=us&tbm=nws&authuser=0&q=nsa+hard+drives&oq=nsa+hard+drives&gs_l=news-cc.1.0.43j43i53.3008.6845.0.9461.15.5.0.10.10.0.85.410.5.5.0...0.0...1ac.1.97q5KVZZUcg

Implanting into hard drives at Iranian nuclear plants. Unless you work at an Iranian nuke plant you're likely safe from this one. The far worse sin of the NSA is monitoring ~75% of Internet traffic plus data stored in the cloud via requests to e.g. Google and Amazon. (Yes, 75%. Capturing incredible bandwidth. Using custom hardware.)
http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa
http://www.wsj.com/articles/SB10001424127887324108204579022874091732470

About MAC addresses:
Yes every network device has a unique MAC address, which is visible to the first local router you connect to. Therefore whoever provides the wifi (or the ethernet drop) can log it. Most companies use intrusion detection software that logs it. The first part of every MAC address identifies the hardware manufacturer, but that doesn't give away much info. Using a VPN prevents anyone local from associating the sites you visit with your MAC. However, the NSA almost certainly monitors the exit nodes of VPN providers where all your traffic will pass unencrypted.

Average Reds · Feb 21, 2015

I refuse to worry about this until porn is criminalized.

At that point I toss all my electronics and move to a remote cabin.

SteveF · Feb 21, 2015

It's usually possible to change your MAC address. You can google that if you want to know how. Just be aware this could have some impact on your router/wireless access/IP distribution/firewall/port forwarding rules depending on how those were configured.

If you are willing to pay for increased privacy, then you'll want to use a VPN as Mr. Sixpack says.

charlieoscar · Feb 21, 2015

crystalline said:
...the NSA is monitoring ~75% of Internet traffic plus data stored in the cloud via requests to e.g. Google and Amazon. (Yes, 75%. Capturing incredible bandwidth. Using custom hardware.)...

I had a glimpse of their computer room back in the late '60s. It was pretty impressive back then...especially as I became a systems analyst with a private company after I got out of the service about a year later and their system was only the size of about three wall lockers.

Rightly or wrongly, not everyone believes you need to be connected with an Iranian nuke plant to be infected with the NSA malware.

The internet was all love; freedom; flowers; Peace, Brothers and Sisters. The Money reared its head...I can grab all these domain names and companies will pay me for them. Them companies realized they could make money and then things like PayPal made them realize that to make it even easier, move the cash transaction to the web. Now criminals woke up. The internet spread as populations around the world became more affluent and they wondered why America should have all the money, so they started helping themselves to it. Then this country managed to turn some of it allies into enemies because we thought everyone should follow our example and the enemies try to inflict harm on our economy. I like having facts and figures at my fingertips, entertainment at a click, but I don't think I trust the future any more.

derekson · Feb 21, 2015

I don't know if it's as easy on Windows, but on OS X (and other *nix systems) you can change your MAC address with a simple terminal command. I used to use it on my laptop to spoof the MAC address of my iPhone back when Starbucks had free wifi only for AT&T wireless customer devices.

crystalline · Feb 21, 2015

derekson said:
I don't know if it's as easy on Windows, but on OS X (and other *nix systems) you can change your MAC address with a simple terminal command. I used to use it on my laptop to spoof the MAC address of my iPhone back when Starbucks had free wifi only for AT&T wireless customer devices.

This doesn't always work on Mac OS X. I believe it was Leopard that didn't allow you to change the wired Ethernet MAC address. A quick Google search shows that now seems possible again with recent OS X versions. I believe changing the wifi MAC address was always possible.

SumnerH · Feb 21, 2015

It also depends on the hardware, some NICs allow MAC alteration and others don't.

derekson · Feb 21, 2015

riboflav said:
For apple devices, I read you need to change it every time you log on.

This is true, on every reboot it does revert to the factory MAC address. But you can easily write a script to change it and run that as a log-in item if you so desired. Easy to do that with AppleScript.

Marceline · Feb 21, 2015

derekson said:
This is true, on every reboot it does revert to the factory MAC address. But you can easily write a script to change it and run that as a log-in item if you so desired. Easy to do that with AppleScript.

I'm just not sure what is gained by doing so.

There are many other steps that the average person can take that would have much more of an impact at improving privacy and security - surfing through a VPN whenever on a public network, using browser plug-ins like Ghostery and Disconnect, using the tracker blocking list on adblock plus, ensuring that browser is fully wiped on exit, use NoScript and only enable javascript for known sites. Just to name a few things that come to mind.

The use of being able to see someone's MAC address is very limited. If someone says they are not a tech person but are concerned about privacy, I would recommend any/all of the steps above before I would even start getting concerned about spoofing a MAC address.

derekson · Feb 22, 2015

Joe Sixpack said:
I'm just not sure what is gained by doing so.

There are many other steps that the average person can take that would have much more of an impact at improving privacy and security - surfing through a VPN whenever on a public network, using browser plug-ins like Ghostery and Disconnect, using the tracker blocking list on adblock plus, ensuring that browser is fully wiped on exit, use NoScript and only enable javascript for known sites. Just to name a few things that come to mind.

The use of being able to see someone's MAC address is very limited. If someone says they are not a tech person but are concerned about privacy, I would recommend any/all of the steps above before I would even start getting concerned about spoofing a MAC address.

I wouldn't bother myself, but if one was concerned about leaving records of which wifi networks one connected to, then spoofing MAC addresses would be helpful.

Marceline · Feb 22, 2015

riboflav said:
Why do you say the bolded?

Maybe I should have phrased it better - there are certainly a number of attacks that a potential hacker could execute against you if you're on a public wifi via your MAC address. But changing your MAC address doesn't stop those attacks, anyway.

You still have to use some MAC address to connect to a network, and honestly, it doesn't make much difference whether it's the one that came with your hardware or you've changed it.

If you were trying to be the next Dread Pirate Roberts and start up the next Silk Road, yeah, it'd probably benefit you to generate a totally new, random MAC every time you connect to a network.

But for the OP who said he's concerned about privacy, I just don't see any tangible benefit from changing a MAC over any of the other suggested things I mentioned above, or probably 100 other things you could do to improve your privacy.

Marceline · Feb 22, 2015

derekson said:
I wouldn't bother myself, but if one was concerned about leaving records of which wifi networks one connected to, then spoofing MAC addresses would be helpful.

The level of surveillance required to gather that data is extraordinarily high, since someone would need to be on the same local networks as you to gather it and to make any use of it. If you are actively under FBI surveillance then I would do this. Otherwise I can't see it being all that useful.

crystalline · Feb 22, 2015

Edit: yes, changing the mac address only really helps on guest or open wifi - otherwise the network ops can track you via your authentication info.

Marceline · Feb 22, 2015

Well, that's true, but they can still trace the changed mac back to you. So you'd really need to change it each time you connect to the network in order to really gain any value there.

And if you're going to buy something embarrassing online, it still makes more sense to just use a vpn service. Then the local network ops won't have any way of knowing that you even visited someembarrassingsite.com. If you are disguising your mac but browsing unencrypted, people on the local network can still snoop on your traffic, execute man in the middle attacks, monitor your browsing activity, etc.

Edit: reply was to your pre-edited post...

Marceline · Feb 22, 2015

riboflav said:
I was reading last night that your MAC can only really be tracked while you're on someone's wifi. Like if the police or FBI already had you under surveillance. But, otherwise, once you're gone, you're gone. It seems implausible to me that your MAC would not be logged somehow. Maybe it was this tech writer's experience that most places (coffee shops, libraries, etc.) don't store your MAC info. I don't know.

When you initially connect to the network, there would be a log entry generated in the local router saying MAC address X was assigned IP address Y. All the activity logs after that would be based on IP address. So it wouldn't be that hard to correlate those if you had access to those logs (or really for anyone snooping on the network, since those assignments would be easily picked up by anyone monitoring traffic on a public wifi).

Again, if you simply use a vpn they'd be unable to correlate any specific activity to the mac address so that would be your easiest method of preserving privacy in this scenario. You could also rotate and choose a new random mac each time you connect, as discussed above, but that seems like overkill to me unless you really have serious fears that you are being targeted.

SumnerH · Feb 22, 2015

riboflav said:
I was reading last night that your MAC can only really be tracked while you're on someone's wifi. Like if the police or FBI already had you under surveillance. But, otherwise, once you're gone, you're gone. It seems implausible to me that your MAC would not be logged somehow. Maybe it was this tech writer's experience that most places (coffee shops, libraries, etc.) don't store your MAC info. I don't know.

This is false. My wireless router definitely stores a list of MACs that have connected to it, both so that it can try to give them the same IP address each time and for blacklisting/whitelisting/port forwarding/etc.

j44thor · Feb 22, 2015

If you are concerned about privacy on public wifi hotspots, you might want to google pineapple wifi. The internet is a much scarier place than you probably realize.

On the commuter rail the other day I'm 90% certain the guy in the seat next to me was hacking a website via SQL injection. He kept writing code then going to the change password challenge screen. Could have been a legit pen-tester or developer but if not he was definitely up to no good.

CaptainLaddie · Feb 22, 2015

Re: the title

CodPiece XL · Mar 30, 2015

riboflav said:
I finally got a vpn per the suggestion above. But every time I log off the VPN icon disappears and I can't find it anywhere so I have no way to connect to it. I end up reinstalling the vpn every time by locating the installer in my downloads folder. I've run a search for it on my computer. I've looked in my network settings. I just can't find it. Is there something I'm doing wrong?

I've never had that problem with my VPN. However, I don't have a Mac. If someone can't help you here, drop the VPN tech support an e-mail. If they are reputable they should get back to you the same day, probably within an hour or so. At least that's been my experience.

mt8thsw9th · Mar 30, 2015

CaptainLaddie said:
Re: the title

I've probably seen them 8 times, but zero times since 2000. It somehow went over my head.

tonyandpals · Mar 31, 2015

mt8thsw9th said:
I've probably seen them 8 times, but zero times since 2000. It somehow went over my head.

Commie bastard

mt8thsw9th · Mar 31, 2015

It was your site that alerted me! I learned it from watching you!

TSC · Apr 1, 2015

tonyandpals said:
Anti-Flag from Pittsbuuuuuuuurgh peeeeennncillll.......vaaaaaaniiiaaa.

I'm just seeing this thread now, and ugh.

YOU GOTTA DIE GOTTA DIE GOTTA DIE FOR YOUR GOVERNMENT!

ugh.

tonyandpals · Apr 1, 2015

mt8thsw9th said:
It was your site that alerted me! I learned it from watching you!

Man, that site was fun. Got me so laid.

I'm Being Watched, I'm Being Watched, I'm Being Watched by the CIA, CIA

Member

Well-Known Member

Member

Well-Known Member

Member

Member

Member

Member

Member

Member

Member

Member

Member

Malt Liquor Picker

Member

Well-Known Member

Member

Member

Well-Known Member

Well-Known Member

Member

Well-Known Member

Member

Well-Known Member

Malt Liquor Picker

Member

dj paul pfieffer

Member

Member

anti-SoSHal

Well-Known Member

anti-SoSHal

SoSH's Doug Neidermeyer

Well-Known Member