GRC Nano + ADSL + Unique Machine ID...

Discussion in 'privacy problems' started by deadmanschest, May 16, 2003.

Thread Status:
Not open for further replies.
  1. deadmanschest

    deadmanschest Registered Member

    Joined:
    May 6, 2002
    Posts:
    105
    :( Bummer.....

    I ran the new GRC Nanoprobe

    https://nanoprobe.grc.com/x/ne.dll?bh0bkyd2

    Showed as 100% stealth...However, the test page also told me that my ISP (Telus in Canada) assigns a 'reverse machine name DNS' to my machine, that appears to be completely independent of changes in my somewhat dynamic IP address..

    At the risk of overflowing the page, let me copy an excerpt from Steve's explanation...

    "Your Internet connection's IP address is uniquely associated with the following "machine name":

    "ali999cjydfr580h.bc.hsia.telus.net" [altered by moi]


    The string of text above is known as your Internet connection's "reverse DNS." The end of the string is probably a domain name related to your ISP. This will be common to all customers of this ISP. But the beginning of the string uniquely identifies your Internet connection. The question is: Is the beginning of the string an "account ID" that is uniquely and permanently tied to you, or is it merely related to your current public IP address and thus subject to change?

    The concern is that any web site can easily retrieve this unique "machine name" (just as we have) whenever you visit. It may be used to uniquely identify you on the Internet. In that way it's like a "supercookie" over which you have no control. You can not disable, delete, or change it. ...

    ..if the machine name is a fixed account ID assigned by your ISP, as is often the case, then it will follow you and not change when your IP address does change. It can be used to persistently identify you as long as you use this ISP.

    .......[end of excerpt].

    I wanted to check whether this string is 'fixed & unique', so I shut off my modem, and released my IP. I renewed my ADSL modem connection under a completely new IP, went back to GRC, and got exactly the same 'unique machine name' again......At some point I rebooted as well.

    To my simple mind, forget cookies and IP spoofing and whatever else I may do with Proxo et al, if any and all web sites can uniquely identify this machine ID as long as I continue to use Telus as my ADSL provider.....

    Any thoughts anyone?
     
  2. deadmanschest

    deadmanschest Registered Member

    Joined:
    May 6, 2002
    Posts:
    105
    Update - Proxy server - it gets worse...

    :( More bummer...

    Using the wonderous power of Proxo, I decided to connect thru an anonymous Proxy server, located in the US, and reconnect to GRC Nanoprobe......

    No joy - accessing the site with the "anonymous" Proxy server still rendered up exactly the same "unique machine ID' that GRC identified for my machine....

    So, his site identified my machine despite changing my IP address and despite connecting to his site thru an anonymous remote Proxy server......

    Any thoughts....

    dmc
     
  3. Patrice

    Patrice Registered Member

    Joined:
    Apr 15, 2003
    Posts:
    571
    Location:
    Antarctica
    Hi deadmanschest,

    well, in this case I would contact your provider and ask him about that in more detail. Actually the idea of using a proxy was a good idea! ;) With the right settings you can hide your real ID, called anonymous surfing. Check out this tool here:

    http://www.photonosoftware.com/Stealther/savelanguage.php3?jump=/Stealther/main.php3&language=eng&reseller=7348

    It's pretty fast and you can choose different surfing modes: direct, stealth and super stealth.

    Hope that helps so far! ;)

    Regards,

    Patrice
     
  4. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    Re:Update - Proxy server - it gets worse...

    Hello,

    grc use HTTPS (SSL) You must run a proxy accepting SSL throug Proxomitron ar without, directly in your browser setting.

    You may find some here for instance : http://defcon.one.pl/demo
     
  5. deadmanschest

    deadmanschest Registered Member

    Joined:
    May 6, 2002
    Posts:
    105
    Unique Machine ID...regardless of IP addy

    Hi Patrice and Jack;

    Thanks for the suggestions on proxy, but what I was really trying to get at was the idea that my ISP is serving up a unique ID for my machine that is fixed regardless of i) changing my IP address; and ii) using a proxy server, supposedly an 'anonymous one'.

    The idea of trying the proxy was really just to see if the unique ID would change as a result...

    I will contact Telus, but I wonder if other people using ADSL or Cable connections find the same thing at GRC?

    Thanks

    dmc
     
  6. It is worth mentioning that Telus DSL uses the MAC ID registering instead of PPPoE.
     
  7. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    I've been on Steve website and checked that out, it only gives out my reverse DNS lookup of my IP and show to be modemcable*ip*.isp.ca and used proxy to test it and the details changes, resetting my cables IP did the same thing ID changed. So it might just be that telus assigns an ID so that they can trace you back if something like, let's say your hacking and blah... would be easier to find you etc.. cause that ID has been assign to ya... anyhow just my point of view.
     
  8. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Re:Unique Machine ID...regardless of IP addy

    Hi deadmanschest

    With Telus ADSL you will likely have not just one unique rdns, but two. Telus ADSL accounts usually provide for two dynamic IP's which equals two rdns entries. If you go to the registration pages where you enter your MAC address you will see two slots available and beside each will be the rdns entries assigned to that account. You can change your registered MAC addresses, but not the rdns entries assigned to the account. The IP's although dynamic, will usually stay fairly consistent.

    Regards,

    CrazyM
     
  9. deadmanschest

    deadmanschest Registered Member

    Joined:
    May 6, 2002
    Posts:
    105
    Unique Machine ID...bothers me..

    Hi all, thanks to Telus Detective, FluxGFX and CraxyM for the input - I was aware that when I set up the Telus ADSL modem ( a switch from Shaw cable) that I had to 'register a MAC', but of course didn't know what that was...haha

    It seems that FluxGFX' Canadian Cable ISP does not give out a unique (and fixed) machine ID, but it appears that Telus ADSL does that, and if one uses the two, relatively static, dynamic ISP's that each has a fixed and unchanging Unique Machine ID....

    From CrazyM's info, I conclude that I cannot alter the 'rdns' assigned to my MAC address....My further conclusion would be that all my efforts to control cookies, guid's, and all other range of bugs and tracking would be fruitless, being a Telus customer...haha...

    I am prepared to accept that if I do something illegal that with enough effort my machine could be tracked down, regardless of what efforts I took to hide, by anonymous proxy or otherwise, but I am quite disturbed that Telus' system seems to provide any and all with the ultimate 'supercookie' to track my machine and its habits...

    Sometimes I just release and renew until I get a new IP for the exact purpose of changing the IP - thinking that that was the only way left to track me that easily...

    I'm more than disturbed, I'm actually a little PO'd at Telus, altho I certainly never asked the question...

    I am even more surprised about the 'anonymous proxy' not working as to the Telus ID, but I am not sure that I understand what Jack was saying about GRC and Proxo having to use SSL - I think that I have the SSL dll's loaded in Proxo, but that's beyond my ken...I don't want to use an unknown proxy anyway, just did it as a test...

    Shaw has been offering to give me a Cable Modem and a cut rate for switching back - I might decide that this is enough to make me consider it... :)

    Thanks again. If I get a live one at Telus, I will give you an update....Its a Canadian Holiday, so may be a while...

    dmc
     
  10. deadmanschest

    deadmanschest Registered Member

    Joined:
    May 6, 2002
    Posts:
    105
    Re:Unique Machine ID...regardless of IP addy

    I just got off the phone with Telus tech support - CrazyM is bang on - altho Telus insisted that 'Only Static IP addresses, like web servers have a unique ID and you have dynamic addresses' but I persisted and sure enough, Telus has assigned my Network card, thru the MAC registration a fixed, unique, non- hideable and non-changable Unique Machine ID, and they don't see that there is any issue..

    Except that they first tell you that you have dynamic and non-fixed ID, but then it turns out that they are wrong, and they don't see an issue with that either...

    Shheeeeesh....

    Thanks all;

    dmc
     
  11. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    From my side of view, Telus In Canada does the same thing I've checked that with a friend working in Ottawa. But I guess it would only be a certain time before other ISP's start doing that also. But I also notice that in most case's the problem is only ADSL, DSL, xDSL, with Cablemodem seems to be not possible at the moment ( I might be wrong ) but for now most Canadian ISP's don't implement a Fixe ID revolving with the MAC ADD.

    Cheers ! ;)
     
  12. deadmanschest

    deadmanschest Registered Member

    Joined:
    May 6, 2002
    Posts:
    105
    SSL - Proxo - HTTPS - Remote Proxy

    Jack - Thanks again, I believe that I now understand that the Remote Proxy would not accept an SSL request thru it to the GRC site, so it was bypassed...sort of.

    Thanks.

    Mike Healan has taken up the issue, couple of links as well;

    http://www.spywareinfoforum.com/forums/index.php?s=&act=ST&f=16&t=5840

    http://www.dslreports.com/forum/remark,6882519~root=security,1~mode=flat

    Thanks again

    dmc
     
  13. deadmanschest

    deadmanschest Registered Member

    Joined:
    May 6, 2002
    Posts:
    105
    Telus ADSL + [No More] Unique Machine ID...

    Hi all - :p
    After a few months....I am happy to say that Telus is currently no longer broadcasting a fixed and unique alphanumeric Machine ID based upon the MAC registration of one's NIC...

    I am not clear on exactly how the process reached fruition, as I lost patience and wasted breath on dealing with Telus and their kneejerk insistence that there was NO fixed Machine ID.., however....I can report that for residential consumer hi-speed ADSL customers with the default offering of two dynamic IPs, that what Telus now broadcasts as 'reverse dns' is simply the current [sort of] dynamic IP addy, followed by [unfortunately] the geographic location and ISP;

    For example, I am now id'd as "d64-***-153-91.bchsia.telus.net" with 64.***.153.91 my current IP and B.C. my province and telus {duh} my ISP...

    So this is a good thing. I would prefer that the so-called 'dynamic IPs' rolled over with greater frequency, but thats a quibble. Telus finally recognizied that the rdns that they fixed and broadcast for residential ADSL users was a privacy infringement without a purpose, and they fixed it, as far as I can determine.

    Cheers

    dmc
     
  14. Rickster

    Rickster Guest

    Hi FluxGFX:

    Bear in mind the NSA deployed ICCS023 (Internet Collection and Correlation System No.023). Under development since 1997 and beta-activated Dec. 2001 after the 9-11 attacks, though they intended to deploy it anyway. Your MAC may not broadcast to outside observers anymore, but quietly feeds parallel into ICCS from your ISP to the Toronto, Canada ECHLON station. Canada is a long-time proxy to circumvent restrictions on spying on domestic traffic. Developed by ***** the NSA/DIA/CIA has been placing high-level personnel at every NATO, North/South American and allied ISP since 1998 to backdoor it, or acquire them through its commercial branch (like Oracle). NSA maintains control because of its Canadian station, but now managed by a branch of DHS (Dept of Homland Security). ISP management and administrators are oblivious, so don’t bother.

    Another concept at the time was for commercial branch to create/obtain AV companies so virus updates provide Trojan-like data extraction simultaneously – this was in conjunction to a theory proffered that code might be converted to RF radiation using chips injected into the commercial supply to vendors - virtually undetectable. These guys may be theoretically nuts, but the spread between reality and fiction for the average citizen is already pretty enormous. Makes onr contemplate the worldwide drift toward totalitarianism, or a ‘world order’ of some kind.

    All this is funded by the same mechanism we fund our Lockheed Martin Skunk Works. U.S. taxpayers for instance will pay $80,000 per portable radio we ship to Iraq in the current budget. Same creative accounting when the DOD pays $300 for a toilet seat or $600 for a hammer. Any expectation of anonymity and privacy on the net is disappearing at an exponential rate. Expected completion by 2006 includes merging the Matrix profile database in Boca Raton, Fl. (they killed the government funded project recently – but merely transferred it to the commercial branch where budgets are hidden). I’d wager currency disappears soon after.

    BTW the ECHLON Toronto station can decode a 1 MB 168-3DES encoded file in under fifteen-minutes. I recommend using coded pointers if you want truly private communications – though you’d end up being viewed as part of some underground movement in due time. We’re hopelessly headed the direction we all fear, but powerless to stop it – so grab a beer, toast to the good old days. Don't fret with your ISP since they're double-agents anyway, knowlingly or unknowingly.

    Remember, the government doesn’t care if you want to be private as long as they know “why” you want to be private – so "will" invade your privacy to make that determination - bar nothing. Of course, there's no downside to protecting privacy from commercial entities.

    Later, Rick
     
  15. dmiranda

    dmiranda Registered Member

    Joined:
    Jun 13, 2004
    Posts:
    5
    Just wondering if some good can be made out of this. Since what basically is a DNS is being assigned by default by many providers... Could not this DNS be used as a nameserver? I mean, you generally have to pay to have a static IP. But even though IP changes, your DNS remains the same, does not it? I'll try it out soon. But if any of you finds a way to do it, please let the world know.
     
  16. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Hey Rick,

    I'm very aware of that and I've been doing much more then I use to do a few months back.

    Bare in mind that some information is still not release of has not been... "open". In the mean time, regardless of the ISP. My Network card Mac Address doesn't exist ;) cheers.

    Micro engineering is so fun sometimes... cheers ;)


     
Thread Status:
Not open for further replies.