Trying to understand MAC address and TOR / VPNs

Discussion in 'privacy problems' started by Fontaine, Dec 18, 2012.

Thread Status:
Not open for further replies.
  1. Fontaine

    Fontaine Registered Member

    Joined:
    Jan 29, 2008
    Posts:
    245
    When connection from a home network, it's my understanding that the router's MAC address, not the computer's MAC address, is revealed beyond the home network (e.g. to the ISP).


    When using a VPN, can the ISP or VPN provider see/log the router's MAC address?

    In the case of TOR, who would be able to see/log the router's MAC address?

    I found a few threads here that discuss a similar topic, but can't find the answers above.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    An Internet Protocol device by default provides its MAC address only to the DHCP server that assigns its IP address. So your ISP gets the router's MAC address, and your router gets your computer's IP address.

    In connecting with sites on the Internet, your computer relies on Network Address Translation (NAT) done by your router. So websites, VPN servers, Tor entry guards, etc only see your router's public IP address. They don't see any MAC addresses.

    However, with geolocation enabled browsers will share your router's MAC address with Google and other geolocation sites. Google etc have created comprehensive geolocation databses for WiFi routers based on wardriving and other roaming clients. Also, websites can run Javascript apps that hack your router's MAC address.

    Androids and iPhones by default report all WiFi router MAC addresses to their servers.
     
  3. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    So if you go into about:config in Firefox and toggle geo.enabled to false does this block google and others from capturing your MAC address?
     
  4. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    I don't know if it's the same thing, but on Android 4.1-4.2, under Location Services, 'WiFi and Mobile Network Location' are not on by default. It asks during setup if you want to enable it, and any time you turn on GPS it also wants to turn it on, but it asks...I always say no.

    Funny thing about different routers and MAC's: I had 2 different Buffalo routers with DD-WRT that I didn't have to do anything with, as far as MAC addresses went, it just worked. I switched to an Asus RT-N66 and it wouldn't connect to my ISP, no matter what. I ran the Troubleshooter and it filled in the MAC address for a satellite box I have on the network and then worked fine. Weird.

    PD
     
  5. popcorn

    popcorn Registered Member

    Joined:
    Apr 3, 2012
    Posts:
    239
    can chrome be hardened against this ?
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    Yes. Also, any legitimate site will ask whether you want to use geolocation (which will work only if you've enabled it in the browser).
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    That's good to know. I've been thinking about getting an Android device, but I'm still suspicious ;)

    That sounds odd. Please say more. What device is actually connecting to your ISP?
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    Maybe I've exaggerated here. I get from PaulyDefran that geolocation isn't enabled by default on at least some Android devices.

    Anyone know?
     
  9. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    don't forget, Ubuntu (and maybe kubuntu? edubuntu? etc) is also giving away your geolocation data unless you disable it.
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    It's just looking up your public IP address, in order to suggest a time zone. It's not giving away anything private.
     
Loading...
Thread Status:
Not open for further replies.