WiFi, The ISP and TOR

Discussion in 'privacy technology' started by notthatguy, Apr 7, 2012.

Thread Status:
Not open for further replies.
  1. notthatguy

    notthatguy Registered Member

    Joined:
    Apr 7, 2012
    Posts:
    34
    I've been studying into this lately and I'm new to privacy online so I apologize if I'm wrong on this. I've started reading about privacy now that those new bills are going through. Anyway here's my confusion.

    When you log into a wireless network say at a Mcdonalds the ISP logs the following information and it would look like this.

    Hostname - JohnsComputer
    MAC Address: F4-4S-16-HH
    Log : Google @ 0800 HRS, Google Searched Fart @ 0805 HRS

    If I logged on with TOR they would receive the following:

    Hostname - Johns-Computer
    MAC Address: F4-4S-16-HH
    Log : TOR Data @ 0800, TOR Data @ 0805

    With TOR the WiFi network would have no knowledge of what you were doing correct?

    Now my questions:

    Are WiFi networks able to pick up computer specs? Or anything else that would help them identify a user.

    If you spoofed the MAC and Randomized the host name, the user would be literally completely untraceable correct? (On a technical standpoint)

    This has really been bothering me, since reading on here I came to this conclusion after 5 minutes and I just don't understand how it could be that easy.

    Sorry for any bad English

    (Note: This is all completely out of fun and theoretical, I'm only trying to actually understand the WiFi logging process)
     
    Last edited: Apr 7, 2012
  2. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Your MAC and Host Name will stop at the router, but it is a good idea to randomize those so you don't appear in McDonald's logs. MadMACs from Iron Geek works well. It will also happen on any wired network you hook up to as well. On WiFi, it is also traveling through the air...so if somebody is sniffing for a machine name and MAC, but doesn't 'know' you, spoofing, again, is a good idea. Watch out for video surveillance. Using Tor or a VPN, will blind whatever ISP the free hotspot is using as a provider...as well as securing your traffic from prying antennas.

    PD
     
  3. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    As PaulyDefran said the MAC /Domain will only be used in the routing environment over the LAN/WLAN.

    Let me Address your logging concerns in order of AP (Access Point/ISP/TOR)

    Access Point (Your wifi hotspot)

    The type of information gathered over the local untrusted LAN/WLAN will vary depending on how the AP provider has configured their network. I am sorry there is no clear cut answer here. A simple router may log assigned DHCP IP/MAC/Ports/ time stamp. ( 192.168.0.X/01:23:45:67:89:ab/80/ 0200 PDT. More advanced can also log DNS queries to IP/MAC (192.168.0.X, 80, www.google.com). Additionally show source/dest of TCP streams and protocols used. Also if you have to provide any credentials to access the AP then that will supplement the logs.

    The ISP

    As for what the ISP logs this will depend on your country and established laws. Technically an ISP "could" log everything over their wire. Do they? No, not a chance in fact in terms of customers, most will simply log IPs to customers and when the user logs into their services. If you are using a free Wifi hotpot, the ISP sees the IP (IPs) leased to the provider whom you are obtaining the wireless connection from.

    TOR

    Tor routing is good for anonymity (if set up correctly) however not for privacy. The reason being while traffic is encrypted as it is pushed into the Tor tunnel, the traffic eventually has to be decrypted to transmit to the webserver and services you want on the internet. This means the exit node, the final hop in the chain, can monitor and sniff your traffic.

    So to address your questions:

    If just a router is being utilized than no, see my post above, the router will log traffic to and from a user. If the AP providers are running additional monitoring/log tools, sniffers, than yes they can probably pick up a great deal more. Do your local small town shops do this? Most likely not.

    From a computer only perspective it would be hard but not impossible. This all comes down to who your adversary is. Realistically if you are spoofing your mac you are protected from that identifier with the AP. If you pipe your traffic through Tor/VPN/SSH you are protected from the AP or anyone over the WLAN sniffing your information. You are also protected from the ISP as all traffic over the wire is encrypted and the IP is not your own. That being said the end of the tunnel (decrypting phase) is where your risk is. I'd say for this thought experiment you would need to have the webserver in question encrypt your session to really have good anonymity ontop of everything else.
     
    Last edited: Apr 7, 2012
  4. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Is "host name" the same as computer name?
     
  5. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    Hey Caspian a hostname is a label that is assigned to a device connected to a computer network, for non internet based, yes it can be a Microsoft NetBIOS workgroup, a computer name, etc. Hope this helps.
     
  6. notthatguy

    notthatguy Registered Member

    Joined:
    Apr 7, 2012
    Posts:
    34
    Ya that would definitely the increase the odds 99%, but the idea that anyone can log onto a open wifi, use TOR/VPN, and spoof MAC/Host and browse and be nearly completely anonymous blows my mind. Even if the AP is using sniffing tools from what I've read, they will not be able to gain any CREDIBLE identifiable information about your Computer.

    Yes it is, thanks for the posts guys if anyone else want to chime in feel free I love this topic.
     
    Last edited: Apr 8, 2012
  7. syncmaster913n

    syncmaster913n Registered Member

    Joined:
    Mar 24, 2012
    Posts:
    153
    Why does it blow your mind? :) real question, not being ironic or cute.
     
  8. notthatguy

    notthatguy Registered Member

    Joined:
    Apr 7, 2012
    Posts:
    34
    Before I started browsing online about privacy I thought all anonymity was gone online.

    And then I found Wilders...
     
  9. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Very helpful, thanks. So I found a free MAC address changer http://www.technitium.com/tmac/index.html. That should be pretty simple.

    But as far as "randomizing" a computer name, does that mean changing it to random characters? Wouldn't it be better to temporarily change it to a really common name like "My-PC" or "My Computer"?
     
  10. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    That MAC changer you found is one I recommended on here in another thread, it is very good (and free). MadMACs however, will also randomize the host name/machine name. It does this from a simple text file of actual names. You can use the one provided, or create your own. They are 'real' names. The 'random' means it picks a new MAC and Name at every boot.

    PD
     
  11. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    That sounds really cool. Thanks for the tip.
     
Loading...
Thread Status:
Not open for further replies.