Peter N. Glaskowsky wrote (08 May 2015 18:59:35 GMT) :
>> On May 8, 2015, at 10:20 AM, intrigeri <intrigeri@???> wrote:
>> Source Valley wrote (08 May 2015 16:55:50 GMT) :
>>> There are countless example I can think of where one might need a truly random mac
>>> changer, here is just one example: If I'm sitting in a coffee shop and I'm the only
>>> one with a Unique first 3 octet wifi card, then it wouldn't be too difficult to
>>> reveal who I am.
>>
>> I don't understand. May you please clarify?
> I assume this is the usual issue that someone observing the network can look up an OUI, here for example:
> https://www.wireshark.org/tools/oui-lookup.html
> and if it turns out to be distinctive— for example, used only in certain Dell-branded
> laptops— it could potentially identify the user if he or she is the only user with
> such a machine in the coffee shop at that moment.
OK, I see. In such contexts, I don't think it matters much what exact
bits of the MAC address we modify, as long as we spoof the MAC address
exactly once per session: the timing of connection/disconnection is
probably enough to correlate a given MAC address with a physical body
with a quite good success rate: the MAC address that suddenly appears
on the LAN when $PERSON shows up, takes $COMPUTER of a bag and turns
it on, and suddenly disappears when $COMPUTER is put back into a bag
and $PERSON leaves, is very likely to be $COMPUTER's MAC address, and
the network traffic from that MAC address is very likely $PERSON's
network traffic.
Cheers,
--
intrigeri
