There have been a lot of queries about MAC address and privacy on blog comments as well as in emails that I get from many users of TMAC. Reading this post should clear most queries that you have.
MAC Address & Privacy
A website on Internet cannot find your MAC address by any means. Your MAC address stays in the local network you are connected to (like LAN) and so technically only a website hosted on the same LAN network can find the visitor's MAC address.
So changing MAC address would give you privacy only at local network level. Nobody will be able to track your presence on the wifi networks that you connect to with a new MAC address being used every time.
This Website Wants To Know Your Location!
One thing you must note that MAC address of your wifi access point or any other access point that is in your range will be disclosed when your web browser asks to share your location information and you click Share Location.
A web browser will compile a list of all the wifi hotspots in range and read their BSSID (MAC Address of station in an Access Point) with the signal strength and send it over to the website asking for it. The website uses a database of known MAC addresses with their location, combined with your IP address and try to figure out your location based on the signal strength [1][2]. In popular/commercial places the location can be as accurate as 25 meters. You can read more about it in this earlier post.
IP Address Based Location Mapping
IP address is commonly used to find the visitors location. Its pretty straight forward for a website to find a visitor's IP address. Using commercially available databases that map IP address to location, websites can provide region specific services to the visitors or just compile stats for visitor traffic analysis. The database can provide location up to the City the visitor is from. The database can be wrong at times due to IP address blocks being reassigned to another location but in most case, the country can be reliably identified.
If you are more paranoid about your IP address being disclosed, you can use Tor.
Tor can be painfully slow at times but it does provide a level of
anonymity for free. If you have some cash at hand, you can go for
Virtual Private Network (VPN) services. These services will carry all
your Internet data through their own network such that your IP address hides
behind their data center IP address.
How Are You Being Tracked?
Most common way of tracking users is by storing identification data on user's computer known as Cookies. Web browser accept and store cookies that any website sends back. Cookies can easily be deleted with most web browsers. You can configure your web browser to clear cookies when the browser closes.
Cookies being easy to delete, websites and advertisement networks found new ways to track users. With most Internet connected computers having Adobe Flash installed, it became a new way to restore the deleted cookies. Adobe Flash Player allows to store cookies which cannot be deleted by clearing browser cookies. Users can however delete flash cookies manually by using Flash Player's Website Storage Settings Panel. Obviously, deleting flash cookies is difficult and most users are not even aware of the existence of a separate flash cookie.
Another way is by means of HTTP ETag. ETag was designed to enable smart web caching but can easily be used to track visitors. Each web resource (images, html etc) that browser stored in its cache can be identified by website supplied ETag. The only way to get rid of this is to clear your browser cache just like you clear cookies.
How Do I Protect My Privacy?
I would recommend you to use Firefox web browser and install following add-ons:
1. Better Privacy - It clears flash cookies when browser closes.
2. Certificate Patrol - It can prevent a very rare man in the middle attack on HTTPS websites.
3. HTTPS-Everywhere - It will add "https" automatically to URLs that you enter in browser forcing browser to use HTTPS even when you forget to enter proper https URL (works for popular websites only).
4. NoScript - Recommended only for advance users. It will block javascripts/flash from unauthorized websites. You can decide which sites can use javascript/flash easily.
You can even use Firefox Profile feature. Its possible to create multiple "profiles" in Firefox, each profile being completely separate, having its own cache, cookies, history, add-ons etc. To do so, just go to Run (Start > Run or press Win+R) and enter firefox -p -no-remote and you will see a profile manager window. It can be very convenient to create a shortcut with the mentioned command line parameters for use every time.
Note that for each profile you create, you will need to install all the add-ons mentioned above separately. Using separate profiles, its possible to log in into different Google accounts in same browser without linking them together.
References:
1. Location-Aware Browsing - Mozilla Firefox
2. Location sharing - Google Chrome
Edit:
Read more about Ad networks tracking stats. You are always being tracked (stalked) by multiple Ad networks!
Thanks.Very useful.
ReplyDeleteI wonder what is your commitment to keeping the software free?
ReplyDeleteWhy not charge for such a great piece of software?
You must be on some good money!
Thanks for the compliments! The software paid me long ago in terms of experience. Your guess might also be right!
DeleteYou say that websites can't get your MAC Address.
ReplyDeleteBut be aware, all it takes is one example to prove that wrong.
#1 Go to http://www.grc.com/media.htm
Which is grc.com -> Services -> Tech TV Clips.
#2 Then view the Call for Help on ZDTV video that was recorded on March 02, 2000.
Thanks for the link. But, its not really what you are thinking of.
DeleteThe video dates back to year 2000, the OS being used is windows 98! There is no firewall built in OS. So, anyone can probe NetBIOS to get more info on your computer. You can check command nbtstat and confirm that it does display MAC address.
In current scenario, all OS include firewall and thus its not going to work.
While all OS(es) include a software firewall, that firewall can be turned off.
DeleteIf the firewall is off, if the user's ISP is not blocking the ports for NetBIOS and if the user is not NATTED - then it works.
OR if the firewall is off, if the user's ISP is not blocking the ports for NetBIOS and if the user is forwarding the ports for NetBIOS - then it works.
Ya in the mentioned conditions it would work.
DeleteBut, now in current scenario, its not easy to find computers with live ip address and firewall turned off. Early, in those days, most people would use dial-up internet and would have live ip.
Now most people have ADSL or cable internet, that too the computer is connected to internet through router and thus is behind NAT. OS by default has firewall turned on and most users dont know how to turn it off. Turning off firewall while having live ip address is totally like drunk driving.
Thus practically trying to find MAC address of any machine on the Internet is not possible.
Just wanted to say the last hour that I have read all the questions and responses I have learned a lot here. Thanks, -P
ReplyDelete