Mac address +hotspot

Here i read:
"if you are using a public wireless access point for example, the access point will log your network card MAC address, time and date. A network administrator could use this information to link your machine, i.e. laptop, mobile device, etc, with a particular Internet session, in order to do that you would have to lose control of the device and allow someone to examine it, using a VPN on a Wi-fi connection will not hide your MAC address."

Now imagine this situation: i have a laptop which in the past i used at home ,no vpn, my regular isp.
I now use this laptop at a wifi location (,earlier without vpn ,now with vpn) .
Is this theoretically possible: The hotspot, (say, a big fastfood chain)lets law enforcement sniff their traffic, LE spots an interesting person, and with the mac adress they obtained they query their database and find the same mac adress was used when this laptop was connected to my isp; so, i am exposed.

If the above is a correct assumption,what steps should i take to become anonymous ?
1. Change the mac adress when i go online ?
2. Remove the network card physically and use a new usb card(which i would have to buy anonymously, and never use it with my own isp because then i would be identifiable again)
I would appreciate your take on this.

 

Windows 7 allows the changing of the reported MAC in the advanced settings tab of the adapter properties. There is also software that will do it.

http://www.klcconsulting.net/smac/

http://devices.natetrue.com/macshift/

This is a software, session only change...a reboot will bring it back to default.

Ubuntu also allows the changing of the MAC, but I haven't had success with that yet (one is with Network Manager, the other was some downloaded software). Maybe a Linux guru could chime in.

A USB adapter only for 'offsite' surfing is a good idea, but you having it, associates you with it...depends on your threat model. I prefer a software change on a laptop that shuts down when the lid is closed...and hold on tight for at least 10 seconds

PD

 

Thanks, i did know about the programs, was just wondering if my assumptions were correct.

Good to know this.

As long as i use the USB adapter only at hotspots i should be ok i think.
as an added security i can use different Mac adresses as well.
Cheers

 

Your assumptions as I understand are incorrect. An ISP can not see the MAC address of your laptop or any other computer on your local network for that matter. It only sees the MAC address of your cable modem or dsl modem etc. not your actual computer. Now if a wireless router has logging enabled of some sort your MAC could be logged at a local level at the public wifi location. The only way they would know if was your laptop is if they physically took it and matched your MAC to the one that they logged on the router. That is assuming they have any kind of logging enabled in the first place. As far as your ISP knowing the MAC of laptop no worries. Here is a bit more on this:

SOURCE

 

This statement doesn't make alot of sense to me because if you are using a VPN that is worth anything your connection will be encrypted. This means anything logged by the local router would not show your activity other than you were connected to a VPN. Maybe I am missing something though.

 

No expert, but I believe the AP obtains the MAC during negotiation for the connection set up. That's how MAC filtering works. The MAC could also be obtained through sniffing the air in promiscuous mode with certain software. I know that used to be a way to gain access to 'non-free' WiFi...by cloning an already 'approved' MAC. The threat model here, seems to be working backwards from a confiscated computer. It can then be tied to locations via the logs. I think it's a worth while 'layer'. CIPAV also reports a host of hardware info...I'm guessing just the burned in hardware address though. But if you've got rouge software installed, all bets are off. Still, if you have a Lenovo, name it Dell, and if your name is Bob, make the user account name Sam

http://www.wired.com/politics/law/news/2007/07/fbi_spyware

https://www.eff.org/deeplinks/2011/04/new-fbi-documents-show-depth-government#footnote12_sti9hjt


PD

 

Routers also log the "Name" of your computer!

 

WOW! I had no idea.

 

Yes, but you supply it. My Asus shows up in logs as 'Dell'.

PD

 

how come your isp can only see your(his) cable modems mac and not your networkcard's?

 

Cable Modem isn't behind the router.

PD

 

what is "Asus"?

 

In my case it's an EEE PC. You've heard of the manufacturer Asus, right? Motherboards, Displays, Graphics Cards, etc... Are you pulling my leg here?

PD

 

lol! No I am not. I'm quite ignorant on a lot of this, and thanx btw for answering my q.