Re: [qubes-users] Spoofing MAC

2017-01-30 Thread Chris Laprise

On 01/27/2017 06:03 AM, pl1...@sigaint.org wrote:



Then if I use other internet connections and spoof MAC, they never know my
real MAC,right?



If you're using Network Manager MAC randomization described in the doc, 
then yes---it will use a different random address with each "connection" 
(each radio access point or router). It can also do this for wired 
connections. (This has nothing to do with IP addresses... Tor handles 
anonymization at the IP level.)


Unfortunately, other identifiable information was recently discovered in 
the Wifi hardware handshake packets, so full anonymization at the MAC 
level won't be possible until sometime in the future.


Chris

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/48b8cbcb-6a2e-2fbe-157b-469231aeb9dd%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Spoofing MAC

2017-01-26 Thread Sae
On 27/01/2017 00:45, Unman wrote:
> On Wed, Jan 25, 2017 at 09:11:06PM +0100, Sae wrote:
>>  Forwarded Message ---
>>
>> Subject:     Re: [qubes-users] Spoofing MAC
>> Date:Wed, 25 Jan 2017 20:52:35 +0100
>> From:Sae <s...@nopping.eu>
>> To:  pl1...@sigaint.org
>>
>>
>>
>> On 25/01/2017 20:34, pl1...@sigaint.org wrote:
>>> Hi
>>> I followed the guide that explains how to spoof MAC using debian based
>>> appVM. Now will my ISP "see" this new or it anonymize just my surfing?
>>>
>> Hello.
>> You ISP never sees your MAC. Your MAC is used for the communication
>> between your computer and your router.
>> Spoofing your MAC is usefull in networks which are not under your
>> control (hotspots, school, work, …).
>> Then, from that network point of view, your computer won't identify
>> itself with your mac address that is closely tied to your computer hardware.
>> Spoofing your mac address has no impact on your IP address, so it won't
>> anonymise your surfing.
>>
>> forwarding because I forgot to send to the list. 
> Since your ISP has complete control over your router they *always* see
> your MAC. If you spoof the MAC then they would be able to associate the
> spoofed MAC with that router. If you have been consistent and keep
> changing it then you would have some degree of plausible deniability for
> any particular session.
> Best approach would probably be to add another wireless card on another
> netvm, and use spoofed MAC and separate qubes on that netvm, while keeping the
> vanilla card for "normal" use. That way to maintain "normal" use and
> mask the other activity. Use a removable wifi card and disposable
> netvm for the spoofing to minimise trace. Increase deniability by
> setting router to open or with simple to guess password.
>

My ISP doesn't have control over my router. My modem/router is my own. I
just configure it with their credentials.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/12416757-91b3-c825-1079-f41e4935e2ed%40nopping.eu.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Spoofing MAC

2017-01-26 Thread Unman
On Wed, Jan 25, 2017 at 09:11:06PM +0100, Sae wrote:
>  Forwarded Message ---
> 
> Subject:  Re: [qubes-users] Spoofing MAC
> Date: Wed, 25 Jan 2017 20:52:35 +0100
> From: Sae <s...@nopping.eu>
> To:   pl1...@sigaint.org
> 
> 
> 
> On 25/01/2017 20:34, pl1...@sigaint.org wrote:
> > Hi
> > I followed the guide that explains how to spoof MAC using debian based
> > appVM. Now will my ISP "see" this new or it anonymize just my surfing?
> >
> Hello.
> You ISP never sees your MAC. Your MAC is used for the communication
> between your computer and your router.
> Spoofing your MAC is usefull in networks which are not under your
> control (hotspots, school, work, …).
> Then, from that network point of view, your computer won't identify
> itself with your mac address that is closely tied to your computer hardware.
> Spoofing your mac address has no impact on your IP address, so it won't
> anonymise your surfing.
> 
> forwarding because I forgot to send to the list. 

Since your ISP has complete control over your router they *always* see
your MAC. If you spoof the MAC then they would be able to associate the
spoofed MAC with that router. If you have been consistent and keep
changing it then you would have some degree of plausible deniability for
any particular session.
Best approach would probably be to add another wireless card on another
netvm, and use spoofed MAC and separate qubes on that netvm, while keeping the
vanilla card for "normal" use. That way to maintain "normal" use and
mask the other activity. Use a removable wifi card and disposable
netvm for the spoofing to minimise trace. Increase deniability by
setting router to open or with simple to guess password.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170126234540.GB9439%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Spoofing MAC

2017-01-25 Thread Sae
 Forwarded Message ---

Subject:Re: [qubes-users] Spoofing MAC
Date:   Wed, 25 Jan 2017 20:52:35 +0100
From:   Sae <s...@nopping.eu>
To: pl1...@sigaint.org



On 25/01/2017 20:34, pl1...@sigaint.org wrote:
> Hi
> I followed the guide that explains how to spoof MAC using debian based
> appVM. Now will my ISP "see" this new or it anonymize just my surfing?
>
Hello.
You ISP never sees your MAC. Your MAC is used for the communication
between your computer and your router.
Spoofing your MAC is usefull in networks which are not under your
control (hotspots, school, work, …).
Then, from that network point of view, your computer won't identify
itself with your mac address that is closely tied to your computer hardware.
Spoofing your mac address has no impact on your IP address, so it won't
anonymise your surfing.

forwarding because I forgot to send to the list. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7b18c8fa-cd6f-5376-4a4a-63ef2fae04ca%40nopping.eu.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Spoofing MAC

2017-01-25 Thread pl11ty
Hi
I followed the guide that explains how to spoof MAC using debian based
appVM. Now will my ISP "see" this new or it anonymize just my surfing?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/eac8d699fb6b0ac3619018db23c4acb4.webmail%40localhost.
For more options, visit https://groups.google.com/d/optout.