Verifying MAC Address Randomization, Changing Computer Hostname, and Identifying Potential ISPTracking Methods

Hi there,

I’m currently seeking a way to verify my current MAC address, restart my DisposableVM, and confirm that the MAC randomization is functioning correctly by seeing the new MAC address. Additionally, I’m curious to know if there is a method for altering the hostname that appears to others ( Users and Admins ). Finally, I have a question regarding whether there are any other identifiable characteristics beyond my hostname and MAC address that my ISP could potentially use to track my machine.

Thank you for your assistance!

edited

1 Like

Hostname and MAC address are only visible inside your Wifi/LAN, i.e. there’s no need to worry about them if that’s always relatively trusted (= your home Wifi/LAN).

You authenticate with your ISP, i.e. your ISP can always identify you. Nowadays some ISPs in the EU even (currently plan to) sell an API to advertisers to identify you… Only Tor or a VPN may help you against that.

If you fear to be identified inside a public Wifi, there’s [1].

[1] Contents/anonymizing-your-mac-address.md at master · Qubes-Community/Contents · GitHub

This is part of a work-in-progress blog post on my website. It mostly related to the discussion here so this is why I posted it.

When using a VPN, it’s important to be aware of your behavior, as it can reveal your identity to your ISP. If you connect to the same VPN server from multiple locations over multiple sessions, you can be accurately identified.

For instance, if you close your laptop every day at 7 am and your VPN disconnects, and then you reconnect to the VPN at work two hours later (also don’t forget that the same thing will happen and when you go back home), someone with network access can identify a pattern. If this behavior persists over several months, you can be easily identified.

Changing the VPN server you connect to regularly (each Monday at 8 pm as an example) won’t help, as your uptime behavior remains the same. One solution to this would be using multi-hop, and randomizing the entry instance every time you connect. This will get rid of some of the information, but your uptime behavior will remain the same.

A slight nit to pick here. YOU, the carbon unit behind the keyboard, might escape identification. They will know that “this person on line right now is the same person as that one who was on yesterday.” That doesn’t mean they can identify that your name is John Smith or Job Lowe…unless you leaked that at least once of the times that they have tied together.

Nevertheless the utility of traffic analysis can never be overstated. Everything from WWII “we know they’re up to something…they’re talking more even if we can’t decrypt it” to the example you give will tell an adversary something, and it may be the last piece of the puzzle they’re working on.

1 Like

Hi there,

I understand that it can be very challenging to defend against correlation attacks, which is why I want to make sure that I can take steps to protect my privacy when connecting to the same public WiFi network multiple times. To achieve this, I plan to change the name and MAC address of my device so that it appears like a completely different machine each time I connect.

For instance, on one day I might rename my machine “iPhone”, and on another day, I might rename it “DESKTOP-XXXXX.”. But unfortunately it won’t probably make my machine look totally different.

Changing the MAC address and hostname is a relatively simple process, but I still want to ensure that my device is not recognized as the same one that was used yesterday. By doing so, I can maintain my anonymity and privacy while using public WiFi networks.

I found even more easier, sudo ip link show inside the sys-net terminal.

Hello,

I recently completed the tutorial that explained how to randomize all MAC addresses by default, which I successfully implemented on my Fedora-37 TemplateVM. Based on my understanding, the same changes should be reflected in Fedora-37-dvm, which is derived from the TemplateVM. My sys-net is based on the DVM one. I’m gonna check if there is any change after restarting my sys-net, i’m just waiting for a really long download to finish, in a few days…