Can anyone spy on me by ONLY knowing my MAC address??

[Sandy]

Hellooo I have a shared wireless network with my neighbors and the admin is a guy my neighbor and I suspect that he is spying on my Msn and my internet search. I got tired of installing anti-spy software on my PC, so I bought my own mobile connector as a USB. Not connecting with him on the wireless network. Someone told me that there might be a possibility to spy on me by my MAC address is this true ?? Although I have a different IP address that he doesn't know about him. Please answer me ? Ii is really paranoia!!

[AboveTheLogic]

It's extremely unlikey, but not completely impossible.

Make sure your home router is secured, you have a secured wireless connection if you are using one, and you will probably be just fine.

[Sandy]

what I want to say that does my Mac differes according to the network that I am connected to. or it is the same Mac address wherever I connect my PC.is there something physically that tells him that my device is 'Alive' now or 'shut down'. even if i am in other network. please help !!

[AboveTheLogic]

http://en.wikipedia.org/wiki/MAC_address

it does not differ, your MAC stays the same

[MindBuilder]

It's not clear how you're connecting to the internet or what you mean by your "mobile connector as a USB". Just getting a different "mobile connector" may not help you if you are still connecting to his wireless access point. Is your "mobile connector" an 802.11g wireless network adapter or maybe a 3G cellular adapter? What is the make and model of your new "mobile connector"? What company is the Internet Service Provider (ISP) for your internet connection? What kind of internet connection do you have - Cable modem, DSL, Wireless 802.11, Wireless cellular, Fiber, or something else?

If you are now paying for your own internet service and you have your own wireless access point, make sure you are using WPA2 encryption and at least a 15 to 20 letter/digit random password.

Normally your mac address doesn't change, but it is not too hard to change if you want to. But even if you do change it, your neighbor can pinpoint your signal with a directional antenna.

[Sandy]

No, my connection is not a wireless 802.11. It is a 3G cellular adapter (HUWAEI mobile connect 3G modem) it is like a flash memory (only for one user) you just plug it in your USB, there is NO need to turn on my wireless or Bluetooth. I always switch them off. The company name is Zain (MTC) it is for cellular phone. And I pay every month for that it is like paying for your mobile invoice (monthly). I am really so tired and anxious of over thinking how to protect my privacy. Meanwhile, I can't buy another laptop (with new Mac address, because he already know my current Mac address). Is there really a possibility to pinpoint my signals?? Could you please explain how? Could he find the signals of my 3G cellular adapter?

[AboveTheLogic]

Each network adapter has its own MAC.

If he has the MAC address for your built-in wireless, you are safe if you are not using it.

The USB adapter you are using to get online has its own unique MAC. I'm going to guess that it probably even has its MAC printed on the outside.

[MindBuilder]

Since you are using a 3G wireless connection it doesn't matter what the MAC address of your laptop's 802.11g wireless card is, because you're not using it. It is cheap and easy to intercept 802.11g connections, but I expect that it is very rare for someone to have the equipment to intercept a 3G net connection, so he probably won't have access to your data or your 3G MAC address. Nobody on the internet can see your MAC address or use your MAC to snoop on you except the devices connected directly to your 3G modem over the air.

Cell phone voice calls are encrypted these days so I expect that 3G are also, but you would have to ask your wireless provider to know if they are encrypting your connection. However the encryption used for voice cell phone calls has recently been badly broken, so even your voice calls may not be secure from snooping these days. I think they still are reasonably secure for the next few months anyway.

If you are visiting a web site where the URL starts with https, like all bank web sites, then your connection is encrypted and you don't have to worry about snooping. For some sites https might be optional like it used to be for google mail. Just put an s after the http in your address bar and see if that works or if the site redirects you back to the plain http page. For sites where you can't use https, you could use an encrypted proxy service or maybe tor. If you have a friend with sophisticated computer skills, you may be able to set up a VPN connection to his system to prevent snooping for the part of the data path between your computer and your friend's.

If you get a DSL connection it is very unlikely he could snoop, at least not without tapping in to the wires. If you get a cable modem connection, your neighbors may be able to easily see what you download, but it would be hard for them to see what you send without sophisticated equipment.

If you were using 802.11g then it would be easy and cheap for your neighbor to pinpoint your radio signals. If you are using 3G then he still could do it using the same principles, but he would have to have a radio that is rather expensive and that very few people have.

Every thing I've said above assumes your neighbor is little more than a common snoop and you are mainly just interested in your personal privacy or small personal bank accounts. If you think you could loose tens of thousands of dollars or worse to your neighbor's hacking or if you think he is a highly sophisticated electronics expert, then you need a security professional to evaluate your situation in detail. And indeed, the only practical solution may be to move, if you have someone that dangerous next door. It is extremely difficult to secure yourself against an expert hacker who is determined to compromise you.

[MindBuilder]

One cheap and easy way to locate an 802.11g signal is to hold an 802.11g radio in front of you and monitor its signal strength while you slowly turn your body. When the strength of the signal you are interested in drops, then the signal is probably coming from behind you because it is partially blocked by your body. This can be tricky because signals often fluctuate, so you may have to turn around several times slowly to establish the correct direction. Now go to another location off to the side of where you think the signal might be coming from and do this again to find out how far the signal was from your initial location. If you can't get close enough to precisely find the location with this crude method then you can get a directional antenna that can find the direction much more precisely.

Speaking of directional antennas, you can get a big(about 1 meter across) high gain antenna that will connect to an 802.11b access point at distances up to more than 10km. You may be able to find somebody anywhere up to that distance that will let you connect to their access point, and if it is encrypted with WPA2 then your neighbor couldn't snoop.

[MindBuilder]

While the above method works cheaply and easily for locating an 802.11g signal, it probably wouldn't work well for locating a 3G signal because most 3G radios probably only monitor the signal strength of the tower, not other nearby 3G radios. Your snoopy neighbor would need a special radio that could pick up your 3G signal instead of the tower's signal. I think it is unlikely that your neighbor has such equipment, but if he is an electronics enthusiast, he may.

[Marcelo Gomes]

I guess the original question should have been "my neighbor knows my MAC address, and I've used his network to connect to the Internet for some time. Is there some way for him to eavesdrop on me, now that I connect through a 3G USB dongle?"

The important thing here is: even though this guy is using another MAC address (the one from the 3G dongle, not the one from the wi-fi), he had been vulnerable to his neighbor's eavesdropping for some time, so his neighbor could have gathered other information besides his wi-fi MAC address, such as his MSN password.

Even though I find it unlikely that the neighbor can still eavesdrop on him (though it's possible, just WAY much harder), I'd advise him to change all of his Internet-related passwords, since his neighbor could have already taken note of them, thus letting that neighbor impersonate him.

I know you were expecting a better answer, such as "do this and forget the paranoia". Unfortunately, the world is much more complex. There's no such thing as perfect security. So, forget the paranoia, learn to live with it, or make sure to have a vacancy for you in your local asylum.

[wimiadmin]

Quote:

Originally Posted by Marcelo Gomes

So, forget the paranoia, learn to live with it, or make sure to have a vacancy for you in your local asylum.

Great comment!

I think a lot of our users along with myself are a little paranoid as we want to protect as much of our information as possible. We all take an assumed risk each time we connect to the internet. I think the best step for everyone is to put more trust in a connection that goes from you directly to your reputable ISP. Everyone should have some sort of anti-virus program running at all times as well as scan their computer for Malware using a program like www.malwarebytes.org and Adware using something like www.lavasoft.com at least once a week. The best defense is a good offense. With strong passwords like !P@sswords001 and not Password hackers will have to work harder to break into your accounts. Hackers are lazy for the most part and want the quick and easy score. Keep them at bay by keeping up your defenses.

[AboveTheLogic]

Quote:

Originally Posted by wimiadmin

Great comment!

I think a lot of our users along with myself are a little paranoid as we want to protect as much of our information as possible. We all take an assumed risk each time we connect to the internet. I think the best step for everyone is to put more trust in a connection that goes from you directly to your reputable ISP. Everyone should have some sort of anti-virus program running at all times as well as scan their computer for Malware using a program like www.malwarebytes.org and Adware using something like www.lavasoft.com at least once a week. The best defense is a good offense. With strong passwords like !P@sswords001 and not Password hackers will have to work harder to break into your accounts. Hackers are lazy for the most part and want the quick and easy score. Keep them at bay by keeping up your defenses.

I second this.

A hacker EXPLICITLY targeting you---well if he knows what he's doing he's going to get you one way or another, if he tries hard enough.

A hacker checking a broad range of connections interested in picking the low-lying fruit is likely to just skip over you if you have better than average security practices.

[MindBuilder]

Yes, I forgot to mention that if your attacker could intercept your 802.11g connection then software or software updates you downloaded could have been infected with spyware. Any vulnerabilities in your web browser or other network software could also have been easily exploited to get spyware onto your system. After backing up your data, you need to wipe everything off your computer's hard drive, probably even the restore partition, and reinstall from clean sources. Don't copy your backed up documents back onto your clean system unless you need to, and scan them for infections first. Make sure you frequently do all your updates on your clean system, especially the updates from Microsoft and Adobe.

For extreme security, you need an operating system that allows you to get total control of the insides, like Linux or OpenBSD. But that is probably overkill, You should be able to make Windows reasonably secure. Though I recommend Linux anyway because the price is free, the updates are free, it's rarely targeted by viruses, you get the freedom to customize it and make it do what you want, and if enough people start using it, we will be freed from the lock-in that makes us buy Windows. Start using Linux to help us win software freedom.

Does anyone know if there is a way these days to verify that the contents of your Windows restore partition are clean? Of course I make DVDs from the restore partitions of my new computers, but most other people I help don't seem to make disks until long after they've exposed their system to infection.

[Sandy]

Thank you ALL for helping me. Mr. MindBuilder I appreciate your help. You do comfort me, I was tired for two weeks trying to protect my privacy. I am concern about my password for bank, email, and messenger conversations that I heard it is easily to intercept. I tried to Access the Hotmail site plus (https) like this >> https://www.hotmail.com/ but it directed me to a plain page. Does that mean that my connection is encrypted?
I did not know about the 802.11g radio I mean how it looks like? Is it only specialized for detecting wireless signals?
And do I need to download WAP2? And is it also effective for securing my MSN conversation. I don’t know if he is dangerous or not. But interested more in watching my conversations. Sorry for asking too much. And thanks in advance.

[Sandy]

I installed some programs to protect my privacy: Outpost firewall Pro 2009, AntiRap personal edition(Temporary), Spybot Search & destroy. To change my Mac address I used MadMACs program. Do you think they are effective?

[AboveTheLogic]

I've never heard of those programs but you should be careful about whatever you install. Make sure its something reputable.

If the webpage doesn't show "https" then your password is being sent clear text across the internet and can be intercepted. Always make sure "https" is in the URL when you type in and send a password.

[MindBuilder]

When Hotmail redirects you from a https page to an http page, it means Hotmail is refusing to encrypt the page and your password may be intercepted. Many web pages that you enter a password on are sent to your computer unencrypted with only http and then your password is sent back encrypted with https. This is good if an attacker is only listening to your internet connection, but if your attacker can intercept what is going to your computer and replace it with what he wants, then the entire page must be sent to your computer with https because if even one little picture is sent without https, the attacker can expand that one little thing to take over the whole page and remove the encryption from your password. However if you are now using a 3G connection, you probably don't have to worry much unless your neighbor is an advanced electronics enthusiast with special equipment.

Before you got your 3G connection you were probably using 802.11g with the wireless network you shared with your neighbors. Almost all laptops today have an 802.11g radio built in. An 802.11g radio will only detect signals from other 802.11g radios and older slower 802.11b radios. An 802.11g radio won't detect a signal from your 3G radio.

You only need WPA2 if you are using 802.11g instead of 3G. And you can't download it, it must come with the wireless access point. The person who controls the wireless access point just has to turn it on and set the password. WPA2 won't do you any good if the attacker is the admin of the access point, because if he is the admin, then he will know the WPA2 password. WPA2 only encrypts your internet data from your radio, over the air to the radio in the access point. After your internet data gets to the access point, it is decrypted and sent unencrypted to hotmail, or whatever other web site you are visiting.

Although WPA2 won't do you any good if your neighbor is the admin of the access point you are connecting to, you may be able to get internet access cheaper than 3G if some other neighbor of yours farther away, will let you connect to their access point that your snoopy neighbor doesn't control. Then WPA2 would probably protect your internet data from your snoopy neighbor, as long as the WPA2 password is long enough(15 to 20 random characters). With a long range antenna, you could connect to access points up to several km away.

I'm sorry I didn't say it in the beginning. Forget about your MAC address. It does you no good to change it. While changing it is unlikely to cause problems, changing it could under some circumstances cause confusion and hassles. If your attacker can see your MAC address then he can see all your other unencrypted internet data as well. That data is the important part, not your MAC. And if your attacker can see your old MAC address then it will very likely be easy to figure out what you changed it to after you change it.

Your MAC is only transmitted for one step of the journey, to whatever equipment your computer is directly connected to. After the first step, your MAC is stripped out of the data. So your laptop sends your MAC to the 3G cell tower. Then the tower strips your MAC off your data, and sends your data on from the tower to some data center or some other equipment on the next step of your data's journey. It is unlikely your neighbor can see the MAC your computer sends to the 3G tower. And even if he could, you shouldn't care because it is your data that matters and not the MAC. Changing the MAC won't hide your data.

One of the few times I can think of when you might want to change your MAC is when you take your laptop to someplace like a coffee shop and you want to connect anonymously. But that would be pointless unless you change many other things as well, like your cookies and user agent string. Another time people change their MAC is when their internet sevice provider has linked their service to the MAC address of their old computer or access point. When they get a new computer or access point they may change the MAC of the new system to match the old one. That way they don't have to waste time calling the ISP and telling them the new MAC.

However if you've already changed your MAC and everything is working OK, then you should probably leave it what it is now instead of changing it back.

[Sandy]

Thanks for the clear description. Actually, I am taking some precautions as connecting to the internet while ,I am sure, my neighbor is out for work. one last thing, do you have any good ideas to protect my MSN conversations?

[MindBuilder]

He could be recording your data while he is away. He could also have a link from his work to home to alert him and allow him to observe when you start to connect. But it's unlikely he is intercepting your 3G connection, and if he is then he is sophisticated and you would have to practically be an expert to stop him. Ask your 3G company if they encrypt the data connection. If they do, then either stop worrying about your neighbor, or begin a very long and detailed study of computer security, because if he can hack an encrypted 3G connection, then you will have to be VERY knowledgeable to stop him.

To get your data encrypted past your neighbor, part of the way to MSN, I only have the same suggestions as before: Tor, a VPN to a friend, an encrypted proxy service, or connect to a WPA2 encrypted access point that your neighbor doesn't control.