I am sure this is being monitored -So for conversation sake/hypothetical free speech and educational purposes only . Basically looking for the steps to remain unidentifiable as mush as possible. A step by step guide with backedup information that can show that a computer / laptop gives off this information when connecting to the internet and what to do to avoid such.? For the paranoid--do we know that Intel or AMD,or other parts of the machine are not encoding their chips / equiptment to give off identifying info of that machine or other parts of the machine that give off identifying that is traceable.
Question Are:
1) If a person wants to use a laptop on a open cafe / restaurant free wifi connection to try and hack someones gmail with bruteforce, what will be captured from the laptop by the connections and gmail servers? Meaning forensically , what signatures are given off by that laptop? That could be used later to trace this laptop? What is being recorded by the Cafe wifi and/or service provider(ISP)
2) Do you screw yourself by buying a laptop on line with credit cards-I am guessing yes as they us a transaction that is traceable and that card is tied to that laptop with some identifying serial number? OR Go the cash route on craiglists or electronic swap for cash-A burner laptop if you will?
3) Should you turn off the internal wifi and get a cash bought wifi card or antenna to use?
4)Correct to assume you can never use that laptop on you own home network again? Also, cannot use that Wifi card / antenna again?
5)Given that the internet as seen in the media is a total collection is using a service like REVERSE.NET supposedly run by like minded hackers any better then just using other connections?
5 Responses
DillHole:
First, welcome to Null Byte!
To try to answer your question succinctly, whenever you connect to the internet and wherever you navigate to, your IP address is recorded. Connecting from a public AP such as cafe, your IP will be linked to that cafe. That cafe will have a record of your MAC address of your wireless adapter, so it could be linked back to you.
For anonymity, you might try using TOR, but there are some issues with NSA spying through TOR, but its certainly better than naked browsing. Also, buying an external wireless adapter with cash and disposing of it afterwards would make you hard to track.
Hope this helps.
OTW
You seem to also be worried that identifiable information about your computer is being transferred over "in the clear" such as your processor serial, wifi card MAC, HDD and anything else that may be in your computer, traceable to you. As OTW said, you need to use TOR, but he did not mention that a MAC can be changed using the command macchanger. This only changes the MAC address that your card will transmit and receive on, but that makes it harder to trace. As for other methods of your information being sent out (such as serial numbers), the only thing I am aware of that can do this is a piece of malware. The answer to this problem is of course, don't get infected by malware.
Very good thoughts on this and appreciate the input to this hypothetical and for educational purposes only question. I would say that there should be ways to remain somewhat unidentifiable. Buy a laptop with cash, disable Wifi and use burner Wifi antenna then who cares if MAC is seen. If you want to think like the folks who like to trace, then how do you trace, say, a entity that has a cash bought Wifi Card and Laptop and use a cafe free wifi. Lets also think about if you download certain tool s like Kali to use, you should never do it from home. Always, use a WIFI somewhere that is not in your area and is free to download and setup this. Anyone else want to add to this thought about how you can be untraceable, besides using TOR as I think that is a forgone conclusion that you are taking a big risk given certain revelations. Here is another thought on this. So you do all above, your sitting at a cafe doing whatever might be thought as malicious and the ISP on that Cafe is able to zero in on you and then alert someone , who in turn can look on a camera in that area and ident that joe sitting with a laptop.
Dillhole:
You seem to have a healthy level of paranoia. That's a good thing in this field.
To answer your question, first, despite the revelations about ToR, it is still one of the best anonymizers. Unless the NSA is specifically watching you, it is unlikely that anyone can track one using ToR.
Second, as Adam said above, you can always spoof your MAC address.
Third, the ISP does not have your MAC address, just the IP of the cafe. If they wanted to track you, they must first get a subpoena to check the logs of the router of the cafe and see what MAC address was used. This can takes days, weeks or months.
Fourth, they can not track a MAC address to a particular person in the cafe.
This all raises important issues on digital forensics. Maybe I should do some tutorials on forensics?
OTW
I would thoroughly enjoy some forensics tutorials.
Share Your Thoughts