Re: Anonymous Blogging

~David~ wrote:

You are correct: Assuming the user has hardware that allows this, they
can do it fairly easily as the CD _prompts_ you upon bootup to see if you
want to randomize the MAC address. How much easier can it get?

Super! As I remembered it this wasn't automatic, and had to be done after
the OS had loaded. A bit of a security risk in itself.

And yes, you have to make sure you are fairly physically anonymous. Many
universities have large wireless networks that are easy to get on and hard
to track people on because of their large size. For example, my university
has a HUGE campus and it would range from _very_ difficult to impossible
to track a person if they were using a fake MAC. The only thing
authorities/sys admins would know, assuming they could get through Tor's

<snippage>

If an attacker has the ability to break Tor the rest is likely
meaningless. Even if they just have the ability to narrow down your
location with traffic analysis of a "hunch" netwqork segment,
triangulating your precise location would probably be trivial.

Still, using hard wires is inherently more secure than wireless access at
this day and time, and being behind a router is preferable to being part
of a very large and likely closely monitored network. Both wireless and
joining a LAN leave a considerable number of doors open that aren't there
otherwise. In fact, just broadcasting a encrypted signal itself to the
general public might be the thing that garners you unwanted attention and
leads to ultimate compromise.

anonymity (no small feat) to trace the true point of origin, is that a
user with a wireless network card accessed the network with a fake MAC
on a system that sort of looks like winXP, which is what anonyOS looks
like. Reboot the system, take the CD out of the drive, and all traces go
away.

I agree that for most applications "drive by" access, if practiced and
done correctly, is not much less secure than the good ol' desktop PC on a
private network accessing the Internet through a gateway device that
physically isolates it. But there's still a larger number of things to
consider and secure, and consequently a larger number of things to go
wrong. That said, I'd wager that the OP would be just fine either way
assuming he realized it was something like Tor providing the anonymity and
not the "Internet Cafe" the poster first asked about. Tor is acceptably
secure. Direct connections, no matter how obscure, are not.

.

Relevant Pages

  • Re: Any free Wi-Fi intrusion detectors? I think my neighbours free-riding!
    ... Peter Wilkins wrote: ... Just secure your network so no-one can get in without the ... If you want to check, before you secure the AP, you can look at the ... show you the MAC addresses of all the machines that are using your ...
    (microsoft.public.windowsxp.general)
  • Re: WLAN security question
    ... >> I actually secure by WLAN by only allowing certain MAC addresses to connect ... We secure it in three ways. ... PUT THE WHOLE THING BEHIND A FIREWALL. ... >trusted access to our internal network nor any of our servers. ...
    (comp.security.misc)
  • Re: WLAN security question
    ... > I actually secure by WLAN by only allowing certain MAC addresses to connect ... We secure it in three ways. ... Our entire wireless network is stuck behind a firewall. ...
    (comp.security.misc)
  • Re: network mannager cant connect to secure wireless networks:
    ... Asunto: Re: network mannager can't connect to secure wireless networks ... network correct parameters (WEP 128-bit Passphrase and Open System), ...
    (Fedora)
  • TidBITS#794/29-Aug-05
    ... This week's issue brings a potpourri of Mac news, ... Mark Anbinder looks briefly at Google Talk, ... Adding Tiger's AirPort Preferred Network List ...
    (comp.sys.mac.digest)