Most people have only the vaguest notion of a layer of identification that is quite distinct from IP Addresses. Assigned to every device is a label that can be used to track its location. This is called a MAC address (Media Access Control Address).
A little piece of hardware called the Network Interface Card, or NIC starts all this. It allows your device to connect to a network. Each device has a unique MAC address. Burned in or hardware addresses is the other name for MAC addresses.
How to network devices interact with one another is, in part, determined by the MAC address. Your device sends its MAC address through form a connection with the next device along the chain, when you connect directly to a building’s Ethernet, or when you connect to a Wi-Fi router. The next device then sends its MAC address further along the chain, link by link building your connection to the internet.
MAC and vulnerability
Institutions and companies have used MAC addresses to locate devices. Moving from Wi-Fi point to Wi-Fi point, the device continues to broadcast its MAC address, so as to be able to connect to new Wi-Fi points. A unified Wi-Fi system, in a large facility, is used to track user’s locations, collecting information about their movement.
This requires access to a large number of Wi-Fi points. Only large corporate entities can afford this. The uses of MAC addresses are sometimes quite benevolent. In some parts, they are merely used to measure and evaluate traffic flow and speed.
However, instances of abuse remain. A London advertising company, in 2013, was found to be using trash cans with Wi-Fi to detect and track MAC address movement throughout the city. It flashed targeted ads in response to the devices‘habits and movements.
Impersonation of Disruption
A hacker using the same Wi-Fi router as you could use specific software to detect your MAC address. Poorly set up routers can even lead to impersonation and the hijacking of credentials.
Some routers use MAC addresses to filter access. This strategy is, however highly susceptible to MAC spoofing. Your MAC address is all the hacker needs, to steal your identity.
An encrypted and password secured Wi-Fi router gets around this conundrum well. If the hacker cannot log in to your network, the possession of your MAC address will do them no good.
Protecting the MAC address
Using your MAC address to attack you is difficult for a hacker. MAC addresses rarely travel beyond the first device they connect to.
Some local networks can block certain online content using MAC address filtering.
Masking your MAC address is no good. However, there are a couple of ways in which your address can remain secure:
- When on the move, turn off Wi-Fi;
- Mac spoofing;
- Mac randomization.
When on the move, turn off Wi-Fi
When you are on the move, your device is broadcasting its presence to devices around. Regardless of whether you are connecting to them or not, your device sends off its MAC address to discover nearby Wi-Fi networks around.
If you use Wi-Fi networks that are trustworthy or use a VPN, there is reason enough to turn off your device’s Wi-Fi sense when you travel.
A made-up address is assigned to your NIC when you spoof your MAC address. Basic steps:
- Your current MAC address;
- To change your MAC address to a specific address or a random one, use an inbuilt feature, a command prompt or an app.
MAC randomization permits you to cycle through random fake addresses whenever you are not connected to a Wi-Fi address. The randomization stops as soon as you connect to a Wi-Fi network.
This strategy does not prevent you from making the connections you want to make. On the other hand, it protects.