Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,677 --> 00:00:02,541
In the section on
security domains,
2
00:00:02,575 --> 00:00:04,746
we talked about
physical security
3
00:00:04,856 --> 00:00:08,797
in terms of a separate device
like a secure laptop,
4
00:00:08,867 --> 00:00:11,397
or a secure USB, or SD card.
5
00:00:11,490 --> 00:00:15,287
Now we’re going to dig a little deeper
in relation to privacy and anonymity,
6
00:00:15,423 --> 00:00:17,860
and physical security domains.
7
00:00:18,039 --> 00:00:21,954
So let’s start with devices and
their hardware serial numbers.
8
00:00:22,084 --> 00:00:27,956
So devices have hardware serial numbers
that can uniquely identify them.
9
00:00:28,055 --> 00:00:32,447
These unique identifiers can then
possibly trace back to you
10
00:00:32,547 --> 00:00:35,411
through a money trail or
potentially other methods,
11
00:00:35,521 --> 00:00:38,287
if the hardware wasn’t
bought anonymously.
12
00:00:38,361 --> 00:00:41,807
If you care about non-attribution
and staying anonymous,
13
00:00:42,010 --> 00:00:46,387
then you need isolation of the unique
hardware identifier
14
00:00:46,464 --> 00:00:49,638
so it cannot be enumerated
by your adversaries.
15
00:00:49,696 --> 00:00:53,432
The first unique hardware ID
that you need to be aware of,
16
00:00:53,434 --> 00:00:55,717
if you’re not already,
is the MAC address.
17
00:00:55,756 --> 00:00:59,666
An adversary could get your MAC
address off your network card,
18
00:00:59,695 --> 00:01:01,702
which is always a unique number.
19
00:01:01,842 --> 00:01:05,687
This method was used by the NSA
to deanonymize TOR users
20
00:01:05,777 --> 00:01:09,061
through a Firefox exploit
on the TOR browser.
21
00:01:09,101 --> 00:01:12,540
And this is a write up here of how
that happened, if you’re interested.
22
00:01:13,234 --> 00:01:18,399
The MAC address is like an IP address,
but for your local network only.
23
00:01:18,451 --> 00:01:20,995
If an adversary has access
to your machine,
24
00:01:21,125 --> 00:01:23,495
they can view the unique MAC.
25
00:01:23,520 --> 00:01:24,998
If they know the unique MAC,
26
00:01:25,058 --> 00:01:27,243
that can be potentially
traced back to you
27
00:01:27,325 --> 00:01:29,331
through the purchasing
of that device.
28
00:01:29,431 --> 00:01:32,446
So in Windows, if you want
to look at your Mac address,
29
00:01:32,594 --> 00:01:37,010
you simply type in ipconfig/all.
30
00:01:38,352 --> 00:01:41,463
I have a lot of adaptors on this
because it’s a virtual machine,
31
00:01:41,512 --> 00:01:44,763
but let’s scroll up and see if we
can find the physical addresses,
32
00:01:44,803 --> 00:01:45,586
the Mac address.
33
00:01:45,636 --> 00:01:47,148
There’s one of them.
34
00:01:47,419 --> 00:01:51,244
So for this network adaptor,
that’s the physical address,
35
00:01:51,296 --> 00:01:52,932
unique physical address.
36
00:01:53,614 --> 00:01:55,409
You may only have
one network card,
37
00:01:55,459 --> 00:01:58,935
so you may only see one
physical address.
38
00:01:59,015 --> 00:02:01,402
There you go, there’s the Mac
address.
39
00:02:04,412 --> 00:02:05,821
And there’s another one.
40
00:02:05,871 --> 00:02:08,452
And yours will probably
say Ethernet adaptor
41
00:02:08,752 --> 00:02:11,743
or wireless adaptor
and you'll see it here.
42
00:02:12,096 --> 00:02:15,355
On both Mac and Linux,
you can use ifconfig.
43
00:02:15,537 --> 00:02:19,670
We'll need sudo to run it
or root permissions.
44
00:02:24,160 --> 00:02:25,435
And there it is,
45
00:02:25,732 --> 00:02:31,554
the hardware unique MAC address,
on both Linux and Mac OS X.
46
00:02:32,402 --> 00:02:35,137
It’s also possible
to see it using IP tool.
47
00:02:36,928 --> 00:02:38,555
So you can see it there.
48
00:02:40,042 --> 00:02:42,843
IP is like the new ifconfig.
49
00:02:45,006 --> 00:02:49,432
And now just specify eth0 so you
can see the hardware address.
50
00:02:49,735 --> 00:02:50,590
It’s the same thing,
51
00:02:50,650 --> 00:02:53,338
just another way to find
the hardware address.
52
00:02:54,303 --> 00:02:59,303
The first three bytes of a MAC address
are the manufacturer’s ID.
53
00:02:59,361 --> 00:03:01,355
So if you have an Apple laptop,
54
00:03:01,415 --> 00:03:04,034
then it'll be the ID of Apple.
55
00:03:04,134 --> 00:03:07,730
If you’ve got a Lenovo laptop,
then it'll be the ID of Lenovo.
56
00:03:07,860 --> 00:03:10,825
And the last three bytes
of your MAC address,
57
00:03:10,947 --> 00:03:13,665
this is specific and
unique to the net,
58
00:03:13,715 --> 00:03:15,977
to the network card,
to the Wi-Fi card,
59
00:03:16,087 --> 00:03:17,040
to the Ethernet card,
60
00:03:17,090 --> 00:03:21,068
so it’s this last three that
will be unique to your device.
61
00:03:21,208 --> 00:03:25,436
If you’re looking for privacy,
anonymity, non-attribution,
62
00:03:25,556 --> 00:03:27,814
then you need to change
your MAC address.
63
00:03:27,866 --> 00:03:30,403
It can be potentially
got out via malware
64
00:03:30,485 --> 00:03:35,036
and it can be seen on local networks
as well Ethernet and Wi-Fi.
65
00:03:35,993 --> 00:03:39,633
For Windows you can use this tool
here to change the Mac address.
66
00:03:39,798 --> 00:03:42,653
It’s a pretty good tool,
works very well, it’s free.
67
00:03:43,796 --> 00:03:45,834
In Linux there’s a tool
called MAC Changer.
68
00:03:45,879 --> 00:03:47,025
This is available in Kali,
69
00:03:47,085 --> 00:03:50,552
but won’t be available in Debian and
other distributions straight away,
70
00:03:50,632 --> 00:03:52,358
so you'll need to install it.
71
00:03:57,919 --> 00:04:00,288
And you can select whether
you want to set it up
72
00:04:00,398 --> 00:04:02,667
to automatically change
the MAC address.
73
00:04:02,817 --> 00:04:05,228
I’m going to select No here,
but you can select Yes.
74
00:04:07,548 --> 00:04:09,090
So we need to change the MAC.
75
00:04:09,243 --> 00:04:12,581
To change the MAC we need to
down the network interface.
76
00:04:12,708 --> 00:04:15,497
The network interface
on this one is eth0.
77
00:04:19,170 --> 00:04:21,373
That’s taking eth0 down.
78
00:04:24,166 --> 00:04:26,501
So we can see there
just the local loopback,
79
00:04:26,651 --> 00:04:30,548
eth0 isn’t there anymore, so now
we can change the MAC address.
80
00:04:33,677 --> 00:04:35,639
The -r means random,
81
00:04:35,699 --> 00:04:39,374
so it’s randomly changing
the eht0 MAC address,
82
00:04:39,499 --> 00:04:42,503
and now it’s changing to the new MAC
address that you can see now.
83
00:04:45,510 --> 00:04:47,916
As you can see, the interface
is still not there,
84
00:04:47,976 --> 00:04:50,070
so we need to bring it up again.
85
00:04:52,603 --> 00:04:56,094
And that will bring it up.
And let’s see if it’s up.
86
00:04:57,611 --> 00:05:02,050
And there it is with its new
hardware address,
87
00:05:02,200 --> 00:05:03,935
its new MAC address.
88
00:05:05,370 --> 00:05:09,487
On a Mac, you can change your MAC
address using a command line as well.
89
00:05:09,661 --> 00:05:11,516
And that would be like this.
90
00:05:13,632 --> 00:05:15,554
en0 would be the name
of the interface,
91
00:05:15,714 --> 00:05:17,874
so whatever the name
of the interface is.
92
00:05:20,978 --> 00:05:23,407
And then you specify at the end
there the MAC address
93
00:05:23,573 --> 00:05:27,795
and that will change the MAC
address on a Mac OS X.
94
00:05:28,156 --> 00:05:31,516
But I’m on Debian here, so I’m not
going to run that command.
95
00:05:31,797 --> 00:05:33,328
If you don’t want to do it
on the command line,
96
00:05:33,352 --> 00:05:36,748
with Mac OS X you can
download MacDaddy X.
97
00:05:36,954 --> 00:05:39,448
That will enable you
to change the MAC.
98
00:05:40,188 --> 00:05:42,157
And there’s actually
another tool as well
99
00:05:42,430 --> 00:05:46,562
called WiFiSpoof which will enable
you to change the MAC address.
100
00:05:48,926 --> 00:05:51,415
Virtual machines hide
your real MAC
101
00:05:51,475 --> 00:05:55,640
and also allow for the setting
of the MAC address.
102
00:05:56,605 --> 00:05:58,454
Example here,
103
00:06:00,429 --> 00:06:02,548
so you can see the MAC
address here.
104
00:06:02,891 --> 00:06:05,093
And we can generate a new,
random one there.
105
00:06:05,336 --> 00:06:06,908
That’s VirtualBox.
106
00:06:07,065 --> 00:06:09,227
But if you fear a knock
at the door,
107
00:06:09,297 --> 00:06:13,368
you need to change the virtual MAC
through the VM frequently.
108
00:06:13,450 --> 00:06:17,283
You don’t want a static MAC that
ties you to a virtual machine
109
00:06:17,333 --> 00:06:20,471
even if it is just a virtual
MAC address.
110
00:06:20,655 --> 00:06:23,861
But the best option is to have
anonymously purchased hardware
111
00:06:23,921 --> 00:06:26,173
like laptops, and network cards,
112
00:06:26,253 --> 00:06:28,413
and Wi-Fi, and network dongles;
113
00:06:28,726 --> 00:06:31,135
the devices that have
MAC addresses.
114
00:06:31,264 --> 00:06:36,203
You could purchase a whole bunch
of cheap USB network adaptors
115
00:06:36,324 --> 00:06:40,459
and use a MAC changer in combination
to mitigate the risk.
116
00:06:40,589 --> 00:06:43,177
This would be the best
way of MAC mitigation:
117
00:06:43,284 --> 00:06:46,095
anonymous hardware
plus MAC Changer.
118
00:06:46,753 --> 00:06:49,492
Tails, another security focused
operating systems,
119
00:06:49,503 --> 00:06:52,601
use MAC Changers as default.
120
00:06:52,671 --> 00:06:56,008
But do check to make sure
they don’t show the real MAC
121
00:06:56,128 --> 00:06:58,366
of your device’s network card.
122
00:06:58,552 --> 00:07:01,606
You know how to check that now,
so when you’re not using Tails,
123
00:07:01,686 --> 00:07:03,148
check out what the MAC is.
124
00:07:03,320 --> 00:07:04,688
Then, when you’re in Tails,
125
00:07:04,768 --> 00:07:07,820
run ifconfig or sudo ifconfig
126
00:07:07,930 --> 00:07:10,459
and see if the MAC address
has changed.
11159
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.