O que é um endereço MAC?

Every network interface — wired or Wi-Fi — has a MAC address, which is a serial number assigned to each interface at the factory by the vendor. MAC addresses are used on the local network to identify the communications of each network interface.

Enquanto seu endereço IP identifica quem você é na Internet, seu endereço MAC identifica qual dispositivo você está usando na rede local. Endereços MAC somente são úteis na sua rede local e não são enviados pela Internet.

Ter um identificador único na sua rede local pode por em risco sua privacidade. Aqui estão dois exemplos:

  1. Se você usa seu laptop para se conectar a diversas redes Wi-Fi, então o mesmo endereço MAC da sua interface Wi-Fi é utilizado em todas estas redes locais. Alguém que esteja observando estas redes pode reconhecer seu endereço MAC e rastread sua localização geográfica.

  2. Unless you choose to hide that you are connecting to the Tor network, someone who monitors your Internet connection can know that. In this case, your MAC address can reveal that you are a Tor user.

What is MAC address anonymization?

When MAC address anonymization is enabled, Tails temporarily changes the MAC addresses of your network interfaces to random values for the time of your Tails session. MAC address anonymization hides the serial number of your network interface, and so, to some extent, who you are, from the local network.

MAC address anonymization is enabled by default in Tails because it is usually beneficial. But in some situations it might also lead to connectivity problems or make your network activity look suspicious. This documentation explains whether to use MAC address anonymization or not, depending on your situation.

When to keep MAC address anonymization enabled

MAC address anonymization is enabled by default for all network interfaces. This is usually beneficial, even if you don't want to hide your geographical location.

Aqui estão alguns exemplos:

  • Using your own computer on an public network without registration, for example a free Wi-Fi service in a restaurant where you don't need to register with your identity. In this case, MAC address anonymization hides the fact that your computer is connected to this network.

  • Using your own computer on a network that you use frequently, for example at a friend's place, at work, at university, etc. You already have a strong relationship with this place but MAC address anonymization hides the fact that your computer is connected to this network at a particular time. It also hides the fact that you are connecting to the Tor network on this network.

When to disable MAC address anonymization

In some situations MAC address anonymization is not useful but can instead be problematic. In such cases, you might want to disable MAC address anonymization as instructed below.

Note that even if MAC address anonymization is disabled, your anonymity on the Internet is preserved:

  • Um adversário na rede local somente vê conexões criptografadas à rede Tor.
  • Seu endereço MAC não é enviado para a Internet para os sítios que você visita.

However, as discussed above, disabling MAC address anonymization makes it possible for someone to track your geographical location. If this is problematic, consider using a different network interface, like a USB Wi-Fi adapter, or moving to another network.

Aqui estão alguns exemplos:

  • Using a public computer, for example in an Internet café or a library. This computer is regularly used on this local network, and its MAC address is not associated with your identity. In this case, MAC address anonymization can make it impossible to connect. It can even look suspicious to the network administrators to see an unknown MAC address being used on that network.

  • On some network interfaces, MAC address anonymization is impossible due to limitations in the hardware or in Linux. Tails temporarily disables such network interfaces. You might disable MAC address anonymization to be able to use them.

  • Some networks only allow connections from a list of authorized MAC addresses. In this case, MAC address anonymization makes it impossible to connect to such networks. If you were granted access to such network in the past, then MAC address anonymization might prevent you from connecting.

  • Using your own computer at home. Your identity and the MAC address of your computer are already associated to this local network, so MAC address anonymization is probably useless. But if access to your local network is restricted based on MAC addresses it might be impossible to connect with an anonymized MAC address.

Disable MAC address anonymization

You can disable MAC address anonymization from the Welcome Screen:

  1. When the Welcome Screen appears, click on the Add Additional Setting button.

  2. Choose MAC Address Anonymization in the Additional Settings dialog.

  3. Select the Don't anonymize MAC addresses option.

Outras considerações

  • Outras formas de vigilância podem revelar sua localização geográfica: vigilância por vídeo, atividade de telefone móvel, transações de cartão de crédito, interações sociais, etc.

  • Ao usar Wi-Fi, qualquer pessoa dentro do alcance da sua interface Wi-Fi pode ver seu endereço MAC, mesmo que não esteja conectada ao mesmo ponto de acesso Wi-Fi.

  • Ao usar conectividade por telefone móvel, tal como 3G ou GSM, o identificador do seu cartão SIM (IMSI) e o número de série do seu telefone (IMEI) são sempre revelados para a operadora de telefonia móvel.

  • Some captive portals might send your MAC address over the Internet to their authentication servers. This should not affect your decision regarding MAC address anonymization. If you decide to disable MAC address anonymization your computer can already be identified by your ISP.