Can Known Hardware ID Make You Discoverable?

Yes but it could equally be many to one.

20 metres in 3D in a highly populated building is a pain in the arse and besides, you're excluding directional antennas which blows this right out of proportion.

David.

It would e nice if the OP actually participated in the thread 'he' started, but since he doesn't, maybe we have to read between the lines.

I *think* that question 4 has to do with question 1:

OP> 1. Does this mean the government fascists can find me anywhere in the OP> world if they know this hardware address?

I.e. I *think* that he wants to know if the known MAC address can be used to track him when he is *not* connected to the universities network. I.e. he is "anywhere in the world".

Assuming there is a direct 'link' between his MAC address and him [1], the answer to the question is "yes". Hence question 4 (which has been answered (with: it depends on your network card, 'router', etc.)).

[1] Some governements, including 'mine', seem to think such a link exists. But since "clueless" and "governement" are all but mutually exclusive, I guess I'm telling nothing new here.

Ummm... Map of the building in 3D including density of every wall, floor, door, ceiling, furniture, books, people, etc which are presumed to be stable. I suppose it can be mapped with some type of site survey tool that trys to ignore reflections. I dunno. Methinks I'm missing something about what they're doing.

Well, that's fair. I'm just questioning the accuracy. I can't get a stable signal level just standing on one place and they expect to do that in a rather large unstable volume. Let's just say I'm suspicious bordering on cynical.

They'll find him by just tracking his mobile phone instead. :)

David.

There are services which claim to be able to find stolen laptops anywhere using their software "tags" or "tracer". It would not take much to install something like this on the culprits computer. See:

overall degree of accuracy in locating stolen laptops seems quite good. Who needs big brother when private enterprise can do it better.

The way the software works is that you import a CAD (or even JPG) of each floor and set a datum point to provide a vertical reference. The software has a list of attenuations for US standard building materials or you can do it by measurement or both. Plan first then measure and compare later for fine tuning.

If the import is a nice dxf with wall types already chosen for the CAD part then it's quite surprising how quickly you can map the building with the RF obstacles.

I have to say I was surprised with the claim that was made but i'm interested to see in a weeks time so i'll let you know, it could well be sales and marketing speak, time will tell. :)

David.

You can't triangulate, unless you know either directions or distances to the user. WLAN doesn't provide either.

-- Lassi

"Intelligent thief" is an oxymoron. If he were intelligent, he wouldn't be a thief.

Yes, it requires a working computer and ISP connection to be effective. In the past 4 years, my customers have lost about 10 laptops. 3 of them used one of these services. All three were recovered, usually from the unlucky person that bought the laptop from the thief. None of the disks were wiped clean.

I managed to get my truck broken into and had my antique laptop stolen. I didn't use any of these services but it was recovered anyway. The "intellignet thief" had a bit of trouble getting past my power on password and successfully destroyed both the floppy disk drive and cdrom drives, probably in frustration, trying to get past it. So much for intelligent thieves.

My point was that a similar program, designed to track a laptop, could also be deployed to track a user. I could built it into a VPN or SSH client, a cookie system, ActiveX control, or any of the tools normally used by spyware. RFC3825 can be used to supply the necessary wireless locations via DHCP.

Download the "find me" ActiveX location finder program from:

see if you can be found. Who knows what evil lurks in the hearts of Microsoft?

It is software on the computer which "phones home" when the computer is connected to the net. Also an intelligent thief would surely wipe the disk and reinstall.

Which is why I said if *he* is worried about being traced then he'd better turn off his mobile phone, hand in his passport and not use credit cards or be spotted on any CCTV etc. :)

David.

Only if your argument above is rewritten, s/thief/user/.

You can't verify the signal. It could be forged.

Anyway, what is the threat that this system is supposed to eliminate? If you authenticate the user properly, what is the situation where you need to check the location as well?

-- Lassi

Well, they will know that it belongs to a computer on their network. If it is a cable service account, and it is not a registered MAC address, they won't provide it with full Internet connectivity; Comcast has something that hey call, "Walled Garden". You can get to one of their account registration nodes, and that is about it.

The point is, if the MAC address is an authorized part of a given network, the administrators will know a modicum of information about the computer; and, possibly, the owner, user. At the least, given WLAN operations, the WLAN administrator will know if a device is authorized, and be able to take action against unauthorized devices.

Initially, the emphasis was on the campus network so external ISP's wasn't really an issue.

Spoofing a MAC address that's allowed now allows 2 devices on, one of them that shouldn't so they don't really know anything about "him", only that the original MAC address is permitted.

David.