MAC Address and privacy

I am aware that the WIFI router and ISP that I am connected to can see my MAC address of my WIFI card, which basically acts a serial number and identifies me by the computer I'm using.
Can websites that I browse see my MAC address also?
If so, it would actually be like a cookie that you couldn't disable.

 

Your ISP can only see your MAC address off the modem you are using. The internet cannot see the mac. Once your connection leaves the ISP modem it is converted to layer 3 (IP address) and taken from there...so externally to the modem the only Mac address anyone will see is of the Modem, not your PC.

 

MAC address queries are very common. It's not a part of standard IP comms, but with an open set of ports 'asking' what the other ends MAC addy is very easy.

 

When data packets fire out to the internet, the headers within them only contain your WAN IP address.

and when data packets come in your modem, NAT sorts out which computer in your local network receives it.

 

That's not exactly how it works.

There are IP packets (stored in the frame's "payload"), headers (a part of each layer's given data unit - packet, frame, datagram), and then finally frames, which are what traverse the interwebs - with all the information from the lower level of the OSI model intact. The IP information is stored in the frame, while MAC and lower level information (stop-times, TTL, the actual information you are sending to a higher level on the OSI, etc) is stored is stored within the frame's payload.

The information isn't "gone" - it simply is not processed by devices on the internet doing the routing, until it has hit the end of its IP route, when the L3/L2 device must decide how to get it forward to the correct device. This makes hardware routers much more efficient, since they only have to decide how to route with one protocol at a time.

See: Ethernet frame - Wikipedia, the free encyclopedia

Obtaining a MAC address with a sniffer or as a man-in-the-middle is relatively easy. So is spoofing this information so that it is wrong. Open up wireshark and you will see a MAC for every device's frames you are able to see. There is little-to-no real privacy concerns, in this regard, so it is not something a consumer-level user will ever need to worry about (in response to OP). Keep in mind that every device you own, with an IP address, has a MAC address. Your smartphone (probably 4, what with 2g of some sort, 3g, wifi, bt!), your TV with apps, your laptop (probably has 3, what with a LAN slot, a wifi card and a tunnel for BT!), your TiVo.

If you're worried about the government knowing what you're doing because of your MAC, take off the tinfoil and realize that you will have to delve much deeper into the black/whitehat community before you can hope to mask your traffic from the likes of a national government (or your local superpower, Google, who has already indexed your username on this site and compared it to traffic internationally, then mined and sold that data to the folks who provide your now-more-enticing banner ads based on your prior internet usage).

 

MAC addresses on the wire don't persist past routers, so I'm not sure what the above poster is trying to say. Routers strip the ethernet (or whatever media) frame that contain the source and destination hardware addresses, and replace it with a PPP frame, etc for their own link. Ethernet frames do not persist between routers. If you open up wireshark you will only see MAC addresses from devices on your LAN.

To OP, you should be more concerned with browser fingerprinting: http://panopticlick.eff.org/

 

May I ask why you're even concerned and trying to block it? I run multiple sites and have never even paid any attention to see if I can see the mac address of the equipment connected.

Take care,
Shannon

 

Mac address can't be used to identify .... since can be faked easily.

On the same reason mac address filtering is useless as soon as 1 client connects to the ap.