Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using MAC Address to Uniquely Identify Computers

Posted by CmdrTaco on from the now-there's-a-useless-idea dept.

An anonymous reader writes "One of Australia's gaming networks, GamesArena has recently imposed a third party program required to access their gaming servers. One of it's features is that it records your NIC's MAC address to identify your computer, and subsequently in future, ban you if you cheat/break the rules etc. The response from players is mixed. It is not open source software, nor is it optional to install. "Install it or find another server to play on". Question remains, is it going too far?" Definitely not- unfortunately it won't work since MACs are changable.

15 of 561 comments (clear)

  1. buy a new network card by Brian+Boitano · · Score: 5, Insightful

    not banned anymore :D

    --
    What would Brian Boitano do?
    1. Re:buy a new network card by shird · · Score: 5, Insightful

      Why bother? The MAC address is usually stored in flash eprom. Besides, whats to stop you from writing your own rogue '3rd party' program which is reverese engineered from the original, only reports a random MAC address.

      Implementing security/restrictions client side doesnt work. period.

      --
      I.O.U One Sig.
    2. Re:buy a new network card by quigonn · · Score: 5, Insightful

      And usually, the network card's MAC address is stored in RAM, to make it easily accessible by the different drivers that need it (e.g. Ethernet). This makes it changeable with e.g. Linux's ifconfig:

      ifconfig eth0 down
      ifconfig eth0 hw ether DE:AD:BE:EF:BA:BE
      ifconfig eth0 up

      --
      A monkey is doing the real work for me.
    3. Re:buy a new network card by shird · · Score: 4, Insightful

      Actually, now that I think about it more -- These cable companies (Telstra , optus) force you to use their cable modems, which they have tight control over. If everyone using these servers are using it through these modems, which have their own MAC, they could ban based on this MAC address because it would be sent to them directly via ethernet. - this wouldnt require a client side program however, so probably isn't what theyre doing.

      --
      I.O.U One Sig.
    4. Re:buy a new network card by Unkle · · Score: 4, Insightful
      Why bother? The MAC address is usually stored in flash eprom. Besides, whats to stop you from writing your own rogue '3rd party' program which is reverese engineered from the original, only reports a random MAC address. Implementing security/restrictions client side doesnt work. period.

      Not everybody knows how/has the ability to change the MAC address of their NIC. Also, three things stop people from writing that rogue program-Time, Skill (in both programming and reverse engineering), and Desire. Not being a huge online gamer I cannot say with 100% confidence, but I doubt that the majority of gamers using this system want to cheat.

      As for the statement that client side security doesn't work, well that isn't completely true. No, this system is not foolproof as I understand it, but that does not mean that there is absolutely no way this could work 90% of the time, which for a gaming network is not that bad. Sure, for the slashdot crowd, this might be easy to crack, but joe-average on the street probably doesn't have a clue what a MAC address is (or they think they don't have one because they use Windows).

      --
      Against stupidity, the gods themselves contend in vain.
    5. Re:buy a new network card by Znork · · Score: 5, Insightful

      Sure it will work 90% of the time. For the 90% that dont cheat, that is.

      The average Cheater Joe off the street will definitely know exactly how to change it. Which makes the whole exercise pointless.

      Heck, client side security with no passwords and disks shared to the world works great 90% of the time. Unfortunately it isnt the 90% that is the problem. It's the rest. And for the rest, repeat after me, client-side security will never ever ever work. If you dont have physical control over a computer you cannot trust anything it tells you.

  2. This will work for a while... by MagicFab · · Score: 4, Insightful

    ...until the MAC address generators have gone through all the "MAC-space" of possible addresses...

    Wireless APs like Linksys' already come with a web admin that lets you specify *any* MAC address, apparently to please some cable/adsl providers that measure traffic/authenticate (partly) based on this.

    Why not provide a public key server and ask people to submit they public OpenPGP key, signe by P. Zimmermann himself ? Get your identity trusted by Z. or go play somewhere else... After all, this seems to imply they want "real" players!

    --
    Notepad specialist & FAT administrator, group training available
  3. Maybe not such a bad thing.... by isa-kuruption · · Score: 5, Insightful
    "Install it or find another server to play on". Question remains, is it going too far?"

    No, it's not going too far. The game server admins can run the server however they choose fit. If you don't like the rules, don't use the server!

    Definitely not- unfortunately it won't work since MACs are changable.

    However, the majority of people don't know how to reset their MAC addresses. Also, as I believe to be true, some broadband providers specifically use MAC addresses to verify access. For instance, my Comcast cable modem does everything by MAC, so if I change my NIC in my machine, I need to power off/on the cable modem in order to get back through to the Internet. Although this is sort of a minor issue, some other ISPs may be more strict about MAC changes.

    Overall, the admins figure they will cut out 99% of the hacking attempts as people would just go elsewhere, or once they did cheat, just wouldn't know how to change their MAC.

    1. Re:Maybe not such a bad thing.... by kris · · Score: 5, Insightful

      However, the majority of people don't know how to reset their MAC addresses.

      Welcome to the digital age, where knowledge can be cristallized into programs, and where the majority of people will soon be able to reenable their access to the gaming server by running some magic program without ever knowing what a MAC address is.

      Kristian

  4. IPv6 == MAC address by Bookwyrm · · Score: 5, Insightful

    Does not the current IPv6 address allocation standard specify using your MAC address as the suffix portion of the IPv6 address? This is merely a taste of things to come if/when IPv6 becomes widely deployed, when your very IPv6 address can uniquely identify the hardware you are on (unless you use IPv6 NAT, of course.)

    And yes, presently, you can probably change the MAC address of your system. However, once software vendors and DRM technologies and other things start locking themselves to your computer hardware, I suspect changing the MAC address would cause problems. The only thing this game company has to do is when the game is installed is to lock the licence to the present MAC address so it will not run with a changed IP address without a new licence.

  5. NICs are sometimes shipped with duplicate MACs by KeithH · · Score: 5, Insightful

    When I was involved with the initial deployment of DSL service in Canada, our customer ran into an interesting problem: many of the low-cost NICs that they shipped with the DSL modem had the same MAC.

    Under most circumstances, this is seldom an issue since the NICs aren't likely to be deployed on the same network segment. However, when the MAC is used for other tracking services (in this case, a layer-2 NAT), you have a problem.

    And of course, as others have said, most NICs permit the factory MAC to be overridden.

  6. Nothing new by quantax · · Score: 4, Insightful

    This has been going on for a while, though without MAC addresses, a much simpler system. Most multiplayer games thesedays come with a CD-Key thats authenticated by a central server whenever you play a game. The CDkey usually has a unique ID strapped to it that is publically accessible by admins or players. You ban the ID, they cannot connect to the game without changing their CDkey (which means either buying a new copy or finding another cdkey that works online, neither are 'easy'). If MAC addresses can be changed, then as soon as a couple of like-minded gamers find out about that, you can count on their being a guide on how to do it for gamers eventually. The best way handle this is on both a MAC, and CDkey-ID level. Ban their MAC, and ban their ID, that will stop all but the most determined/knowledgable.

    --
    "What can a thoughtful man hope for mankind on Earth, given the experience of the past million years? Nothing." -Bokonon
  7. High road to the Locked Down Computer(tm) by Dr.+Spork · · Score: 5, Insightful
    I hope you're catching on to the dialectic here: this move will fail miserably. because NIC addresses are trivially easy to spoof. The next dialectical step: "We need some sort of unspoofable hardware key--maybe processor-based DRM." People will buy it if you can't play games without it. The end result will be a computer that protects you from yourself.

    Whether it's in the name of catching cheaters or catching terrorists, our freedom and autonomy are about to evaporate.

  8. Anonymity and privacy by Tomster · · Score: 4, Insightful

    It seems people tend to confuse privacy with anonymity. Privacy means preventing others from getting information about you -- whether it's what kind of toothpaste you use or your SSN. Anonymity means preventing others from finding out who you are. The two are related, in that in practice they often go hand-in-hand. But they are distinct.

    -Thomas

  9. ifconfig man pages by bobKali · · Score: 5, Insightful

    Since the ifconfig man pages contain instructions on how to change MAC addresses and
    Since changing the MAC address would allow a cheater to circumvent access controls
    Then are the ifconfig man pages now illegal in the US under the DMCA?