True, but a direct hardware query will always return the factory hard-coded value. So even if the average person runs spoofing software for this on normal Internet packet use, they are vulnerable to specialized tools for attack. So my guess is the average random Redditor doesn't run spoofing, and probably some nosy people have fingerprinted them. A side note, some software vendors use MAC address on user machine as a key to authentication of software license.
Hm, I agree here, however am wondering about what tools they would use to penetrate through the VM and see the real MAC address of the NIC. Basically, if I’m spoofing my MAC and browsing on a VM, how does one look beyond that.
If by some trick outside software can invoke BIOS calls, it can read the data straight off the hardware. The MAC address can exist as a value burned in on each MAC's firmware or ROM; the value exists at a memory address one could query, or might be accessible through a chip in the HW implementing the Ethernet Phy layer, I believe. I'd have to go read old developer datasheets I haven't reference for 15 years to remember what the method is.
MACs can be spoofed/changed tho.
True, but a direct hardware query will always return the factory hard-coded value. So even if the average person runs spoofing software for this on normal Internet packet use, they are vulnerable to specialized tools for attack. So my guess is the average random Redditor doesn't run spoofing, and probably some nosy people have fingerprinted them. A side note, some software vendors use MAC address on user machine as a key to authentication of software license.
Hm, I agree here, however am wondering about what tools they would use to penetrate through the VM and see the real MAC address of the NIC. Basically, if I’m spoofing my MAC and browsing on a VM, how does one look beyond that.
If by some trick outside software can invoke BIOS calls, it can read the data straight off the hardware. The MAC address can exist as a value burned in on each MAC's firmware or ROM; the value exists at a memory address one could query, or might be accessible through a chip in the HW implementing the Ethernet Phy layer, I believe. I'd have to go read old developer datasheets I haven't reference for 15 years to remember what the method is.