So… This happened at my sister’s school because they are still recieving virtual lectures… The school did this so they would be able to “know what each student is doing/watching during online lectures”.
First, isn’t this illegal? Second, does providing the MAC address to the school give them the ability to monitor the student’s activity? Third, and last, if the address is provided, will the school have any other kind of access to the student’s computers?
Thanks in advance!
The request is…pointless? I don’t know why they would request it.
Mac addresses are useless to them unless they’re on the same network connected to the same router.
Mac addresses are only valid on layer 2 of the OSI model, and routers work at layer 3, so if there is a router between your sister’s computer and the school, then they would never be able to see your sister’s mac address.
If they were using a VPN, it still wouldn’t be the same mac address because VPNs create their own virtual device that works at a much higher level than layer 2 and the virtual device would have a separate mac address from the physical device anyway.
“know what each student is doing/watching during online lectures”.
Do they make them VPN into the school’s network? Do they make them install “special” software? Otherwise, I’m not sure how just knowing the MAC could let them do this.
I know this follow-up question of mine is stupid to even ask, but Windows is a proven leaky vessel (Ask Hilary) with more than a handful of ways to gain access or infiltrate.
Who provided the web-conferencing software?
Don’t just assume Zoom. Are all conferencing software without of spyware? I would hazard a big no, if there is some right especially for child protection over the internet, software provides can do quite a lot more than you’d think when you install thst software.
Is this software only downloadable from “Apps” Stores? Does Apple allow it? Google? Windows?
I will say having a devices MAC is very useful. Some may beg to differ, but why Apple stopped allowing Fing and other network monitors from reporting MACs using their apps was for a reason. Apple then allows users to toggle private network to spoof your own MAC so your can’t be tracked cross different networks.
4). Everyone assumes these students are behind a router, which is true, but routers are NOT made the same. If you own a linksys router, your network is probably a zombie bot farm mining bitcoins for someone already. Flashed routers were a thing once. But the lack of control on consumer routers and consumers not actually know what their router settings mean leaves open the possibility of an odd FTP port or remote user. Linksys smart routers all have port 10080 open among other odd ball ports internally. There is room for packets to leave your device pretty easily.
5). To use the schools web-conference you are essentially joining and ceding some control to their server. I assume teaches and other students are visible? Is the user visible? Can the web-conference software access you mic, camera, photos, calendar, email, contacts, clock, etc? Bet you it does. So, with that access you can do a lot of terrible things to a device.
I could go on.
But public schools are terrible now. 20 years of standardized testing in US means a generation of people left without any clue of how to function as adults, they just know how to lie, cheat, read cliff/abstracts, and eliminate choices from 5 to 3 then guess.
That’s why the shirtless mouth breathers got within a mile of the US Capitol and almost won. Because everyone, even the people in the chambers are dumb as rocks.
Don’t give the MAC, ask the school to provide all of their SSN numbers to you, so you can verify they aren’t sexual predators if you ever need to, but tell them having someone’s SSN isn’t really important and it’s kinda irrelevant and you can’t do anything with it. Which is true, you have to be really clever or really stupid to use another persons ssn. Same goes with MAC on a device.
See if they give you a trust-trade, their SSN information for you child’s devices identifiable online presence for as long as they use that device…
But seriously, don’t believe me, I am just a janitor.
Home school your kid and don’t give anyone information just because they demand it. Even law enforcement. Just your name. People keep allowing more and more intrusion into their lives. But these are your kids… and you don’t know if one of those teachers isn’t a pedophile trying to game the new system.
Are you sure the school even asked for this information? Provide them with a false MAC. Go online to one of those odd live shows and pay the guy doing solo to give you his MAC, a guy on a gay pay-to-watch will probably give it to you for $20 donation.
Send that to the school. And if they have a problem with it, find the ip back to that guys website. Send it to them next.
Dunno, I don’t like the answers on this ethichacker subreddit, sorry, not sorry. I’m not a hacker and I’m not ethical, I am just saying don’t be a sheeple
call up the IT responsible for Hilary’s email leak and ask them if knowing a devices MAC address could be useful to a external party hellbent on getting closer than you wish they would be.
Maybe they just need to whitelist the mac adress while they are on permises in the school network.
No, no and No. I think the reason the asked this is based on the psychological effect, I don’t know which class your sister is, but the school probably just wants the students to think that they know what they are doing right now. They don’t.
Schools these days control student devices (even personally owned devices) through MDM software like Intune. They do so in order to facilitate the lessons. They install software, for educational use, on your device before the lesson begins. They have no intention to spy on you but if you enroll your device in intune they have admin rights and can do virtually everything including spying. The alternative is that you install all software and debug problems yourself. You should look at it as a service. If you can’t trust the school, change school.
My mac address is random and changes on every reboot. Yes it is a hardware feature. No it can not be turned off. Why? Because of people like you.
I believe it mostly allows them to. monitor the connection times of connected clients (student computers).
Although I still would be reticent to this mesure, in theory it does not allow any access to the clients computer nor is it even much of a privacy issue, aside from their own router which would know know when this Mac adress was connected and active.
I don’t believe it is possible without additional software (snooping software). for them to know if the user is connected elsewhere.
Be aware that google has a feature to search location using MAC address, their google street views cars didnt just make pics when passing by, your MAC may broadcasted at the time and google now knows where you live, and so does everyone else that may abtains ur MAC.
No , No , and No ! ! No need to worry that information is public too the network anyway no private info will be leaked.
They probably have their router set to only allow known computers, that is done with the Mac. You can spoof your own Mac, and supply them that address, and just use that Mac to connect. They cant ‘do’ anything to the computer itself, it’s just an address. What can be done to the computer itself depends on what port is open on the computer, and what is listening behind it. Spoiler, probably nothing is open or listening. You’re good.
They’ll only be able to monitor connections insofar as to prevent unwanted people from joining. It allows them to whitelist devices connected to the classroom, and that’s it. It’s a non-issue privacy wise.
They are probably using some type of MAC filtering to make sure only students are connecting to the lectures and from only 1 device
question is WHY are they asking for the MAC address. do you know for a fact its because “so the school would know what each student is doing/watching during online lectures”? because they will need more than just a mac address for that, IE software installed on the machine. im willing to bet its to white list their computers onto the school network.
If this is a school then they could be using those mac addresses to restrict connectivity to private wifi access points
So… Long story short. It’s a way for the school to take attendance. Without schools taking attendance and keeping an accurate record, schools do not get paid, nor will they qualify for funding/grants, etc.
This actually isn’t that bad of a request really. Is it on the edge of privacy invasion, yeah sort of. Is it a low hanging fruit kind of way for a school to validate a student has showed up to “class” , you bet.
Well, if they are forced to use the school vpn:
No, yes, no.
If they aren’t forced to use a school VPN, this is utterly stupid and just another piece if psychological warfare, along with making people afraid of a virus that only kill elders with 3-4 years of remaining life expectancy.
No software, no VPN. Yet.
Spot on. They didn’t ask for nothing. They’re trying to build a list of trusted devices