The announcement of the recent attacks on Tor-users that exploit a Firefox vulnerability in Javascript suggested some things to remain anonymous whilst using Tor, such as disabling JavaScript, using the most recent versions of Firefox, install firewalls and so on. One interesting measure named was to often change your MAC address so there’s one less vector to identify you and your surfing behavior.

I thought to myself, why only use it with tor, why not always? There’s no reason not to do it. The term we’re looking for here is called MAC spoofing. There’s a short but interesting paper discussing this topic. Be sure to read it.

A short search on the internet revealed, that there are already tools to help you accomplish the task. The application I use is called “GNU MAC Changer” by Alvaro Lopez Ortega.


On Arch Linux, the macchanger is in the AUR, Ubuntu has it in it’s Repos, too. So just install it with your favorite package manager:

On Arch Linux:

pakku -S macchanger

On Ubuntu:

apt-get install macchanger


Usage is really simple, just run the following as root:

macchanger -r eth0

This changes the MAC address of your wired interface to a random value. If you use wifi, replace eth0 with wlan0 or whatever your interface is called.

There are other usage-possibilities, with the following command, you can change the MAC address to a specific value:

macchanger -m XX:XX:XX:XX:XX:XX

The other options can be found in the manpage of macchanger.

Change MAC on every boot

If you want to run the changer on every boot, you can add a small function into /etc/rc.d. Just put a file named “change_mac” into this directory and insert the macchanger command.

echo "macchanger -r eth0" > /etc/rc.d/change_mac

This way you get a new MAC address every boot.

Related posts: