[Tails-dev] Idea or something

Delete this message

Reply to this message
Author: Hans-J. Ullrich
Date:  
To: tails-dev
Subject: [Tails-dev] Idea or something
Hi dear tails-team,

first of all, I like your cd and think, it is the best way for anonymity.
But there is something, I want to suggest to improve security.

Although everything is sent over TOR, I think you should make sure, the MAC-
address of every network device should be changed at boot. You ca do this by
macchanger.

Wireless cards and network cards (wlan0 and eth0) should at least got a
changed MAC-address, but also should every new device get a new MAC (i think
of bluetooth or usb-3g-devices).

None of physical information of the used computer should be known to the
outside. I do not know, if it is possible, to temporaryly change MAC-addresses
of used routers, but this option would be nice, too.

And of course (and I guess, this is already implemented) NONE, and really mean
NONE services should get access to any parts of the used computer (no
services!!!).

Has tails a firewall active? (iptables). If yes, it should be completely (and
mean COMPLETELY) closed, and should be opened by the user when he is needing
it.

I imagine a nice GUI choosing a whitelist in an understanding way: Either open
ports (for experienced users) or open by description (i.e. "sending mail" ,
"receiving mail" or similar).

Whjat do you think? I am looking forward to your answer.

Have a nice weekend

Hans-J. Ullrich