Hi!
Why?
Username, /etc/hostname and /etc/host can leak through the protocol or
files.
For example:
- ssh uses <username> for login if not explicitly told otherwise
- <username> (as part of the path) is sometimes encoded into user
created content (images, firefox screenshot addon). Maybe only in user
installed extra packages.
- mixmaster (postfix) leaks <host_name>.<domain_name> to the mailserver.
- Please don't nail me for other examples. These are just a few I observed.
Wouldn't it be a fine (and easy to implement) improvement to set those
values to a shared value telling as little as possible?
Current state:
Tails
username: amnesia
/etc/hostname: amnesia
/etc/hosts: 127.0.0.1 localhost amnesia
Whonix
username: user
/etc/hostname: debian
/etc/hosts: 127.0.1.1 debian
Liberte Linux
username: anon
/etc/hostname [1]: liberte
/etc/hosts [2]: 127.0.0.1 liberte.local liberte
Proposal:
Tails, Whonix, Liberte Linux and whoever wants to join uses:
username: user
/etc/hostname: user
/etc/hosts: 127.0.0.1 user.localdomain user
Open for better proposals. Goals: not breaking existing applications or
hidden service configuration; revealing as little as possible. These
files generally have the purpose to get identified and contacted (in
case of server) so the question what the most anonymous and widespread
ones are is a bit difficult. "user" has been chosen because in case of
ssh it looks like user@server has been copied from the manpage and
unspecific to the anonymity distribution.
Appendix:
[1] Guessed. Not checked.
[2]
https://github.com/mkdesu/liberte/blob/master/src/etc/hosts/
Related Debian manual:
-
http://www.debian.org/doc/manuals/debian-reference/ch05.en.html#_the_domain_name
-
http://www.debian.org/doc/manuals/debian-reference/ch05.en.html#_the_hostname_resolution
Cheers,
adrelanos
