Re: [Tails-dev] [Secure Desktops] Avoiding real MAC address …

Delete this message

Reply to this message
Autor: anonym
Data:  
A: The Tails public development discussion list
CC: desktops, whonix-devel
Assumpte: Re: [Tails-dev] [Secure Desktops] Avoiding real MAC address in Tails macchanger being harmful?
[Sorry for the delay :S]

Patrick Schleizer:
> Tails does verify, that randomly chosen MAC does not equal the real MAC
> by chance.
>
> From tails-spoof-mac [1] (code: [A])
>
>> # There is a 1/2^24 chance macchanger will randomly pick the real MAC
>> # address. We try to making it really unlikely repeating it up to
>> # three times. Theoretically speaking this leaks information about the
>> # real MAC address at each occasion but actually leaking the real MAC
>> # address will be more serious in practice.
>
> quu9ohch [2] [3]:
>> P.S. Avoiding the "real" mac address is a bogus approach as well. If
> all users were to avoid their real mac addresses all the time then, with
> enough data, a local passive adversary could identify each user by
> estimating which mac address they never pick. [3]


Note that "enough data" here is a ridiculous amount of samples,
something in the order of millions of randomly picked MAC addresses (so,
even more than than amount of Tails boots, since the same one can be
picked). And how can the adversary see that all those belong to the same
device? (Chipset/driver fingerprinting, perhaps)

In short: I think it's reasonable to assume that an adversary will never
be able to collect enough samples for something it reliably can assume
is the same device for this leak to ever be of any use.

> marmarek:
>> If you _randomly_ hit your own MAC address, I think this isn't a
> problem at all. Actually changing that behavior may introduce some bias
> in that randomness. But if you're talking about some error which results
> in not changing the MAC (even if randomly chosen one was different than
> original), that's the problem.


Assuming AdvCapRecords (the adversary has a MAC Address => Real person
mapping), why would you ever want to end up on the adversaries radar?
What if the adversary doesn't assume you are using MAC spoofing?

To change my mind about any of this, I want some actual conceivable
scenarios with hard numbers and statistics to back them up, and that
they reasonably could happen within a device's usage lifetime, and not
hundreds of years of constant rebooting or something ridiculous like that.

Cheers!