著者: didukno 日付: To: tails-dev, tor-talk, cypherpunks 題目: [Tails-dev] Tails prevents MAC changes as design feature
> intrigeri intrigeri at boum.org > Tue Jul 4 06:13:41 UTC 2017
>
> We don't actively support the use case described below
It seems that you do:
>>Tails User Goals: Hide geographical movement
>>Tails User Goals: No unspoofed usage of Tails
>>Tails User Goals: Not raising alarms on the network
>>Tails User Goals: Avoid network connection problems
Geographical movement is revealed by device leaks before Tails boots.
The OUI is not spoofed when using Tails.
A new MAC every Tails session on low traffic networks raises alarms.
Network device quantity limitations causes connection problems eventually.
Clearly, the current MAC spoofing protocol, which violates every Tails
User Goal, puts Tails users at risk.
The ideal tools:
- Host machine(s) with no internal network devices
- External PCI/USB network card(s)
- Tails on USB Stick(s)
The ideal process:
- Power on host machine
- Press and hold keys to access EFI Boot Menu
- Plug Tails USB Stick into host machine
- Select Tails system drive as it appears
- Create Administrative Account at Greeter as Tails boots
- Set custom MAC address(s) at Greeter as Tails boots
- Start Tails
- Plug in External PCI/USB network card(s)
- Have Network Manager recognize, then assign, the appropriate MAC
- Connect to network
Please consider this wonderful case and directly support the changing of
MAC address OUI and NIC.
> stop/start NetworkManager.service
> wifi.cloned-mac-address=preserve