I dont beleive it is enabled.
I'm pretty sure the router/switch would have to be able to support MACsec not just having it enabled or set in debian. Most if not all commercial router/switches do not support such a thing as this is something you would find in expensive or enterprise equipment.
Though I couldn't find this in tails design documentation, this presentation by Jacek Lipkowski mentions that tails uses tempest resistant fonts (not sure if this stock in most distros) and that sheilded ethernet cable reduces the distance of a tempest attack. I only mention this as I'm sure MACsec would migtigate tempest exfiltration if I understand correctly.
Links:
> https://media.ccc.de/v/rc3-11444-etherify_-_bringing_the_ether_back_to_ethernethttps://www.youtube.com/watch?v=7ek994-fwNE
Sincerely,
Andrea Malik 😁
Sent with [Proton Mail](
https://proton.me/mail/home) secure email.
On Thursday, November 21st, 2024 at 14:52, Anonymousemail via Tails-dev <tails-dev@???> wrote:
> Powered by Anonymousemail → [Join Us!](https://anonymousemail.me/premium.php?source=email)
>
> Does tails enble MACsec on eth* interfaces?
