Re: [qubes-users] Anonymizing MAC adress through dvm ?
On 08/30/2016 05:19 AM, Marek Marczykowski-Górecki wrote: In theory it can be probably applied there (apply the instruction in the template - the same way as for sys-net). But in practice it doesn't give you much more anonymity. First of all, MAC address of the VM network interface have no relation to your real hardware. It is always 00:16:3e:5e:6c:XX, where XX is ID of the VM. So it gives information that you use Qubes OS. And if one can read that MAC address, can also read a dozen other indicators that you use Qubes OS - like running on Xen, or /var/lib/qubes directory presence, or simply a hostname ("dispXX"). Why not add some settings and gill them with some random when OS installed? -- Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/41534c0c-e5a9-a5c5-bce5-2254a2f91b22%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Anonymizing MAC adress through dvm ?
Thank you very much for your support :) I understand better how Qubes handles MAC addresses now thanks to you, I was curious about that ^^ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ee8bda36-0533-4e7f-b6f9-8c33c35e03b2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Anonymizing MAC adress through dvm ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Aug 25, 2016 at 02:15:54PM -0700, nishiwak...@gmail.com wrote: > Hello everyone, > > I was just wondering if you can apply this documentation > https://www.qubes-os.org/doc/anonymizing-your-mac-address/ to your disposable > VM (like if you like to browse the internet being safe, not saving any data > but also preserving your anonymity, in a way like Tails do). > > I tried to apply this on the AppVM-dvm, stopped it, then entered > "qvm-create-default-dvm nameoftheTemplateVM-on-which-is-based-the-AppVM" in > dom0, so eventually it would save the configuration on the img on which is > based the new Disposable VM, but it don't seem to work, my interface ID don't > change when I type "/sbin/ifconfig" into the new DispVM. > > I guess the problem comes from the fact the TemplateVM creates a symlink to > /etc/systemd/ to load the service, but as you don't have persistence in > dispVM, the process fails, but I'm not sure. > > If you have an idea on one could eventually do this, I think it would be a > great feature (even if it is already really nice to be able to do so on > standard VMs, problem is when you're paranoid you have to trade off in a way > between a non anonymous but full secured non persistent model for a more > anonymous but less secured one, lol) In theory it can be probably applied there (apply the instruction in the template - the same way as for sys-net). But in practice it doesn't give you much more anonymity. First of all, MAC address of the VM network interface have no relation to your real hardware. It is always 00:16:3e:5e:6c:XX, where XX is ID of the VM. So it gives information that you use Qubes OS. And if one can read that MAC address, can also read a dozen other indicators that you use Qubes OS - like running on Xen, or /var/lib/qubes directory presence, or simply a hostname ("dispXX"). - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXxO0/AAoJENuP0xzK19csBKMH/2EvL7/LNwvSM0peXlNpBTZF NbfYvZzJcqG2KZoI4NM323CeJxINPCh6aXLo4oN4666VJOY8yGsyYyUAes9dYJwy EWA6phcPd7D9+yEnOul1ELY5/O4xzmtEKsUo+e9fAcRQddi8Pqhflt2slmBMl4eZ 1Taqb7jVMWf/iGYsLRV7B0WAcoHxRrBmkXvQWn2eyEAg7Al1skFgqp89LMLdd+As n6301yuL6hVadfgcyuJAt7AjOj+pBLGRe+TAHno2327dvYaWOkNTF0b9pEWC+ti3 KOIJmzF0uFCATyAvpWVwgl5MPOsbeyvLe64sgJ+2zP94EigKCByUXKfTvrdHZYA= =nT2K -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160830021943.GR21245%40mail-itl. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Anonymizing MAC adress through dvm ?
Hello everyone, I was just wondering if you can apply this documentation https://www.qubes-os.org/doc/anonymizing-your-mac-address/ to your disposable VM (like if you like to browse the internet being safe, not saving any data but also preserving your anonymity, in a way like Tails do). I tried to apply this on the AppVM-dvm, stopped it, then entered "qvm-create-default-dvm nameoftheTemplateVM-on-which-is-based-the-AppVM" in dom0, so eventually it would save the configuration on the img on which is based the new Disposable VM, but it don't seem to work, my interface ID don't change when I type "/sbin/ifconfig" into the new DispVM. I guess the problem comes from the fact the TemplateVM creates a symlink to /etc/systemd/ to load the service, but as you don't have persistence in dispVM, the process fails, but I'm not sure. If you have an idea on one could eventually do this, I think it would be a great feature (even if it is already really nice to be able to do so on standard VMs, problem is when you're paranoid you have to trade off in a way between a non anonymous but full secured non persistent model for a more anonymous but less secured one, lol) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/082febb6-e326-4837-bc6a-ead69cfb3254%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.