On Wed, Nov 25, 2015 at 11:09:32PM +0000, Patrick Schleizer wrote: > I understand Tails' MAC 'leak prevention' [1] [2] as this... Without > 'leak prevention', things would happen like this: > > a) > > 1) system boots > 2) kernel module loaded > 3) MAC leaked > 4) macchanger started > 5) MAC changed > 6) NetworkManager started > > So the MAC leaked even before NetworkManager, before the the interface > has been uped, before macchanger may have had a chance to change it.
Can someone point some reference for this? I think the network interface send absolutely nothing when it isn't uped. > Therefore Tails does as this: > > b) > > 1) system boots with kernel modules blacklisted > 2) user makes decision [to spoof MAC] > 3) MAC changed > 4) kernel module loaded > 5) NetworkManger started > > But if there hypothesis was true... They still have a small window > between tails-unblock-network, service network-manager start and macchanger. > > Can the MAC be changed without having the kernel module loaded? > - if yes -> great > - if no -> then there would be room for MAC leaks like in a), right? I think it's not. There is no network interface then, so nothing that could passed to macchanger. -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
pgpi29U1RKyse.pgp
Description: PGP signature
_______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.