On Fri 2016-08-26 14:50:12 -0400, intrigeri wrote: > Since then, NetworkManager gained the ability to randomize MAC > addresses [1]. If we delegate the bulk of the work to it, then this > becomes: > > a) We remove the modules blacklist logic. > b) We set up a boot-time firewall that blocks all outgoing connections > to non-loopback interfaces. > c) Once the user has made their decision wrt. MAC spoofing (that is, > in tails-unblock-network, run by PostLogin, just as it is now): > > 1. We record that decision in some place where all legitimate > interested parties can check it out. > 2. We configure NM accordingly. > 3. We replace the boot-time firewall with the production one. > 4. We start NetworkManager. > > Here again, hotplugged interfaces are not as well protected against > permanent MAC address leaks as the coldplugged ones. But this is > a compromise we are already doing in our current design.
fwiw, i prefer mac address spoofing at the udev layer since it means the first userspace tool to see the device gets a chance to set the mac address immediately. It's easy enough to do by dropping a file in /etc/systemd/network/99-default.link with the contents: [Link] MACAddressPolicy=random Note that we will also need to tell network-manager to not automatically reset the MAC address to a its permanent one though, since the defaults for that setting are wrong: https://bugzilla.gnome.org/show_bug.cgi?id=770611 for the versions of nm with that crappy default setting, you'll also want to include a file /etc/NetworkManager/conf.d/20-mac-addr-preserve.conf with the contents: [device-mac-addr-preserve] ethernet.cloned-mac-address=preserve wifi.cloned-mac-address=preserve Regards, --dkg _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.