Hi Jonas-- On 07/20/2013 02:38 PM, Jonas Smedegaard wrote:
> I do understand that use of MAC addresses is part of the RFC standard > and is legal to circumvent. My concern here is that it sounds like the > quite common libuuid may leak MAC address by _default_ i.e. need special > care at each use that may later be exposed to external hosts. The subject of this thread is "secure UUIDs" -- but i take it from the content that the only concern is about leaking the system's MAC addresses via a generated UUID. there are many other ways that a system can "leak" a MAC address, including simply talking to other machines on the local network segment (of course), and using standard IPv6 address allocation schemes (without the "privacy extensions" -- see "privext" in interfaces(5) or read http://tools.ietf.org/html/rfc4951). While i think it would be great if someone wanted to make sure that the default UUID generation in the toolchain we use doesn't leak the MAC address, i don't think that's going to solve the "mac address leak" problem. Seems like if you want to solve that problem at a deeper level, you should regularly change the mac address of your machine. Maybe the work that tails folks are doing would be useful here: https://tails.boum.org/blueprint/macchanger/ Regards, --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
