P802E: Recommended Practice for Privacy Considerations for IEEE 802
Technologies
https://1.ieee802.org/security/802e/
I see they went for a PAR extension back in July and expected to be in
SA balloting in January. This would mean they had to finish WG
balloting at the Nov Plenary.
The draft is private. You have to be an IEEE member to buy the draft.
If you attend the meetings, you get free access. The next 802.1 & .3
meeting is in Geneva the week of Jan 20 (802 wireless is meeting in
Irvine week of Jan 13).
But you can pretty much get the whole older draft at:
http://www.ieee802.org/1/files/public/docs2017/802E-henry-private-threat-analysis-0115-v01.pdf
And there is one update I found at:
http://www.ieee802.org/1/files/public/docs2019/802e-riegel-privacy-threat-model-0719-v1-cb.pdf
On 12/3/19 6:10 AM, Robert Moskowitz wrote:
On 12/3/19 3:52 AM, Tim via users wrote:
On Mon, 2019-12-02 at 13:29 -0500, Robert Moskowitz wrote:
MAC randomization is now the rule for all interfaces which gives DHCP
and other technologies challenges. In this case, IEEE 802.11 was
actively involved in this privacy enhancement.
As with any such advancement, it has its pros and cons.
All I see in that is a badly mismanaged logistical nightmare. In my
opinion it should only be done as a deliberate choice. Within a LAN,
firewall rules will be built on IP and/or MAC, if you want to give
someone some trust above (what should be) the default untrusted level,
you need something consistent to identify the device.
We have part of the networking/firewalling configuration where you can
declare a connection is home, public, untrusted, etc. Randomising
could be a choice in there, or a suitable preselection with some of the
choices (i.e. preselecting no randomising on a trusted home LAN,
preselecting to have randomising on a new or public connection).
I'd hate to be trying to do something somewhere with bad network, and
everytime you lost connection your MAC and IP change.
I'm really not sure what benefit you get from MAC randomising, anyway.
It's only supposed to stay within your local network, who can already
datalyse you in a myriad of ways. Likewise, there's a plethora of
things that datalyse you on the web, your browser is probably the
worst software you can use.
Unfortunately, your MAC addr does not stay local.
First is IPc6 addr construction. Your IP address is now recognized as
a major tracking of activity number.
Then web browsers do allow javascripts and to like to harvest the MAC
addr to add to the data collected on the client. More tracking.
There are a lot of documents out there that are looking into how
numbers are being used to track, and in some cases, harm people. Thus
the move to 'break the chain'.
This is not my area. I was involved early on, but for the most part
walked away from the work. Or rather no one was funding me to work on
it once I was RIFed from Verizon. Note that there are a lot of
changes coming out that will alter some fundamental things in the
Internet. It will take time, and money, for this all to flush through.
Perhaps more later. Got to run.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
