Re: RFC (round 2): Change the default hostname for Fedora 26+

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Nov 11, 2016 at 8:47 AM, Chris Adams <linux@xxxxxxxxxxx> wrote:
Once upon a time, Stephen Gallagher <sgallagh@xxxxxxxxxx> said:
> The thread on Fedora Devel revealed some other issues which need to be
> considered carefully. One of these is that of privacy: for example, the DHCP
> client will send the machine's hostname as one of the cues to the DHCP server
> for acquiring a lease. While this is fine on private networks, there's a valid
> concern that this might be undesirable on a public hotspot.

I manage several DHCP servers for service providers and public venues.
While it is true that the client-provided hostname is logged, I would
say it is of little value to someone trying to use that information (the
number of "Jeff's iPhone" and such is very high).

Also, if someone was trying to identify you from DHCP, they have your
MAC address to tie everything together with (so they know if you have a
Dell notebook or a Samsung tablet for example), and they can also narrow
down OS and such by requested options or their absence (and that can
start narrowing it down to releases as well).

I think concerns about "leaking" a generated hostname are pretty
minimal.  If someone is concerned about that, there are a number of
other changes they'll probably be making, and they can set a non-default
hostname in that process.

I thoroughly disagree.

NetworkManager already has the ability to randomize MAC addresses to keep them from leaking.  DHCP options and such will, at most, identify your distro and maybe some installed packages.  The fact that some NetworkManager settings will leak the MAC address is not an excuse to leak a hostname.  Privacy and security issues are never solved by saying "well, there's already a problem, so let's add a new problem".

Right now, if you leave your hostname at the "localhost" default, randomize your MAC, and route everything over a VPN, you're actually doing quite well.  Let's not make it worse, please.

--Andy
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux