Re: F40 Change Proposal: Wifi MAC Randomization (System Wide)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sam Varshavchik wrote:
> The ostensible reason for this is that you cannot be tracked by your fixed
> MAC across different APs.

But different APs will typically be operated by different people, who have 
no access to each other's MAC address logs anyway. So what is the point of 
sending them a different made-up MAC?

> Yes, your visits to the same AP can still be tracked by that AP, but
> that's as far as it goes. And the reason for using the same MAC with the
> same AP is to still make it possible to do MAC address filtering.

Sure, I understand that. But it is inherently impossible to allow MAC 
address filtering while blocking MAC address tracking. They are basically 
two use cases of the same thing.

For the randomization implementation, there are actually 2 possibilities to 
get a stable MAC per AP: hash the text SSID, or hash the BSSID. Which does 
NetworkManager use? The text SSID will be the same for all APs belonging to 
the same large network, so hashing with that will not prevent such large 
networks from tracking you, down to knowing pretty accurately where you are 
geographically (because they know which of their APs you connected to). 
Hashing the BSSID instead prevents that (unless the operator manages to 
spoof the same BSSID everywhere, which I guess you cannot really prevent on 
the client side either, though it will fail them if the AP's ranges 
overlap), but it also means that network-wide MAC address filtering will no 
longer work.

Blocking tracking also blocks filtering, and the other way round.

        Kevin Kofler
--
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux