Merge pull request #224 from taivlam/patch-1

Minor edits in anonymizing-your-mac-address.md
This commit is contained in:
Ivan 2022-11-09 06:54:17 +00:00 committed by GitHub
commit c442be4641
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,30 +1,30 @@
Anonymizing your MAC Address
Anonymizing your MAC address
============================
Although it is not the only metadata broadcast by network hardware, changing the default [MAC Address](https://en.wikipedia.org/wiki/MAC_address) of your hardware could be [an important step in protecting privacy](https://tails.boum.org/contribute/design/MAC_address/#index1h1).
Although the MAC address is not the only metadata broadcast by network hardware, changing your hardware's default [MAC Address](https://en.wikipedia.org/wiki/MAC_address) could be [an important step in protecting privacy](https://tails.boum.org/contribute/design/MAC_address/#index1h1).
Qubes OS 4.1 and higher already anonymize all Wifi MAC addresses [by default](https://github.com/QubesOS/qubes-core-agent-linux/blob/master/network/nm-31-randomize-mac.conf) - they change during every Wifi session.
So there is **no need** to apply any of the below instructions if you're only interested in Wifi connections. Users requiring Ethernet MAC address anonymization may want to read on.
Qubes OS 4.1 and later already anonymize all Wi-Fi MAC addresses [by default](https://github.com/QubesOS/qubes-core-agent-linux/blob/master/network/nm-31-randomize-mac.conf) - they change during every Wifi session.
So there is **no need** to apply any of the instructions below if you're only interested in Wi-Fi connections. Users requiring Ethernet MAC address anonymization may want to read on.
## Randomize a single connection
Right click on the Network Manager icon of your NetVM in the tray and click 'Edit Connections..'.
Right click on the Network Manager icon of your NetVM in the tray and click 'Edit Connections...'.
Select the connection to randomize and click Edit.
Select the Cloned MAC Address drop down and set to Random or Stable.
Stable will generate a random address that persists until reboot, while Random will generate an address each time a link goes up.
Select the "Cloned MAC Address" drop-down list and pick either 'Random" or "Stable'.
'Stable' will generate a random address that persists until reboot, while 'Random' will generate an address each time a link goes up.
![Edit Connection](/attachment/wiki/RandomizeMAC/networkmanager-mac-random.png)
Save the change and reconnect the connection (click on Network Manager tray icon and click disconnect under the connection, it should automatically reconnect).
Save the change and reconnect the connection (click on Network Manager tray icon and click "Disconnect" under the connection, it should automatically reconnect).
## Randomize all Ethernet and Wifi connections
## Randomize all Ethernet and Wi-Fi connections
These steps should be done inside a template to be used to create a NetVM as it relies on creating a config file that would otherwise be deleted after a reboot due to the nature of AppVMs.
Write the settings to a new file in the `/etc/NetworkManager/conf.d/` directory, such as `00-macrandomize.conf`.
The following example enables Wifi and Ethernet MAC address randomization while scanning (not connected), and uses a randomly generated but persistent MAC address for each individual Wifi and Ethernet connection profile.
The following example enables Wi-Fi and Ethernet MAC address randomization while scanning (not connected), and uses a randomly generated but persistent MAC address for each individual Wi-Fi and Ethernet connection profile.
~~~
[device]
@ -53,7 +53,7 @@ You can check the MAC address currently in use by looking at the status pages of
DHCP requests _may_ also leak your hostname to your LAN. Since your hostname is usually `sys-net`, other network users can easily spot that you're using Qubes OS.
Unfortunately `NetworkManager` currently doesn't provide an option to disable that leak globally ([Network Manager bug 584](https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/584)). However the below alternatives exist.
Unfortunately `NetworkManager` currently doesn't provide an option to disable that leak globally ([Network Manager bug 584](https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/584)). However, the alternatives below exist.
### Prevent hostname sending