Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 10 Jun 2017 09:00:53 +0200
From: HacKurx <>
To: Matt Brown <>, Theodore Ts'o <>,
 intrigeri <>
Subject: Re: Patch for random mac address

Le 09/06/2017 à 15:11, Matt Brown a écrit :

> On 5/25/17 11:48 AM, Theodore Ts'o wrote:
>> On Thu, May 25, 2017 at 09:31:15AM +0200, intrigeri wrote:
>>> HacKurx:
>>>> Because this would be useful for distributions like Tails, Subgraph
>>>> OS, Kali Linux and other ...
>>> For what it's worth, it's unlikely that Tails ever uses this unless it
>>> can be controlled at runtime from userspace: we need to give users an
>>> option to disable MAC address randomization, because it breaks network
>>> connectivity in some cases.
>> BTW, in case people aren't aware ---- you can set the MAC address from
>> userspace already:
>> Package: macchanger
> Yeah I've used this program before. If you want it to always run at boot
> you can write a service script for your init system of choice and set it
> to run on start up.
> In what way does this patch protect you more than a start up script as
> described above?
> Matt
Because macchanger use the kernel...
It is loaded too late and increases the risk of the MAC address does not change. See:

Does your startup script depend on systemd? Who it depends on udev and recommend dbus ...
Is the permanent MAC address stored in the system logs (boot, ipv6, firewall) ?
If a user use journalctl under ubuntu he could see this without sudo ...

For me randomize MAC in a kernel is be the best method to do this.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.