Anonymize /etc/machine-id

madaidan · July 8, 2019, 11:37pm

In anon-base-files, there’s an anonymous /var/lib/dbus/machine-id which is meant to be shared across multiple anonymity focused distros. It doesn’t have a /etc/machine-id though.

Is there any reason not to anonymize this as well?

If not, it should be the same as /var/lib/dbus/machine-id.

Patrick · July 9, 2019, 10:53am

Why doesn’t it exist on my system? Deprecated file, no longer in use? Something still using it?

Does Tails ship one?

related: ⚓ T582 revisit handling of /var/lib/dbus/machine-id

Something useful inside machine-id?

madaidan · July 9, 2019, 2:01pm

It exists on mine. Might be a Qubes thing?

Not that I’m aware of.

It does but they don’t seem to have done anything with it yet.

Patrick · July 10, 2019, 6:43am

Could you please read above link (if not done already) (it talks about
the format of the file), and then implement?

madaidan · July 10, 2019, 2:36pm

It says it’s the same format as the D-Bus machine ID (/var/lib/dbus/machine-id).

Patrick · July 11, 2019, 6:54am

Merged.

Patrick · July 11, 2019, 6:17pm

Not great during upgrades.

Setting up anon-base-files (3:3.6-1) ...

Configuration file '/etc/machine-id'
 ==> File on system created by you or by a script.
 ==> File also in package provided by package maintainer.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** machine-id (Y/I/N/O/D/Z) [default=N] ?

Can we avoid this interactive dpkg conflict resolution dialog? Somehow preseed saying yes?

madaidan · July 11, 2019, 10:22pm

Not sure. I’m not that experienced with dpkg.

jonathanvlan · July 22, 2019, 3:25pm

Anonimizar Machine-id solo es una parte , los ataques que rompen a la red tor buscan algo mas concreto que pueda ser utilizado en el forence como su numero unico de ID / Software IDs Attack / SIA
/proc/sys/kernel/random/boot_id

0brand · July 22, 2019, 4:26pm

Hi jonathanvlan

Welcome to the Whonix community
¡Bienvenido a la comunidad de Whonix!

Used Google translate but not sure of the accuracy.
Usé el traductor de Google pero no estoy seguro de la exactitud.

Anonymize Machine-id is only a part, the attacks that break the network are looking for something more concrete that can be used in the forence as your unique ID / Software IDs Attack / SIA number
/ proc / sys / kernel / random / boot_id

Patrick · October 4, 2019, 4:36pm

10 posts were split to a new topic: hide /proc/sys/kernel/random/boot_id from non-root users

Patrick · October 4, 2019, 4:37pm

21 posts were merged into an existing topic: Restrict hardware information to root

HulaHoop · June 7, 2023, 4:41pm

With systemd 250 introducing an overriding machinei-id option, I don’t know if this needs to be revisited or perhaps this option provides an eaesier way to handle this?

Introducing KERNEL_INSTALL_MACHINE_ID= support within /etc/machine-info. This value will be preferred over any /etc/machine-id value.

extraextra · June 8, 2023, 8:14pm

/etc/machine-info seems to be an additional file that might need anonymization.