I would like to raise community awareness on MAC address anonymization. Tails project actually documents various threats at Tails - MAC address anonymization
While using Wifi is generally recommended against, I guess people use it and from my perspective we should closely follow what Tails is going to release here (currently in testing) to actually protect the host operating system we use for the Whonix VMs. Hope it’s appreciated to point you to afore mentioned resources here.
I actually use Tails on a very regular basis and I’m currently waiting for their 0.22.1 release. Afaik, Tails 0.22.1 will (hopefully) include a reference implementation for the very first time. That said, I’m definitely interested in that very feature and I’ll anyways try to thoroughly understand how everything works together in order to push it into a Debian (which Tails also is based upon) host operating system serving Whonix.
That said, I have to say, that despite the Linux/Debian system administration experience that I have, I have a whole lot of respect of what both you and the Tails developers do on a regular basis. I mean, people’s utmost security is dependent on your work. I’m pretty confident that I’m capable to get my hands wet here. I’d like to have a thorough triple-check from 3rd parties (you?) though before we tell people to use it with their host operating systems and depend on it. I guess you know what I mean.
I don’t know if the most recent “stable branch rc” 0.22.1~rc1 also include it just yet. I (this time) have tested neither the “feature build” nor the most recent “stable branch rc” (yet) due to time constraints.
I hope that the new stable 0.22.1, due to be released end of January, will include the feature. That’s when I’m definitely going to upgrade.
I know it has been a while, but curious . . . any updates on this one?
If a MAC address is truly random, would this not raise “red flags” to a party monitoring the network? For example: say I create a purely random MAC address that does not link up to any known type of hardware to exist, would this not raise questions by the monitoring network? The idea behind my question is that the adversary would know that my MAC address did not link up with any real existing hardware and therefore I would become a target for heightened surveillance.
Regarding (2): assuming my thinking is correct, it seems to me that true MAC address randomization would be not as good as some type of pseudo-randomization of the MAC address (i.e. generating random MAC addresses based upon a very popular network controller).
Interested in any thoughts anyone has to add on this . . .