While I read the documentation I stumbled upon this article about mac address spoofing in Whonix and was surprised that it says that Whonix doesn’t have it by default. Is it still correct info or the article is outdated and you already implemented this feature? Is mac address spoofing needed only in cases when it is connection to the Wi-Fi and wired internet, and is not needed when it is USB Modem? Do I understand right? I’m asking because I used Whonix only in Qubes and thought about switching to Non-Qubes variant.
When there are major new features, we’ll always make sure to edit the main wiki page on the topic.
It needs to be done by the host operating system.
And Whonix-Host Operating System Live ISO, Whonix-Host Installer doesn’t exist yet.
- Home Connections: Spoofing not required + Connectivity Risk in some cases.
- Public Computers
-
The MAC address should not be changed in this scenario, as it may attract unwanted administrator attention to the service/user or simply prevent access to the Internet.
-
- Public Connections such as WiFi Hotspots: Might be useful.
The question if MAC spoofing is “needed” at all. Maybe it is “needed” or “desirable” but not a realistic threat model.
Did you read wiki chapter MAC Spoofing Warning?
MAC spoofing is probably unreliable. Unrelated to Kicksecure, Whonix. Applicable to any operating system.
Whonix might have Reliable IP Hiding but there is no similarly dedicated, actively maintained, well tested MAC randomization project.
MAC spoofing is just bolted-on, low priority. The Linux kernel, Qubes, or anyone does not dedicate their life for the purpose of MAC hiding.
I think at this point, it’s perhaps best to call out:
Reliable MAC hiding is difficult beyond practicality.
(Leak-proof MAC Randomization - Technical Implementation Challenges)
We might also need to put MAC hiding into a bigger context by zooming out 1 level. What is the purpose of MAC hiding?
By default, when using computers, there are some persistent identifiers that can be detected by the internet access point such as a WiFi router / hotspot. A MAC address is one such persistent identifier.
A user that intents to hide their MAC address wishes to hide these persistent identifiers.
How about other persistent identifiers? The wiki mentions Other Location Tracking Risks.
Is it realistic to assume, that a user will keep their Tor entry guards in mind, understands, applies documentation on how to Mitigate the Threat of Guard Fingerprinting?
No, I don’t think so. All projects are far away from a reliable solution to these issues.
What would be needed to reliably solve these issue? The computer would need to start with radio silence. MAC spoofing would need to be reliable. This would probably require Linux kernel improvements. There would need to be a (graphical) user interface on the host operating system which asks the user about their current location and choices. Depending on that, a MAC address and Tor entry guards would be selected.
And we’e not even considering yet the advanced Authentication Fingerprinting Techniques. Or quote Tails MAC Address Design - Active probe fingerprinting - Issue:
No protection against this is implemented yet
4 Likes
Yes, this is a problem for all distros - it is not enabled by default even in Kali Linux, ParrotSec and BlackArch, although hacker communities often discuss MAC address spoofing. It is used situationally.
1 Like
Patrick, maybe add info about MAC address in systemcheck? Many users really think that it is enabled by default in Whonix and Kicksecure.
1 Like
Could add a static message to systemcheck:
MAC address spoofing: impossible
2 Likes