On Fri, Nov 11, 2016 at 8:47 AM, Chris Adams <li...@cmadams.net> wrote:
> Once upon a time, Stephen Gallagher <sgall...@redhat.com> said: > > The thread on Fedora Devel revealed some other issues which need to be > > considered carefully. One of these is that of privacy: for example, the > DHCP > > client will send the machine's hostname as one of the cues to the DHCP > server > > for acquiring a lease. While this is fine on private networks, there's a > valid > > concern that this might be undesirable on a public hotspot. > > I manage several DHCP servers for service providers and public venues. > While it is true that the client-provided hostname is logged, I would > say it is of little value to someone trying to use that information (the > number of "Jeff's iPhone" and such is very high). > > Also, if someone was trying to identify you from DHCP, they have your > MAC address to tie everything together with (so they know if you have a > Dell notebook or a Samsung tablet for example), and they can also narrow > down OS and such by requested options or their absence (and that can > start narrowing it down to releases as well). > > I think concerns about "leaking" a generated hostname are pretty > minimal. If someone is concerned about that, there are a number of > other changes they'll probably be making, and they can set a non-default > hostname in that process. > I thoroughly disagree. NetworkManager already has the ability to randomize MAC addresses to keep them from leaking. DHCP options and such will, at most, identify your distro and maybe some installed packages. The fact that some NetworkManager settings will leak the MAC address is *not* an excuse to leak a hostname. Privacy and security issues are never solved by saying "well, there's already a problem, so let's add a new problem". Right now, if you leave your hostname at the "localhost" default, randomize your MAC, and route everything over a VPN, you're actually doing quite well. Let's not make it worse, please. --Andy
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
