On Thu, Mar 01, 2018 at 05:52:48AM -0800, billol...@gmail.com wrote: > On Thursday, March 1, 2018 at 12:08:19 AM UTC-5, Chris Laprise wrote: > > On 02/28/2018 08:23 PM, 'awokd' via qubes-users wrote: > > > > BTW, as an example of Qubes-specifics in this issue, on sleep/wake > > networkVMs don't process the normal array of events and system states > > that bare-metal Linux distros do. At least this was the case for 3.x. > > The result was that advocates of the macchanger script method (which > > relied on such events and related hooks) recommended that users keep a > > watch on the current MAC address and restart sys-net whenever it > > reverted (waking from sleep was the most common/blatant example). They > > didn't care to address the fact that the waking system was already > > broadcasting the original address before the user had a chance to > > restart sys-net (and not to mention the unmitigated headache of > > restarting/reassigning all the dependant VMs). > > > > > > > > Well, to be honest, I haven't kept up with it once I decided it wasn't going > to work. As I remember (and this is back before systemd, and you could still > control everything from the /etc/rc<n>.d files very easily), I put a little > script in /etc/init.d and did the macchanger thing before I allowed the > network to connect to anything. If the network turned off, then it would > randomize when it turned on. > > I don't remember it reverting, but I may have just not been paying attention > (or have forgotten in the haze of time -- it's amazing to me how quickly one > forgets little sysadmin tricks when one stops doing it all the time). I > never dealt with VMs except for running Windows in Virtualbox, so I am > clueless there... ... though I am getting interested again playing with > qubes. >
The problem with NM method is that it gives you a fully random MAC which makes you stand out like a sore thumb. Also, with some NICs, it's easier to drop NM and use something like wicd, so the macchanger instructions remain useful. I've used macchanger for years now, without leakage. But then, I'm a strong advocate of NOT using the network over a sleep/wake cycle. I see no point in using MAC randomisation if you're spewing out content when you wake from sleep. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180302104332.knadlhsttvy37cfd%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
