Tails does verify, that randomly chosen MAC does not equal the real MAC by chance.
>From tails-spoof-mac [1] (code: [A]) > # There is a 1/2^24 chance macchanger will randomly pick the real MAC > # address. We try to making it really unlikely repeating it up to > # three times. Theoretically speaking this leaks information about the > # real MAC address at each occasion but actually leaking the real MAC > # address will be more serious in practice. quu9ohch [2] [3]: > P.S. Avoiding the "real" mac address is a bogus approach as well. If all users were to avoid their real mac addresses all the time then, with enough data, a local passive adversary could identify each user by estimating which mac address they never pick. [3] marmarek: > If you _randomly_ hit your own MAC address, I think this isn't a problem at all. Actually changing that behavior may introduce some bias in that randomness. But if you're talking about some error which results in not changing the MAC (even if randomly chosen one was different than original), that's the problem. Cheers, Patrick [1] https://git-tails.immerda.ch/tails/plain/config/chroot_local-includes/usr/local/sbin/tails-spoof-mac [2] https://github.com/quu9ohch [3] https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-155684781 [4] https://github.com/QubesOS/qubes-issues/issues/938#issuecomment-151239727 [A] for i in 1 2 3; do if ! spoof_mac "${NIC}"; then # If our MAC spoofing primitive fails, we fail safe by forcing # us to enter into panic mode. unset NEW_MAC break fi NEW_MAC="$(get_current_mac_of_nic "${NIC}")" if [ "${OLD_MAC}" != "${NEW_MAC}" ]; then break fi done _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.