User: Password:
|
|
Subscribe / Log in / New account

Picking a MAC address for a FreedomBox

Picking a MAC address for a FreedomBox

Posted Dec 6, 2012 18:17 UTC (Thu) by marcH (subscriber, #57642)
Parent article: Picking a MAC address for a FreedomBox

> But, as John pointed out, there is another problem: real-world MAC addresses follow a specific pattern; a random address, being unlikely to fit that pattern, would probably stand out like a neon sign to anybody who is looking for it. To be convincing, a system-chosen MAC address cannot be completely random.

I don't understand why a random (and obviously changing) MAC address should look not random. Could someone summarize the problem here?


(Log in to post comments)

Picking a MAC address for a FreedomBox

Posted Dec 6, 2012 18:42 UTC (Thu) by BenHutchings (subscriber, #37955) [Link]

The MAC address isn't going to 'obviously change'; it's the only thing identifying your hardware so without some sophisticated fingerprinting at a higher level there is nothing to tie the old and new addresses together as being a single device.

However, randomised MAC addresses are normally flagged as 'locally-assigned', per the IEEE 802 standard, which could become an indicator of 'something to hide' if most devices use fixed globally-assigned addresses. (I don't know how true that is; quite a few Linux network device drivers support boards without NVRAM fitted, for which they generate a random address at boot.) Even if you decide to violate the standard and 'steal' a globally-assigned address, you'd then want to be sure to pick an OUI (22-bit manufacturer ID) that has actually been assigned.

Picking a MAC address for a FreedomBox

Posted Dec 6, 2012 23:53 UTC (Thu) by marcH (subscriber, #57642) [Link]

> The MAC address isn't going to 'obviously change';

In the context of these articles (randomizing a MAC address) the address should obviously not be randomized just once but be changed on a regular basis, otherwise it could be followed just like a factory address can.

This is just the main point of the article.

> it's the only thing identifying your hardware so without some sophisticated fingerprinting at a higher level there is nothing to tie the old and new addresses together as being a single device.

... so changing it on regular basis works. Violent agreement?!

> However, randomised MAC addresses are normally flagged as 'locally-assigned', per the IEEE 802 standard, which could become an indicator of 'something to hide'

This does not really seem to match what Jon wrote above, but it is clearer and does answer my question; thanks.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds