TAILS MAC Address Spoofing [Security Fix]
Originally created by @humanrightsdefender on #15208 (Redmine)
Hello!
As a human rights defender for me my security is extremly
important!
*
Tails currently have a problem with spoofing MAC* because when you
connect to a network Tails will expose the half of your permanent MAC
address which is in my opinion very serious since if this bug if not
fixed correctly as I will describe below than the issue will gives law
enforment a very good idea about the permanent MAC address of the
targeted individual who uses Tails on the same network a few times. The
seizure of the device where Tails used will be inevitable considering
that the law enforcement or spy agencies already have the half of your
permanent MAC. In my case that can be fatal and I beleive that
activists who using Tails must have default configuration which spoofing
and preserve a fully random MAC address.
This is how your MAC has been exposed partly on the current and previous versions of Tails:
after boot (looks good until this point)
amnesia@amnesia:~$ macchanger wlan0 -s
Current MAC: 4a:9b:c2:12:69:0c (unknown)
Permanent MAC: ae:fe:70:72:2a:1d (Intel Corporate)
after connecting to a network (the permanent MAC partly exposed)
amnesia@amnesia:~$ macchanger wlan0 -s
Current MAC: ae:fe:70:d5:8d:49 (Intel Corporate)
Permanent MAC: ae:fe:70:72:2a:1d (Intel Corporate)
FIXING MAC SPOOFING ON TAILS
Edit /live/persistence/TailsData_unlocked/macchanger/spoof-mac.conf as follows:
<code class="text">
[device]
wifi.scan-rand-mac-address=yes
[connection]
wifi.cloned-mac-address=stable
ethernet.cloned-mac-address=stable
</code>
Than cp -avf /live/persistence/TailsData_unlocked/macchanger/spoof-mac.conf to /etc/NetworkManager/conf.d/spoof-mac.conf
Now let’s add the following line to /live/persistence/TailsData_unlocked/persistence.conf
<code class="text">
/etc/NetworkManager/conf.d source=macchanger
</code>
If you followed and saved everything than you can reboot now.
That’s all! Now you have a spoofed fully random MAC address which is
not exposing the half of your permanent MAC and manufacturer!
Related issues
- Is duplicate of #7078 (closed)
- Is duplicate of #7038