Re: [Tails-dev] Let's share username, /etc/hostname and /et…

Delete this message

Reply to this message
Author: Abel Luck
Date:  
To: tails-dev
New-Topics: Re: [Tails-dev] Let's share username, /etc/hostname and /etc/host among all anonymity distributions
Subject: Re: [Tails-dev] Let's share username, /etc/hostname and /etc/host among all anonymity distributions
adrelanos:
> Hi!
>
> Why?
>
> Username, /etc/hostname and /etc/host can leak through the protocol or
> files.
>
> For example:
> - ssh uses <username> for login if not explicitly told otherwise
> - <username> (as part of the path) is sometimes encoded into user
> created content (images, firefox screenshot addon). Maybe only in user
> installed extra packages.
> - mixmaster (postfix) leaks <host_name>.<domain_name> to the mailserver.
> - Please don't nail me for other examples. These are just a few I observed.
>
> Wouldn't it be a fine (and easy to implement) improvement to set those
> values to a shared value telling as little as possible?
>
> Current state:
>
> Tails
> username: amnesia
> /etc/hostname: amnesia
> /etc/hosts: 127.0.0.1 localhost amnesia
>
> Whonix
> username: user
> /etc/hostname: debian
> /etc/hosts: 127.0.1.1 debian
>
> Liberte Linux
> username: anon
> /etc/hostname [1]: liberte
> /etc/hosts [2]: 127.0.0.1 liberte.local liberte
>
> Proposal:
>
> Tails, Whonix, Liberte Linux and whoever wants to join uses:
>
> username: user
> /etc/hostname: user
> /etc/hosts: 127.0.0.1 user.localdomain user
>
> Open for better proposals. Goals: not breaking existing applications or
> hidden service configuration; revealing as little as possible. These
> files generally have the purpose to get identified and contacted (in
> case of server) so the question what the most anonymous and widespread
> ones are is a bit difficult. "user" has been chosen because in case of
> ssh it looks like user@server has been copied from the manpage and
> unspecific to the anonymity distribution.
>


+1 from me over here on Qubes.