Re: [Tails-dev] [Freepto] Let's share username, /etc/hostn…

Delete this message

Reply to this message
Author: Patrick Schleizer
Date:  
To: Everything about freepto, The Tails public development discussion list, Abel Luck, Patrick Schleizer, matth
Subject: Re: [Tails-dev] [Freepto] Let's share username, /etc/hostname and /etc/host among all anonymity distributions
Hi!

intrigeri:
> I'm coming back on the shared username/hostname thing, that was
> rediscussed a bit lately, with input from Freepto and pointers to
> Subgraph OS code, on a Tails ticket:
>
>     https://labs.riseup.net/code/issues/5655

>
> As you can see in my comment #6 there, it's unclear to me what's best,
> between sharing fixed values and randomizing it. Each solution has
> pros and cons. What do you think?


It is indeed a hard decision.

Let's think again of examples where this might happen. And then
determine with which strategy users would be better off in which case.

- ssh uses <username> for login if not explicitly told otherwise
-> server knows you're a Tor user anyway -> better off with shared value

- <username> (as part of the path) is sometimes encoded into user
created content (images, firefox screenshot addon). Maybe only in user
installed extra packages.
-> when you upload them, server knows you're a Tor user anyway -> better
off with shared value
-> when you send the file to a third party (a journalist or so) who
"hides" the users use of Tor -> you might prefer a random value over a
shared one?

- mixmaster (postfix) leaks <host_name>.<domain_name> to the mailserver.
-> server knows you're a Tor user anyway -> better off with shared value

- IRC clients not (pre)configured for privacy leak ident = username
-> server knows you're a Tor user anyway -> better off with shared value

- Please don't nail me for other examples. These are just a few I observed.

Having these cases in mind, I slightly prefer shared value.

Cheers,
Patrick