Hi,
Daniel Kahn Gillmor:
> fwiw, i prefer mac address spoofing at the udev layer since it means the
> first userspace tool to see the device gets a chance to set the mac
> address immediately.
Sure, this way of doing things provides better guarantees than
a NM-based approach. But I think it will be harder, if not entirely
impossible, to integrate it into the upcoming network configuration
workflow:
https://labs.riseup.net/code/issues/10491
https://tails.boum.org/blueprint/network_connection
https://labs.riseup.net/code/attachments/download/1293/network-20160306.odg
… since IIRC the idea is to turn the MAC spoofing decision from being
a per-Tails-session one, into a per-network-connection one; there
seems to be a few remaining open questions about this part of the new
design though, so it might change in the future.
Cheers,
--
intrigeri