Bug #17599
The local hostname identify the system as Tails
0%
Description
we received a few anonymous reports in the past months from users complaining that the router or AP can identify a Tails system by the hostname. Maybe it would be possible to make it less obvious that a Tails is connected (the user is asking that it be ‘randomized’ but maybe just set it to debian’s default or something…)
Subtasks
History
#1 Updated by CyanSki5555 2020-04-06 20:19:17
Yes, ‘amnesic’ allows the local router/network administrator to instantly identify a Tails OS user via the ‘amnesic’ hostname, and therefore the hostname should be set to a generic hostname to blend into the worlds most common hostnames to obtain anonymity by blending into the crowd.
Good Hostnames:
home
lobby
office
school
laptop
Something generic and common is best for hostname anonymity.
*Also, please include some OBFS4 bridges with default Tails so we can use some OBFS4 bridges more easily! Thanks :)
#2 Updated by intrigeri 2020-04-15 15:25:09
> we received a few anonymous reports in the past months from users complaining that the router or AP can identify a Tails system by the hostname.
How is this info leaked to the router or AP?
#3 Updated by geb 2020-04-15 17:00:11
Most AP/routers use the dhcp hostname to display who/which device is connected. Actually this hostname seems to be forced to “amnesia” but should not be sent by dhclient: https://git-tails.immerda.ch/tails/tree/config/chroot_local-patches/dhcp-dont-send-hostname.diff.
(Will verify it is effectively sent and update this comment according)
#4 Updated by geb 2020-04-15 20:38:25
My guess (about nm bypassing dhclient conf, nmcli con show eth0 | grep name) was wrong. The DHCP exchange doesn’t include the amnesia name.
Moreover I was not able to find any packet sent by Tails with the amnesia label on it, in a ~1 hour browsing / working session (at least no one in cleartext that ngrep was able to open).
#5 Updated by intrigeri 2020-04-16 10:26:03
- Assignee changed from intrigeri to goupille
Hi,
> Most AP/routers use the dhcp hostname to display who/which device is connected. Actually this hostname seems to be forced to “amnesia” : https://git-tails.immerda.ch/tails/tree/config/chroot_local-patches/dhcp-dont-send-hostname.diff.
That patch is meant to disable sending the hostname in the DHCP request.
We even have an automated test about this: features/dhcp.feature
> Moreover I was not able to find any packet sent by Tails with the amnesia label on it, in a ~1 hour browsing / working session (at least no one in cleartext that ngrep was able to open).
That’s what I would expect.
So, I’m curious where this claim comes from: “the router or AP can identify a Tails system by the hostname”.
If somebody can find information to support this claim (e.g. “I see ‘amnesia’ written in page X of my Wi-Fi AP web interface”), then we should investigate what causes the leak.
If this claim came from guessing that probably we leak the hostname, but without verifying whether it’s the case, then IMO we should close this ticket.
#6 Updated by goupille 2020-04-17 15:43:22
- Status changed from Confirmed to Rejected
intrigeri wrote:
> That patch is meant to disable sending the hostname in the DHCP request.
> We even have an automated test about this: features/dhcp.feature
glad to read that :)
>
> So, I’m curious where this claim comes from: “the router or AP can identify a Tails system by the hostname”.
> If somebody can find information to support this claim (e.g. “I see ‘amnesia’ written in page X of my Wi-Fi AP web interface”), then we should investigate what causes the leak.
> If this claim came from guessing that probably we leak the hostname, but without verifying whether it’s the case, then IMO we should close this ticket.
I opened that ticket and set it to ‘confirmed’ because we received several reports mentioning that, but I now suspect that they were all sent by one user (or maybe by several users discussing it elsewhere). I may have rushed into creating this ticket. I contacted the user and asked for what makes them think this information is leaked, and I’m all for rejecting this ticket until we receive an answer.
#7 Updated by intrigeri 2020-04-17 15:49:55
> I may have rushed into creating this ticket.
No worries, that’s OK!