Is this cause android and apple have it and there could be a case where an authentication issue would arise due to having the same MAC as another device?
Not sure why tails is so late in the game to implement full spoofing of the mac yet?
Agreed. I’d like to hear the reason too.
This would clear up some tracking concerns more but IIRC I think the reason is issues with certain wifi cards or support from certain wifi drivers causing spoofing failure.
Understandable. However, this should be an option on the Tails menu where you’re able to disable/enable things. A clear warning/information about the spoofing should suffice.
Why does Tails not spoof full Mac Address?
The current is a deliberate design trade off between anonymity and network compatibility.
Mac Address consists of two parts in the address: [OUI][NIC]
The OUI is the vendor ID and the NIC (Network Interface Card) is essentially the unique part. Though this is constantly debated cause a person using an older or unique computer probably has a unique OUI in the first place. Now if that said user connects to the same network, its pretty obvious to anyone monitoring the dhcp logs or other form of network logs that its the same device.
Part of their reason (only speculating here) like you mentioned “authentication”, is public Wi-Fi networks, hotels, and enterprise environments use the MAC address as a lightweight authentication token after connecting. Example some networks may kick you off after a certain amount of time passes.
But again I’m not sure if tails mac spoofing randomizes a new mac upon every connection or its stable randomization for the boot session? Like say network connection drops, then you re-connect now you have new mac and have to do a captive portal again. Someone like a dev or something could clarify this.
To my knowledge is that layer 2 Maps IP to MAC, Not Hostname to MAC so two devices with the same MAC but different hostnames would not solve broken connection.
Arguable I think this could be revisited but would be better to add option in the helper for those that want it. Like those that choose to disable unsafe browser on their home network might also want full random on their home network. While other user may need the default cause of certain issues like auth or spoofing failure.
Agreed! I hope it’s added eventually.