-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Don't broadcast the MAC address by default #8633
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: develop
Are you sure you want to change the base?
Conversation
- Add config.device.send_mac_address in NodeDB.cpp - Randomize the nodenum on first boot - A factory reset generates a new nodenum
|
Note for reviewers: this is considered a breaking change and requires community discussion. |
|
While it improves the security, reduces the easy to use factor. Users will have a "new node" on each reset / flash when erasing. Also opens up a new attack vector: "This is ME, i just resetted my node. Trust me." Just needs to copy the long+short name. |
|
Thank you for the PR, but we will be addressing this in 2.8 and have already started on an option to derive the nodenum from the pubkey rather than the mac address. |
Agreed, however it could be a option when resetting instead. Old nodes which get deleted eventually are worth having for people's privacy.
Yes, but not one which Meshtastic defends against currently. Correct me if I'm wrong, but anyone can already change their MAC address and/or NodeID to an existing user's and say, "I reset my node/key." Checking keys is the only way to reasonably verify someone's identity.
This wouldn't prevent tracking over time. People should at least have the option to randomize the NodeID. |
Thank you for your work on that. Should I propose the MAC address parts of this on the XEdDSA branch instead? NodeID randomization is just a way to make things work until private key based NodeIDs are implemented. |
Fixes #8336.
This is a proof of concept. The config variable needs to be added in protobufs in order for the build to be successful.
This significantly improves privacy and slightly improves security.
Simply removing the option to share the MAC address, or making it a variant flag, is an acceptable alternative.
Further possible step: remove macaddr from nodeinfo
🤝 Attestations