Hostname privacy issues

Whonix and madaidans guide recommend setting hostname to host.

I think this is a good convention to add to PrivacyGuides.org (it’s already suggesting using user as a username), and the more people use it, the easier to blend in. However, here are my issues with this:

  1. I don’t know why hostname isn’t emphasized as much as MAC randomization despite being more troublesome. In the end MAC can be randomized, but hostname doesn’t usually change.
  2. While agreeing on host would make it easier to blend in, this is not the case when other people in the network never use this convention, which makes you stand out even more. In that case, wouldn’t something like “iPhone”, or “Samsung” be better?
  3. The threat model that MAC randomization considers is ISP tracking. But even if all hostnames are host, ISP could fingerprint a connected device by their browsing patterns, even when using encrypted DNS. If a person usually browses philosophy debates forums, ISP can know him as the “philosophy guy”. If course using VPN or TOR is a different deal, and in that case MAC randomization wouldn’t matter, would it?

iPhones and some Android phones don’t send a hostname at all by default, so if you want to blend in then you should set your hostname to be blank. I think you’re right that setting it to “host” would make you stand out quite a bit.

Not sure what you mean by MAC randomization wouldn’t matter, if you connect to multiple networks while using the same MAC address then they can all see it’s the same device whether you use Tor or not. Your browsing habits would be hidden yes, but they could tell “this device was on these networks”.

1 Like

Avoiding standing out or fingerprinting is not the goal of this change. The reason Whonix recommends setting the hostname to host is so you make sure your hostname isn’t set to e.g. Jonahs-MacBook-Pro, revealing your name. Many (Apple and Linux) devices do this by default.

1 Like

NetworkManager on Linux won’t send hostname if it is localhost: NetworkManager.conf: NetworkManager Reference Manual

An hostname empty or equal to ‘localhost’, ‘localhost6’, ‘localhost.localdomain’ or ‘localhost6.localdomain’ is considered invalid.

Android ~10+ will send device name as hostname.
GrapheneOS and DivestOS don’t send hostname.

On the topic of hostname and MAC there is also:

GrapheneOS and DivestOS have mitigations for both.
For example CalyxOS on FP4 right now is impacted by that IPv6 reuse issue: https://gitlab.com/CalyxOS/kernel_fairphone_sm7225/-/commits/android13/net/ipv6/addrconf.c

The threat model that MAC randomization considers is ISP tracking

ISP can’t see MAC unless your device is directly connected to their modem/router/ap box.

1 Like