Bug#980203: linux-image-5.10.0-1-686:i386 ipw2200 returns bogus MAC address. Security implications????

To: Bastian Blank <waldi@debian.org>, 980203@bugs.debian.org
Subject: Bug#980203: linux-image-5.10.0-1-686:i386 ipw2200 returns bogus MAC address. Security implications????
From: Charles Curley <charlescurley@charlescurley.com>
Date: Sat, 16 Jan 2021 12:17:53 -0700
Message-id: <[🔎] 20210116121753.5865d90b@jhegaala.localdomain>
Reply-to: Charles Curley <charlescurley@charlescurley.com>, 980203@bugs.debian.org
In-reply-to: <[🔎] 20210116081945.yvc2opepjophedwz@shell.thinkmo.de>
References: <[🔎] 20210115175547.3cd976c6@hawk.localdomain> <[🔎] 20210116081945.yvc2opepjophedwz@shell.thinkmo.de> <[🔎] 20210115175547.3cd976c6@hawk.localdomain>

On Sat, 16 Jan 2021 09:19:45 +0100
Bastian Blank <waldi@debian.org> wrote:

> On Fri, Jan 15, 2021 at 05:55:47PM -0700, Charles Curley wrote:
> > On boot, NetworkManager does its thing correctly, and gets the
> > machine on the network. However, I use DHCP with fixed addresses.
> > Getting the wrong MAC address throws this off, which is how the
> > problem came to my attention. This is an intermittent problem. Not
> > every boot results in the wrong MAC address.  
> 
> NetworkManager can change MAC addresses for privacy reasons.  Did you
> disable this feature?

I was completely unaware of it until you mentioned it.

The man page for NetworkManager.conf says, in part:

       wifi.mac-address-randomization

           If left unspecified, MAC address randomization is disabled.
           This setting is deprecated for wifi.cloned-mac-address.

So if I read that correctly, one must affirmatively enable it.

A search of the various NetworkManager.conf files did not turn up any
use of that keyword. Nor did a check of the connection-specific file.

root@dragon:~# locate NetworkManager | grep conf$ | xargs grep -i rand
/usr/lib/NetworkManager/conf.d/no-mac-addr-change.conf:wifi.scan-rand-mac-address=no
root@dragon:~# locate NetworkManager | grep conf.d | xargs ls
/usr/lib/NetworkManager/conf.d/no-mac-addr-change.conf

/crc/dragon/etc/NetworkManager/conf.d:

/etc/NetworkManager/conf.d:

/usr/lib/NetworkManager/conf.d:
no-mac-addr-change.conf
root@dragon:~# 

A search of the GTK GUI did not turn up any settings for it.

So, as far as I know, the answer to your question is that it is not
currently enabled.

> 
> > Jan 15 16:15:45 dragon kernel: [278773.780936] wlp2s2: Setting MAC
> > to 8a:f5:74:20:7c:9e  
> 
> So something _deliberately_ sets a local administered MAC address.

Maybe. But what? I don't see anything in /etc/modprobe.d/, modules, or
modules-load.d/.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Reply to:

References:
- Bug#980203: linux-image-5.10.0-1-686:i386 ipw2200 returns bogus MAC address. Security implications????
  - From: Charles Curley <charlescurley@charlescurley.com>
- Bug#980203: linux-image-5.10.0-1-686:i386 ipw2200 returns bogus MAC address. Security implications????
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Bug#980164: firmware-amd-graphics: amd rx 6800 compatibility
Next by Date: Bug#980203: marked as done (linux-image-5.10.0-1-686:i386 ipw2200 returns bogus MAC address. Security implications????)
Previous by thread: Bug#980203: linux-image-5.10.0-1-686:i386 ipw2200 returns bogus MAC address. Security implications????
Next by thread: Processed: Re: Bug#980203: linux-image-5.10.0-1-686:i386 ipw2200 returns bogus MAC address. Security implications????
Index(es):
- Date
- Thread