schwabe
commented
1 year ago Could you explain why you need to spoof IV_HWADDR?
Closed DanielKonopka closed 1 year ago
schwabe
commented
1 year ago Could you explain why you need to spoof IV_HWADDR?
DanielKonopka
commented
1 year ago Just for my own "peace of mind", I'm paranoid about privacy. There were cases I forgot to enable Orbot proxy in a OpenVPN's profile and connected to it directly, with my IP address. I know the MAC address is obfuscated (I have looked at the source code), but it still is a fixed, constant one and I don't want it to be associated with my TOR IP exit addresses afterwards.
Could you please at least make IV_HWADDR optionally change to a random one every, say, 30 minutes?
schwabe
commented
1 year ago the mac addr is only send to the server if push-peer-info is enabled.
DanielKonopka
commented
1 year ago If that is the case, then why
setenv IV_HWADDR xx:xx...
still appears in the generated config, even when Push Peer Info is Disabled (no push-peer-info line in generated config)? Is this intentional or a bug?
schwabe
commented
1 year ago Intentional lazyness. Makes the logic in my app easier just to always generated and include it.
Developer, could you please add possibility to spoof (and alter on demand) IV_HWADDR for both OpenVPN 2 & OpenVPN 3 cores?
The way it is now is quite cumbersome, since IV_HWADDR is generated and based on Android's SSAID (Settings.Secure.ANDROID_ID). This, AFAIK, forces the user to create a new, additional Android user account, or perform a factory reset of the device, whenever they want to change their SSAID (and in turn IV_HWADDR).