DHCP client disclosing less identifying information.
PrototypeFund demo day, Berlin, 31st August 2017
- network protocol to get IP addresses and networking parameters automatically
- transparent to the end user
- user interact with a network manager
- my laptop: can i have an address?
- server: i can offer you 192.168.1.23
- my laptop: i request 192.168.1.23
- server: assigned to you!
- my laptop: can i have an address?
- btw my laptop name is juga_laptop
- it's a Dell i bought in Copenhague in 2013
- i use Debian with dhclient version 4.3.5
- i like the coffee with milk
- server: i can offer you 192.168.1.23
- btw, you can find milk in the fridge
- reveal identifying information
- new standard to minimize it (RFC 7844)
- only a Windows 10 implementation
dhcpcanon: a prototype Python DHCP client implementing part of the protocol- ideas on how to further develop it
- decisions on what and how to implement: follow Windows 10 implementation instead of restricted version of RFC 7844
- complete the protocol
- automatic testing
- improve documentation
- Debian package
- contact with different Linux distributions to test it
- modified DHCP client code to enable Anonymity Profiles
- code in the process of being merge by
systemdteam
Developing a proper integration in process
A network scanner to show:
- which is the identifying information can be found
- how is different to the Anonymity profiles
- how operating system, device and/or person can be guessed
- suggestions from the main author of the RFC 7844
- presentation: feedback and interesting ideas
- workshop: catch bugs
Interest on integrating dhcpcanon: Debian, Tails, Subgraph, Gentoo, Archlinux
- release early, release often
- divide and conquer (on tasks)
- is fun and productive to work with others
- challenging to explain technical concepts to non technical users
- present earlier to get feedback and bug reports earlier
- strategies to develop awareness (thanks marketing coaching!!)
- worldwide open standards organization
- anyone can participate
- though difficult without funding nor corporate sponsor
- rough consensus and working code
- political and historical reasons
- how the need for the Anonymity Profiles actually happens
- planning :(
- the protocol and integration with operating systems can be more complex than i knew or expected
- more people to test it to be ready for end users
- further development (IPv6)
- further operating systems compatibility (WIP)
- further documentation
- domain and Web page to facilitate finding documentation (WIP)
- final report
- more presentations and/or worshops
- Raspberry Pi image for demonstration purposes
Android, FreeBSD, Mac OS, iOS...
Many people for their very valuable ideas and suggestions.
Excelent PrototypeFund team :-)
juga at riseup dot net
2DA8 1D01 455C 3A00 3219 8850 F305 447A F806 D46B
IRC: #dhcpcanon at havana.baconsvin.org:6697