-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/21/2013 01:11 PM, Yardena Cohen wrote:
It appears to be staying up-to-date. At this very
moment there are
5 obsolete dhcp leases hanging around, but none shows up in
/proc/net/arp
Entries in the ARP table time out after a pseudorandom period of time
but they do time out. Read the arp(7) manpage for details.
After a week of this, I'm wondering if it's
better to dissociate
this stuff entirely from the network logic. Maybe all interfaces
should just be randomized at boot time and/or every 24 hours, no
matter what the network is doing. Seems a lot less complicated.
The problem with that is that you will get service interruptions
because neighboring nodes will need to update their caches (and
probably their routing tables as well). It can make things wonky,
especially on a busy mesh.
I'm also now skeptical that a malicious network
couldn't work
around any of these tricks as long as you remain in their range. If
one device appears as soon as the other leaves, at the same
location, they can make a good guess that it's still you.
That attack is already being used against discrete targets, e.g., it's
how the surveillance team correlated a person (Sabu) with a MAC
address and a traffic flow (his Tor traffic). I think you're making
things too difficult and possibly introducing problems later on.
- --
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium:
http://project-byzantium.org/
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW:
https://drwho.virtadpt.net/
"If you can't do something smart, do something right." --Jayne, _Serenity_
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlKOkCQACgkQO9j/K4B7F8FdAACbBSlCA4/8HozA40IsknxtGZBG
2B0An09ksGitqyKp6kd+KLonhY/ZxOJe
=Mt0P
-----END PGP SIGNATURE-----