/etc/machine-id questions

Rocky Linux Help & Support
1

Hi

Can someone help me?

I am experimenting with privacy hardening on my OS.

And I am thinking about full machine-id randomization…

I found guide like:

sudo rm -f /etc/machine-id /var/lib/dbus/machine-id
sudo ln -s /run/machine-id /etc/machine-id
sudo ln -s /run/machine-id /var/lib/dbus/machine-id

Other guide says to go with GRUB (and full update via sudo update-grub) via editing /etc/default/grub where I need to change some line to:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash systemd.machine_id=uninitialized"

What do you think? Better go with WHONIX one from guide above? Or randomize with my solutions? If randomize, which variant better?
Guide:https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id

2

Normally you only have to do:

rm /etc/machine-id /var/lib/dbus/machine-id
dbus-uuidgen

as explained in RHEL docs: How to create a different machine-id with dbus-uuidgen ? - Red Hat Customer Portal that above method is still valid, as well as using:

root@rocky9:~# systemd-machine-id-setup --help
systemd-machine-id-setup [OPTIONS...]

Initialize /etc/machine-id from a random source.

  -h --help             Show this help
     --version          Show package version
     --root=PATH        Operate relative to root path
     --image=PATH       Operate relative to image file
     --commit           Commit transient ID
     --print            Print used machine ID

See the systemd-machine-id-setup(1) man page for details.
3

But this will change it once. My idea to make it never be static and dissappear with all data in RAM if turned off…

4

I don’t know why you would do that. I don’t see how removing the UUID is going to improve privacy in any way. Sounds a bit weird to me in why you would do that anyway and totally unnecessary.

5

Also, googling on this topic, shows this forum with the exact same question, letter for letter: /etc/machine-id i need your advice - Linux Support - LinuxCommunity.io so this post seems dubious and like spam.

This link also weighs in on it: Madaidens Security Machine ID question - Linux hardening - General - Privacy Guides Community as not needed to be done.

EDIT:

Another forum same question: https://forums.linuxmint.com/viewtopic.php?t=462497 looks like we have a spam user.

6

Sounds like you want every startup of the system to be the “first boot” (and don’t want the first boot service to do all the things it does). Perhaps descriptions in these do help:

man systemd-machine-id-setup
man machine-id

How can the machine-id be exploited?

7

I read that almost every programm, including Chrome reads it. Why should i share any identifier?

Plus Tails randomizes it, so it seems to be important. And, moreover, it used by DHCP, so upstream network can fingerprint me

No, i am not SPAM user.

8

Wrong. See website I linked:

paranoia is the only reason why you would do it.

Interesting, so why is your post exactly word for word and letter for letter exactly the same as the other forum posts I linked? That smells like spam, no matter what you say. Looks like you are spamming forums with the same post for some weird reason. There is zero evidence otherwise to say you are not a spammer, considering the evidence clearly shows that it’s basically spam.

9

Websites! But it used for creating DHCP ID which can be used for tracking in public networks

SPAM Spamming - Wikipedia

Spamming is the use of messaging systems to send multiple unsolicited messages (spam) to large numbers of recipients for the purpose of commercial advertising, non-commercial proselytizing, or any prohibited purpose (especially phishing). It can also be repeatedly sending the same message to the same user.

I just got recommendation from ChatGPT to post on that forums “for faster response”

12

I’m closing this thread because the discussion is pointless. Despite us providing information and links that prove that nothing can be gained from the UUID, and the fact it would require a lot more infection of your computer to fingerprint it using UUID + other data which is impossible even by DHCP ID. If you know better than us, why are you asking the question in the first place? Either you came here for assistance, or there are ulterior motives behind your thread. Like the fact I called out it spam across multiple forums.

Copying/pasting the same post on multiple forums is spam, therefore do not claim otherwise. Spamming the same post across multiple forums is seen as bad forum etiquette and forum admins and mods would totally agree with my point that it’s purely for promoting the link/website that you posted in your initial post in a poor attempt to make it look like a valid question. I suggest in future you only post on the forum for the Linux distribution you are using and then be patient instead of doing what ChatGPT suggests you do. Maybe you could have asked ChatGPT if you needed an instant response to your question.