Home     News     Download     Contact     Donate

On regenerating the machine-id every boot


The /etc/machine-id and /var/lib/dbus/machine-id files can potentially be used to fingerprint a system over the long term. Ragnarok provides a simple solution to that problem by regenerating this ID every boot through a simple init script[1] that removes the file during the shutdown process. Of course, mitigating the potential issues caused by the machine-id is not unique to Ragnarok (Devuan, Whonix and Tails do it one way or another as well).

The Debate


As with many things in the Linux world (especially when it comes to projects such as systemd and dbus), the existence of these two files have sparked a few heated arguments. Some may argue that any concern over this unique machine-id is merely FUD, while others may believe that their mere existence constitutes a deliberate violation of user privacy to the profit of malicious actors.

As always, the truth probably lies in the middle. Indeed, there is no indication of anyone, or anything, actively using these files for obviously malicious reasons. That said, the mere fact that they are world-readable (by necessity) and that any program, at any point in time, could potentially use them for such purpose does mean that taking steps to mitigate the issue is not a bad idea. Furthermore, the idea that mitigating this potential problem is "pointless since there are other things on a user's system that can be used for fingerprinting" is fallacious. If Ragnarok followed that train of thought, it would have no reason to exist. In fact, if most people agreed with this fallacy, there would be no point in ever securing or making a system more private, since there will, obviously, always be ways that security and privacy can be compromised.

In any case, Ragnarok exists in great part to implement, and experiment with, different security and/or privacy features, even if they may be seen as partially or completely redundant.

Potential Issues


The d-bus specification[2] states that:

This UUID must be the same for all processes on a single system at least until that system next reboots. It should be the same across reboots if possible, but this is not always possible to implement and is not guaranteed.

Well-designed programs that uses the machine-id file should take dbus' specification into account, and Ragnarok's (admittedly opinionated) position is that any program relying on having a machine-id that remains the same across reboots is flawed. This position will not change, regardless of the argument.

Of course, being part of the dbus specification does not mean all programs will take that into account. One such program is systemd-journald, which relies on an unchanging machine-id to function properly. However, Ragnarok does not use systemd at all, which means this is not an issue.

Providing an easy way to disable machine-id regeneration is as far as Ragnarok will go on the matter. It is advised to stay away from programs that don't behave properly if one does not want to disable this feature.

Links


[1] https://github.com/RagnarokOS/src/tree/master/etc/init.d/rm-machineid
[2] https://dbus.freedesktop.org/doc/dbus-specification.html

Posted by Ian LeCorbeau on Fri, 28 Apr 2023 15:03:21 -0400