Hostnames, in particular, make mobile devices trackable and identifiable.
Giving computers – and this includes smartphones – names and using them on different networks endangers privacy.
Researchers warn about this in a current Request for Comments (RFC) from the Internet Engineering Task Force . Because various Internet protocols reveal these so-called host names. Attackers could take advantage of this by looking for interesting names.
Internet name tag
Computers need unique names to exchange data online. In practice, very descriptive names that users have given their devices are often used. That is exactly a problem.
“Giving a computer a hostname and making it widely known as you move from one network to the next is the Internet equivalent of walking around with a name tag on your lapel,”
warns the team. In extreme cases, spies could discover which real person a device belongs to - and therefore whether it is an interesting espionage target.
If a laptop with the name “dthaler-laptop” regularly connected to Microsoft’s corporate network via VPN, it would be reasonable to assume that it belonged to Dave Thaler, one of the authors of the RFC.
This would probably interest attackers, because as a software architect at Microsoft and a member of the Internet Architecture Board, Thaler is someone who could be a worthwhile endeavor to spy on.
But device names that do not directly contain a user name are also a risk. Terms like “Jupiter” or “Rosebud” are also indications of the user’s interests and therefore their identity.
Random protection works
Even the most abstract device name carries the risk that an attacker will track the use of a computer on different networks - which could relatively quickly become a serious data protection problem if smartphones are always carried.
Of course, it would be good to fix Internet protocols that reveal hostnames. However, as a much more basic protection mechanism, Thaler and his co-authors suggest using random instead of fixed hostnames in the future.
This would make device tracking difficult regardless of whether all data leaks in all protocols can be closed.
Source: press release
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )