One of the reasons I hate exceptions overall. Someone may add new ones, they break the control flow, they bubble up all over the place, etc etc. They are basically indomitable.
As part of my standard (and pretty lame) OPSEC I always change the default names that apple gives its devices (like "Joiqj's iPhone") to a more generic name (like "iPhone"). Nice to see that it was good practice.
I do the opposite: one of my laptops is named "Peter's iPhone" (hint: my name is not Peter, nor do I own an iPhone) and I've also set all my Bluetooth to random Bluetooth headset or mouse models.
I see this joke frequently when looking at available wifi; is this meme a reference to a particular thing (other than the FBI having surveillance vans) or did a bunch of people just converge onto it?
I like this idea, but any sophisticated attacker will ignore the Bluetooth names and just pull vendors off the MAC addresses. Though it would be interesting if you can define the Bluetooth MAC addressees in software to match your fake names :)
I used to do something similar with my router. I would run an AP called "Linksys" or something common and give it an OUI belonging to Cisco. It probably had no benefit (maybe even harmful!), but it was fun to "disguise" my OpenBSD router as a common off the shelf router.
That reminded me that almost 10 years ago ghacks [1] instructed people to add _nomap to their Wifi networks name to avoid these being harvested by Google and Mozilla. I wonder if that ever worked or still does and if companies stopped collecting that information.
Officially this is still supported. With that said, there have in past years been data sanitizing failures which get them mapped anyway. Google caught a little flack for that several years ago.
It might sound a bit silly, but I've had pretty good results just naming my devices after Pokemon. Whenever I have a new device, I open the Pokemon DB[0], choose one at random, and then add it to my .csv file of device names -> what they are and what role they perform.
Rather than choosing at random, I like to pick names that have some relation to the device in question, e.g. "Pichu" for a tiny mobile device, "Snorlax" for the big slow machine, "Articuno/Zapdos/Moltres" for three successive powerful servers, etc. What's extra fun about Pokemon, if you're familiar with the franchise, is that you can pick names based on generation, with older generations for e.g. older devices, and if you're _really_ familiar with the franchise you could even pick names based on types or other characteristics.
My company uses codenames like this for our services and it drives me insane every time I have to go look up which is which or mentally convert to the name it should have been given.
Very similar here. PCs get Pokémon region names (MacBook is Johto), non-PC Ethernet connected devices get Professor names, all other devices are Pokémon.
I do something similar but with other mobile/gacha game characters since those names are always in abundance. I also try to do some kind of correlation with the fictional settings too (groups of devices will correspond to meaningful in-domain names)
For non-mobile devices like workstations or servers, I also tend to directly give FQDN, like (name).(location).(my-personal-domain.tld)
I do the same thing but with Star Trek words! I have a somewhat logical naming scheme too. Computers are named after Star Trek ships (Yorktown), phones are named after handheld devices (Phaser), and drives are storage related things (Isolinear). And my printers are just named Replicator and Synthesizer.
I've been using chili peppers (peri, shishito, ancho, ...) for my devices for the last few years. Many years before that, I was using named swords (notung, glamdring, sting, etc).
Back in college my boss named a sun workstation lab with aleutian islands, and another after indonesian islands. (Some of those were fun to remember, there was an umnak and an unimak.) The servers were named after seas and oceans. We tried to name a new lab of windows machines after bugs, but the department nixed that.
I've historically preferred to use Culture series ship names (eg. GCU Grey Area, GCU Jaundiced Outlook, etc.), but stopped after Elon started naming his SpaceX ships like that.
I then went for Scottish Single Malt names (eg. Laphroaig, Jura, etc.).
After quitting alcohol, I've now settled on Douglas Adams names (eg. Deep Thought, Grunthos the Flatulent, etc.).
My go-to is either gods from Norse mythology, or Transformers for servers.
I set my iPhone to an emoji, and apparently it's one of the emojis that is composed of multiple emojis to render correctly. It's fun to see how every device it connects to draws the emoji or more likely boxes a little different.
I do the same, mostly because I don't like my full name showing up in every subpath of the home directory. Sometimes this leaks far beyond your local computer, too, since many build tools include some path info in the compiled binaries. You can download apps from the app store, run `strings` on them, and find the username of the developer who built the binary.
Ideally you'd use the most common name, in order to maximize the size of your anonymity set. So you could go with "John Appleseed" to get a "john" home directory and a "John's MacBook Pro" hostname. But in a small community, to local observers seeing your device on bluetooth screens, you might get weird looks ("there is no John here, why is this sus?") whereas "iPhone" looks like a default. And for non-local observers, your choice of a name like "John" suggests you're a westerner named John. So by just going with "iPhone" or "MacBook" you're in a smaller anonymity set but also not drawing attention to yourself in your local area, and not externally leaking information like your locale (although of course you could always leave a false trail by using a cyrillic hostname).
Some other leaky, seemingly private identifiers are SSH pubkeys (I always delete the comment trailer), which are sent to every server you SSH to and also published to places like GitHub, and WiFi SSIDs (which are visible to any application with access to the network stack, and unfortunately aren't entirely within your control - often a list of nearby SSIDs, combined with a mapping of SSID to geolocation, is enough to triangulate your location to within a meter, which is one of many reasons I disable WiFi in favor of ethernet whenever possible).
> seemingly private identifiers are SSH pubkeys (I always delete the comment trailer), which are sent to every server you SSH to and also published to places like GitHub
I use this in my .ssh/config file:
Host *
IdentitiesOnly = yes
... then you'll only send keys that are specified per-host in .ssh/config with 'IdentityFile' or with a command-line argument.
I've always wondered if there was any downside to having my default private keyfile being shared whenever I fail to use the "-i" option to specify the correct keyfile when authenticating against a new server.
The hostname is derived from the admin user's name, which ought to also be fake. My "full name," unix username, and hostname are all a nice short "me".
There have been tons of alternatives and they all sucked in different ways - either they were bloated (no, a news reader does not need "far more features") or they weren't free.
If a product sucks only because it isn’t free, then the product itself is literally worthless. How do people expect someone to provide them something worthwhile for free.
That's the thing. I think people forget just how much FOSS software, tools, assets and knowledge is out there that we all benefit from enormously every single day. Even if you're not a dev, most of the websites we visit, the apps we use, the technology underpinning our phones and computers relies in part or in whole on Free and Open Source Software.
I take it for granted but it's important to remember what an amazing thing that is.
Exactly. Developers seems to be hell bent on making software as slow as possible and/or maximising the cost of running servers. I bet that 99% of businesses out there could comfortable run on a single server with lots of RAM. With another servers on warm stand-by.
Just wait until the mass migrations get even worse. We’re already seeing the waves from South America here. Europe’s seeing them come up over the Mediterranean. A third of the entire nation of Pakistan flooded this year… how many times can that happen before our supply chains start faltering?
