Naming computers endangers privacy, say 'Net standards boffins If you must give your devices names, please don't leak them on the Internet. That's the advice of one Internet Architecture Board (IAB) member, a former chair of the organisation and a German computer science academic. In an IETF RFC entitled Current Hostname Practice Considered Harmful, the trio (Christian Huitema, a former …
It seems a bit risky to use private information in a name that's intended to be broadcast, locally or otherwise. But yes, I've seen it on things like routers with the owner's name in the SSID.
I've always named my computers so I can access them without having to memorise IP addresses, something which will be even more needed when the more complex IPv6 becomes common. However, since my personal system uses only three letter combinations they're not going to carry useful data if they leak outside the network.
> It seems a bit risky to use private information in a name that's intended to be broadcast, locally or otherwise.
Exactly, that's why NOT naming your computers is a privacy risk. By default MS' and Apple's OSes will name your computer by the account name you give them, which is most likely your name. If, however, you name your computers yourself, you can make sure that the name is not leaking private data. My computers are named Myosotis, Aubepine, Begonia, and so on. I think it's pretty safe, unless miscreants decide to smuggle malware in my next pruning shears!
> However, since my personal system uses only three letter combinations they're not going to carry useful data if they leak outside the network.
Unless they are doing a psychological profile, in which case machine names like ted, dgl, jak (see icon), fek, ars, drk might offer some hints to those that spot the pattern.
as long as we stick to FS1, FS2, NS1, NS2, DC1, DC2, DHCP1, DHCP2, etc. for naming, we won't have to worry about international agents rooting around in our server boxen. Or at least they won't know who we are or which boxes belong to who. Although, in truth, that's probably because our servers are full of boring shit that nobody on earth wants to see. Unless we're in politics or working for a bank. The people who could benefit from said boxes (ie - the hackers/spammers) don't care what we name them so long as all outgoing ports are open and we've got a fast Internet connection.
That's what I do at home, my desktop is WS35 (the others in the house are WS21, WS15, WS31), the laptop is LT17 (With others being LT11, LT12, etc), and so. Servers are named the same, but also have CNAMEs in DNS to point clients to the services on the boxes (So FS01 is really known as SR01-20 when probed directly)
The number is incremented each time the OS is rebuilt, the letters indicate the device type, but nothing else. My side job is to migrate applications from HP 9000 hardware to x86, so I have quite a few machines on my network and don;t want to accidentally have code point to WA01 when it was suppose to only work with the previous incarnation of that system (so if I see a system attempting to communicate with SU21, I know the machine was part of a migration of a particular app and can fix the reference)
She fixed the problem of hackers spying on her via her microwave by unplugging it. She's found that the buttons no longer beep, the tray no longer spins and the little light inside doesn't go on - and her frozen burritos take hours to warm up now, only making it to room temperature - but she's safe from you evil hostname using microwave spies!
"She'd be better off solving the problem by purchasing a microwave that wasn't Internet-connected in the first place."
That may well be one assumption too far. It's already quite hard to buy a "not smart" TV. Eventually it might be impossible to buy anything that is "not IoT" connected by default, and it might not care about your home network for it's connection, using a "free" form of whispernet with almost zero bandwidth requirements.
"Think instead of a device that might interest a spook – “Donald's_Samsung_S3” or “Kellyanne's_Microwave_Oven”. If those names leak to the Internet, it makes surveillance significantly easier."
Uhm, any idea how many Kelly's and Donald's are connected to the Internet? If the name alone spreads then this will hardly have any impact. I mean, I don't automatically assume that the current president of the US appears to be using a Samsung phone.
I think it's not so much the name but the connectivity itself which creates a risk. You know, step into the train, turn on your PDA and let it search for points around you and you'll notice plenty of phones which you can try to connect to. That could be an obvious problem. But just because I now know a name doesn't imply that I can also pinpoint its location and such.
Then the article talks about analysing traffic. Seriously? If the situation is already dire enough that someone can eves drop on your data then I'm pretty convinced that the host name is the least of your worries.
And the reason why I wonder if they're not pulling this way out of context is because they also start talking about enterprise networks. It's also not uncommon for an enterprise network to provide deskless interaction. So basically you can log on anywhere you want and you'll then gain access to you data and desktop. Wouldn't that also lessen the importance of the hostname because there doesn't have to be a direct relationship between that and its user?
Speaking of hostnames in the enterprise... Most I've experienced were numbered clients. Just to keep administration easier: hr01, hr02, hr03. And sales01, sales02, sales03. So now that I leaked these hostnames onto the Internet you want me to believe that this network is in more danger than before?
Right....
Uhm, any idea how many Kelly's and Donald's are connected to the Internet?
No, not really. But the number of Kellyannes and Donalds who can be found within a hundred yards of each other for much of the average working day in Washington DC is considerably smaller.
You also have systems that love to attach whatever DNS suffix the DHCP gave them, so "Donald's_Samsung_S3" may well become Donald's_Samsung_S3.whitehouse.gov, which makes it -really- obvious who owns it...
That and most people are going to be scanning for host names from within the network, so that really narrows down who those names could belong to.
Sorry, but if my internal network is leaking my hostnames, or I'm joining untrusted networks that can probe device names, I have bigger problems than the names of the devices.
That said, I do just name things when working using alphabets (phonetic, greek, etc.) or long lists of names. And lots of clients are generally just numbered. Thus there is no leak but - again - nobody but my users should have any clue that there even exists a machine called sierra.domain.com or whatever.
Devices joining my wifi generally only get web anyway, so there are no mysterious discovery protocols running around unless they are trusted devices and, again, how the hell is that stuff leaking outside the network?
The problem is much simpler - you have to advertise what your mail server is called, your local network advertises (internally) what your domain controller and DHCP servers are called. That some iPhone belongs to John? Really, who cares? And, again, what are they doing being able to talk out as if they are Johns_iPhone.domain.com? They're surely not.
This is almost as silly as when my security auditors told me that having ping enabled was a security risk. Not for any definition of security that I can fathom when it's already serving mail and web to the world.
DDOS Ping of Death is what your auditors are thinking of.
I agree, there are more serious issues if your device is advertising a host name on Internet. I advise people not to use a Mobile modem directly but one with a firewall and then wifi/usb/ethernet to laptop.
However phones, watches, tablets etc that connect direct to Internet via mobile are a problem and often have no firewall.
No, they said that having ping enabled made it a visible attack vector - which is hilarious as the connection in question offered SMTP, HTTP and HTTPS among others.
PoD is old-hat caused by people expecting packets to be compliant with RFCs, which is a stupid assumption in any network-connected system.
joining untrusted networks that can probe device names
Sorry, Lee, I think you have missed the point. Are you telling me that you (and all the people you care about) never join a public WiFi network? And never announce names on Bluetooth?
There are many, many cases where even being able to make a halfway-reasonable guess about the owner of a device might be an issue. Think about the battered wife hiding out somewhere not too far from her home so she can still sometimes see her children. If her husband notices her name in some announcement of nearby devices he might immediately realise exactly where she is. Or just cruise the streets scanning for her device.
And then there are the movie-plot examples, Terrorists planning an outrage in Cairo (say): scan for device names and set off the bomb when a van with lots of typical American names goes by to maximise foreign tourist victims.
Just because your particular case doesn't seem to pose any risks, doesn't mean that is true for others.
...but naming it with it's descriptor after your own name, like "John's Fridge"?
I think some devices, in the interests of making things easy for the user, name themselves based on more fundamental data input by the user: So the hypothetical fridge might ask the user for his or her name, then create its own name by taking the user's first name and appending a possessive 's' and the word fridge.
I hope "Richard's Iphone" is really Fred's Ancient Nokia. That'll larn 'em.
All my named devices derive from a certain body of mythology, which of course leaks into public places through such obvious channels as email Message-IDs. Don't many of us use naming conventions that could be correlated to our interests, thus giving ourselves away to any spook taking sufficient interest?
Mine are all named after minerals but then maybe I have rocks in my head. Seriously though, why would the fact that you named your server 'Thor' or 'Draupadi' be of any interest to the spooks. ('Isis' on the other hand. . .)
This looks to me to one of those 'vulnerabilities' where if you can use it you don't need to.
"Mine are all named after minerals but then maybe I have rocks in my head. Seriously though, why would the fact that you named your server 'Thor' or 'Draupadi' be of any interest to the spooks. ('Isis' on the other hand. . .)"
I used to help run a box called Thor, and in my job as "The Decommissioner", I ended up nursing it through the last months of its life - sadly, work wouldn't let my boss give it a Viking funeral because it would cost too much to hire a skip, let alone fill it with petrol.
EVERY place I've worked has had a machine called "Merlin", and said machine became progressively larger with each job. The first one was a MicroVAX, the last was a HPC cluster.
My phone is currently called 'GCHQ Network Monitor', because I think I'm funny,.... but I rename it every few months as other stupid ideas occur to me. This all seems a bit moot, considering other stories about MAC randomisation, or it not really working that well.
On people using their name for their phone, I see that a lot, I used to work in schools, pretty much everybody I saw getting a DHCP address for their phone revealed their name, now we provide filtered WiFi for some public places too, and apart from one phone whose owner is a wag like me ( 'ViRuS ALERT!' ) They are all pretty much named after their owners.
"My phone is currently called 'GCHQ Network Monitor', because I think I'm funny,.... "
I must think you are as well, because my phone has a broadly similar name, as does its WiFi hotspot when I turn it on (I tend to use that rather than hotels etc) - and the SSID of one of my WiFi networks is similar again.
Couple of months back, El Reg reported this story.
Seems you're damned for naming things imaginatively, damned for being boring. Whoops!
My company ran into that, until we realized that DNS was a thing and you can assign as many damn hostnames to the same machine as you want.
In my network, systems tend to have 4-5 hostnames, one that represents the psychical rack location of the system, it would also have an A record for its Asset ID, another for its purpose (like US-NY-Filer-02), and another for application-specific purposes. Many machines holding multiple roles will have multiple host names, so like our multi-purpose Email server is known as pop3-01.<domain>, IMAP4-02.<Domain>, ActSync01, MTA-01, SMTP-05 (application roles), etc as well as B22-Rm2501-Rk15-St15 (Location), Ast0023875 (Asset tag), and MAIL.<domain>.com (for user access).
99% of your general public will not understand what the network specific hostnames are for. You'll end up with another layer of facepalming:
Kellyanne_iphone_starbucks
Kellyanne_iphone_library
Kellyanne_iphone_market
Kellyanne_iphone_home
Kellyanne_iphone_linksys
Kellyanne_iphone_netgear
Any naming scheme will likely have some sort of pattern to it which makes it easy to deduce the names of other hosts on the same network. If I discover that you have a server called ringo.yourdomain.com, then it's a bit of a no-brainer that I should also be able to find john.*, paul.* and george.* as well.
I gave up clever naming a while ago and for my home setup I just use obvious data. My mail server is called Mail, my printer is called HPColorLaserjet2600n, my son's PC is called The Fridge (the case has LOTS of fans) etc etc. As mentioned above, if I really really had something people wanted then they have the skill levels that they probably already have it.
SO, you mean like what Unix has done for decades? Having hostnames specific to the interface / network it attached to was a -requirement- for the systems as that was how UUCP operated. Almost all Linuxes did this (not sure about now that RedHat has polluted everything with their network manager bullshit to make a worse version of hostname.<interface> and ifconfig)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
