Is there any reasons as to not randomize the machine-id?
Would it break systemd and or tirdad for example?
I see that Whonix and Kicksecure both set the machine-id as:
b08dfa6083e7567a1921a715000001fb
Could something like dbus-uuidgen --ensure=/etc/machine-id or systemd-machine-id-setup be used on startup to create new machine each boot without issue?
Could be similar but much less importance. Could argue machine-id should be unique per system (Debian default). Can be considered once someone runs into an issue which requires this.
I haven’t had any issues that I can tell with this generating each boot on Kicksecure:
So does machine-id ever get sent over the network?
Also does the current AppArmor profiles for Kicksecure/Whonix block access to this file for default applications?
And also on the topic of sandbox does the AppArmor profiles block access to /sys/class/net/*/address where the real MAC Adress is listed?
Otherwise: Unknown. Unspecific to Kicksecure. → Potential Solutions Beyond Kicksecure!
Yeah I get that is more about this maybe as a feature exlusive to Kicksecure is what was getting at…I see was discussed in the Whonix forum, my only opinion is I feel that most identifiers should be randomized if possible.