Let’s say, I sit down in a mall, open my laptop and connect to a secured mobile hotspot. Then I do it again next week after a reboot. What information would a nearby shop or a passive malicious hacker be able to find about my device? Does my device send out identifying information before joining, like a MAC address? Is this persistent, or randomized?
I intentionally haven’t specified a distro, so if something only applies to some network managers, give some details.
Bonus points: what about Android phones?
Most compromised routers scrape the hostname (both regular and mDNS) and MAC address. What you do is disable mDNS related daemons like kdeconnect and avahi (until you want them) and put this in
/etc/NetworkManager/NetworkManager.conf:[main] hostname-mode=none [device] wifi.scan-rand-mac-address=yes [connection] ethernet.cloned-mac-address=random wifi.cloned-mac-address=random connection.mdns=0 connection.llmnr=0(yes, the mdns bit above is a bit redundant, but systemd has something related that might read it and better be safe than sorry)
This won’t protect you if the router is a bit smarter and can see your NTP server (usually like “x.archlinux.pool.ntp.org” instead of just “x.pool.ntp.org”), your connectivity check (same as NTP) and other servers your machine connects to (like Tor nodes if you have the daemon running and oftc.net if you have an IRC client). The good news is that none are known to check that (at least to me).