More Private Wi-Fi in Plasma by default for better privacy

Can we make privacy in WI-FI default by hiding host name, using randomized mac address and other privacy related enhancements for any new Wi-Fi network by default.

This would make user inherently more safer by default , although I do agree that old and experienced Linux Users care more about privacy and they will change the settings how they deem necessary.

But some KDE-Plasma users are novice to Linux World due to Plasma being the most customizable and easy to use desktop for previous-Windows users and thus being favoured by them.

And many of these new users will have false sense of security and privacy because they will think using Linux only will make it more secure not caring about the settings hidden inside

1 Like

Hi - that could very well be a good approach in general! I may be mistaken here though, but I believe thatā€™s a decision that the distribution would make in how they package network management components like NetworkManager, as opposed to one that would be adopted from a desktop environment like KDE Plasma.

Fedora is one recent example of a distribution where that proposal was made (and was adopted): F40 Change Proposal: Wifi MAC Randomization (System Wide) - Fedora Discussion

3 Likes

Only one important thing on the KDE side of this.
It has to be clearly visible on the Settings interface that a randomized MAC is applied.
At the moment I not even see my/a MAC on the interface (unless I missed it somewhere) until I press the ā€œRandomizeā€ button.
But even only showing a MAC address in that ā€œCloned MAC Addressā€ field like it does after the ā€œRandomizeā€ button is clicked does not clearly indicate to the user that this is a randomized MAC and it should if the button click is not required because that is the default.

1 Like

Cant we bypass those distributions by adding it directly in plasma-nm ? I dont know if it is feasible but many distributions dont like to chnage things for years

I had something like this in mind a privacy switch in plasma-nm itself that will enable mac randomization , hiding hostname and other privacy measures for that network
This switch would be only available while entering password , and it would be on by default

In general, distributions control default settings for their installed systems. Perhaps the most KDE-relevant debate there is, what should the default network settings be for the in-development KDE Linux? :slight_smile:

It certainly could be up for debate what sorts of options would be helpful for folks to quickly toggle off or on from a tray widget. My initial (highly non-expert, just my two cents!) thought is that calling a broad setting like that by a name like ā€œPrivacy Modeā€ would lead folks to assume that it does things that it doesnā€™t or couldnā€™t. Iā€™d then be pretty concerned that folks would experience some negative privacy or security-related consequence because they didnā€™t fully understand the scope, and would end up confused or disappointed.

For folks who have privacy threat models that require steps beyond generally sensible defaults, I think theyā€™d need to see specifically what measures the system can take for them, and adjust those in a pretty fine-grained way - probably beyond what a broadly-scoped toggle seems suited to offer.

Aside from the way in which the settings are presented, though - what sorts of features other than changing the computerā€™s hostname, and MAC address randomization, would you see as belonging to that category of settings? If there is a sufficient number, maybe that justifies thinking about grouping them together in some way in the System Settings Wi-Fi & Internet section?

Edit: I re-read this and confused myself with my phrasing, and thought the tone could be better - hopefully this reads a bit more easily :slight_smile:

2 Likes

Lol I can assume some people might mistake it for one-switch for privacy and not use other privacy measures


A fine balance between privacy and sensible defaults otherwise it can be like openSUSE which requires tinkering to even do the basic stuff


I only know those two , maybe an option to set system-wide Private DNS in new KDE OS would be also good like there is in Android where you can use one.one.one.one or dns.adguard .com , currently there is no easy way to do it you have to enter IP addresses or use dnscrypt