There is a fix, not sure if its working, to enable Network randomization in the /etc/NetworkManager/conf.d/99-custom.conf Problem with that is, that its 1. not GUI and 2. Always on on all networks. You can set a MAC adress somehow, but a setting to enable/disable Mac randomization on specific network is important. 1. Enable Mac-Randomization generally 1.1 Different Mac across networks 1.2 Different Mac per Connection (like GrapheneOS) 2. Add switch in the Connections settings, to disable that or set a specific behavior for that network. A problem with always-on is, that you may be logged out of specific restricted networks, for example home-networks.
Adding the setting "wifi.cloned-mac-address=random" makes so that each connection gets a different mac address each time you connect. It would definitely be useful if such setting could be set in a GUI. It also supports the option "stable" that create a random mac address for each connection only once. In general, the features that I'd like to see would be: 1. A setting for enable and disable random mac address when scanning ("wifi.scan-rand-mac-address=yes") 2. A setting for enable random mac from wifi and ethernet connections (with settable mask, so that if someone wants they can force a specific vendor for example), for both "random" e "stable" options. 2.1 If such a setting it's enable it should be noticeable also in the setting of a specific connection where you could: a) randomize again the mac address if you want (if cloned-mac-address is both "random" or "stale") b) change/add a mask for the randomization of that specific connection (if the "stale" setting is enable or the automatic randomization is disable then you should also suggest the user the generate a new mac c) enable the randomization for that newtork if disbaled (both "stale" and "random" option should be available), disable the randomization for that specific connection if enable (and show also the real mac address that is used) and switch from "stale" and "random" setting for that specific connection. d) in the cases of b) and c), if something different from the default option is selected, then it should somehow be highlighted.
NetworkManager developer here. I was filling a bug and I saw this one. SUMMARY NetworkManager allows to manually specify a MAC address to do MAC-spoofing. It also support some special values that allows to automatically generate the MAC address according to different criteria. For example, "random" creates a random MAC address each time that the profile is activated, "stable" creates a MAC address when the profile is created and it's always used for that profile, and "stable-ssid" creates a different MAC for each WiFi's SSID. Plasma-nm doesn't support these special values, and it only allows to introduce manually an address. In order to increase user's privacy, setting "stable-ssid" as system-wide default value is being discussed in Fedora: https://discussion.fedoraproject.org/t/f40-change-proposal-wifi-mac-randomization-system-wide/99856 It would be nice that plasma-nm understand these values: 1. A user without much knowledge, that doesn't know what a MAC address it, could select a value from a combobox, for example, with more hints about what do they mean (example: "no privacy", "some privacy", etc.) 2. If one of the special values is selected in a profile, either via nmcli or because it's the default value, the GUI would reflect that. If plasma-nm doesn't understand them, it won't be able to show the real current value to the user. Note that in some cases, not being able to understand and/or configure this will lead to the user not being able to connect to some networks. I mean, connecting to networks that do MAC address filtering (this is why we are proposing "stable-ssid" as default in Fedora, and not "random", for example). STEPS TO REPRODUCE 1. Change the MAC address: `nmcli connection modify CON_NAME wifi.cloned-mac random` (with devel version of NM you can select stable-ssid) 2. Open plasma-nm OBSERVED RESULT A different MAC address is shown each time, the user doesn't know that "random" is configured EXPECTED RESULT Plasma-nm reflects these special values so the user understand them and can change between them. SOFTWARE/OS VERSIONS KDE Plasma Version: all ADDITIONAL INFORMATION I don't have a clear idea/proposal about what the best UI would be regarding UX. I also have some doubts about the convenience of showing all the possible values to the user. For example, "stable" can be confusing because a casual user might not know what a "connection profile" is in NetworkManager. However, if not all values are available in the GUI, what happens if the value is selected via CLI or distro's default? The special values that NM supports are: - preserve: NM doesn't modify the current MAC - permanent: use the hw's permanent MAC - random: different MAC each time that you connect - stable: different MAC for each connection profile, use it always you connect that profile - stable-ssid (wifi only): different MAC for each WiFi SSID, use it always for the same SSID, even if you delete and create again the connection profile. As I say, the last one is being proposed as default in Fedora.
this sounds very useful! I think Plasma-nm has a lot of features, but maybe a bit too many. Having an easy solution like this would be helpful.
Bulk transfer as requested in T17796
That would be nice to have! I would like a option to enable MAC randomization for all the networks by default and then a way to opt-out for some of them.