1

For work purposes I have to use a not open source software that collects and sends to the producer MAC address, other device IDs and other hardware datas (from its privacy policy, which is not very exhaustive). Is there a way to:

  1. find out what exact data the app stores, and
  2. spoof them?

I suppose I could just run the app into a virtual machine, but I don't know if it would be sufficient to mask all the data and my PC isn't very powerful, so running a virtual machine is usually a pain.

I work with an Ubuntu Desktop 20.04 device to which I have root acces, so I can do whatever is needed. Open source only solutions would be much appreciated.

Some more informations (update 1)

I forgot to specify some very important informations.

  1. The software requires internet access (it's for videoconference purposes), so just blocking it in the firewall is not an available solution. That's what I already do with other software, but in this case it's just not an option.
  2. I have already tried to ask to producer what data they collect, but the legal time for an answer has already expired and they didn't answer - but that's what I expected, as it looks like they're not subject to the GDPR.
  3. The app is not run on a work machine - it's a software I've been required to use for home working due to coronavirus epidemic.

Virtualisation (update 2)

Some answers suggest to use virtualisation solutions like Firejail, but as far as I understand those softwares allow a "software isolation", where I need a sort of "hardware isolation" (meaning that the app must not have access to data about my hardware). Obviously I might be missing something - if that's the case please explain it.

Ntakwetet
  • 1,506
  • Try KVM as virtualization software, it is much faster as virtualbox/vmware. OR run the software only in a live system. – pLumo Apr 29 '20 at 09:05
  • If it is a work-machine provided by your employer, and the SW is a requirement by the company, I don't see why you should spoof anything. – Soren A Apr 29 '20 at 09:11
  • The point of your question is unclear. First you say "For work purposes I have to use a not open source software", then you say "Open source only solutions would be much appreciated". Then you say "The app is not run on a work machine" then you say "software I've been required to use for home working". What exactly is it that you're trying to hide (besides hardware config)? – heynnema Apr 29 '20 at 14:23

3 Answers3

0

What you are trying to do is to "sandbox" your application. You can do your researchs again with this keyword

You may want to check that question

Several options are presented, the easiest probably is Firejail and the second one docker

A. Ocannaille
  • 210
  • I read the link you posted, but as far as I can understand sandboxing solutions isolate the application at software level, where what I need is a "hardware isolation" (meaning that the application must not have access to the real IDs of the hardware)... or there is something I'm missing? – Ntakwetet Apr 29 '20 at 12:46
  • Indeed, firejail is limited, you may want a full virtualisation solution for that. But Firejail does allow you to spoof a lot of information to expose false information. mac adress for instance, and other stuff. With your other comment, I understand that you don't want an everyday solution but a solution to analyse what is stored and send by the application. In this case, virtualisation is, imho, the best solution, with some other tool like wireshark for network analysis for instance. – A. Ocannaille Apr 29 '20 at 13:13
  • @Ntakwetet I've seen your update, When talking about virtualisation, I don't talk about Firejail, but a tool like vmware or VirtualBox. It Simulate an entire computer and you need to install an OS in that Virtual Machine. Inside that, any software only knows the virtual hardware. And you can add as many tool as needed like wireshark for instance. – A. Ocannaille Apr 29 '20 at 14:45
0

In my oppinion a turnkey GUI firewall may be the solution available. You may try:

sudo apt update

sudo apt install gufw

Still you can add rules for specific aplicattions, etc.

Community
  • 1
wazeredo46
  • 96
0

From a technical standpoint, I find this question interesting.

You have an untrusted application and want to :

  1. know what data it collects about you or your device
  2. prevent that data to be collected

For 1., the easiest way is to ask the application provider. If you are in the EU, they should tell you what data they collect and to what end (GDPR). Analyzing the application from your side will probably take a lot of efforts (security analysts had quite some work to find out what Windows 10 was doing in this matters ; see this report). You would probably need tools like Wireshark to analyse the network and strace for system calls.

For 2., a key point is : does your application needs network access. If not, you can simply unplug your computer from network while using the app (assuming it doesn't store data and / or run without your knowledge). The easy way is to use firejail --net=none <yourapp>.

Using a VM is indeed a good way to hide what hardware you are using ; AFAIK there is no way to know the underlying hardware from a VM. Your public IP address will be available though.

I don't know much about Sandboxing but looking into Firejail seems to be a good starting point.

Max
  • 574
  • I want to know what data the application collects just to know whether it's worth preventing it to do so and how to do that. I don't mind if it just knows if I'm using the built-in microphone or an external one, but I want to avoid it collecting MAC address, producer, model, driver version and so on about my NIC - it just doesn't need them. The public IP is not a problem - I route all my netowork traffic through VPN. – Ntakwetet Apr 29 '20 at 12:56