> Mark, I think you are probably shooting the wrong bird here. Host ids
> have been around for the best part of the last 40 years in the unix
> world. And I am not talking about proprietary unix. The syscalls
> gethostid/sethostid were introduced in 4.2BSD (ca. 1983), at Berkeley,
> and are supposed to support unique host ids across all the unix
> installations. The gethostid syscall was even standardised in POSIX.

So you are correct that gethostid has been around for a while,
but this call returns a 32bit number, typically the IP. The
IP has to be disclosed if one connects to the internet on
a public IP, and if you are behind NAT, then vast
numbers of systems map to 192.168.1.1 and similar - this really
isn't that much of a unique identifier.

The new host-id and machine-id files contain a much large number
which is less likely to collide, and will be preserved even
if one connects from a different networks, and leaves traces
for people who want to re-image machines or spin up VMs/containers.

I also agree with your sentiment that free and open source
software is necessary to track down information leakage. But it
seems it may be necessary but not sufficient - what one also
needs is a distribution which makes it clear when this information
is disclosed. Sadly it turns out there are also opensource
developers (often corporate) who want to know when and where and by
whom their code is run. The way I think about it is that such code
isn't quite free either - one pays for it in personal data.

regards

marc