[Insight-developers] gdcmUtil.cxx polling for a MAC Address

Mathieu Malaterre mathieu.malaterre at gmail.com
Thu Apr 10 09:08:08 EDT 2008


Hi Patrick,

On Wed, Apr 9, 2008 at 8:10 PM, Patrick Reynolds
<patrick.reynolds at kitware.com> wrote:
> Hi,
>
> I'm developing an application using ITK that doesn't use gdcm directly. Yet,
> when networking is disabled on the system I get several errors regarding
> GetMacAddress() failing because of a media disconnect.

If you still have them somewhere, could you please pose them to the
list (or to me directly).

> I managed to fix the
> problem by commenting out the call to GetMacAddress in
> Insight/Utilities/gdcm/src/gdcmUtil.cxx Line 108 and replacing that string
> declaration with an empty string. I was wondering if this particular call is
> necessary and can it be removed. Perhaps it could be called when the gdcm
> functionality it enables is needed.

As Kent says, it is not much of an issues. It will simply
exponentially increase the chance of your customer to produce
duplicate DICOM files thoughout the world. the real issue lie in the
fact the the ITK root is used by potientially dozen of people at the
same time, so producing unique identifier (software implementation,
not hardware) is  a hard problem. To minimize the risk of collision I
used a machine identifier (MAC adress), a time identifier (up to
millisecond) and in the couple of bytes remaining I stuffed in a
couple of random bytes.
So the questions are:

1. Are your customer going to produce DICOM files ?
2. If 1) do they have there own root UID ?
3. Do they plan to produce DICOM from two machines at the same time ?

If 2) and not 3) then it is safe to remove the machine identifier as
collision cannot appear. In which case a simple #cmakedefine to
replace the MAC address by an empty string is valid.

> This is of concern because asking for something like a mac address may be
> considered a security risk by our customer...

I will not entered to much in the subject, but they are using open
source software after all ;-P
And as a side note, there is a much much easier solution to avoid this
'security risk', and it's called mac address spoofing.

HTH
-- 
Mathieu


More information about the Insight-developers mailing list