Let’s say, I sit down in a mall, open my laptop and connect to a secured mobile hotspot. Then I do it again next week after a reboot. What information would a nearby shop or a passive malicious hacker be able to find about my device? Does my device send out identifying information before joining, like a MAC address? Is this persistent, or randomized?
I intentionally haven’t specified a distro, so if something only applies to some network managers, give some details.
Bonus points: what about Android phones?
To add to this, I’d be more worried about traffic collection. DNS requests (if your browser isn’t using dnssec then you may not be aware), IPs visited, and other stuff.
not only the browser, other programs and system services too
I might be wrong on this or might be missing your point, but I thought dnssec was for validating integrity of the request, not to encrypt it like DoT or DoH.
Sorry my bad, you are correct and I meant DoT or DoH.