North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
[OT] Re: IPv6 Interview Questions and critic
- From: William Waites
- Date: Tue Aug 27 12:59:19 2002
>>> "Kevin" == Kevin Oberman <firstname.lastname@example.org> writes:
Kevin> This is really pretty silly.
Not really, Joe may actually have a point here.
Kevin> Only end nodes will auto-configure with the MAC address
Kevin> used for 48 bits of the IPv6 address. Exactly how this is a
Kevin> serious privacy issue continues to elude me, but I suppose
Kevin> that the paranoid may want to change it to some things
Kevin> else. (And change it on an hourly basis, if they are REALLY
The reason for EUI64 is to provide a sensible default for the end
system address. Yes it is possible for anyone with sufficient
motivation to use something else, but the vast majority of users will
just plug their in laptops and get an address.
What information can be reconstructed from this? For a mobile user,
you could construct a list of the providers and POPs that they tend to
use. This means that when I use google, they can easily tell that I
live in abc neighborhood and work at xyz company and tend to spend
time surfing the web at my friend's place across town. That is, you
can infer patterns of physical movement of the device and the user.
The worry is not so much about the people with the technical savvy to
randomize their addresses, but about everybody else that is not even
aware that they're making themselves and their movements conveniently
Don't credit cards and cell phones do the same thing? Yes, it is the
same problem. But in those cases, at least there are more barriers
to getting at and using the information... In theory...
Kevin> God help us all if some discovers that I use both Intel and
Kevin> 3Com cards! (Not to mention Agere on occasion.)
Just wait until you start getting targeted advertising from Realtek!