[LINK] smartphone privacy problems
Karl Auer
kauer at biplane.com.au
Sun Jan 30 11:37:51 AEDT 2011
On Sun, 2011-01-30 at 10:46 +1100, Paul Brooks wrote:
> One [downside of IPv6 privacy extensions] that is not noted in the RFC
> is that it does prevent the peer-to-peer model of the Internet on
> which the Internet was based. Arguably NATs and dynamic addressing
> have already done that in IPv4 - but thats one reason why we're moving
> to IPv6 in the first place, to eliminate NAT.
Weeell - I hate to disagree with my erudite colleague, but... :-)
Privacy extensions do not break the peer-to-peer model, they just make
it slightly more difficult. When addresses change in IPv6, the previous
address is usually retained and functional for some time - that is,
there is overlap. Peers can, for example, communicate their changing
addresses to each other, or they can operate via the DNS and use dynamic
name updates to maintain a link between a constant name and a changing
address.
But given the other downsides you mentioned and the fact that more and
more protocols will authenticate at the user level rather than at the IP
address level, I'm not convinced of the usefulness of privacy extensions
myself. At best they introduce a little fuzziness. It seems to me that
they are more likely to be effective in the middle than at the edges -
for example, a distributed anonymising service could use privacy
addresses as well as whatever other measures it might implement.
> One of the promises of IPv6 is that every device can have an IPv6
> address which is static - with no requirement to change over time, so
> that it can be advertised and used by other devices to establish
> inbound connections to - including while mobile. Widespread use of
> these extensions will break that model, and relegate us to
> client-server modes of operating forever.
Um, again I must disagree! Dynamic name updates completely solve the
issue of locating a host with a changing IP address. Though I have to
admit: If you want to provide a service, changing your IP address
frequently seems counterproductive, and seeking anonymity while doing so
seems a bit quixotic.
Given the feature though, I feel sure someone will come up with a useful
application for it :-)
Regards, K.
PS: Privacy extensions inside mobile IPv6 - urk!
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au) +61-2-64957160 (h)
http://www.biplane.com.au/kauer/ +61-428-957160 (mob)
GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://mailman.anu.edu.au/pipermail/link/attachments/20110130/27593d4d/attachment.sig>
More information about the Link
mailing list