[LINK] IPv6 vs. Human Security [Was Re: smartphone privacy problems]

Karl Auer kauer at biplane.com.au
Mon Jan 31 12:30:06 AEDT 2011


On Mon, 2011-01-31 at 11:29 +1100, Roger Clarke wrote:
> I'm saying that, as I understand the discussion:
> (1)  an IPv6-connected device is, by default, recognisable nomatter
>       where on the net it may connect

You keep saying "default". In a technical sense, SLAAC is the default.
In any practical sense it is not. You have to get over this hump.

> (2)  this is an intentional design feature
> (3)  the default may be over-ridden by a service-provider
>       [That was the new information that hadn't been in previous posts:
>       "the mechanism most likely to be actually used for hosts operated
>       by humans does NOT expose the MAC"]
> (4)  the feature's insecurity to humans may be addressed by users, but
>       this involves [insert long list in my previous email], i.e.
>       awareness, expertise and action that is beyond most users' capability

If and only if SLAAC is actually used by the service provider or
employer. Or home CPE; I suppose that is a possibility, though because
of the need for DNS information, I'd be tipping on DHCP there too.

> The people responsible for that aspect of the design are in breach of 
> their professional Code, and culpable.

No more than the designers of knives are culpable when a knife is used
to attack someone. You are going to have to come up with an *argument*
here, Roger, not just a statement that it is so.

> (Yes, there are additional measures that people at risk need to use, 
> such as nymising proxies, ToR and message encryption.  But they're at 
> higher levels of the stack than IP.  Raising awareness of them, and 
> making their use sufficiently simple is very important.  But it's 
> out-of-scope of a discussion about Internet architecture as dictated 
> by the design of IPv6).

Not at all. Any more than a discussion of safe storage, proper handling
practices and so on are inappropriate when discussing nice, sharp,
useful knives.

> It's very useful to law enforcement agencies to have a simple and 
> un-defendable charge that can be used first, thereby achieving the 
> gaoling of the miscreant on-remand and without bail.

You go on to build an oak tree of catastrophe from an object that is not
even vaguely acorn-shaped.

"They" have an almost infinitely wide palette of possibilities. A system
that does not apply the rule of law, that is corrupt or whatever, will
not bother about the accuracy of the charges needed to achieve such
aims. Trumped up is trumped up. And why is this an "undefendable"
charge?

Seriously - while this is an aspect of IPv6 that *could* under certain
limited circumstances be used in citizen- or consumer-unfriendly ways,
it is a tiny, tiny drop in a sea of such difficulties, the vast majority
of which have nothing to do with a layer 3 protocol.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/kauer/                   +61-428-957160 (mob)

GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://mailman.anu.edu.au/pipermail/link/attachments/20110131/aff54ec5/attachment.sig>


More information about the Link mailing list