[LINK] IPv6 vs. Human Security [Was Re: smartphone privacy problems]

Karl Auer kauer at biplane.com.au
Mon Jan 31 15:02:21 AEDT 2011 

On Mon, 2011-01-31 at 14:34 +1100, Roger Clarke wrote:
> Right now, considerable effort is required before a law enforcement 
> agency (or a marketer) can associate all of the messages that a 
> person sends and receives from various locations using their portable 
> device.

Really? I fear you are behind the times. Not only is it easy, it is very
easy, and the vast majority people take not even minimal actions to
avoid it.

> If the IPv6 default remains in place, that 'natural' protection is 
> destroyed, because the identifier is extractable from the IP-address, 
> and both are persistent.

You really must stop calling it a default. I'm not sure how I can
explain this any better, but it's like saying the default is for someone
to own a car. True, most people do, but owning a car still requires a
choice and a purchase to be made. Likewise SLAAC will only be in use if
the user (or possibly their service provider) has made a choice and set
things up that way.

> Among the many design requirements for IPv6 had to be retention of 
> natural protections of this nature.

Uhuh. So the four other methods aren't enough?

> Yes, I agree that it would be a defence for the designers to have 
> published a clear statement for users about what they have to require 
> from their service providers and/or do themselves, in order to 
> achieve protection.  And that statement would indeed valuably extend 
> up through the layers to cover more than device-ids and IP-addresses.

Protection (at least agiant this particular issue) is automatic in four
of the five address allocation mechanisms, including the likely most
common one.

> But can you point us to that clear statement from the designers of IPv6?

You know how the IETF works - rough consensus and running code. IPv6
grew from the same roots. It has the same procedural and political
problems as any other standard on the Internet.

> The charge is undefendable because obfuscation can be readily 
> interpreted as any act that prevents the IPv6 IP-address from 
> containing the ID allocated by the manufacturer to the device.

And I'm saying that if "they" are prepared to bend reality to such ends,
then the game is already lost. SLAAC provides no significant additional
ammunition to persons armed with such lack of respect for the law,
justice or due process.

> Without this appalling piece of design, no such easy manoeuvre would 
> be available.

You are just bound and determined to be appalled, aren't you. You are
nor about as well informed on this point as I can make you, so I guess
we just have to agree to disagree on the privacy-busting threat posed by
SLAAC. BTW I quite agree with you that it *could* be a problem. I just
don't agree that it *will* be a problem.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/kauer/                   +61-428-957160 (mob)

GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://mailman.anu.edu.au/pipermail/link/attachments/20110131/0f96383b/attachment.sig>

More information about the Link mailing list