Home page logo

nanog logo nanog mailing list archives

Re: dynamic or static IPv6 prefixes to residential customers
From: Owen DeLong <owen () delong com>
Date: Wed, 3 Aug 2011 10:38:21 -0700

On Aug 3, 2011, at 6:55 AM, Jay Ashworth wrote:

----- Original Message -----
From: "Mikael Abrahamsson" <swmike () swm pp se>

On Wed, 3 Aug 2011, Owen DeLong wrote:

Europe is a little odd in that way, especially DE and NO in that there
seems to be this weird FUD running around claiming that static addresses
are in some way more antithetical to privacy.

Yes, I agree. I know people who choose provider based on the availability
of static addresses, I know very few who avoid static address ISPs because
of this fact.

FUD indeed.

You guys aren't *near* paranoid enough.  :-)

If the ISP 

a) Assigns dynamic addresses to customers, and
b) changes those IPs on a relatively short scale (days)


c) outside parties *who are not the ISP or an LEO* will have a 
relatively harder time tying together two visits solely by the IP 

ROFL... Yeah, right... Because the MAC suffix won't do anything.

While this isn't "privacy", per se, that "making harder" is at least
somewhat useful to a client in reducing the odds that such non-ISP/LEO
parties will be unable to tie their visits, assuming they've controlled
the items they *can* control (cookies, flash cookies, etc).

Which is something, what, 1% of people probably even know how to do,
let alone practice on a regular basis.

Imperfect security != no security, *as long as you know where the holes are*.

If people want this, they can use RFC-4193 to just about the same effect.
The ISP modifying the prefix regularly simply doesn't do much.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]