[ipv6hackers] my IPv6 insecurity slides

Owen DeLong owend at he.net
Thu Nov 24 21:35:54 CET 2011


On Nov 24, 2011, at 9:50 AM, Fernando Gont wrote:

> On 11/24/2011 11:35 AM, Carlos M. Martinez wrote:
>> If we as practitioners communicate the idea that there is something
>> called IPv6 which seems to be really, really insecure, then the public
>> will still not know what it is, but they sure will reject it. This is a
>> case where possitive PR can help very little but negative PR can hurt a lot.
> 
> *Without* endorsing Marc's take on the subject, I personally think that
> this depends a great deal on the venue where this stuff is being presented.
> 
> If this sort of stuff is presented in, say, a general communications
> tradeshow, I think one needs to be careful about how things are
> presented, because the effect might be the one that you're mentioning.
> 
> However, if this stuff is presented in a security conference, then
> things are different: people attend those events to talk about
> vulnerabilities and countermeasures, and everyone is used to that. For
> instance, in quite a few events I've attended there have been
> presentations about security issues in the PDF format (and t-shirts with
> things such as "PDF: Penetration Document Format"), and I've not stopped
> using PDF for my files...
> 

That may be true, but, turn IPv6 off is still not the appropriate countermeasure
for a general recommendation these days.

Owen




More information about the Ipv6hackers mailing list