[ipv6hackers] my IPv6 insecurity slides
Cameron Byrne
cb.list6 at gmail.com
Thu Nov 24 22:00:59 CET 2011
On Nov 24, 2011 12:39 PM, "Owen DeLong" <owend at he.net> wrote:
>
>
> On Nov 24, 2011, at 9:50 AM, Fernando Gont wrote:
>
> > On 11/24/2011 11:35 AM, Carlos M. Martinez wrote:
> >> If we as practitioners communicate the idea that there is something
> >> called IPv6 which seems to be really, really insecure, then the public
> >> will still not know what it is, but they sure will reject it. This is a
> >> case where possitive PR can help very little but negative PR can hurt
a lot.
> >
> > *Without* endorsing Marc's take on the subject, I personally think that
> > this depends a great deal on the venue where this stuff is being
presented.
> >
> > If this sort of stuff is presented in, say, a general communications
> > tradeshow, I think one needs to be careful about how things are
> > presented, because the effect might be the one that you're mentioning.
> >
> > However, if this stuff is presented in a security conference, then
> > things are different: people attend those events to talk about
> > vulnerabilities and countermeasures, and everyone is used to that. For
> > instance, in quite a few events I've attended there have been
> > presentations about security issues in the PDF format (and t-shirts with
> > things such as "PDF: Penetration Document Format"), and I've not stopped
> > using PDF for my files...
> >
>
> That may be true, but, turn IPv6 off is still not the appropriate
countermeasure
> for a general recommendation these days.
>
> Owen
>
>
+1
We have 30+ years experience of "attempting" to deploy ipv4 securely. It
would be bizarre to turn our noses up at the flaws if ipv6.
Cb _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers
More information about the Ipv6hackers
mailing list