[ipv6hackers] Pros and Cons of Address Randomization

Cameron Byrne cb.list6 at gmail.com
Mon Dec 10 19:43:09 CET 2012


Sent from ipv6-only Android
On Dec 10, 2012 2:19 AM, "Victor Roemer" <vroemer at gmail.com> wrote:
>
> Justifying security through obscurity simply because zebra's have stripes,
> that is funny.
>
> I think in general it is a bad idea to compare 'nature' to technology. In
> the world of technology the zebra's stripes are meaningless (infrared as
an
> example). Same principle with military garb, it will trick the human eye,
> but cripple under thorough analysis.
>
>

Going ot here, since this strikes a cord.

Obscurity is one tool.

The zebra is also fast, works as a hurd, and generally has a rather gnarly
disposition.

Using waves outside of the human visible spectrum is of course shown to us
by bats and snakes and others alike. It is not a human unique technology.

In general,  I could not disagree with you more. I cannot think of a human
innovation that is more advanced,  fault tolerant,  innovative,  or as
beautiful as what nature has to offer.  A simple ant farm makes our human
Internet look like a cheap copy..  Or the neural networks in our brains is
much more extreme case.  Birds flying or fish swimming are far more honed
by evolution than our attempts at engineering boats and planes.

If you fail to see how our engineering achievements are inferior copies of
natural phenomenon,  then i can only say you are missing out on both.

That said, as the case with infrared and zebras.  Evolution is always
happening, defenses must be fit for the threats and evolve with them.

Ipv6 is an evolution of ipv4, it has new characteristics. .. including the
option of host address obscurity which should be used imho.

I also think stateful centralize network firewalls are the wisdom teeth of
todays networks. Their value has come and gone and their stateful nature is
now a vulnerability as where modern network stacks are generally not an
issue.

CB

> Adding obscurity often does little for actual security, and provides more
> to the false sense of it.
>
>
> On a side note, zebra stripes are no more obscure than your fingerprint is
> to your identity.
>
>
> - Food for thought
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers



More information about the Ipv6hackers mailing list