[ipv6hackers] IPv6 prefix changing

The Fungi fungi at yuggoth.org
Thu Mar 8 16:17:59 CET 2012

On 2012-03-08 10:44:55 -0200 (-0200), Carlos Martinez-Cagnazzo wrote:
> Ppl get tracked anyways, regardless of dynamic assignments.

In fact, I worked for a marketing intelligence company 12+ years ago
which did precisely that... using rackmount Linux servers running
homemade HTTP URL sniffer software colocated at hundreds of partner
ISPs worldwide. We captured RADIUS traffic to the ISP's
authentication servers to identify each individual account so we
could keep track of what IP address the user was assigned for that

Sounds a bit big-brother on the surface, but the user IDs were put
through a one-way hash immediately and then scrubbed from the drives
as soon as the data was transferred, PII was automatically redacted
from URLs before it was ever recorded, and the machines themselves
were as thoroughly hardened as we could manage. An independent
third-party did the account to mailing address correlation and then
generalized it to census block areas before returning a mapping of
that and the one-way hash of the account. In the end all we could
say was that a unique user in some particular neighborhood had
browsed to specific sites and in a defined order. That data was
further combined and distilled down through statistical analysis,
and then the original mappings were even discarded so that if law
enforcement came asking for "help" there was nothing we could really
provide them. We were careful and put a lot of effort into
maintaining end user privacy, but I strongly suspect that many of
our competitors did not.

My point being, not only do dynamic IP addresses currently provide
no protection whatsoever against being tracked, they never really
{ IRL(Jeremy_Stanley); WWW(http://fungi.yuggoth.org/); PGP(43495829);
WHOIS(STANL3-ARIN); SMTP(fungi at yuggoth.org); FINGER(fungi at yuggoth.org);
MUD(kinrui at katarsis.mudpy.org:6669); IRC(fungi at irc.yuggoth.org#ccl); }

More information about the Ipv6hackers mailing list