[ipv6hackers] Dynamic prefixes & privacy (was: IPv6 prefix changing)
madires at theca-tabellaria.de
Tue Mar 13 16:27:15 CET 2012
On Tue, 13 Mar 2012, Alex List wrote:
If I mis-understood you please tell me.
> I think you are both reasoning too much from the perspective of an
> eyeball isp. If you manage your network of course you can track your
> user. But let's think about third-party internet marketing companies.
> Wouldn't it be much easier to them to correlate data if residential
> customers were forced to have the same IP all the time?
Yes and no :-) ISPs got the RADIUS logs. If users got fixed IP addresses
it's very easy to track them for third parties. If users got dynamic IPv6
subnets it's not much harder to track them by their IP address. The
third party just needs to do some mapping of networks, ISPs and locations.
Might be even a service of another company. There is a lot of geolocation
data in the Internet freely available. Add the automatic interface address
and you can identify the user. You're even able to see if the user
switches the ISP or moves to another area (if it's away far enough -
access-router-wise). For dynamic IPv4 addresses it's not that simple. The
marketing company needs to add some of the common webbrowser-based
Another problem with dynamic addresses is that a user might keep the
same address for a longer period of time. Some ISPs enforce a reset of the
Internet connection every x hours and assign a different IP address. Helps
a little with privacy. AS3320 does that every 24 hours for example.
Best recommendation for IPv6 to mitigate IP-based tracking, as described
above, is to use dynamic subnets and IPv6 privacy extensions. Or the DSL
router could perform some kind of address randomizing (for the interface part).
Otherwise it wouldn't matter much for user tracking if IPv6 subnets are
fixed or dynamic.
> I find that browsers today are still quite dumb in terms of privacy
> , but I hope that more and more people will care about it . A
In the case of dynamic IPv6 subnets any privacy features would only
mitigate browser-based tracking, but IPv6 provides enough entropy to track
users without considering any super cookies, browser and plugin details
> long term static IP addresses would make the use of proxies a must.
> Maybe the problem of such discussions is that we tend to think that
> one option would exclude the other. I'd rather have multi-prefix
> networks with more intelligent applications that understand what to do
> when connected to various networks simultaneously. This seems to be an
> extremely hard task though.
You're right! There's no simple black-or-white situation. But we
should consider the average user Joe with his DSL connection most. He
doesn't know of IPv6 privacy extensions. So maybe the DSL router should do
/ Markus Reschke \ / madires at theca-tabellaria.de \ / FidoNet 2:244/1661 \
\ / \ / \ /
More information about the Ipv6hackers