IETF Logo Mail Archive

Re: Why /64

Alexandru Petrescu <alexandru.petrescu@gmail.com> Mon, 28 October 2013 11:13 UTC

Return-Path: <alexandru.petrescu@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4CB621E8056 for <ipv6@ietfa.amsl.com>; Mon, 28 Oct 2013 04:13:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.295
X-Spam-Level:
X-Spam-Status: No, score=-10.295 tagged_above=-999 required=5 tests=[AWL=-0.046, BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IC52T6ganZHA for <ipv6@ietfa.amsl.com>; Mon, 28 Oct 2013 04:13:39 -0700 (PDT)
Received: from sainfoin-out.extra.cea.fr (sainfoin-out.extra.cea.fr [132.167.192.145]) by ietfa.amsl.com (Postfix) with ESMTP id 8C88311E811D for <ipv6@ietf.org>; Mon, 28 Oct 2013 04:13:38 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by sainfoin.extra.cea.fr (8.14.2/8.14.2/CEAnet-Internet-out-2.3) with ESMTP id r9SBDbUg029550 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <ipv6@ietf.org>; Mon, 28 Oct 2013 12:13:37 +0100
Received: from muguet2.intra.cea.fr (muguet2.intra.cea.fr [132.166.192.7]) by pisaure.intra.cea.fr (8.14.4/8.14.4) with ESMTP id r9SBDbeV024086 for <ipv6@ietf.org>; Mon, 28 Oct 2013 12:13:37 +0100 (envelope-from alexandru.petrescu@gmail.com)
Received: from [127.0.0.1] (is010446-4.intra.cea.fr [10.8.33.116]) by muguet2.intra.cea.fr (8.13.8/8.13.8/CEAnet-Intranet-out-1.2) with ESMTP id r9SBDWjK004113 for <ipv6@ietf.org>; Mon, 28 Oct 2013 12:13:36 +0100
Message-ID: <526E46DD.9000308@gmail.com>
Date: Mon, 28 Oct 2013 12:13:33 +0100
From: Alexandru Petrescu <alexandru.petrescu@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.0.1
MIME-Version: 1.0
To: ipv6@ietf.org
Subject: Re: Why /64
References: <20131021224346.32495.64932.idtracker@ietfa.amsl.com> <52695DDE.70909@gont.com.ar> <526AA24F.6010609@gmail.com> <526AACA5.7090604@si6networks.com> <E0F0D3DE-D31B-4CC2-9384-DFEBCCB8F557@ecs.soton.ac.uk> <EMEW3|9f43bef2fe7433173858819bd0eeee2dp9OKUJ03tjc|ecs.soton.ac.uk|E0F0D3DE-D31B-4CC2-9384-DFEBCCB8F557@ecs.soton.ac.uk> <526AC8AF.4060608@si6networks.com> <8C48B86A895913448548E6D15DA7553BA7B978@xmb-rcd-x09.cisco.com> <CAKD1Yr0q2dY041CMarFfTZZx6=qHC-eJ+74qgiHP-dt7+ga7yg@mail.gmail.com> <526CDC59.4070204@massar.ch> <CAKD1Yr0_anudWNpWRkvMGvD_pvyEscnuqEsPUy4YNm3e9Hue9g@mail.gmail.com> <CAPv4CP9k_J2GCOFhTCBz3U-nQmCWSjc4nceexaWwYZ-nDMpJmw@mail.gmail.com> <526D0F47.5040803@massar.ch> <CALOgxGaoB_u+br5bpyVu-A0w8vD=QjYkrzaPqYrrhtPK=z6BEw@mail.gmail.com> <526E21C5.9080707@massar.ch>
In-Reply-To: <526E21C5.9080707@massar.ch>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Oct 2013 11:13:44 -0000

Le 28/10/2013 09:35, Jeroen Massar a écrit :
> On 2013-10-27 20:04, TJ wrote:
>>>>> IMHO big nonsense. The company (amongst many others!) you
>>>>> work for
>>> uses amongst others cookies to track their people,
>>>>
>>>> Not sure we want to get into that argument here, but
>>>
>>> I _don't_ want to get into it here but I want to briefly support
>> Lorenzo
>>> on privacy.  Privacy through controlling tracking of an IP
>>> address is very different in mechanism and result from higher
>>> layer end-to-end privacy.
>>
>>
>> First off, ++1 to Lorenzo on all counts (and Scott, Karl).
>
> You can +1 without facts or any backing details, but the fun thing
> is, it is no difference at all: privacy addresses do not make you
> "private" in any way or form.

I tend to agree.

On one hand, privacy extensions to SLAAC is one little step towards
having just a little more privacy possible, as opposed to not using
privacy extensions.

But there are many aspects than just the IP address, visible in even the
simplest wireshark dump which when correlated reveal a surprising number
of things some may consider deeply private.

Even the time correlation of presence/absence of traffic can be a guide
about someone's habits. It can become as insane as thinking that only 
turning everything off forever could offer some privacy.  An hypothesis 
contradictory to the very essence of communication.

Alex

>
>
> The only thing higher levels gives the adversary is a easier
> detection and correlation. But unless you have exactly the same
> packet signature and you are hitting the same sites as other people
> in your /64 or /48 you are unique.
>
> Please note that a IPv6 Privacy Address is for a period of time, not
> per application (at least I have not seen an OS do that yet, it
> could, but they do not).
>
> As such, when your HTTP browser goes to a site, that IP address is
> identified as you; then anything else goes to another site, and
> voila, they know that that connection is also related to you. Then
> your privacy time window expires, you connect to that second site
> again, which is not HTTP, but as you have been there just a bit ago,
> there is a high chance that that is still you.
>
>> It does not matter if you have 1 IPv4 address with 2000 people
>> behind it, or 1 /48 with 2000 people behind it.
>>
>> The algorithms to de-anonimize and differentiate between the real
>> hosts behind them exist.
>>
>> Cookies are one way to do that, complete browser profiles or other
>>  differences in the client, be that the tcp stack level another.
>> For other protocols it is all much easier as they are typically
>> already authenticated anyway or have other bits.
>>
>>
>>
>> Having said that, FWIW - I partially disagree with Jeron here - it
>> does matter.
>
> With what exact part do you disagree and what part does matter?
>
>
>> A user can have browser extensions, multiple browsers (or mutliple
>> VMs with different OSes) and have a fairly good level of privacy
>> if so desires - as long as the underlying L3 provisioned does not
>> prevent it.  Is may not be exactly mainstream / commonplace, but
>> not uncommon enough to ignore (IMHO) either.
>
> Even though that would give you separate addresses and would
> initially give that user separate identities that are being tracked,
> that user is still coming out of the same /64 or /48.
>
> Thus on the IP level indeed it initially looks like multiple users.
> But as various organizations are pretty good at estimating amount of
> users in a location, they can easily guess that it is the same
> person anyway.
>
>
> I'll state again: if you want privacy use a mixnet, eg Tor. (and
> even then you are exposing all your random bits, thus beware what
> protocols and tools you use)
>
> Greets, Jeroen
>
> --------------------------------------------------------------------
>  IETF IPv6 working group mailing list ipv6@ietf.org Administrative
> Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
>

v2.35.0 | Report a Bug | By Email | System Status