Re: [perpass] privacy implications of UUIDs for IoT devices

Robin Wilton <wilton@isoc.org> Thu, 06 October 2016 04:59 UTC

Return-Path: <wilton@isoc.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA05D1294E7 for <perpass@ietfa.amsl.com>; Wed, 5 Oct 2016 21:59:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isoc.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yDWlDeWvgIzq for <perpass@ietfa.amsl.com>; Wed, 5 Oct 2016 21:59:48 -0700 (PDT)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0049.outbound.protection.outlook.com [104.47.33.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55AEB1293F5 for <perpass@ietf.org>; Wed, 5 Oct 2016 21:59:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isoc.onmicrosoft.com; s=selector1-isoc-org; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=4KMkx5HUH4s+BEOBl6UVEmcLwwDV3WV+TX1MDNMLuXI=; b=lIdyjsLIgouKIow4odvyuUC5cPoTEfCarhQR1q3aCCYzW2NqLNpbYmuwP/aOuu6Mal9akozATe/um6IKrLip4JvPpxE3m8P/Mf5bJFDj5t7+uWMDr4aFCvfM4aS3SMssTFv0JxD5axlZFzehaTerEkIP3raj/zW1GJQIVEOeVvI=
Received: from SN1PR06MB1839.namprd06.prod.outlook.com (10.162.133.18) by SN1PR06MB1837.namprd06.prod.outlook.com (10.162.133.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.659.11; Thu, 6 Oct 2016 04:59:46 +0000
Received: from SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) by SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) with mapi id 15.01.0649.024; Thu, 6 Oct 2016 04:59:46 +0000
From: Robin Wilton <wilton@isoc.org>
To: John Levine <johnl@taugh.com>
Thread-Topic: [perpass] privacy implications of UUIDs for IoT devices
Thread-Index: AQHSH2PgjkQMK9h5UkSEG8JCs3Z8j6CairuAgAACN4CAACswgIAAJgBC
Date: Thu, 6 Oct 2016 04:59:46 +0000
Message-ID: <9D59C092-E692-4F27-94CD-87098BA4F767@isoc.org>
References: <CY1PR03MB2265659F67817DF02F3FCF29A3C70@CY1PR03MB2265.namprd03.prod.outlook.com>, <20161006024345.20007.qmail@ary.lan>
In-Reply-To: <20161006024345.20007.qmail@ary.lan>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=wilton@isoc.org;
x-originating-ip: [193.43.158.243]
x-ms-office365-filtering-correlation-id: 60e33ffc-80ad-492a-037b-08d3eda597d1
x-microsoft-exchange-diagnostics: 1; SN1PR06MB1837; 6:NO/94oCvhLG55+hDh9TaQIUsDybcBns59s17x2FpdKWPQ14FRe8wX6mV9we6D9VFH+SKKI+PcpuD5AeERtSysoT0Ljv1t+Pmas5AItPpiRl/zV/qC2xFIanAWgtwMvLJl+pM+g0LsfCeMS5juYxkHG5NSHlFW/PCizxxxesWAjxp5UUrOyQTpxZLkCB801eL35Rj+I3g5jBjQTMhJXmQGi9AS4y6Kt0s35F9xQSeOe/I4RD8PpypYlCy6gDsASZrY1et3iSXvxCij3JxjfzhbZCJMwjPs/gUuMy/8E5XkyhvqdveCFKC2TI79MXe+3EW; 5:WaBoOkB38lF/YgU8/6OQh+u1u7bHtUbm/NnxMoQBuyBHR192cqbezwPC2kyOFOSFtxujW/szCaFdzLRWsQQMOg9xzpyWQNUEMal7RvRxSnJ7vb/5Om/nciWuoWGjqNxdt3j/lDVD2SHH40OroBECHHANCutltTFEoy99+SXb7n0=; 24:SuIn13+TxLKoDh6MWxmQnxS/hb84eGKAUnUCnlm/FbuxIbnqajkATfctZ0/CEFM/N0Yu7bsF4C4HClhlvAFa/UixBrq2qAOdjr+IJPIfGx4=; 7:NjeGTt2hH2qSCve8yug9yWaCUNYUeVmW+TSHrvmjvUA3wdCn8HnekHXP5J5kdSbxlwbSSmUIpI5mMh7kCZVTdPeQ5ROSWtq4fe8CUEv6Fj0cX3OZwbLu7G4CDP1F+iPPTMgGkyP+BKXoc35mJIzRXmZmq0f3y4h/4MkkYKSg3FirMuDe4NX15I5uwV+Ob1E+WPXNJo6wxhu1rEFm5Xq2F7oV+qUrjKHRj3yUPoRc32YZIsts1iu0QYivHdszeUsgWKLWXGWLYozQzjpAg1Z+hfYpMDxHQ7PlDzU1fr6aAoxczdx/Bv9kxm67CIn0Rsda
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR06MB1837;
x-microsoft-antispam-prvs: <SN1PR06MB1837BCCC3E929C7B9189A4A5BFC70@SN1PR06MB1837.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(189930954265078)(218079436092871);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001); SRVR:SN1PR06MB1837; BCL:0; PCL:0; RULEID:; SRVR:SN1PR06MB1837;
x-forefront-prvs: 00872B689F
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(7916002)(199003)(189002)(24454002)(82746002)(3846002)(6116002)(102836003)(586003)(36756003)(3280700002)(5002640100001)(83716003)(19580395003)(3660700001)(87936001)(122556002)(19580405001)(106116001)(92566002)(189998001)(106356001)(68736007)(15975445007)(2900100001)(105586002)(77096005)(99286002)(97736004)(86362001)(10400500002)(305945005)(5660300001)(7736002)(8936002)(4326007)(66066001)(81166006)(81156014)(11100500001)(8676002)(7846002)(2906002)(110136003)(2950100002)(6916009)(33656002)(8666005)(50986999)(76176999)(54356999)(101416001)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR06MB1837; H:SN1PR06MB1839.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: isoc.org does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Oct 2016 04:59:46.0114 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR06MB1837
Archived-At: <https://mailarchive.ietf.org/arch/msg/perpass/c0S0dbXckV9wvBtrsllDDIUhl5w>
Cc: "perpass@ietf.org" <perpass@ietf.org>, "dthaler@microsoft.com" <dthaler@microsoft.com>
Subject: Re: [perpass] privacy implications of UUIDs for IoT devices
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Oct 2016 04:59:51 -0000




On 6 Oct 2016, at 09:44, "John Levine" <johnl@taugh.com>; wrote:

> In article <CY1PR03MB2265659F67817DF02F3FCF29A3C70@CY1PR03MB2265.namprd03.prod.outlook.com>; you write:
>> The issue with IEEE MAC's is that it's sent to untrusted observers, not that it is a stable identifier per se.
>> It just so happens that you typically don't have a choice but to send it in packets such that it can be observed
>> by untrusted observers, hence the need to use randomized MACs.
> 
> It's not just that, it's that MACs have a structure and there's a
> registry of prefixes so you can look at a MAC and know who the
> manufacturer is and usually what kind of device it is.  For example,
> prefix 2C-BE-08 is Apple, and anything with that prefix is probably a
> Macbook.
> 
> If the unique ID is a version 4 UUID with no structure, I'd think
> those particular problems would go away.  There may well still be
> stuff you can derive from knowing that this device now is the same
> as that device then.

+1 ; any time you have a unique/linkable identifier that is sent without the user's knowledge/involvement, it undermines users' agency and therefore the trustworthiness of the system as a whole.

Yrs.,
Robin

> 
> R's,
> John
> 
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass