IETF Logo Mail Archive

Re: [v6ops] IPv6 new access from Windows to Google: display of a critical security alert

Owen DeLong <owen@delong.com> Thu, 31 October 2019 14:33 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E641512018B for <v6ops@ietfa.amsl.com>; Thu, 31 Oct 2019 07:33:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.998
X-Spam-Level:
X-Spam-Status: No, score=-6.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=delong.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rkI6M7ZF1cAk for <v6ops@ietfa.amsl.com>; Thu, 31 Oct 2019 07:33:01 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id 73FE21200FF for <v6ops@ietf.org>; Thu, 31 Oct 2019 07:32:53 -0700 (PDT)
Received: from [199.187.216.130] ([199.187.216.130]) (authenticated bits=0) by owen.delong.com (8.15.2/8.15.2) with ESMTPSA id x9VEWjPQ003427 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 31 Oct 2019 07:32:46 -0700
DKIM-Filter: OpenDKIM Filter v2.11.0 owen.delong.com x9VEWjPQ003427
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delong.com; s=mail; t=1572532367; bh=P2Z5Puv8HtYf7ykU/BWcJAx8lJaEN0wJiRwsZ3I+REk=; h=From:Subject:Date:In-Reply-To:Cc:To:References:From; b=1EIMnly8AwMLvaWB2RW3mJd5n5VZ3PIL4F3srTvku1z3nN/dTgBDc5Q2M0neWlyEd DcnKvTKtLHW/vNuphG3tYkN6LWjV3qw2sSUkHnzMP6SSrtTkSDx095wba0qcWDX4RL nhy+cU4Z5zx0WRQyGMWU3rh/pfE31pEHs+edFA64=
From: Owen DeLong <owen@delong.com>
Message-Id: <7649D02C-9252-4F5E-B195-B213F299F6C1@delong.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_64A858FF-9DE7-4E12-AEBE-132404C185A0"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\))
Date: Thu, 31 Oct 2019 07:32:45 -0700
In-Reply-To: <d15dc3e9-2cd5-fb74-e664-2d91b5c4e3ef@gmail.com>
Cc: "v6ops@ietf.org" <v6ops@ietf.org>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>
References: <d15dc3e9-2cd5-fb74-e664-2d91b5c4e3ef@gmail.com>
X-Mailer: Apple Mail (2.3445.104.8)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (owen.delong.com [192.159.10.2]); Thu, 31 Oct 2019 07:32:47 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/93tvMcPlxgot40g4-wih7s7K5Wk>
Subject: Re: [v6ops] IPv6 new access from Windows to Google: display of a critical security alert
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 14:33:03 -0000


> On Oct 31, 2019, at 3:25 AM, Alexandre Petrescu <alexandre.petrescu@gmail.com> wrote:
> 
> Google alerted me a few days ago during my DHCPv6 experiments, when I browsed it with a Windows computer using IPv6 first time, although many times previously with IPv4.
> 
> 
Since I don’t speak French, it’s hard to interpret the error message and I can’t paste the contents of an image into google translate.

> Incidentally, the address my Windows used was an address delivered by DHCPv6.  Being DHCPv6 is visible in its format: in the hextet representation, the '::' appears before the last two hextets (X::b4cc:8eb9) as opposed to a SLAAC address where the double colon appears quasi always before the last _four_ hextets.
> 
> 
Google can’t tell how you got the address. The position of the :: is irrelevant. This is simply an artifact of the UI in question. Any address which contains contiguous hextets of all zeroes (e.g. 0:0:0) may abbreviate one such group of hextets to ::.

Example: 2001:d8b:0:0:53a2:0:0:1 can be written as:
	2001:db8::53a2:0:0:1
	2001:db8:0:0:53a2::1

All three of the above expressions represent the same exact 128-bit address.
> I am trying to understand why Google complained wiht such a critical security alert.
> 
Hard to say. Is the security alert about your address or is it about the site you were trying to visit?
If you can provide an English translation of the message, it might be possible to provide better advice.

> - is it because the address was a DHCP address rather than SLAAC?
> 
No. Google can’t tell how the address was assigned. It’s just another 128 bit number from Google’s perspective.

> - it is because I connect from an address they have never seen before?
> 
Without being able to decipher the error message, it’s hard to say.
> - is it because it is the first time I connect to them by IPv6 on this computer?
> 
Not likely.
> - is it because when I connect  with IPv6 to them I keep changing the IPv6 address (as opposed to IPv4 is always the same because behind NAT)?
> 
Not likely.
> The messages they displayed are not helpful to understand what's happening, because they talk about 'application security', 'wrong device', etc.  Neither is the case: I have a running anti-virus so my apps are healthy and the device is always the same Windows device I use to connect to Google.
> 
Again, without a translation of the full error message, there is not enough information to answer your questions. No guarantee that a translation of the full error message would provide enough information, but probably worth a try.

Owen

> <gapjjmicnkndmmma.jpg>
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email