On 21/04/11 21:13, /dev/rob0 wrote: > On Thu, Apr 21, 2011 at 08:06:50PM +0100, Freddie Witherden wrote: >> On 21/04/11 19:49, Bill C Riemers wrote: >>> Strange why would you want use_tempaddr=1? If you use_tempaddr=0, >>> you addresses will be assigned based on the radvd network prefix >>> and the mac address of the device. You IPv6 addresses will be the >>> same everytime, unless your network prefix changes, or you change >>> a mac address of a device. >> >> I consider it to be a very serious privacy concern. Advertising >> ones MAC address to the public internet makes tracing cookies look >> like Swiss Banking laws. I may well be wrong but I think that >> Windows may even enable such tempaddr mischief by default. > > I don't understand. A MAC address is only relevant in a physical > network segment. You simply *must* give a MAC address to hosts on > your segment in order to have networking. But beyond that segment, > there's no meaning to a MAC. > > Sure, someone can look it up and find out what kind of NIC or > embedded device you bought. But no, I don't see a "serious privacy > concern" here. Am I missing something, or are you?
MAC addresses are persistent. Hence, if I use my laptop on an IPv6
network any sites which I connect to through IPv6 get my MAC address.
Later, if I then use an IPv6 network down at my local coffee shop my MAC
address leaks through again to those sites.
This provides a means for websites to identify me and my laptop whenever
I am on an IPv6 network. It is hence as much of a privacy concern as a
tracing cookie.
use_tempaddr solves this problem as per RFC 4941 ("privacy extensions
for stateless address autoconfiguration in IPv6").
Regards, Freddie.
signature.asc
Description: OpenPGP digital signature
