Hey guys,

I just read some stuff about IPv6 what raised privacy concerns for me. As there is only few (!) information available I thought I ask you guys if I'm wrong here (I hope so)

As stated in the german IPv6 wikipedia article the allocation of IPv6 addresses is as follows:

The IANA (resp. their local registries) gives away /32 prefix allocations to providers (ISPs). The ISPs then give a minimal of a /64 prefix to each customer. That leaves 64 bits per customer.. (which is called the device identifier. (who the hell needs 2^64 addresses?).

Well first idea was, that the last 64 bits should be calculated out of the MAC address of a device which raised privacy concerns. Now with the privacy extensions, a customer can use more or less random 64 bits as device identifier).

Well.. but that doesn't solve my privacy problem. If my provider assigns me a /64 prefix and I use random device identifiers. Nonetheless, it is very easy to point ANY address I use back to me because the /64 prefix as allocated by my ISP is always unique..

so what is that? no more dynamic ip addressing? Every website on the web can track how often I visited a website? Everything I do on the internet can be mapped back to me. I don't even want to think about what a google query for my /64 prefix will result in!

So now.. did I totally miss something here or will IPv6 (with or without privacy extension) practically erase privacy on the internet?

EDIT: The question is, if the ISPs assign their customers dynamic or static prefixes. Does anyone know that?

Cheers

You should not realistically expect that privacy exists anywhere on a global public network.

However... do not overlook the perfectly obvious, boring, but innocuous motivation: how t'hell else are you going to assign those addresses "without conflict?" Basing the address on MAC is actually a pretty sensible idea. . .

the device identifier is not my problem but the prefix assigned by the ISP.

And yes - if ISPs assign static prefixes than - compared to that - we have anonymity at the moment. Everytime I connect to the Internet my ISP assigns me a new IP address. With IPv6 implicitly everybody will have a static IP address (or prefix but that doesn't matter).

If someone (ie: Law Enforcement) wants to find out who had a particular IP at a given time, they can do so now. All they need is a court order, and your ISP will provide the details.

I don't see there will be that much difference from a user perspective. As long as you're running a firewall (which you should be anyway).

Ian

I see a difference:

I'm not talking about law enforcement (it is not about doing something illegal just because someone says something privacy-related!).
I'm talking about google. About any other website. Any server I visit. doesn't matter who owns this server. Every one of those can track persons und track how often they visit and what they do because I always have the same first 64 bits of my IP address.

(and that has nothing to do with firewalls)

Not Law Enforcement (which is okay) but everybody can find this out.

True, and it's always been that way. Dynamic IP addresses are for sharing, not privacy. Even with dynamic IPv4 you are still identifiable and locatable. If you want true privacy, you need an IP mask.

Check this site. Tell me how many times it fails to locate you.

Cheers

sorry but I have the impression that nobody gets what I'm trying to say.

There is a huge difference between being able to do a geolocation check (that says: I'm from berlin, and using ISP xyz - as 50000 others do) vs. being able to pinpoint one single user every time he/she visits a webside / does a google query etc.

I know that dynamic addressing is for sharing. But privacy is a very important side-effect of that..

but guys... let's just not talk about it anymore okay?

I think I get what you are trying to say, and I actually never thought about it that way. Anyway, I don't know if it's really a big difference, since most people got "dynamic" IP. Most people that use broadband are assigned a new IP only when the modem has been shut off for quite a while, so unless you turn off your modem every night, you will have static IP in practice. This will however be an issue if you are connected with some sort of dial up.

Anyway, it sounds like TOR (If it's compatible with IPv6) should be able to hide you to some degree. But I think you will be better off by turning off cookies.

Quite true, cookies are your biggest offender. Regardless of your IP address, cookies "remind" the website who you are, when you last visited, your activities on their site, etc., etc., etc., and they are updated each time you visit that site. Blocking cookies, or deleting them at the end of a session, can help.

Cheers

Now the ultimate question: Who needs their IPv6 address private, anyway?

To have a proprietary address is like having proprietary software. That's stupid.