Main Area and Open Discussion > General Software Discussion
Windows 10 Privacy Concerns
Stoic Joker:
@tomos - It's just an SSL error, so drop the s from the link and it works fine.
Zoiks! Their advice to disable (completely) IPv6 definitely sounds wise to heed - I've been doing that for a while because of it's lack of NAT.
-Stoic Joker (September 03, 2015, 06:50 AM)
--- End quote ---
I think this is close to a new thread!
Can y'all explain what any of "this" (in what level of Douglas Hofstadter context) this means!?
Other parts of "the tech world" are screaming about the end of address for IPv4, so to *disable* IPv6 ... is ... an explosion in a sphaghetti factory as the saying goes!-TaoPhoenix (September 03, 2015, 12:37 PM)
--- End quote ---
Let me make this simple. Even when they run out of IPv4 addresses, the addresses are/will still be good. So the only thing it really means is that:
You start with 10 bananas
10 people get 1 banana
the 11th person that shows has to get orange.
...So, yes the have to have/get the IPv6 oranges ready to go ... But the IPv4 bananas are, will, and shall continue to work for a very long time (e.g. easy back on the drum hammering FFS, because..).
The ever popular NAT layer of security was intentionally left out of the IPv6 standard...so everything will be a public address.
Everything...
I call ^that^ an issue.
JavaJones:
ALSO, some people are unnecessarily hoarding bananas because at the time they got (or requested) theirs, nobody was worried about running out (no one realized that everyone would want bananas), or they thought they'd need more than they actually did. If we got serious about IPV4 address recycling/reclaiming, I think there'd be quite a few more years of availability.
- Oshyan
wraith808:
ALSO, some people are unnecessarily hoarding bananas because at the time they got (or requested) theirs, nobody was worried about running out (no one realized that everyone would want bananas), or they thought they'd need more than they actually did. If we got serious about IPV4 address recycling/reclaiming, I think there'd be quite a few more years of availability.
-JavaJones (September 03, 2015, 02:48 PM)
--- End quote ---
Now, that's just bananas!
ewemoa:
Here's another IPv6 issue IMO (depending on configuration):
if you use IPv6, your machine may obtain an automatically allocated IPv6 address, and the scheme for creating such addresses uses MAC addresses, as described here. In that case, your MAC address can be inferred from the source address in the IP packets your machine emits.
--- End quote ---
via https://security.stackexchange.com/questions/70904/is-the-mac-address-encapsulated-in-the-internet-packets/70906#70906
Innuendo:
ewemoa, when the IPv6 specification was originally drawn up, the bright idea was to incorporate a device's MAC address into the creation of the allocated IPv6 address. This was back before we knew what we know today so along the lines someone got smart & designed a smarter, better way to create those addresses and this is the preferred method used today.
Modern OSes all use this newer method, but that older method is still in the code, but disabled, for compatibility and fail-safe purposes if it's ever needed...or someone's nutty enough to want to use it.
As for NAT, a lot of us old-timers have always seen it as as security feature, but honestly, the days of it helping secure one's network or machine has past. NAT on its own is just a convenience feature these days that allows one to use multiple devices through one IP address. NAT, on its own, is easily circumvented by script monkeys as its design focus was never security.
With IPv6 there's no need to share IP addresses among devices so that's why it's going away. NAT is no substitute for a firewall and even when used in conjunction with a firewall should only be seen as a feature of convenience rather than an additional layer of security. A good hardware firewall at the entrance to your network and a good software firewall on each machine is what will be needed with IPv6 just as it's needed with IPv4. The only difference is NAT won't be needed (or desired) anymore.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version