IPv6 Interview Questions and critic

• Previous message (by thread): IPv6 Interview Questions and critic
• Next message (by thread): IPv6 Interview Questions and critic
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Kurtis Lindqvist wrote:
>> 
>> What is interesting is that people can identify a EUI-64 unicast
>> address no matter where you are. For example, i use my laptop at work
>> and at home (assuming I had an ipv6 connection at home). I could be
>> identified as the same computer, without using cookies, since my base
>> 64 address would be the same, despite the network prefix.
> 
> What I as external viewer could determine would that you where a computer
> that moved. From the frequency I could probably tell that you where a
> laptop. I would not tell me what would be home or work, and it would not
> say who you actually where.

You could determine this right now using a cookie and traceroute.

And traceroute _could_ tell if you're at home or work (does your path 
lead into an ISP or a corporation?) and depending on the corporation, 
might yield enough information to do some simple human engineering and 
find out who you are as well.

A traceroute may also indicate what part of the country you're in.  Most 
ISP's group routers geographically and have somewhat descriptive names. 
  So by looking at the trace, you can usually determine the state, and 
sometimes town, where the connection is coming from.  (This isn't 
completely accurate, of course...)

I don't see the advertisement of a Mac address to be any more or less 
secure than what we've got right now.  Especially since most people do 
not disable cookies (since a lot of popular web sites don't work without 
them.)

-- David

• Previous message (by thread): IPv6 Interview Questions and critic
• Next message (by thread): IPv6 Interview Questions and critic
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]