dynamic or static IPv6 prefixes to residential customers

• Previous message (by thread): dynamic or static IPv6 prefixes to residential customers
• Next message (by thread): dynamic or static IPv6 prefixes to residential customers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2011-07-27 20:27 , Scott Weeks wrote:
> 
> 
> --- jeroen at unfix.org wrote:
> From: Jeroen Massar <jeroen at unfix.org>
> On 2011-07-27 03:25 , Scott Weeks wrote:
>> -------- matt.addison at lists.evilgeni.us wrote: ---------------------
>>> [..] 1: http://panopticlick.eff.org/
>>
>> All you need to do with what that site says is write a sh script that
>> deletes and then creates the same user.
> 
> And there you sprung into a trap. You will be the only one doing this
> and having no history and thus you stick out very well, as the new guy
> on the Internet every single day, from a similar prefix, but still
> accessing a similar set of hosts etc. I think I did a talk about that at
> CCC last year ;)
> -------------------------------------------------

[ Scott, please fix your mail program, as the quoting you are using is
horrible. I wrote the "All you need" part while you wrote the "sprung in
a trap" part, standard quoting rules make it seem the other way ]

> Not from the same prefix.  I have multiple networks coming into my house and I cycle through them.  next...  :-)

The source address is not the point where you get profiled, it is the
destination address. Or do you also cycle prefixes for your mail server?
And I guess you also don't use DNS then ;)

> Is there anything you can point me to on the talk?  I'd be really interested in reading it.

I suggest you watch the vid on Youtube or from one of the CCC boxes and
of course grab the PPT from my website then you have everything there
publicly is. The PPT has lot less than the story I told though ;)

As for cycling prefixes or changing addresses, it won't help you at all
as you are still going to connect as a way of habit to the same
hosts/sites that you connected to previously. And as an engineer type
you probably whip out the SSH quite quickly to connect to some or or
another and that is not the pattern that an innocent 8 year old is
following... (hmmm begs to differ if there are actually innocent ones
left but heck ;)

There is unfortunately not a real way to hide, except making sure that
the adversary you don't want to know what you are doing on the net can't
at all see what you are doing in the first place. And that is quite a
tricky one to accomplish, the best bet as a wolf is to don your sheep
uniform and go sit in between the rest of the sheep and act like a sheep
and be a sheep as otherwise you'll blow your cover very quickly.

It of course all depends what the adversary is and what you are
protecting against ;)

Greets,
 Jeroen

• Previous message (by thread): dynamic or static IPv6 prefixes to residential customers
• Next message (by thread): dynamic or static IPv6 prefixes to residential customers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]