Mac OS X 10.7, still no DHCPv6
Joel Jaeggli
joelja at bogus.com
Tue Mar 1 05:43:35 UTC 2011
On 2/28/11 9:34 PM, Dobbins, Roland wrote:
>
> On Mar 1, 2011, at 12:23 PM, Mark Newton wrote:
>
>> That's new, and (to my mind) threatening. We've not even begun to
>> consider the attack vectors that'll open up.
given that rfc 3041 had it's 10th birthday in january there's nothing
new about any of this.
>
> I don't think it's new at all, given the amount of information
> available today that you already cite, down to and including sniffing
> on toxic hotel networks and the like.
>
> Folks are already easily pwn3d to extremes - look at HB Gary. This
> doesn't constitute some huge new attack surface or information
> leakage - especially given the existence of VPNs/proxies, the
> tendency to store more and more data/apps on servers/in 'the cloud',
> and so forth.
>
> In fact, the device one is actually using at any given moment and
> where one is located when using said device is becoming less and less
> relevant.
>
>> From a physical-security standpoint, leaky IM, SMTP headers, et.
>> al. already give the game away.
>
> We've been living in this situation for years. Nothing about EUI-64
> changes this fact, IMHO. I dislike it immensely, but it isn't a
> game-changer, IMHO.
>
> -----------------------------------------------------------------------
>
>
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
> The basis of optimism is sheer terror.
>
> -- Oscar Wilde
>
>
>
More information about the NANOG
mailing list