Re: AP wire 'slams' IPv6 autoconfig

Rohit Khare (rohit@uci.edu)
Tue, 12 Oct 1999 11:18:56 -0700


>I'm sure Marc Rotenberg of EPIC isn't "panicky".
>

No more or less than any other issue-oriented think-tank. Stateless
autoconfig has *not* changed since 1996; your description is correct.
And yet, the only real answer hasn't changed in that time, either:
IPsec.

You want privacy, encrypt it. You want internetworking, you better
have a fixed endpoint.

No matter what identifier strategy you support, They will be able to
track down the originating machine. It's like asking to get on the
phone network without a phone number of your own; it's possible, some
people think, in effect: e.g. the 'mafia phones' in Italy:
"anonymous" prepaid wireless. But They still know where you are; you
still need an ESN ("MAC address" for our purposes) to even get
on-line. Source analysis will *always* be possible; don't think that
stateful DHCP protects you by slightly randomizing your address every
day; it just means they have to supoena DHCP logs, too. Onion routing
is one of the only ways to defeat traffic analysis of this sort, and
in the end it converges on the theoretical limit of simply flooding
all of the network all of the time to hide the real signals.

News is a difference that makes a difference. This technology does
NOT change the status quo on privacy. As ever, the only real answer
is encrypting *everything* from *every citizen* as a matter of
course, if you want to make sure your thoughts aren't being
correlated.

Off the hobbyhorse,
Rohit