A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Windows 10 » Windows 10 Help Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

ipv6 privacy extensions



 
 
Thread Tools Rate Thread Display Modes
  #1  
Old July 22nd 16, 08:21 AM posted to alt.comp.os.windows-10
HighSpy
external usenet poster
 
Posts: 15
Default ipv6 privacy extensions


Windows 10

I tried this in the windows-8 group with no luck so I thought I'd try it
here, we have windows 7, 8 and 10 machines.

I'm finally trying to get me head around ipv6

I was somewhat alarmed to discover that the low order 64 bits are
reserved for what someone called 'hardware addressing schemes' but I
can't remember where I read this.

https://en.wikipedia.org/wiki/IPv6

"In IPv6 when using address auto-configuration, the Interface Identifier
(MAC address) of an interface port is used to make its public IP address
unique, exposing the type of hardware used and providing a unique handle
for a user's online activity"

The article then goes on about 'privacy extensions'

"Privacy extensions are enabled by default in Windows (since XP SP1), OS
X (since 10.7), and iOS (since version 4.3). Some Linux distributions
have enabled privacy extensions as well"

If I open a command window I get

Physical Address. . . . . . . . . : 6C-FA-A7-3A-45-AC
....
DHCPv6 Client DUID. . . . . . . . :
00-01-00-01-1C-E1-07-B6-6C-FA-A7-3A-45-AC

and can see the physical address on the end of the DUID.

The local library recently demanded the wireless interface MAC addresses
from our local user groups laptops saying it would 'make our lives
easier as we no longer had to log in to the wireless network' but I
suspect it has more to do with tracking our usage.

Am I right to be concerned?

Thanks

--
Quis custodiet ipsos custodes?
Ads
  #2  
Old July 22nd 16, 12:06 PM posted to alt.comp.os.windows-10
Neil
external usenet poster
 
Posts: 714
Default ipv6 privacy extensions

On 7/22/2016 3:21 AM, HighSpy wrote:

Windows 10

I tried this in the windows-8 group with no luck so I thought I'd try it
here, we have windows 7, 8 and 10 machines.

I'm finally trying to get me head around ipv6

I was somewhat alarmed to discover that the low order 64 bits are
reserved for what someone called 'hardware addressing schemes' but I
can't remember where I read this.

https://en.wikipedia.org/wiki/IPv6

"In IPv6 when using address auto-configuration, the Interface Identifier
(MAC address) of an interface port is used to make its public IP address
unique, exposing the type of hardware used and providing a unique handle
for a user's online activity"

The article then goes on about 'privacy extensions'

"Privacy extensions are enabled by default in Windows (since XP SP1), OS
X (since 10.7), and iOS (since version 4.3). Some Linux distributions
have enabled privacy extensions as well"

If I open a command window I get

Physical Address. . . . . . . . . : 6C-FA-A7-3A-45-AC
...
DHCPv6 Client DUID. . . . . . . . :
00-01-00-01-1C-E1-07-B6-6C-FA-A7-3A-45-AC

and can see the physical address on the end of the DUID.

The local library recently demanded the wireless interface MAC addresses
from our local user groups laptops saying it would 'make our lives
easier as we no longer had to log in to the wireless network' but I
suspect it has more to do with tracking our usage.

Am I right to be concerned?

From what you've written, it seems that the library has set their
access point to admit "known" MAC addresses, which is neither a new nor
especially informative without additional logging software.

Is all your on-line activity through your library's wifi? Are you
conducting illegal activities while on-line at the library? If not, why
be concerned about tracking?

--
Best regards,

Neil
  #3  
Old July 22nd 16, 12:23 PM posted to alt.comp.os.windows-10
HighSpy
external usenet poster
 
Posts: 15
Default ipv6 privacy extensions

On 22/07/2016 12:06, Neil wrote:
On 7/22/2016 3:21 AM, HighSpy wrote:

Windows 10

I tried this in the windows-8 group with no luck so I thought I'd try it
here, we have windows 7, 8 and 10 machines.

I'm finally trying to get me head around ipv6

I was somewhat alarmed to discover that the low order 64 bits are
reserved for what someone called 'hardware addressing schemes' but I
can't remember where I read this.

https://en.wikipedia.org/wiki/IPv6

"In IPv6 when using address auto-configuration, the Interface Identifier
(MAC address) of an interface port is used to make its public IP address
unique, exposing the type of hardware used and providing a unique handle
for a user's online activity"

The article then goes on about 'privacy extensions'

"Privacy extensions are enabled by default in Windows (since XP SP1), OS
X (since 10.7), and iOS (since version 4.3). Some Linux distributions
have enabled privacy extensions as well"

If I open a command window I get

Physical Address. . . . . . . . . : 6C-FA-A7-3A-45-AC
...
DHCPv6 Client DUID. . . . . . . . :
00-01-00-01-1C-E1-07-B6-6C-FA-A7-3A-45-AC

and can see the physical address on the end of the DUID.

The local library recently demanded the wireless interface MAC addresses
from our local user groups laptops saying it would 'make our lives
easier as we no longer had to log in to the wireless network' but I
suspect it has more to do with tracking our usage.

Am I right to be concerned?

From what you've written, it seems that the library has set their access
point to admit "known" MAC addresses, which is neither a new nor
especially informative without additional logging software.

Is all your on-line activity through your library's wifi? Are you
conducting illegal activities while on-line at the library? If not, why
be concerned about tracking?


I'm afraid that argument has been used to justify surveillance since
surveillance was first used. Certain activities are illegal even between
consenting adults so why object to a camera in your bedroom if you are
not doing them. It's the same argument.

The fact that the library is 'insiting' on this information makes me
think that they are logging our activity. What other possible reason
could there be?

--
Quis custodiet ipsos custodes?
  #4  
Old July 22nd 16, 12:33 PM posted to alt.comp.os.windows-10
Andy Burns[_6_]
external usenet poster
 
Posts: 1,318
Default ipv6 privacy extensions

HighSpy wrote:

The fact that the library is 'insiting' on this information


The other day you said it was to "make your life easier" presumably by
avoiding having to have some other form of logon, now they're "insisting"?

  #5  
Old July 22nd 16, 02:21 PM posted to alt.comp.os.windows-10
HighSpy
external usenet poster
 
Posts: 15
Default ipv6 privacy extensions

On 22/07/2016 12:33, Andy Burns wrote:
HighSpy wrote:

The fact that the library is 'insiting' on this information


The other day you said it was to "make your life easier" presumably by
avoiding having to have some other form of logon, now they're "insisting"?


Sorry, clicked the wrong button and sent it direct .... oops
anyway


That is correct, when I thought about this I began to think there might
be an ulterior motive. It's being sold as a benign change simply to make
our lives easier, so I did a little experiment and declined the offer. I
was told declining wasn't an option and that if we wanted to continue to
use the facilities we were required to hand over the MAC addresses of
our devices.

It is possible to walk in off the street with an arbitrary device and
create an account, it's a long winded process that requires the handing
over of certain personal information, the spooks can still get the
hardware address but can't be sure what actual physical device is being
used.

Imagine my surprise (not) when they also said we had to have our pubic
access laptops 'security marked' and that this would involve handing
over the devices. All they need to do is map the serial number to the
MAC address and they have all they need to assign a particular activity
to a particular hardware device. Surveillance doesn't get any more
invasive than this ... does it?



--
Quis custodiet ipsos custodes?
  #6  
Old July 22nd 16, 02:26 PM posted to alt.comp.os.windows-10
Andy Burns[_6_]
external usenet poster
 
Posts: 1,318
Default ipv6 privacy extensions

HighSpy wrote:

Andy Burns wrote:

The other day you said it was to "make your life easier" presumably by
avoiding having to have some other form of logon, now they're "insisting"?


Sorry, clicked the wrong button and sent it direct .... oops
anyway


I did wonder if that was what happened ;-)

That is correct, when I thought about this I began to think there might
be an ulterior motive. It's being sold as a benign change simply to make
our lives easier, so I did a little experiment and declined the offer. I
was told declining wasn't an option and that if we wanted to continue to
use the facilities we were required to hand over the MAC addresses of
our devices.


Even if you don't hand over your MAC address, as soon as you use some
other form of login they can capture your MAC address anyway and
associate it, yes you can spoof a different MAC, but then you can't get
in without giving them the login again ... the short of it is if you use
someone else's network, they can know your MAC address.

  #7  
Old July 22nd 16, 02:49 PM posted to alt.comp.os.windows-10
Mayayana
external usenet poster
 
Posts: 6,438
Default ipv6 privacy extensions

| Is all your on-line activity through your library's wifi? Are you
| conducting illegal activities while on-line at the library? If not, why
| be concerned about tracking?
|
|
| I'm afraid that argument has been used to justify surveillance since
| surveillance was first used. Certain activities are illegal even between
| consenting adults so why object to a camera in your bedroom if you are
| not doing them. It's the same argument.
|
You raise some interesting questions. I wasn't aware
of that aspect of IPv6. And yes, Neil's argument is silly
and naive. I once asked a Jewish friend why the Jews didn't
leave Germany before events like Kristallnacht happened.
He replied that that question was common among Jews.
Neil demonstrates the universal human tendency to first
try the ostrich approach when inconvenience arrives.
It's the pebble-in-the-shoe experience: We ignore it
until our hip starts to hurt. Then we sit down. tear off
our shoe, and get mad at the pebble. Leaving Germany
and possibly losing money/belongings would have been
stressful for the Jews, as it would be for anyone. So
they hoped for the best and clung to their normal lives
until the end.

It's easy... so far.... to ignore privacy concerns in
the US. But even now there are all sorts of reasons to
keep private. If you're Muslim. If you take part in the
Occupy movement. (The FBI planted agents, just like
with Vietnam protesters in the 60s.) Most people work
to find a niche where they feel comfortable, surrounded
by like-minded friends. But all societies are still mildly
fascistic, *because* people want to be surrounded by
like-minded friends.
Eric Schmidt from Google, famous for protecting his
own privacy, nevertheless made the classic, chilling
policy statement of a fascistic regime: If you think you
need privacy then maybe you're doing something you
shouldn't be doing.

https://www.youtube.com/watch?v=A6e7wfDHzew

Someone on Slashdot also made another good point
recently: Many people think they have nothing to hide
until they have their credit card number or information
about their child compromised. Or what about a road
rager seeing your license plate? Do we want info like
that easily available?

| The fact that the library is 'insiting' on this information makes me
| think that they are logging our activity. What other possible reason
| could there be?
|

Are they really insisting? You actually can't opt for
logging in? How would they recognize a "friendly" MAC
address without logging in? Maybe you should ask the
tech people at the library for a full explanation. I'd be
interested to know the answer.

They can use cookies to avoid logging in. A MAC
address alone is not necessarily unique. The unique
ID of IPv6 involves the IP address + the MAC address.
So there's something in their explanation that doesn't
add up. Also, you might have more than one laptop, or
a laptop and tablet and phone. Those all have different
MAC addresses.

I would guess their reason involves your identity
online. Without the ID you appear online as a device
from the library. With it you can conceivably be tracked.
The main difference is how you'll be seen *outside*
the library. They'll already know who you are, either
way the ID is confirmed. But an ID could also make it
easy(er) for them to log where you go online while
you're using their wifi. Maybe they want to survey
usage for harmless reasons? Maybe they have a
mandate and gag order from the Feds, requiring them
to do this and banning them from telling anyone.

It would be interesting to hear if you find out more.
In the meantime, you don't have to use the library wifi.
(It's not clear to me what you mean by "local user
group". I assume you're just using the library wifi without
it being part of a club activity.)

Also, if you're interested in privacy online then hopefully
you've looked into that. Without knowing the details and
making some effort, you won't have any privacy online.
The average person is being tracked in nearly everything
they do by Google, ad networks, Akamai, Facebook, etc.
(Even if you don't use Facebook.) And blocking cookies
is only one small part of it. And thanks to Edward Snowden
and others, we know that most large tech companies are
handing data to the NSA. So if you don't use real email,
encrypted, and carefully manage your olnine presence,
preferably disabling cookies, frames, script, etags, supercookie
local storage, and so on, then Google and a dozen other
entities already know more about you and your activites
than you do yourself.



  #8  
Old July 22nd 16, 03:18 PM posted to alt.comp.os.windows-10
HighSpy
external usenet poster
 
Posts: 15
Default ipv6 privacy extensions

On 22/07/2016 14:26, Andy Burns wrote:
HighSpy wrote:

Andy Burns wrote:

The other day you said it was to "make your life easier" presumably by
avoiding having to have some other form of logon, now they're
"insisting"?


Sorry, clicked the wrong button and sent it direct .... oops
anyway


I did wonder if that was what happened ;-)

That is correct, when I thought about this I began to think there might
be an ulterior motive. It's being sold as a benign change simply to make
our lives easier, so I did a little experiment and declined the offer. I
was told declining wasn't an option and that if we wanted to continue to
use the facilities we were required to hand over the MAC addresses of
our devices.


Even if you don't hand over your MAC address, as soon as you use some
other form of login they can capture your MAC address anyway and
associate it, yes you can spoof a different MAC, but then you can't get
in without giving them the login again ... the short of it is if you use
someone else's network, they can know your MAC address.


Yes, I understand that but just having a MAC address isn't enough to
identify the actual piece of hardware being used is it. You need
something else.

There's different 'levels of knowing' isn't there
Come in on a random device using a standard log in account and they can
map the MAC address to a set of credentials.

Use the same credentials on a different device and now you have two MAC
addresses for 1 set of credentials

Use the same device to create two accounts ... etc etc

The point is, none of this identifies the actual device being used,
either you need the device or you need other information about the device.

So, map the MAC address to the serial number of the device and you have
a bullet proof way of identifying the actual device being used, add in
the requirement that machines have to be booked out to an individual and
you have a way to track a single user at a level of detail even standard
login accounts don't support.

It all seems a bit Orwellian to me, have you met my mate Winston?
He's not long for this world.

================================================== ===================
"They can’t get inside you. If you can feel that staying human is worth
while, even when it can’t have any result whatever, you’ve beaten them."

He thought of the telescreen with its never-sleeping ear. They could spy
upon you night and day, but if you kept your head you could still outwit
them.
================================================== ====================

Winston soon found out how wrong he was, how long before we suffer the
same fate I wonder.



--
Quis custodiet ipsos custodes?
  #9  
Old July 22nd 16, 03:41 PM posted to alt.comp.os.windows-10
HighSpy
external usenet poster
 
Posts: 15
Default ipv6 privacy extensions

On 22/07/2016 14:49, Mayayana wrote:
| Is all your on-line activity through your library's wifi? Are you
| conducting illegal activities while on-line at the library? If not, why
| be concerned about tracking?
|
|
| I'm afraid that argument has been used to justify surveillance since
| surveillance was first used. Certain activities are illegal even between
| consenting adults so why object to a camera in your bedroom if you are
| not doing them. It's the same argument.
|
You raise some interesting questions. I wasn't aware
of that aspect of IPv6. And yes, Neil's argument is silly
and naive. I once asked a Jewish friend why the Jews didn't
leave Germany before events like Kristallnacht happened.
He replied that that question was common among Jews.
Neil demonstrates the universal human tendency to first
try the ostrich approach when inconvenience arrives.
It's the pebble-in-the-shoe experience: We ignore it
until our hip starts to hurt. Then we sit down. tear off
our shoe, and get mad at the pebble. Leaving Germany
and possibly losing money/belongings would have been
stressful for the Jews, as it would be for anyone. So
they hoped for the best and clung to their normal lives
until the end.

It's easy... so far.... to ignore privacy concerns in
the US. But even now there are all sorts of reasons to
keep private. If you're Muslim. If you take part in the
Occupy movement. (The FBI planted agents, just like
with Vietnam protesters in the 60s.) Most people work
to find a niche where they feel comfortable, surrounded
by like-minded friends. But all societies are still mildly
fascistic, *because* people want to be surrounded by
like-minded friends.
Eric Schmidt from Google, famous for protecting his
own privacy, nevertheless made the classic, chilling
policy statement of a fascistic regime: If you think you
need privacy then maybe you're doing something you
shouldn't be doing.

https://www.youtube.com/watch?v=A6e7wfDHzew

Someone on Slashdot also made another good point
recently: Many people think they have nothing to hide
until they have their credit card number or information
about their child compromised. Or what about a road
rager seeing your license plate? Do we want info like
that easily available?

| The fact that the library is 'insiting' on this information makes me
| think that they are logging our activity. What other possible reason
| could there be?
|

Are they really insisting? You actually can't opt for
logging in? How would they recognize a "friendly" MAC
address without logging in?


I have sacrificed one laptop to to their network, as soon as I turn it
on it's already in. The only way to stop it is to disable the internal
interface and plug in a dongle. I have to be a bit careful though, I
don't want to mess things up for everybody so I havent really spent any
time on this, I think I'm probably going to call it a day as a
volunteer. I can't live with this level of surveillance.


Maybe you should ask the
tech people at the library for a full explanation. I'd be
interested to know the answer.


Tried it. Stonewalling, obfuscation and bull****


They can use cookies to avoid logging in. A MAC
address alone is not necessarily unique. The unique
ID of IPv6 involves the IP address + the MAC address.
So there's something in their explanation that doesn't
add up. Also, you might have more than one laptop, or
a laptop and tablet and phone. Those all have different
MAC addresses.

I would guess their reason involves your identity
online. Without the ID you appear online as a device
from the library. With it you can conceivably be tracked.
The main difference is how you'll be seen *outside*
the library. They'll already know who you are, either
way the ID is confirmed. But an ID could also make it
easy(er) for them to log where you go online while
you're using their wifi. Maybe they want to survey
usage for harmless reasons? Maybe they have a
mandate and gag order from the Feds, requiring them
to do this and banning them from telling anyone.


It'a government building

It would be interesting to hear if you find out more.
In the meantime, you don't have to use the library wifi.
(It's not clear to me what you mean by "local user
group". I assume you're just using the library wifi without
it being part of a club activity.)


I'm a volunteer, I look after the hardware and help users

Also, if you're interested in privacy online then hopefully
you've looked into that. Without knowing the details and
making some effort, you won't have any privacy online.
The average person is being tracked in nearly everything
they do by Google, ad networks, Akamai, Facebook, etc.
(Even if you don't use Facebook.) And blocking cookies
is only one small part of it. And thanks to Edward Snowden
and others, we know that most large tech companies are
handing data to the NSA. So if you don't use real email,
encrypted, and carefully manage your olnine presence,
preferably disabling cookies, frames, script, etags, supercookie
local storage, and so on, then Google and a dozen other
entities already know more about you and your activites
than you do yourself.


Ghostery is good for that so I believe, I install it by default on all
browsers in Windows and Linux. The TOR network is very slow on this
connection so not really usable. I use a dozen different machines, never
click on adverts, use different logins, throw away email accounts I
don't have a Farcebook account, ****ter, Pinterest, and all the other
social spyware get no disk space. I do anything I can think of to fight
the spooks. I don't lose sleep over it though and I'm under no illusons,
I know I'm being monitored, as we all are. I'm not going to make it easy
though.


--
Quis custodiet ipsos custodes?
  #10  
Old July 22nd 16, 07:05 PM posted to alt.comp.os.windows-10
Neil
external usenet poster
 
Posts: 714
Default ipv6 privacy extensions

On 7/22/2016 9:49 AM, Mayayana wrote:
| Is all your on-line activity through your library's wifi? Are you
| conducting illegal activities while on-line at the library? If not, why
| be concerned about tracking?
|
|
| I'm afraid that argument has been used to justify surveillance since
| surveillance was first used. Certain activities are illegal even between
| consenting adults so why object to a camera in your bedroom if you are
| not doing them. It's the same argument.
|
You raise some interesting questions. I wasn't aware
of that aspect of IPv6. And yes, Neil's argument is silly
and naive.

[...]
Neil demonstrates the universal human tendency to first
try the ostrich approach when inconvenience arrives.

[...]
What is silly and naive is responding to a clipped portion of my
response that suited another's purpose, and commenting on it as though
it represents the point I was making. Frankly, I find that to be well
below what I thought of you, based on other interactions we've had.

Are they really insisting? You actually can't opt for
logging in? How would they recognize a "friendly" MAC
address without logging in?

Perhaps you've not set up a wifi access point, and that is the basis of
your confusion? It has long been possible to specify MAC addresses that
can use the WAP, block others, and allow log-ins from non-specified
devices. It has little or nothing to do with ipv6, since the capability
was available decades prior to the introduction of that standard. IOW,
both you and the OP are conflating unrelated aspects of wifi.

Based on the OP, it appears that the library has offered his/her "user
group" direct access via MAC address. I can't see a practical reason why
they would try to offer that to all users, since it would involve a lot
of management.

Boy. Try to help some folks, and all you get is B.S.!

--
Best regards,

Neil
  #11  
Old July 22nd 16, 07:11 PM posted to alt.comp.os.windows-10
Neil
external usenet poster
 
Posts: 714
Default ipv6 privacy extensions

On 7/22/2016 9:26 AM, Andy Burns wrote:
HighSpy wrote:

Andy Burns wrote:

The other day you said it was to "make your life easier" presumably by
avoiding having to have some other form of logon, now they're
"insisting"?


Sorry, clicked the wrong button and sent it direct .... oops
anyway


I did wonder if that was what happened ;-)

That is correct, when I thought about this I began to think there might
be an ulterior motive. It's being sold as a benign change simply to make
our lives easier, so I did a little experiment and declined the offer. I
was told declining wasn't an option and that if we wanted to continue to
use the facilities we were required to hand over the MAC addresses of
our devices.


Even if you don't hand over your MAC address, as soon as you use some
other form of login they can capture your MAC address anyway and
associate it, yes you can spoof a different MAC, but then you can't get
in without giving them the login again ... the short of it is if you use
someone else's network, they can know your MAC address.

I don't think that the OP has a clue about any of this, since it really
has nothing at all to do with ipv6 (or any other protocol). Since it
would take additional software and a lot of person/hours to "track" the
OP's usage, I find it unlikely that library systems have the personnel
resources to do so (I'm sure ours doesn't, and it's one of the larger
ones in the country), and in that light, think the OP should, instead,
focus on the basis of his/her concern beyond the technical matters.

--
Best regards,

Neil
  #12  
Old July 22nd 16, 08:34 PM posted to alt.comp.os.windows-10
Mayayana
external usenet poster
 
Posts: 6,438
Default ipv6 privacy extensions

| Perhaps you've not set up a wifi access point, and that is the basis of
| your confusion? It has long been possible to specify MAC addresses that
| can use the WAP, block others, and allow log-ins from non-specified
| devices.

I'm not an expert on wifi. I rarely have occasion to
use it at all. But from my reading of the IPv6 link it
sounds to me like there's a valid concern. If the MAC
address as part of a unique ID is enabled -- or more
to the point, if an IPv6 unique ID is enabled -- then
the IP sent to remote servers contains a unique ID.
That allows the remote server to ID individuals. It also
allows the library to have a log of who visited what site,
based on that ID in the network traffic.

-------------------------------
In IPv4 the effort to conserve address space with network address
translation (NAT) obfuscates network address spaces, hosts, and topologies.
In IPv6 when using address auto-configuration, the Interface Identifier (MAC
address) of an interface port is used to make its public IP address unique,
exposing the type of hardware used and providing a unique handle for a
user's online activity.

It is not a requirement for IPv6 hosts to use address auto-configuration,
however. Yet, even when an address is not based on the MAC address, the
interface's address is globally unique, in contrast to NAT-masqueraded
private networks. Privacy extensions for IPv6 have been defined to address
these privacy concerns,[28] although Silvia Hagen describes these as being
largely due to "misunderstanding".[29] When privacy extensions are enabled,
the operating system generates random host identifiers to combine with the
assigned network prefix. These ephemeral addresses are used to communicate
with remote hosts making it more difficult to track a single device.

-----------------------------

Maybe I'm mistaken, but that reads to me to say
that what the library is asking is for people using
their wifi to be uniquely identifiable online. Can you
see a different reason for their demands?


  #13  
Old July 22nd 16, 10:04 PM posted to alt.comp.os.windows-10
Neil
external usenet poster
 
Posts: 714
Default ipv6 privacy extensions

On 7/22/2016 3:34 PM, Mayayana wrote:
| Perhaps you've not set up a wifi access point, and that is the basis of
| your confusion? It has long been possible to specify MAC addresses that
| can use the WAP, block others, and allow log-ins from non-specified
| devices.

I'm not an expert on wifi. I rarely have occasion to
use it at all. But from my reading of the IPv6 link it
sounds to me like there's a valid concern. If the MAC
address as part of a unique ID is enabled -- or more
to the point, if an IPv6 unique ID is enabled -- then
the IP sent to remote servers contains a unique ID.
That allows the remote server to ID individuals. It also
allows the library to have a log of who visited what site,
based on that ID in the network traffic.

[...]

Maybe I'm mistaken, but that reads to me to say
that what the library is asking is for people using
their wifi to be uniquely identifiable online. Can you
see a different reason for their demands?

If you followed this topic from when it was introduced on the Win8
group, the first question is whether the library is "demanding"
anything. One must understand that having users submit MACs to bypass
wifi log-ins would be sufficiently time-consuming for a public location
to make it completely impractical as a general policy. So, that begs the
question, why that person's particular user group? It looked to me that
it was an offer to make life easier for that person's user group -- for
example, that they frequently use the library's wifi. So, my response to
the question, "should I be concerned" is... no.

The OP's concern seems to be whether s/he can be tracked on-line, and to
that, I said that this issue has little or nothing to do with a MAC
protocol for bypassing log-in at the library. It would be easy to
"track" their user group's on-line activity *whether or not* they bypass
the log-in (think about it for 10 seconds -- once they log in, where is
their "privacy" going to be???)

Finally, if one is *really* concerned about such things, there are
remedies that have been available for decades. So, someone with the OP's
level of knowledge would be better off believing that everything s/he
does on line is exposed. And, the library has nothing to do with it.

--
Best regards,

Neil
  #14  
Old July 23rd 16, 07:39 AM posted to alt.comp.os.windows-10
HighSpy
external usenet poster
 
Posts: 15
Default ipv6 privacy extensions

On 22/07/2016 19:11, Neil wrote:
On 7/22/2016 9:26 AM, Andy Burns wrote:
HighSpy wrote:

Andy Burns wrote:

The other day you said it was to "make your life easier" presumably by
avoiding having to have some other form of logon, now they're
"insisting"?

Sorry, clicked the wrong button and sent it direct .... oops
anyway


I did wonder if that was what happened ;-)

That is correct, when I thought about this I began to think there might
be an ulterior motive. It's being sold as a benign change simply to make
our lives easier, so I did a little experiment and declined the offer. I
was told declining wasn't an option and that if we wanted to continue to
use the facilities we were required to hand over the MAC addresses of
our devices.


Even if you don't hand over your MAC address, as soon as you use some
other form of login they can capture your MAC address anyway and
associate it, yes you can spoof a different MAC, but then you can't getre
in without giving them the login again ... the short of it is if you use
someone else's network, they can know your MAC address.

I don't think that the OP has a clue about any of this, since it really
has nothing at all to do with ipv6 (or any other protocol). Since it
would take additional software and a lot of person/hours to "track" the
OP's usage, I find it unlikely that library systems have the personnel
resources to do so (I'm sure ours doesn't, and it's one of the larger
ones in the country), and in that light, think the OP should, instead,
focus on the basis of his/her concern beyond the technical matters.


Well that's absolutely fascinating, really.

Unfortunately you seem to have completely missed the point.

Just one question. It should be an easy one for you as you seem to have
all the answers

Why would a network administrator, any network administrator *insist* on
knowing the MAC address of a device before it was used to access the
network if not to track that device.

I await your reply with ... interest.



--
Quis custodiet ipsos custodes?
  #15  
Old July 23rd 16, 07:48 AM posted to alt.comp.os.windows-10
HighSpy
external usenet poster
 
Posts: 15
Default ipv6 privacy extensions

On 22/07/2016 22:04, Neil wrote:
On 7/22/2016 3:34 PM, Mayayana wrote:
| Perhaps you've not set up a wifi access point, and that is the basis of
| your confusion? It has long been possible to specify MAC addresses that
| can use the WAP, block others, and allow log-ins from non-specified
| devices.

I'm not an expert on wifi. I rarely have occasion to
use it at all. But from my reading of the IPv6 link it
sounds to me like there's a valid concern. If the MAC
address as part of a unique ID is enabled -- or more
to the point, if an IPv6 unique ID is enabled -- then
the IP sent to remote servers contains a unique ID.
That allows the remote server to ID individuals. It also
allows the library to have a log of who visited what site,
based on that ID in the network traffic.

[...]

Maybe I'm mistaken, but that reads to me to say
that what the library is asking is for people using
their wifi to be uniquely identifiable online. Can you
see a different reason for their demands?

If you followed this topic from when it was introduced on the Win8
group, the first question is whether the library is "demanding"
anything.


Amazing, truly amazing, you appear to know more about the situation than
I do. What are they asking for then ...

One must understand that having users submit MACs to bypass
wifi log-ins would be sufficiently time-consuming for a public location
to make it completely impractical as a general policy. So, that begs the
question, why that person's particular user group? It looked to me that
it was an offer to make life easier for that person's user group -- for
example, that they frequently use the library's wifi. So, my response to
the question, "should I be concerned" is... no.


Again, you are missing the point (quelle surprise).
Let's try this again

Why would the library *insist* on knowing the MAC addresses if not to
track the device (notice I use the word 'device') I'm still waiting for
your insight.

snip

--
Quis custodiet ipsos custodes?
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 04:41 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.