If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
ipv6 privacy extensions
Windows 10 I tried this in the windows-8 group with no luck so I thought I'd try it here, we have windows 7, 8 and 10 machines. I'm finally trying to get me head around ipv6 I was somewhat alarmed to discover that the low order 64 bits are reserved for what someone called 'hardware addressing schemes' but I can't remember where I read this. https://en.wikipedia.org/wiki/IPv6 "In IPv6 when using address auto-configuration, the Interface Identifier (MAC address) of an interface port is used to make its public IP address unique, exposing the type of hardware used and providing a unique handle for a user's online activity" The article then goes on about 'privacy extensions' "Privacy extensions are enabled by default in Windows (since XP SP1), OS X (since 10.7), and iOS (since version 4.3). Some Linux distributions have enabled privacy extensions as well" If I open a command window I get Physical Address. . . . . . . . . : 6C-FA-A7-3A-45-AC .... DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-E1-07-B6-6C-FA-A7-3A-45-AC and can see the physical address on the end of the DUID. The local library recently demanded the wireless interface MAC addresses from our local user groups laptops saying it would 'make our lives easier as we no longer had to log in to the wireless network' but I suspect it has more to do with tracking our usage. Am I right to be concerned? Thanks -- Quis custodiet ipsos custodes? |
Ads |
#2
|
|||
|
|||
ipv6 privacy extensions
On 7/22/2016 3:21 AM, HighSpy wrote:
Windows 10 I tried this in the windows-8 group with no luck so I thought I'd try it here, we have windows 7, 8 and 10 machines. I'm finally trying to get me head around ipv6 I was somewhat alarmed to discover that the low order 64 bits are reserved for what someone called 'hardware addressing schemes' but I can't remember where I read this. https://en.wikipedia.org/wiki/IPv6 "In IPv6 when using address auto-configuration, the Interface Identifier (MAC address) of an interface port is used to make its public IP address unique, exposing the type of hardware used and providing a unique handle for a user's online activity" The article then goes on about 'privacy extensions' "Privacy extensions are enabled by default in Windows (since XP SP1), OS X (since 10.7), and iOS (since version 4.3). Some Linux distributions have enabled privacy extensions as well" If I open a command window I get Physical Address. . . . . . . . . : 6C-FA-A7-3A-45-AC ... DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-E1-07-B6-6C-FA-A7-3A-45-AC and can see the physical address on the end of the DUID. The local library recently demanded the wireless interface MAC addresses from our local user groups laptops saying it would 'make our lives easier as we no longer had to log in to the wireless network' but I suspect it has more to do with tracking our usage. Am I right to be concerned? From what you've written, it seems that the library has set their access point to admit "known" MAC addresses, which is neither a new nor especially informative without additional logging software. Is all your on-line activity through your library's wifi? Are you conducting illegal activities while on-line at the library? If not, why be concerned about tracking? -- Best regards, Neil |
#3
|
|||
|
|||
ipv6 privacy extensions
On 22/07/2016 12:06, Neil wrote:
On 7/22/2016 3:21 AM, HighSpy wrote: Windows 10 I tried this in the windows-8 group with no luck so I thought I'd try it here, we have windows 7, 8 and 10 machines. I'm finally trying to get me head around ipv6 I was somewhat alarmed to discover that the low order 64 bits are reserved for what someone called 'hardware addressing schemes' but I can't remember where I read this. https://en.wikipedia.org/wiki/IPv6 "In IPv6 when using address auto-configuration, the Interface Identifier (MAC address) of an interface port is used to make its public IP address unique, exposing the type of hardware used and providing a unique handle for a user's online activity" The article then goes on about 'privacy extensions' "Privacy extensions are enabled by default in Windows (since XP SP1), OS X (since 10.7), and iOS (since version 4.3). Some Linux distributions have enabled privacy extensions as well" If I open a command window I get Physical Address. . . . . . . . . : 6C-FA-A7-3A-45-AC ... DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-E1-07-B6-6C-FA-A7-3A-45-AC and can see the physical address on the end of the DUID. The local library recently demanded the wireless interface MAC addresses from our local user groups laptops saying it would 'make our lives easier as we no longer had to log in to the wireless network' but I suspect it has more to do with tracking our usage. Am I right to be concerned? From what you've written, it seems that the library has set their access point to admit "known" MAC addresses, which is neither a new nor especially informative without additional logging software. Is all your on-line activity through your library's wifi? Are you conducting illegal activities while on-line at the library? If not, why be concerned about tracking? I'm afraid that argument has been used to justify surveillance since surveillance was first used. Certain activities are illegal even between consenting adults so why object to a camera in your bedroom if you are not doing them. It's the same argument. The fact that the library is 'insiting' on this information makes me think that they are logging our activity. What other possible reason could there be? -- Quis custodiet ipsos custodes? |
#4
|
|||
|
|||
ipv6 privacy extensions
HighSpy wrote:
The fact that the library is 'insiting' on this information The other day you said it was to "make your life easier" presumably by avoiding having to have some other form of logon, now they're "insisting"? |
#5
|
|||
|
|||
ipv6 privacy extensions
On 22/07/2016 12:33, Andy Burns wrote:
HighSpy wrote: The fact that the library is 'insiting' on this information The other day you said it was to "make your life easier" presumably by avoiding having to have some other form of logon, now they're "insisting"? Sorry, clicked the wrong button and sent it direct .... oops anyway That is correct, when I thought about this I began to think there might be an ulterior motive. It's being sold as a benign change simply to make our lives easier, so I did a little experiment and declined the offer. I was told declining wasn't an option and that if we wanted to continue to use the facilities we were required to hand over the MAC addresses of our devices. It is possible to walk in off the street with an arbitrary device and create an account, it's a long winded process that requires the handing over of certain personal information, the spooks can still get the hardware address but can't be sure what actual physical device is being used. Imagine my surprise (not) when they also said we had to have our pubic access laptops 'security marked' and that this would involve handing over the devices. All they need to do is map the serial number to the MAC address and they have all they need to assign a particular activity to a particular hardware device. Surveillance doesn't get any more invasive than this ... does it? -- Quis custodiet ipsos custodes? |
#6
|
|||
|
|||
ipv6 privacy extensions
HighSpy wrote:
Andy Burns wrote: The other day you said it was to "make your life easier" presumably by avoiding having to have some other form of logon, now they're "insisting"? Sorry, clicked the wrong button and sent it direct .... oops anyway I did wonder if that was what happened ;-) That is correct, when I thought about this I began to think there might be an ulterior motive. It's being sold as a benign change simply to make our lives easier, so I did a little experiment and declined the offer. I was told declining wasn't an option and that if we wanted to continue to use the facilities we were required to hand over the MAC addresses of our devices. Even if you don't hand over your MAC address, as soon as you use some other form of login they can capture your MAC address anyway and associate it, yes you can spoof a different MAC, but then you can't get in without giving them the login again ... the short of it is if you use someone else's network, they can know your MAC address. |
#7
|
|||
|
|||
ipv6 privacy extensions
| Is all your on-line activity through your library's wifi? Are you
| conducting illegal activities while on-line at the library? If not, why | be concerned about tracking? | | | I'm afraid that argument has been used to justify surveillance since | surveillance was first used. Certain activities are illegal even between | consenting adults so why object to a camera in your bedroom if you are | not doing them. It's the same argument. | You raise some interesting questions. I wasn't aware of that aspect of IPv6. And yes, Neil's argument is silly and naive. I once asked a Jewish friend why the Jews didn't leave Germany before events like Kristallnacht happened. He replied that that question was common among Jews. Neil demonstrates the universal human tendency to first try the ostrich approach when inconvenience arrives. It's the pebble-in-the-shoe experience: We ignore it until our hip starts to hurt. Then we sit down. tear off our shoe, and get mad at the pebble. Leaving Germany and possibly losing money/belongings would have been stressful for the Jews, as it would be for anyone. So they hoped for the best and clung to their normal lives until the end. It's easy... so far.... to ignore privacy concerns in the US. But even now there are all sorts of reasons to keep private. If you're Muslim. If you take part in the Occupy movement. (The FBI planted agents, just like with Vietnam protesters in the 60s.) Most people work to find a niche where they feel comfortable, surrounded by like-minded friends. But all societies are still mildly fascistic, *because* people want to be surrounded by like-minded friends. Eric Schmidt from Google, famous for protecting his own privacy, nevertheless made the classic, chilling policy statement of a fascistic regime: If you think you need privacy then maybe you're doing something you shouldn't be doing. https://www.youtube.com/watch?v=A6e7wfDHzew Someone on Slashdot also made another good point recently: Many people think they have nothing to hide until they have their credit card number or information about their child compromised. Or what about a road rager seeing your license plate? Do we want info like that easily available? | The fact that the library is 'insiting' on this information makes me | think that they are logging our activity. What other possible reason | could there be? | Are they really insisting? You actually can't opt for logging in? How would they recognize a "friendly" MAC address without logging in? Maybe you should ask the tech people at the library for a full explanation. I'd be interested to know the answer. They can use cookies to avoid logging in. A MAC address alone is not necessarily unique. The unique ID of IPv6 involves the IP address + the MAC address. So there's something in their explanation that doesn't add up. Also, you might have more than one laptop, or a laptop and tablet and phone. Those all have different MAC addresses. I would guess their reason involves your identity online. Without the ID you appear online as a device from the library. With it you can conceivably be tracked. The main difference is how you'll be seen *outside* the library. They'll already know who you are, either way the ID is confirmed. But an ID could also make it easy(er) for them to log where you go online while you're using their wifi. Maybe they want to survey usage for harmless reasons? Maybe they have a mandate and gag order from the Feds, requiring them to do this and banning them from telling anyone. It would be interesting to hear if you find out more. In the meantime, you don't have to use the library wifi. (It's not clear to me what you mean by "local user group". I assume you're just using the library wifi without it being part of a club activity.) Also, if you're interested in privacy online then hopefully you've looked into that. Without knowing the details and making some effort, you won't have any privacy online. The average person is being tracked in nearly everything they do by Google, ad networks, Akamai, Facebook, etc. (Even if you don't use Facebook.) And blocking cookies is only one small part of it. And thanks to Edward Snowden and others, we know that most large tech companies are handing data to the NSA. So if you don't use real email, encrypted, and carefully manage your olnine presence, preferably disabling cookies, frames, script, etags, supercookie local storage, and so on, then Google and a dozen other entities already know more about you and your activites than you do yourself. |
#8
|
|||
|
|||
ipv6 privacy extensions
On 22/07/2016 14:26, Andy Burns wrote:
HighSpy wrote: Andy Burns wrote: The other day you said it was to "make your life easier" presumably by avoiding having to have some other form of logon, now they're "insisting"? Sorry, clicked the wrong button and sent it direct .... oops anyway I did wonder if that was what happened ;-) That is correct, when I thought about this I began to think there might be an ulterior motive. It's being sold as a benign change simply to make our lives easier, so I did a little experiment and declined the offer. I was told declining wasn't an option and that if we wanted to continue to use the facilities we were required to hand over the MAC addresses of our devices. Even if you don't hand over your MAC address, as soon as you use some other form of login they can capture your MAC address anyway and associate it, yes you can spoof a different MAC, but then you can't get in without giving them the login again ... the short of it is if you use someone else's network, they can know your MAC address. Yes, I understand that but just having a MAC address isn't enough to identify the actual piece of hardware being used is it. You need something else. There's different 'levels of knowing' isn't there Come in on a random device using a standard log in account and they can map the MAC address to a set of credentials. Use the same credentials on a different device and now you have two MAC addresses for 1 set of credentials Use the same device to create two accounts ... etc etc The point is, none of this identifies the actual device being used, either you need the device or you need other information about the device. So, map the MAC address to the serial number of the device and you have a bullet proof way of identifying the actual device being used, add in the requirement that machines have to be booked out to an individual and you have a way to track a single user at a level of detail even standard login accounts don't support. It all seems a bit Orwellian to me, have you met my mate Winston? He's not long for this world. ================================================== =================== "They can’t get inside you. If you can feel that staying human is worth while, even when it can’t have any result whatever, you’ve beaten them." He thought of the telescreen with its never-sleeping ear. They could spy upon you night and day, but if you kept your head you could still outwit them. ================================================== ==================== Winston soon found out how wrong he was, how long before we suffer the same fate I wonder. -- Quis custodiet ipsos custodes? |
#9
|
|||
|
|||
ipv6 privacy extensions
On 22/07/2016 14:49, Mayayana wrote:
| Is all your on-line activity through your library's wifi? Are you | conducting illegal activities while on-line at the library? If not, why | be concerned about tracking? | | | I'm afraid that argument has been used to justify surveillance since | surveillance was first used. Certain activities are illegal even between | consenting adults so why object to a camera in your bedroom if you are | not doing them. It's the same argument. | You raise some interesting questions. I wasn't aware of that aspect of IPv6. And yes, Neil's argument is silly and naive. I once asked a Jewish friend why the Jews didn't leave Germany before events like Kristallnacht happened. He replied that that question was common among Jews. Neil demonstrates the universal human tendency to first try the ostrich approach when inconvenience arrives. It's the pebble-in-the-shoe experience: We ignore it until our hip starts to hurt. Then we sit down. tear off our shoe, and get mad at the pebble. Leaving Germany and possibly losing money/belongings would have been stressful for the Jews, as it would be for anyone. So they hoped for the best and clung to their normal lives until the end. It's easy... so far.... to ignore privacy concerns in the US. But even now there are all sorts of reasons to keep private. If you're Muslim. If you take part in the Occupy movement. (The FBI planted agents, just like with Vietnam protesters in the 60s.) Most people work to find a niche where they feel comfortable, surrounded by like-minded friends. But all societies are still mildly fascistic, *because* people want to be surrounded by like-minded friends. Eric Schmidt from Google, famous for protecting his own privacy, nevertheless made the classic, chilling policy statement of a fascistic regime: If you think you need privacy then maybe you're doing something you shouldn't be doing. https://www.youtube.com/watch?v=A6e7wfDHzew Someone on Slashdot also made another good point recently: Many people think they have nothing to hide until they have their credit card number or information about their child compromised. Or what about a road rager seeing your license plate? Do we want info like that easily available? | The fact that the library is 'insiting' on this information makes me | think that they are logging our activity. What other possible reason | could there be? | Are they really insisting? You actually can't opt for logging in? How would they recognize a "friendly" MAC address without logging in? I have sacrificed one laptop to to their network, as soon as I turn it on it's already in. The only way to stop it is to disable the internal interface and plug in a dongle. I have to be a bit careful though, I don't want to mess things up for everybody so I havent really spent any time on this, I think I'm probably going to call it a day as a volunteer. I can't live with this level of surveillance. Maybe you should ask the tech people at the library for a full explanation. I'd be interested to know the answer. Tried it. Stonewalling, obfuscation and bull**** They can use cookies to avoid logging in. A MAC address alone is not necessarily unique. The unique ID of IPv6 involves the IP address + the MAC address. So there's something in their explanation that doesn't add up. Also, you might have more than one laptop, or a laptop and tablet and phone. Those all have different MAC addresses. I would guess their reason involves your identity online. Without the ID you appear online as a device from the library. With it you can conceivably be tracked. The main difference is how you'll be seen *outside* the library. They'll already know who you are, either way the ID is confirmed. But an ID could also make it easy(er) for them to log where you go online while you're using their wifi. Maybe they want to survey usage for harmless reasons? Maybe they have a mandate and gag order from the Feds, requiring them to do this and banning them from telling anyone. It'a government building It would be interesting to hear if you find out more. In the meantime, you don't have to use the library wifi. (It's not clear to me what you mean by "local user group". I assume you're just using the library wifi without it being part of a club activity.) I'm a volunteer, I look after the hardware and help users Also, if you're interested in privacy online then hopefully you've looked into that. Without knowing the details and making some effort, you won't have any privacy online. The average person is being tracked in nearly everything they do by Google, ad networks, Akamai, Facebook, etc. (Even if you don't use Facebook.) And blocking cookies is only one small part of it. And thanks to Edward Snowden and others, we know that most large tech companies are handing data to the NSA. So if you don't use real email, encrypted, and carefully manage your olnine presence, preferably disabling cookies, frames, script, etags, supercookie local storage, and so on, then Google and a dozen other entities already know more about you and your activites than you do yourself. Ghostery is good for that so I believe, I install it by default on all browsers in Windows and Linux. The TOR network is very slow on this connection so not really usable. I use a dozen different machines, never click on adverts, use different logins, throw away email accounts I don't have a Farcebook account, ****ter, Pinterest, and all the other social spyware get no disk space. I do anything I can think of to fight the spooks. I don't lose sleep over it though and I'm under no illusons, I know I'm being monitored, as we all are. I'm not going to make it easy though. -- Quis custodiet ipsos custodes? |
#10
|
|||
|
|||
ipv6 privacy extensions
On 7/22/2016 9:49 AM, Mayayana wrote:
| Is all your on-line activity through your library's wifi? Are you | conducting illegal activities while on-line at the library? If not, why | be concerned about tracking? | | | I'm afraid that argument has been used to justify surveillance since | surveillance was first used. Certain activities are illegal even between | consenting adults so why object to a camera in your bedroom if you are | not doing them. It's the same argument. | You raise some interesting questions. I wasn't aware of that aspect of IPv6. And yes, Neil's argument is silly and naive. [...] Neil demonstrates the universal human tendency to first try the ostrich approach when inconvenience arrives. [...] What is silly and naive is responding to a clipped portion of my response that suited another's purpose, and commenting on it as though it represents the point I was making. Frankly, I find that to be well below what I thought of you, based on other interactions we've had. Are they really insisting? You actually can't opt for logging in? How would they recognize a "friendly" MAC address without logging in? Perhaps you've not set up a wifi access point, and that is the basis of your confusion? It has long been possible to specify MAC addresses that can use the WAP, block others, and allow log-ins from non-specified devices. It has little or nothing to do with ipv6, since the capability was available decades prior to the introduction of that standard. IOW, both you and the OP are conflating unrelated aspects of wifi. Based on the OP, it appears that the library has offered his/her "user group" direct access via MAC address. I can't see a practical reason why they would try to offer that to all users, since it would involve a lot of management. Boy. Try to help some folks, and all you get is B.S.! -- Best regards, Neil |
#11
|
|||
|
|||
ipv6 privacy extensions
On 7/22/2016 9:26 AM, Andy Burns wrote:
HighSpy wrote: Andy Burns wrote: The other day you said it was to "make your life easier" presumably by avoiding having to have some other form of logon, now they're "insisting"? Sorry, clicked the wrong button and sent it direct .... oops anyway I did wonder if that was what happened ;-) That is correct, when I thought about this I began to think there might be an ulterior motive. It's being sold as a benign change simply to make our lives easier, so I did a little experiment and declined the offer. I was told declining wasn't an option and that if we wanted to continue to use the facilities we were required to hand over the MAC addresses of our devices. Even if you don't hand over your MAC address, as soon as you use some other form of login they can capture your MAC address anyway and associate it, yes you can spoof a different MAC, but then you can't get in without giving them the login again ... the short of it is if you use someone else's network, they can know your MAC address. I don't think that the OP has a clue about any of this, since it really has nothing at all to do with ipv6 (or any other protocol). Since it would take additional software and a lot of person/hours to "track" the OP's usage, I find it unlikely that library systems have the personnel resources to do so (I'm sure ours doesn't, and it's one of the larger ones in the country), and in that light, think the OP should, instead, focus on the basis of his/her concern beyond the technical matters. -- Best regards, Neil |
#12
|
|||
|
|||
ipv6 privacy extensions
| Perhaps you've not set up a wifi access point, and that is the basis of
| your confusion? It has long been possible to specify MAC addresses that | can use the WAP, block others, and allow log-ins from non-specified | devices. I'm not an expert on wifi. I rarely have occasion to use it at all. But from my reading of the IPv6 link it sounds to me like there's a valid concern. If the MAC address as part of a unique ID is enabled -- or more to the point, if an IPv6 unique ID is enabled -- then the IP sent to remote servers contains a unique ID. That allows the remote server to ID individuals. It also allows the library to have a log of who visited what site, based on that ID in the network traffic. ------------------------------- In IPv4 the effort to conserve address space with network address translation (NAT) obfuscates network address spaces, hosts, and topologies. In IPv6 when using address auto-configuration, the Interface Identifier (MAC address) of an interface port is used to make its public IP address unique, exposing the type of hardware used and providing a unique handle for a user's online activity. It is not a requirement for IPv6 hosts to use address auto-configuration, however. Yet, even when an address is not based on the MAC address, the interface's address is globally unique, in contrast to NAT-masqueraded private networks. Privacy extensions for IPv6 have been defined to address these privacy concerns,[28] although Silvia Hagen describes these as being largely due to "misunderstanding".[29] When privacy extensions are enabled, the operating system generates random host identifiers to combine with the assigned network prefix. These ephemeral addresses are used to communicate with remote hosts making it more difficult to track a single device. ----------------------------- Maybe I'm mistaken, but that reads to me to say that what the library is asking is for people using their wifi to be uniquely identifiable online. Can you see a different reason for their demands? |
#13
|
|||
|
|||
ipv6 privacy extensions
On 7/22/2016 3:34 PM, Mayayana wrote:
| Perhaps you've not set up a wifi access point, and that is the basis of | your confusion? It has long been possible to specify MAC addresses that | can use the WAP, block others, and allow log-ins from non-specified | devices. I'm not an expert on wifi. I rarely have occasion to use it at all. But from my reading of the IPv6 link it sounds to me like there's a valid concern. If the MAC address as part of a unique ID is enabled -- or more to the point, if an IPv6 unique ID is enabled -- then the IP sent to remote servers contains a unique ID. That allows the remote server to ID individuals. It also allows the library to have a log of who visited what site, based on that ID in the network traffic. [...] Maybe I'm mistaken, but that reads to me to say that what the library is asking is for people using their wifi to be uniquely identifiable online. Can you see a different reason for their demands? If you followed this topic from when it was introduced on the Win8 group, the first question is whether the library is "demanding" anything. One must understand that having users submit MACs to bypass wifi log-ins would be sufficiently time-consuming for a public location to make it completely impractical as a general policy. So, that begs the question, why that person's particular user group? It looked to me that it was an offer to make life easier for that person's user group -- for example, that they frequently use the library's wifi. So, my response to the question, "should I be concerned" is... no. The OP's concern seems to be whether s/he can be tracked on-line, and to that, I said that this issue has little or nothing to do with a MAC protocol for bypassing log-in at the library. It would be easy to "track" their user group's on-line activity *whether or not* they bypass the log-in (think about it for 10 seconds -- once they log in, where is their "privacy" going to be???) Finally, if one is *really* concerned about such things, there are remedies that have been available for decades. So, someone with the OP's level of knowledge would be better off believing that everything s/he does on line is exposed. And, the library has nothing to do with it. -- Best regards, Neil |
#14
|
|||
|
|||
ipv6 privacy extensions
On 22/07/2016 19:11, Neil wrote:
On 7/22/2016 9:26 AM, Andy Burns wrote: HighSpy wrote: Andy Burns wrote: The other day you said it was to "make your life easier" presumably by avoiding having to have some other form of logon, now they're "insisting"? Sorry, clicked the wrong button and sent it direct .... oops anyway I did wonder if that was what happened ;-) That is correct, when I thought about this I began to think there might be an ulterior motive. It's being sold as a benign change simply to make our lives easier, so I did a little experiment and declined the offer. I was told declining wasn't an option and that if we wanted to continue to use the facilities we were required to hand over the MAC addresses of our devices. Even if you don't hand over your MAC address, as soon as you use some other form of login they can capture your MAC address anyway and associate it, yes you can spoof a different MAC, but then you can't getre in without giving them the login again ... the short of it is if you use someone else's network, they can know your MAC address. I don't think that the OP has a clue about any of this, since it really has nothing at all to do with ipv6 (or any other protocol). Since it would take additional software and a lot of person/hours to "track" the OP's usage, I find it unlikely that library systems have the personnel resources to do so (I'm sure ours doesn't, and it's one of the larger ones in the country), and in that light, think the OP should, instead, focus on the basis of his/her concern beyond the technical matters. Well that's absolutely fascinating, really. Unfortunately you seem to have completely missed the point. Just one question. It should be an easy one for you as you seem to have all the answers Why would a network administrator, any network administrator *insist* on knowing the MAC address of a device before it was used to access the network if not to track that device. I await your reply with ... interest. -- Quis custodiet ipsos custodes? |
#15
|
|||
|
|||
ipv6 privacy extensions
On 22/07/2016 22:04, Neil wrote:
On 7/22/2016 3:34 PM, Mayayana wrote: | Perhaps you've not set up a wifi access point, and that is the basis of | your confusion? It has long been possible to specify MAC addresses that | can use the WAP, block others, and allow log-ins from non-specified | devices. I'm not an expert on wifi. I rarely have occasion to use it at all. But from my reading of the IPv6 link it sounds to me like there's a valid concern. If the MAC address as part of a unique ID is enabled -- or more to the point, if an IPv6 unique ID is enabled -- then the IP sent to remote servers contains a unique ID. That allows the remote server to ID individuals. It also allows the library to have a log of who visited what site, based on that ID in the network traffic. [...] Maybe I'm mistaken, but that reads to me to say that what the library is asking is for people using their wifi to be uniquely identifiable online. Can you see a different reason for their demands? If you followed this topic from when it was introduced on the Win8 group, the first question is whether the library is "demanding" anything. Amazing, truly amazing, you appear to know more about the situation than I do. What are they asking for then ... One must understand that having users submit MACs to bypass wifi log-ins would be sufficiently time-consuming for a public location to make it completely impractical as a general policy. So, that begs the question, why that person's particular user group? It looked to me that it was an offer to make life easier for that person's user group -- for example, that they frequently use the library's wifi. So, my response to the question, "should I be concerned" is... no. Again, you are missing the point (quelle surprise). Let's try this again Why would the library *insist* on knowing the MAC addresses if not to track the device (notice I use the word 'device') I'm still waiting for your insight. snip -- Quis custodiet ipsos custodes? |
Thread Tools | |
Display Modes | Rate This Thread |
|
|