Re: IPv6 end user addressing

[Greg Ihnen <os10rules () gmail com>]

On Aug 11, 2011, at 5:05 PM, Owen DeLong wrote:

> > I respectfully disagree. If appliance manufacturers jump on the bandwagon to make their device *Internet Ready!* 
> > we'll see appliance makers who have way less networking experience than Linksys/Cisco getting into the fray. I 
> > highly doubt the pontifications of these Good Morning America technology gurus who predict all these changes are 
> > coming to the home. Do we really think appliance manufacturers are going to agree on standards for keeping track of 
> > how much milk is in the fridge, especially as not just manufacturing but also engineering is moving to countries 
> > like China? How about the predictions that have been around for years about appliances which will alert the 
> > manufacturer about impending failure so they can call you and you can schedule the repair before there's a 
> > breakdown? Remember that one? We don't even have an "appliance about to break, call repairman" idiot light on 
> > appliances yet.
> What standards?  The RFID tag on the milk carton will, essentially, replace the bar code once RFID tags become cheap 
> enough. It'll be like an uber-barcode with a bunch more information.
>
> For keeping track of how much, cheap sensitive pressure transducers will know by the position of the RFID tag 
> combined with the weight of the thing at that location in the refrigerator. There's no new standard required.
>
> The technology to do this exists today. The integration and mainstream acceptance is still years, if not decades off, 
> but, IPv6 should last for decades, so, if we don't plan for at least the things we can see coming today and already 
> know feasible ways to implement, we're doomed for the other unexpected things we don't see coming.

What reads the RFID's and the pressure sensors? What server or application receives this data and deals with it 
according to the user's desires? How does that data or the information and alerts this system would generate get to the 
user's devices? There has to be a device in the home or a server somewhere for a service the home owner subscribes to 
which keeps an inventory of all these things and acts on it. 

Do you really think it's going to be common place for people to have this kind of technology and more importantly use 
it?

I think the kitchen you foresee is the kind of dream kitchen the kind of people who imbed RFID chips in themselves so 
they can have a house that opens the doors and turns on the lights as they approach.

You don't have a chip in you, do you?


> > But I predict the coming of IPv6 to the home in a big way will have unintended consequences.
>
> Definitely.
>
>
> > I think the big shock for home users regarding IPv6 will be suddenly having their IPv4 NAT firewall being gone and 
> > all their devices being exposed naked to everyone on the internet. Suddenly all their security shortcomings (no 
> > passwords, "password" for the password etc) are going to have catastrophic consequences. I foresee an exponential 
> > leap in the  number of hacks of consumer devices which will have repercussions well beyond their local network. In 
> > my opinion that's going to be the biggest problem with IPv6, not all the concerns about the inner workings of the 
> > protocols. I'm guessing the manufacturers of consumer grade networkable devices are still thinking about security as 
> > it applies to LANs with rfc 1918 address space behind a firewall and haven't rethought security as it applies to 
> > IPv6.
>
> Sigh... 
>
> Continuing to propagate this myth doesn't make it any more true than it was 10 years ago.

I'm sorry, what was the myth there? The public overall uses bad passwords and knowingly does not comply with security 
best practices? More connectivity is going to bring more problems and exploits? Those myths?

> NAT != Security
> End-to-End addressing != End-to-End connectivity
> It will not be long before the average residential IPv6 gateway comes with a default deny all inbound stateful 
> firewall built in. Once you have that, your hosts are not exposed naked to everyone on the internet. In fact, they 
> are no more exposed than with NAT with the key difference being that if you choose to expose one or more hosts, you 
> have the option of deliberately doing so.

We'll see.

> Actually, I know for certain that most of the CPE manufacturers are participating in the effort to draft better 
> security requirements for residential gateways as a current ID and hopefully an RFC soon. I believe, as a matter of 
> fact, that this is a BIS document being intended as a more comprehensive improvement over the initial version.
>
> Owen