Re: dynamic or static IPv6 prefixes to residential customers

[Owen DeLong <owen () delong com>]

On Aug 3, 2011, at 6:55 AM, Jay Ashworth wrote:

> ----- Original Message -----
> > From: "Mikael Abrahamsson" <swmike () swm pp se>
>
> > On Wed, 3 Aug 2011, Owen DeLong wrote:
> >
> > > Europe is a little odd in that way, especially DE and NO in that there
> > > seems to be this weird FUD running around claiming that static addresses
> > > are in some way more antithetical to privacy.
> >
> > Yes, I agree. I know people who choose provider based on the availability
> > of static addresses, I know very few who avoid static address ISPs because
> > of this fact.
> >
> > FUD indeed.
>
> You guys aren't *near* paranoid enough.  :-)
>
> If the ISP 
>
> a) Assigns dynamic addresses to customers, and
> b) changes those IPs on a relatively short scale (days)
>
> then 
>
> c) outside parties *who are not the ISP or an LEO* will have a 
> relatively harder time tying together two visits solely by the IP 
> address.

ROFL... Yeah, right... Because the MAC suffix won't do anything.

> While this isn't "privacy", per se, that "making harder" is at least
> somewhat useful to a client in reducing the odds that such non-ISP/LEO
> parties will be unable to tie their visits, assuming they've controlled
> the items they *can* control (cookies, flash cookies, etc).

Which is something, what, 1% of people probably even know how to do,
let alone practice on a regular basis.

> Imperfect security != no security, *as long as you know where the holes are*.

If people want this, they can use RFC-4193 to just about the same effect.
The ISP modifying the prefix regularly simply doesn't do much.

Owen