Re: Mac OS X 10.7, still no DHCPv6

[Joel Jaeggli <joelja () bogus com>]

On 2/28/11 9:34 PM, Dobbins, Roland wrote:
> On Mar 1, 2011, at 12:23 PM, Mark Newton wrote:
>
> > That's new, and (to my mind) threatening.  We've not even begun to
> > consider the attack vectors that'll open up.

given that rfc 3041 had it's 10th birthday in january there's nothing
new about any of this.

> I don't think it's new at all, given the amount of information
> available today that you already cite, down to and including sniffing
> on toxic hotel networks and the like.
>
> Folks are already easily pwn3d to extremes - look at HB Gary.  This
> doesn't constitute some huge new attack surface or information
> leakage - especially given the existence of VPNs/proxies, the
> tendency to store more and more data/apps on servers/in 'the cloud',
> and so forth.
>
> In fact, the device one is actually using at any given moment and
> where one is located when using said device is becoming less and less
> relevant.
>
> > From a physical-security standpoint, leaky IM, SMTP headers, et.
> > al. already give the game away.
>
> We've been living in this situation for years.  Nothing about EUI-64
> changes this fact, IMHO.  I dislike it immensely, but it isn't a
> game-changer, IMHO.
>
> -----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>
> The basis of optimism is sheer terror.
>
> -- Oscar Wilde