On Mon, Dec 06, 2010 at 08:55:17PM -0500, Bob McConnell wrote: >> 3) When I connect my IPV6 refrigerator with its automatic inventory >> system tracking every RFID-enabled carrot I use, won't I be making my >> shopping habits visible to all those annoying advertisers? Or, in >> other words, am I compromising my privacy? Actually, although such >> dissemination of information can be blocked by a correctly designed >> firewall, I suspect the "Free IPv6 DSL Modem and Router, Sponsored by >> <your-favorite-commercial-site>" that comes with your ISP contract, >> would err on the side of promiscuity. > >Why yes, yes you are giving up some of your privacy. And unless you have >the time and are willing and able to learn how to configure firewalls >for each device and application you use, or have the money to pay >someone else you trust to do it for you, there is very little to protect >you from the rest of the world. That's at least overstated, and at worst complete FUD. Generic modems and routers will be configured as they are now - with stateful firewalls blocking all incoming traffic, except for streams initiated internally. Outgoing connections that would have worked before via NAT continue to work, but without NAT. Stateful firewalls are still stateful firewalls. Where are you giving up some of your privacy? The number of hosts on your internal network? So allocate 256 ips (or 65k, if you like) to every host and use a random ip from that set for every distinct service or outgoing connection. There _is_ more information leakage with ipv6, in the sense that you are using a real ip from an internal machine on the connection. But the point is that the security benefit of that is largely illusory, security by obscurity. Cheers, Gavin _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos