goetz1d ago

I hate, that I have to explain again and again that EUI64 address generation is the worst feature of #IPv6 in terms of tracking and privacy.
Nevertheless nearly all #IoT devices us #lwIP which lacks RFC7217 or RFC4941/8981 support and leaks GUIDs to everyone listening.

When is everyone taking this serious?

Even a famous German CPE vendor uses this method.

Have a look here if you do not understand what I mean:

https://bgp.tools/prefix/2a02:908:8000::/33#dns

BTW your #Synology #nas spoils your privacy.

2a02:908:8000::/33 - bgp.tools

Show threadXCondE1d ago
@goetz I disable ipv6 on the networks I manage because I feel like I don’t have enough knowledge to operate it safely.
Show threadMiyuru Sankalpa1d ago

@xconde whats the blocker stopping you from learning?

think back, how you learned IPv4 and try to do the same for v6.

@goetz

Show threadXCondE

@miyuru I don’t think I need any of the v6 features.

Everything I need works fine with v4, and I can’t find an incentive to learn it.

At some point I thought I’d get forced to, but it never happened.

Apr 6 at 11:24amWeb
Show threadMiyuru Sankalpa22h ago

@xconde fair point.

Mine was I used IPv6 for SSH to remote servers, while blocking ssh on v4.

Thesedays I mostly use IPv6 only servers because they cheap, so I only use ISPs that support it natively.