Computer IPv6 addresses & privacy

The current 32-bit IPv4 protocol, created in 1981, can have up to 4 billion of IP addresses, every device connected to the Internet needs one of them, including mobile devices, going beyond everyone’s foresight, the Internet is now running out of IP addresses, by the end of 2012 all available IPv4 addresses could have been given.

IPv6 is a brand new version of Internet Protocol set to succeed IPv4, it isn’t an upgrade since networks using both protocols are largely incompatible at packet level and can not communicate in between them, IPv6 is based on 128bit addresses, it will provide users with a near inexhaustible number of IP addresses. You can easily identify an IPv6 address because unlike IPv4 composed of four groups of numbers separated by dots, an IPv6 address is composed of eight groups of alphanumeric characters separated by colons.

Tip: Some IPv4 routers can be converted to IPv6 with a simple firmware update.

 IPv6 addresses advantages

Efficiency: Data packet headers and packet forwarding through routers has been simplified to make it more efficient

Multicast: The transmission of a packet to multiple locations in a single send operation, aka multicast, is a base specification in IPv6 (optional in IPv4)

SLAAC (Stateless Address Auto Configuration): A standard IPv6 feature that allows IPv6 hosts to autoconfigure when connected to an IPv6 router, it is able to automatically assign IP addresses and device numbering.

Jumbograms: A jumbogram is a transmission data packet exceeding the standard Maximum Transmission Unit (MTU) IPv6 jumbograms contain a payload larger than the IPv4 limit of 65,535 eight-bit bytes (aka octets).

Geolocation:  IPv6 address have more geolocation options than IPv4, the new IPv6 latitude and longitude system can be scaled down to nearly microscopic pinpointing.

Computer IPv6 address

Computer IPv6 address

IPSec (Internet Protocol Security): Originally designed for IPv6, and later expanded to IPv4, this Internet protocol secures communications encrypting and authenticating data packets for each session, IPSec is optional in IPv4 and mandatory in IPv6.

Mobile IPv6 (MIPv6): The MIPv6 protocol enables a mobile device to switch between networks, mobile devices are identified by their home address regardless of physical location, IPv4 sends the data packets to a proxy server for relaying to the target device.

IPv6 address examples: 2001:db8:ffff:1:201:02ff:fe03:0405  OR 2607:f298:1:109::7ba:1bd8 OR 2001:41d0:1:1b00:213:186:33:87

Note: IPv6 addresses will be rolled out progressively and they are expected to coexist side by side with IPv4 networks for a long time, it is the ISP responsibility to implement IPv6, not the user.

IPv6 privacy concerns

When an IPv4 user reboots the computer a new IP address is assigned by his Internet Service Provider DHCP server, with IPv6 making billions of IP addresses available there will be no need to request a new IP when the computer boots up and dynamic IP addressing (DHCP) should eventually disappear. The first half of an IPv6 address is static, identifies the network and it never changes, it can be stored, the second half of the IP is created by an IPv6 enabled device (i.e. your computer+operating system).

IPv6 128bit computer address

IPv6 128bit computer address

IPv6 stateless configuration uses the hardware device unique MAC address to create the IP last 64 bits, this means that your computer MAC address is exposed to the Internet, since any website you visit logs your IP they can also figure out your physical network card MAC address. IPv6 has something called Privacy Extensions (RFC 4941), enabled by default in Windows (not enabled in Linux and Mac OS X before Lion), it uses a random number generated by a computer algorithm to dynamically assign a varying address block when creating the IPv6 address so that your computer MAC address is not used and remains hidden.

Example of traceable IPv6 computer address 2001:0db8:1:2:60:8ff:fe52:f9d8

  • Take the last 64 bits (the host identifier) and add leading zeros: 0060:08ff:fe52:f9d8
  • Strip the ff:fe part from the middle. If these bytes are not there, then there’s no MAC address.
  • For the first byte: complement the second low-order bit (the universal/local bit; if the bit is a 1, make it 0, and if it is a 0, make it 1). So: 0×00 (00000000) becomes 0×02 (00000010).
  • Result: 60:8ff:fe52:f9d8 translates back to computer MAC address 02:60:08:52:f9:d8

Tip: If you see the characters “ff:fe” in the middle of your IPv6 address then your network card MAC address has been used to create it, if the characters are not there, privacy extensions is enabled and you do not need to worry.

IPv6 useful websites 

Test IPv6: Runs a quick test giving you all kind of technical information on your IPv6 address indicating a score of your IPv6 and IPv4 stability and readiness

IPv6 Test: Checks your IPv6 and IPv4 speed and diagnoses connection problems, it tells you if  a computer is using IPv6, it can test your ping latency and compare IPv4 against IPv6 performance, it can also test if a website is reachable using IPv6.

TunnelBroker: Free Tunnel Broker service enabling people to reach the IPv6 Internet by tunneling over existing IPv4 connections from an IPv6 enabled host or router to one of their IPv6 routers.

SixXS: Offers IPv6 Tunnel Broker managing and a number of IPv6 Tunnel Servers to end users.

Free hacker10 updates: Email or RSS feed
(Delivered by Feedburner)