[138215] in North American Network Operators' Group
Re: Mac OS X 10.7, still no DHCPv6
daemon@ATHENA.MIT.EDU (Joel Jaeggli)
Tue Mar 1 00:43:44 2011
Date: Mon, 28 Feb 2011 21:43:35 -0800
From: Joel Jaeggli <joelja@bogus.com>
To: "Dobbins, Roland" <rdobbins@arbor.net>
In-Reply-To: <7D231284-D15A-4482-8F05-71E65FBDD5F0@arbor.net>
Cc: nanog group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2/28/11 9:34 PM, Dobbins, Roland wrote:
>
> On Mar 1, 2011, at 12:23 PM, Mark Newton wrote:
>
>> That's new, and (to my mind) threatening. We've not even begun to
>> consider the attack vectors that'll open up.
given that rfc 3041 had it's 10th birthday in january there's nothing
new about any of this.
>
> I don't think it's new at all, given the amount of information
> available today that you already cite, down to and including sniffing
> on toxic hotel networks and the like.
>
> Folks are already easily pwn3d to extremes - look at HB Gary. This
> doesn't constitute some huge new attack surface or information
> leakage - especially given the existence of VPNs/proxies, the
> tendency to store more and more data/apps on servers/in 'the cloud',
> and so forth.
>
> In fact, the device one is actually using at any given moment and
> where one is located when using said device is becoming less and less
> relevant.
>
>> From a physical-security standpoint, leaky IM, SMTP headers, et.
>> al. already give the game away.
>
> We've been living in this situation for years. Nothing about EUI-64
> changes this fact, IMHO. I dislike it immensely, but it isn't a
> game-changer, IMHO.
>
> -----------------------------------------------------------------------
>
>
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
>
> The basis of optimism is sheer terror.
>
> -- Oscar Wilde
>
>
>
