----- Original Message ----- > From: "Owen DeLong" <o...@delong.com>
> On Aug 3, 2011, at 6:55 AM, Jay Ashworth wrote: > > You guys aren't *near* paranoid enough. :-) > > > > If the ISP > > > > a) Assigns dynamic addresses to customers, and > > b) changes those IPs on a relatively short scale (days) > > > > then > > > > c) outside parties *who are not the ISP or an LEO* will have a > > relatively harder time tying together two visits solely by the IP > > address. > > ROFL... Yeah, right... Because the MAC suffix won't do anything. Did I mention I haven't implemented v6 yet? :-) *Really*? It bakes the endpoint MAC into the IP? Well, that's miserably poor architecture design. > > While this isn't "privacy", per se, that "making harder" is at least > > somewhat useful to a client in reducing the odds that such > > non-ISP/LEO > > parties will be unable to tie their visits, assuming they've > > controlled > > the items they *can* control (cookies, flash cookies, etc). > > Which is something, what, 1% of people probably even know how to do, > let alone practice on a regular basis. Yup; let's go out of our way to penalize the smart people; that's a *great* plan; I so enjoy it when people do it -- and they do it *far* too often for my tastes. > > Imperfect security != no security, *as long as you know where the > > holes are*. > > If people want this, they can use RFC-4193 to just about the same > effect. The ISP modifying the prefix regularly simply doesn't do much. I'll make a note of it. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
