I think the Ubuntu installer should come with a checkbox option:
[ ] Leave me naked on the Internet and STAB ME IN THE BACK.
Regardless of whether it's checked or unchecked by default, I have a
feeling most people aren't going to want that.
Right now, I'm typing on an operating system where Samba defaults to
settings that basically amount to, "Don't let anything work unless the
user manually edits a configuration file," which is presumably for the
sake of security (unless it's for the sake of deliberately hassling
users). If security is prioritized over functionality, the same should
go for privacy...yet this same operating system freely gives my MAC
address to anyone I bump into with IPv6, because it's more
functional...and get this: It's not even more functional for ME, but
for hypothetical system/network admins who aren't even using my
computer. You have to be kidding me.
I cannot BELIEVE the attitude of system admins on this board. "Oh no,
this will make forensics so much harder..." Yes, that is the point.
(It's ironic that these comments are positioned so closely to comments
saying that the privacy extensions don't effectively protect privacy.
Obviously, they do so enough to make forensics a pain in the butt, so
they're accomplishing something good at least.) "It'd be okay if just a
few rogue users used privacy extensions, but when it's set to default
and everybody does it..." Yes, that is once again the whole point. To
the extent that it affects me as an end user, "forensics" = tracking,
and it's not something I particularly appreciate.
This may come as a surprise, but end users are not in the business of
serving system admins who want to track them and/or snitch on them when
some copyright mafia comes knocking. An end user's operating system
should exclusively serve the end user, not others who may have
conflicting interests. Writing software that obeys and serves the user
[as opposed to potentially adversarial third parties] is such a
cornerstone of free and open source software that the correct course of
action here should be a no-brainer. Anything else is a betrayal.
Did I mention copyright mafias? Let's take that up a notch and consider
the ramifications of default "ass hanging in the wind" policies in
totalitarian countries without free speech. A
journalist/whistleblower/political dissident or such can use encryption,
a VPN, etc. all she wants, but her IPv6 address may be the one weak link
that ultimately ties all of her activity together and betrays her to the
people who want nothing more than to identify, torture, and kill her.
There is simply no excuse for leaving an obscure hole like this open by
default, especially considering that most people are completely unaware
of it.
Are there lots of other ways for people to track you? Sure. Browser
fingerprints are a problem, and that problem should be dealt with...but
there are in fact solutions that are being increasingly adopted, and
this problem is restricted to web browsers anyway. The existence of
such a problem does not justify saying, "Well, let's just give up on
user privacy and broadcast our friggin' MAC addresses to everyone we
bump into, so we can be persistently tracked across any and all
protocols and applications using IPv6." There are certainly a lot of
bases to cover when it comes to privacy, but sensible defaults go a long
way toward plugging the holes.
Now, if you're a system admin in an actual enterprise environment where
you legitimately have control over a large number of end user PC's (e.g.
employee PC's), then changing the default IPv6 settings should not be an
issue for you...because, after all, you're the one who installed the OS
on all of these computers in the first place, right? Each one can be
updated with the same modified config file, and this is made even easier
if they're set up as preconfigured virtual machines. Now, if you're
just a network admin who has no legal or moral right over end users'
computers, it's simply not their job to appease you.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/176125
Title:
Ubuntu should activate the IPv6 privacy extension by default (echo 2
>/proc/sys/net/ipv6/conf/all/use_tempaddr)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/176125/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
