[nycbug-talk] WiFi use liability. . .

George R. george
Fri Apr 22 09:46:52 EDT 2005


On Apr 22, 2005, at 9:39 AM, Ray wrote:

> On Fri, Apr 22, 2005 at 01:35:22AM -0400, Isaac Levy wrote:
>> Yeah, the sheer numbers of unique addresses is useful, but
>> additionally, to my understanding, IPV6 routing is designed to 
>> maintain
>> state of the source-ip address across routers, whereas the entire
>> reason that IPV4 spoofing is possible is that IPV4 routing only pays
>> attention to the destination-ip address- not both.
>>
>> Additionally, to my basic understanding, there is a dynamic chunk of 
>> an
>> IPV6 address space which can be modified at the transport layer in a
>> myriad of ways as packets traverse various networks- with unlimited
>> uses.
>>
>> So, in a roundabout manner, I'm stating that basic IPV6 routing again
>> makes it very difficult to use an open AP for illegal uses, as well as
>> *finally* providing a framework at both transport and application
>> layers for folks like us to come up with all sorts of new and
>> interesting ways of dealing with illegal uses.
>
> So Criminal connects to Friendly's AP, gets a unique IPv6 from
> Friendly, does something illegal which gets traced back to Criminal
> _but_ Criminal runs away afterwards.  One hop less from Friendly's
> AP.  How does Police know that Friendly didn't use a certain computer
> with Criminal's MAC to do illegal things?  I understand that IPv4
> would make it seem like illegal things are coming from the AP itself,
> which I'm assuming to be a single IP doing NAT or something; however,
> the traffic still originates from your IPv6 block.  So how does
> IPv6 protect people like you and me who want to openly share their
> AP?
>

Valid point Ray. . . it doesn't in itself. . . all new schemes like 
this open the door to other problems.

It would actually become a bid more nasty in some scenarios. . . ie, 
assuming everyone has a unique IP assigned to them, I get a list of MAC 
and the relevant IP addresses of someone I don't like, spoof them, and 
I can start getting my enemies in trouble.  Wait, maybe this isn't such 
a bad idea. . . <g>

Unless everyone had unspoofable unique addresses per box with 
unspoofable MAC adddresses. . . but of course it doesn't deal with 
using someone else's box. . .

g





More information about the talk mailing list