[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] perceived privacy issue

To: "RJ Atkinson" <rja@extremenetworks.com>
Subject: Re: [RRG] perceived privacy issue
From: "William Herrin" <bill@herrin.us>
Date: Tue, 8 Jul 2008 18:14:56 -0400
Cc: "IRTF Routing RG" <rrg@psg.com>
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references:x-google-sender-auth; b=XYKVR1+qRJ6W19c8aM/1S7MCvbpuRwHAWWlVrNWqLGqHGnDEwtuonfqqPKRsQ/wDpB OG2jibb+pbE5qY6WaxpD+RQx6/rPxTgWQuiaaF6+PGyVGaey/KHCh5pwjcceukaMEVh7 ViJJGGgIeFdpBYosILt0k4uMDKZO88OxGBl3U=
In-reply-to: <6851040B-06F7-4C19-B7C5-A36A5CC6D500@extremenetworks.com>
References: <6851040B-06F7-4C19-B7C5-A36A5CC6D500@extremenetworks.com>

On Tue, Jul 8, 2008 at 3:13 PM, RJ Atkinson <rja@extremenetworks.com> wrote:
> Earlier, Tony Li wrote:
> % That's been widely discussed during
> % the first iteration of GSE and pretty generally viewed
> % as a Bad Idea. At the very least, there needs to be a
> % mechanism to escape from the MAC address and jump
> % to a separately assigned space.
>
> This concern is misplaced, and there is nothing magic
> here about a MAC as the Identifier.  Any Identifier
> will have the same essential properties.

You are mistaken. As a former employee of comScore (the leading
Internet measurement firm) I can assure you that the concern is most
decidedly *NOT* misplaced.

Furthermore, global publication of the MAC address also theoretically
permits identification of the make, model and firmware revision of the
NIC with a high probability of success. Coupled with an OS
fingerprint, it offers identification of the exact running driver with
a high probability of success. Both are useful knowledge when
attempting to breach a system.

> Traffic analysis techniques have been employed commercially
> since at least the middle 1990s to track users -- even users
> that change IP addresses often.  I understand that such methods
> continue to be used (and continue to be effective) by a number
> of firms on the network.  Note that these methods can track
> "users", and are not limited to just tracking "nodes".

This does not accurately describe the state of the art. I can't go
into any detail without breaching a confidentiality agreement, but in
IPv4 the ability to mass-discriminate an individual home PC's traffic
day over day based on the contents of the network traffic alone is
very limited.

Regards,
Bill Herrin

P.S. Just to be clear: I found the folks at comScore to be -very-
ethical in their behavior. Nothing I wrote here should be taken to
suggest otherwise.

-- 
William D. Herrin ................ herrin@dirtside.com bill@herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg

References:
- [RRG] perceived privacy issue
  - From: RJ Atkinson <rja@extremenetworks.com>

Prev by Date: RE: [RRG] IEEE EUI-64 as an Identifier format
Next by Date: Re: [RRG] IEEE EUI-64 as an Identifier format
Previous by thread: RE: [RRG] perceived privacy issue
Next by thread: RE: [RRG] perceived privacy issue
Index(es):
- Date
- Thread