IPV6/INTERNET2 ARTICLE IGNITES INTERNET FIRESTORM

An FMNN story pointing out privacy concerns related to IPv6 received emphatic responses & thousands of page views across the Internet. (See sample FMNN feedback and responses, below, following article.)

People should be alarmed when a fire starts. IPv6 with Internet2 is a firestorm waiting to happen.

That was the thesis of my reporting in mid-December 2004 about IPv6 and Internet2 (apparently my effort was one of the first to truly grapple with the potentially troublesome nature of this new technology). The commentary I have received on the article – and it has been a truly astonishing reaction – has only reinforced my perception that the new ‘Net technology coming our way is a good deal more controversial than proponents like to let on.

The article – originally available to viewers at Free Market News Network (www.freemarketnews.com) for which I write – was eventually posted to a number of different reader-response sites including what may be the largest and best-managed, www.freerepublic.com. This allowed for a good cross-sampling of reaction.

Readers who responded positively to the article were often seemingly those already convinced that government bureaucracies will attempt, sooner or later, to control or subvert whatever seems to be a threat to their power - and that the Internet is undoubtedly seen in certain quarters as a radical threat. Those with this point of view do not see IPv6 and Internet2 as free-market creations but as technologies that have in some sense been birthed and nurtured by the government.

Many corporations and universities involved in these projects – so the logic goes – are probably receiving U.S. federal grants and contracts and are thus beholden to the government and apt to fall in line. Internet2.edu: puts it this way: “The federal government has played, and is playing, a crucial role in both support of some key technology development projects as well as in collaboration with university and industry researchers investigating next generation internet technologies and infrastructures.”

Technologists critical of the article (I have come up with the term “technologists” to refer to a broad cross-section of engineers, programmers and others who have professional interactions with the computer industry and its attendant implementations) often seemed to imply that either the reporter was technologically naïve or that there was some kind of Luddite motivation driving the positioning and reporting. Nothing like this was intended.

Over and over, sources expressed their enthusiasm at what the Internet had become once the marketplace had worked its magic. The point of the article was to express attendant alarm over the potential resurgence of influence by certain founding forces – the military and particular academic powers – rendered less of a factor by the decade-long evolution of the Internet.

Technologists also focused on the previous article’s conflation of IPv6 and Internet. In truth, the IPv6 project has several nicknames and there are at least two versions of Internet2 floating around (see below, the U.S. government’s effort, Next Generation Internet, NGI).

Despite the industry’s insistence that these efforts are separate and unorchestrated, the sources I spoke to often tended to treat them as one broad, high-tech initiative and on occasion referred to that effort interchangeably as “IPv6,” “Internet2, etc” In this article, however, and in subsequent articles these various initiatives are treated with formal nomenclature.

Internet2 is a collaborative effort by the government, universities, and private corporations to operate a network with superior performance to the current Internet, with the goal of deploying the technologies involved to the general public. Internet2 supports the current communication protocol, Internet Protocol version 4 (IPv4), but it also supports a newer version named Internet Protocol version 6 (IPv6).

IPv6 is a protocol specification that tells how machines can communicate to each other by sending and receiving packets of data. It improves Internet performance and increases the number of static IP addresses available so that every user in the world can have as many as they would like. By specification, both IPv4 and IPv6 protocols embed IP addresses in their packets, so it would seem that IPv6 makes improvements in the technology while having no change on its privacy implications.

For the record, let me restate the position to which my reporting led me: The next generation Internet – IPv6-within-Internet2 – is probably coming to your house and mine within the next 3-6 years. Major governments including the U.S. apparently intend to roll it out wholesale before or by 2008, Once it is an accepted government standard, the impetus for private industry to adopt the technology will be virtually unstoppable and will, in its wake, bring substantive privacy concerns.

Let me state again why my sources believe this to be so: IPv6 itself is apparently intended to provide every computer on the planet (and that includes computers in cars, phones and walls, etc.) with a specific address – one that is ideally suited to every kind of snooping and tracking imaginable. The current protocol, IPv4 does NOT allow for this kind of widespread electronic labeling.

Yes, of course, such labeling will bring benefits. But to insist, as many intimately connected to the industry seem to, that any reporting focusing on the negatives is somehow irresponsible or rooted in ignorance is to resort to the kind of ad hominem attack that attempts to slay the messenger but ends up by begging the question.

Finally, let me restate why current privacy solutions may not apply to IPv6 within Internet2: The new Internet communications technology is privacy-neutral and therefore relies on vendors to make security adjustments. In theory, IPv6 could be used exactly the same way as IPv4 is used today, in conjunction with privacy measures such as Network Address Translation (NAT) and Dynamic Host Configuration Protocol (DHCP). But these may have to undergo substantial modification for use with IPv6 and in any case the original implementation - as technologists know - had everything to do with the scarcity of IPv4 addresses NOT privacy concerns. Given that privacy was a CONSEQUENCE of the implementation of NAT and DHCP but not the PURPOSE, what on earth makes people think that corporations and vendors will be eager to re-engineer the software at considerable expense when there are more than enough addresses to go around due to IPv6?

The Internet is under attack. Those in power have a good deal of difficulty in tolerating it. Users have long expected the Internet to be taxed into irrelevance but more and more it looks as if combat will also be waged on several fronts that have not received so much attention – via the technology itself and through the blunt but powerful weapon of regulation.

In a related article, I have reported on threats to Internet via regulation. And there are other privacy challenges from additional technologies that exist today, and will certainly be enhanced tomorrow, which I have not even touched on yet.

The U.S. government is growing increasingly aggressive about regulating technological innovation. It already regulates encryption algorithms - making sure the encryption is not too strong. I believe today 128-bit encryption keys are the maximum length legally allowed, and in 1999, a 56-bit encryption was successfully broken in 22 hours.

Even without IPv6, the Web already poses a security threat to users in numerous ways. Forget about email viruses, hacking and phishing. The CIA has developed software that can intercept email, read it, and send it to the recipient looking unread. Some people use encrypted mail, but most users aren't even aware that the technology exists.

IPv6 is surely a powerful technology bringing additional benefits as well as challenges. Yet a thorough Google search reveals only a scattering of concerns about IPv6, disparately voiced, often in chat rooms, as part of a much larger discussion usually focused on the bells and whistles of the new technology coming our way.

Is it practical to rely on Microsoft and other large resellers of IPv6 implementations to provide elegant and utile privacy solutions? Such large corporations have every reason to want to collect the kind of voluminous information that the IPv6 protocol promises to supply with the bandwidth of the next generation Internet. This smacks of the proverbial “fox guarding the hen house.”

Yes, IPv6 does improve technology - but its implementation may remove much of our privacy if consumers don’t actively move to protect that privacy. Today most Internet users don’t have a static IP address; in the future they will, thus very possibly allowing their always-on static IP address to be constantly tracked.

Things may or may not simply “work out” once the upcoming technology is widely used in the marketplace. Forewarned is forearmed. Viruses, hacking and phishing are already difficult, unanticipated problems.

Some savvy users have made some efforts to increase their privacy online, but often at the expense of losing the ability to use certain sites and functionality. Some have switched to use Internet browsers such as Mozilla Firefox instead of using Internet Explorer. Others are disabling cookies and using privacy services such as beHidden.com and Guardster.com. However, many websites don’t support users if they disable cookies and don’t reveal an IP address.

In theory, users can build or find obscure software that will hide their IP address, but in reality Microsoft dominates the software market especially for consumers, leaving only highly technical people even aware of these privacy issues. At some point – using the justification that static IP addresses stop spam and phishing cold - pressure may build for laws insisting on the presentation of static IP addresses – and even laws making it a crime to hide one’s identity.

People are often manipulated into assuming that the technologies involved with the Internet require an absence of privacy. However this isn’t true. As Guardster co-founder Dan Rung explains, “As history has shown, governments have a tendency to use any new tools available to them to invade people’s personal privacy. We would also hope that more software providers would build automatic privacy protocols into their software. A simple example of this is that all email software should automatically encrypt and decrypt all messages on the user’s computer before sending them to their ISP and on into the Internet.”

Guardster is an Internet proxy service that enables people to surf the web without being tracked. Since they don’t track any user information or IP addresses, users can feel comfortable about their privacy. The service has become so popular that “overall bandwidth has tripled in the last year alone,” says Dan Rung. Internet users are becoming aware of privacy issues and are increasingly choosing to take action. He adds “We do anticipate additional users anytime Internet users feel more of their personal privacy slipping away.”

In an effort to satisfy increasing demand, Guardster is investigating many more privacy tools such as “anonymous email, SOCKS support, anonymous IM, virtual private networks, and anonymous newsgroups, as well as anti-spyware/adware/popup blocker possibilities.”

Thomas Jefferson warned: "The natural progress of things is for liberty to yield and government to gain ground." But Jefferson did offer hope when he wrote: "The force of public opinion cannot be resisted when permitted freely to be expressed. The agitation it produces must be submitted to." Let it arise.

Below, are twelve points that seem to reflect not just a popular - but an overwhelming - sentiment in favor of Internet2 and IPv6 among even the industry’s savviest technologists. After each bolded statement is additional, documented information - material in many cases residing on Internet2 and IPv6 websites themselves - that would seem to contradict the stance of the many technologists regarding IPv6.

Those who enthusiastically propound the dangers of global warming, do so with an almost religious fervor that brooks little or no opposition. In some cases, it seems as if IPv6 and Internet2 are being approached the same way.

1) IPV6 IS A TIMELY TECHNOLOGY THAT IS FILLING A CURRENT NEED FOR MORE STATIC IP ADDRESSES. THE SOONER IT IS IMPLEMENTED, THE BETTER. There are about four billion available IP addresses with IPv4, and one billion Internet users globally. Right now, most Internet users don’t use a static IP address. Instead they use DHCP to share the same IP addresses over time, and NAT to share the same static IP address among many machines that use internal IP addresses. It is estimated that the supply of IPv4 addresses could last for at least another 20 years. Why the rush? Apparently, the timeline for IPv6 is being rushed to improve traceability of users and to enable the implementation of certain Patriot Act laws - especially those that allow would allow more wiretapping if only the technology would support it.. If Internet users all had registered static IP addresses, there would be no need to go through ISP’s in order to obtain information about users.

2) IPV6 IS SAFE FOR SECURITY AND PRIVACY. According to the IETF, “IPv6 addresses on a given interface generated via Stateless Autoconfiguration contain the same interface identifier, regardless of where within the Internet the device connects. This facilitates the tracking of individual devices [and thus potentially users].” Translation: Unless measures are taken to specifically protect privacy, there will be no privacy.

3) THE INTERNET2 PROJECT AND IPV6 ARE A MARKETPLACE PHENOMENON DRIVEN BY INDIVIDUALS AND PRIVATE ORGANIZATIONS. THE GOVERNMENT IS NOT INVOLVED IN THESE TECHNOLOGIES. According to Internet2.edu, “The federal government has played, and is playing, a crucial role in both support of some key technology development projects as well as in collaboration with university and industry researchers investigating next generation internet technologies and infrastructures.” In fact, the federal government has its own advanced Internet initiative, called the Next Generation Internet (NGI) initiative. The NGI program was announced just about seven days after the establishment and announcement of the Internet2 project. Many government agencies taking part in the NGI Initiative are also collaborating on Internet2.” Last year the Department of Defense mandated that all of its agencies should be IPv6 ready by 2008, which will clearly put pressure on large corporate vendors to quickly follow suit. What about the academic community? The government has plenty of leverage here as well. Internet2.edu points out the following: “[The] Clinton administration established a new cross-cutting initiative, called IT2 (IT-squared). This initiative provides much increased funding - mainly to universities - to long-term research into information technology areas.” Government, especially the U.S. government, would seem to be playing a leading role in the creation and implementation of IPv6 and Internet2, along with government’s own NGI. Despite the seeming cluster of marketplace-driven stakeholders – large tech manufacturers and Universities - IPv6 and Internet2 are anything but private label.

4) INTERNET2 AND IPV6 ARE ENTIRELY SEPARATE TECHNOLOGIES THAT HAVE DIFFERENT PLAYERS. THE COMPLEXITY AND LACK OF COORDINATION BETWEEN THESE INITIATIVES SHOWS THAT NO ONE IS ORCHESTRATING THEIR EVOLUTION. Internet2 is a project involving a coalition of universities, companies, and the government whose goal is to “create a leading edge network capability for the national research community; enable revolutionary Internet applications; ensure the rapid transfer of new network services and applications to the broader Internet community.” According to Internet2.edu “The IPv6 WG (Working Group) is focused both on understanding how IPv6 will enable Internet2 to achieve its goals and on promoting and coordinating the deployment of IPv6 throughout the Internet2 infrastructure.” Coordination? Certainly sounds like it.

5) THESE ARE VAST SYSTEMS, NOT EASILY AVAILABLE TO GOVERNMENT CONTROL. To truly believe that there is no governmental influence being brought to bear on the choice and disposition of future Internet technologies is to believe that the bureaucracy does not actively seek to perpetuate its own strategic interests. Proponents of a smooth rollout of the latest technology will point to the massive private involvement with IPv6 and Internet2, but this does not necessarily preclude active or aggressive government involvement from behind the scenes.

6) THERE IS ENOUGH TO WORRY ABOUT THESE DAYS WITHOUT POSTULATING INDUSTRY-WIDE CONSPIRACIES. As has been pointed out, above, risk/reward discussions regarding IPv6 and Internet2 seem curiously lacking. In fact, there seems some antipathy – in some quarters – to even broaching such issues. But noting a resistance to meaningful discussion of a worrisome and complex issue is not the same as promoting the existence of a demonic New World Order. There is reality and there is speculation.

7) IPV6 IS NOT A THREAT IT’S JUST A TECHNOLOGY UPGRADE. Technology has no morality. If IPv6 is used in the same way that IPv4 is, then it wouldn’t be much of a threat. However, the biggest reason to roll out IPv6 is to offer a virtually endless number of static IP addresses. For this reason, although the two protocols seem very similar, they will be used in completely different ways.

8) THERE IS NO DIFFERENCE BETWEEN TEMPORARY AND ALWAYS-ON INTERNET CONNECTIONS. MOST PEOPLE HAVE ALWAYS ON INTERNET CONNECTIONS NOW AND HAVE NO PROBLEMS. The IETF pointed out in a recent draft: “A more interesting case concerns always-on connections (e.g., cable modems, ISDN, DSL, etc.) that result in a home site using the same address for extended periods of time. This is a scenario that is just starting to become common in IPv4 and promises to become more of a concern as always-on internet connectivity becomes widely available.” Furthermore, temporary Internet users with DHCP connections are often given different IP addresses each time they reconnect. Always-on users will never reconnect, and the same IP address may be used for an extended period of time even with DHCP. Programmer Rob Leslie explains, “With the advent of always-on cable and DSL connections, even so-called dynamic addresses assigned via DHCP will very often remain the same for very long periods of time…” This means that DHCP will only be helpful for privacy protection if IP addresses are changed frequently, while maintaining an always-on connection.

9) WHAT ARE YOU WORRIED ABOUT? IPV6 TECHNOLOGY IS THE SAME AS IPV4. …NAT and DHCP were created as solutions for sharing IP addresses, and not for privacy. Rob Leslie points out that: “The scarcity of valuable IP addresses, particularly blocks of contiguous addresses, was one of the motivations behind the development of NAT. With NAT, a user could share a single globally-addressable IP address with a number of machines, each of which would use an internal, non-globally-addressable address. These non-global addresses could be re-used by each private network using NAT. This greatly reduced the pressure on ISPs to allocate more than a single IP address to many customers.” The increased availability of static IP addresses implies an immediate dismantling or NAT and DHCP technologies from the Internet.

10) IF I HAD A NUMBER OF APPLIANCES IN MY HOME CONNECTED TO THE INTERNET THROUGH NAT, THEN THE APPLIANCE WOULDN’T BE KNOWN. The particular appliance may not be known, however the static IP that the entire household uses would still reference you and your house. This will do almost nothing to protect a user’s privacy. NAT would be more effective for privacy if it were used for many households, however DHCP is probably a better solution for privacy.

11) NAT AND DHCP WILL STILL BE USED FOR SECURITY AND PRIVACY WITH IPV6. Technically, these technologies could be used. However, many opponents to these technologies argue that they are hacks used only for the purpose of relieving the lack of available static IP addresses. They add complications to the network and have additional costs. Once static IP addresses proliferate, many networks will cease to use NAT and DHCP. As one Wall Street lead developer pointed out “Although DHCP can help with privacy, I can’t see the wide use of DHCP and NAT with IPv6 since it defeats the purpose of upgrading in the first place. Unfortunately, if our bank used static IP addresses we would be targeted by denial of service attacks and be shut down. With DHCP we can hide our identity from hackers.”

12) EVEN IF NAT AND DHCP ARE GONE, THERE WILL BE OTHER PRIVACY TECHNOLOGIES BUILT. Brian Carpenter, a participant in the IETF, has pointed out that those promoting the IPv6 protocol are not responsible for how it is implemented. “I don't find anything in draft-ietf-ipv6-privacy-addrs-v2-00 that makes privacy addresses a default, unless the implementer happens to make that a configuration choice, which isn't the IETF's decision.” The government and large corporations such as Microsoft are IPv6 stakeholders with no incentive to promote privacy on the Internet. There is every indication that such participants are eager to COLLECT as much information as possible about users. Asking them to look out for consumer privacy is like asking the wolf to take care of the sheep.

FMNN's Technology and New Media Correspondent, Chris Mack received a degree in economics and artificial intelligence at Carnegie Mellon University, and then worked as a software engineer and consultant to a number of different organizations ranging from startup companies to large corporations such as IBM and Lockheed Martin. Early in his career, Chris worked with Nobel laureate Herbert Simon, helping create artificial neural networks to predict time series of stock market patterns. Today, he looks for patterns and emergent properties to aid in the understanding of economics, human behavior and technology.

---------------------------------------------------------------------------------------

[Feedback on Chris Macks's news story GOVERNMENT’S ‘INTERNET2’ SEEN AS NEXT ‘NET BATTLEFIELD]

In a detailed, erudite letter to FMNN, Rob Leslie (apparently a programmer) makes at least five strong points - excerpted here, verbatim, along with Chris Mack’s answers.

Excerpted from Mr. Leslie’s letter: Mr. Mack confuses IPv6, a network protocol, with Internet2, a physical network of high-speed infrastructure and advanced applications. While Internet2 may use IPv6 as its underlying network protocol, they are not the same thing. Internet2 is a creation of a consortium of universities working in partnership with industry and government for the development of new and innovative uses of network technology. It is essentially an independent and private high-speed network dedicated to uses of research by its members. IPv6, in contrast, is a creation of the IETF (Internet Engineering Task Force, a large international non-membership community open to participation by any individual) intended to address the deficiencies of IPv4. It is already in widespread use on the global Internet, although it is not as common in North America as in some other parts of the world.

Author’s answer, A: Technically, IPv6 and Internet2 are different. However, the Internet2 project already uses IPv6 and IPv4, and it’s clear that there is no intention of using IPv4 in the future, except as a means to support old systems. The sentence in question did not seek to refer to specific, formal nomenclature; it is the author’s experience these terms, informally, are used interchangeably.

Author’s answer, B: Where is IPv6 and Internet2 in “widespread use?” China? Europe? India? Possibly certain governments and agencies are using or testing IPv6, but that’s not the same as a general roll out which does not seem to have occurred, according to available information on the Internet or elsewhere.

Author’s answer, C: The letter seems to imply that both IPv6 and Internet2 are the result of an independent private-market effort. This does not appear to be the case. An educational site called “Internet2.edu: puts it this way: “The federal government has played, and is playing, a crucial role in both support of some key technology development projects as well as in collaboration with university and industry researchers investigating next generation internet technologies and infrastructures.” I believe the IPv6 and Internet2 effort bears as much resemblance to a free-market initiative as a tank does to a family sedan.

Excerpted from Mr. Leslie’s letter: Mr. Mack writes that "The current Internet was not built with the idea of every machine in the world using static IP addresses." This is not true. In the early days of the Internet, it was understood that any machine that wanted to be connected to the global network required a unique, static address. This was before the days of firewalls, and long before the invention of DHCP or NAT.

Author’s answer: The key word here is “current.” No one envisioned billions of machines (not just PC’s but cars, refrigerators, etc) using static IP addresses when the Internet was first created. Otherwise, they would have started with a larger number of IP address or would have had other solutions, wouldn’t they?

Excerpted from Mr. Leslie’s letter: Mr. Mack writes, concerning his perception of the ramifications of static addressing, "every single computer-based activity could be subject to surveillance." It is difficult to understand how static addressing alone poses a risk to surveillance, or how IPv6 could be considered any more of a risk than the current IPv4, considering that most always-on connections already keep the same address for long periods of time.

Author’s answer: Very few people have static, long-running static IP addresses. Not your average user, anyway. The people that do, I imagine, are well aware of the security and privacy issues involved.

Excerpted from Mr. Leslie’s letter: If the concern is that IPv6 addresses will expose the globally-unique 48-bit Ethernet MAC address of one's equipment, then the solution will be for vendors to offer alternatives to this method of address assignment in their IPv6 implementations, or to resort to NAT-like features in firewall products. …

Author’s answer: This is the crux of the matter. Who is responsible for IPv6 and its roll out? Probably large vendors like Microsoft – and such vendors are the ones that will likely provide the “security” that most people now provide for themselves at a local, not network, level. Thus one or several large vendors, in conjunction with domestic and perhaps international governmental bureaucracy will develop a standard encryption for use. This is the logical conclusion of all what is occurring now. Government and “private enterprise” together are generating a massive new communication’s technology that will be delivered via commercial vendors such as Microsoft. These vendors have no incentive to provide security, and even if they did – and perhaps public clamor will force them to – the solutions will be neither elegant nor especially sophisticated. Of course, it is easy to declare that such scenarios are fanciful but millions of computer users have been struggling with computer viruses for the last few years that have wiped out hard drives, frozen whole networks and even, occasionally, destabilized the Internet itself. To simply claim that the same scenario absolutely cannot repeat itself in a different venue when the same factors are present – broad-based systems with brittle, one-size-fits-all solutions – does not seem to make a great deal of sense.

Excerpted from Mr. Leslie’s letter: I urge Mr. Mack to become better informed of the reality of IPv6; I do not think it poses the dangers to freedom, civil liberties, or privacy that he suggests. Quite the opposite, it has a number of clear benefits over the existing IPv4, not the least of which is the possibility for increased privacy and security. With the benefit of the free market, we may hopefully see its use continue to grow here in the U.S.

Author’s answer: It seems to me that there is little of the “free market” involved in the creation or roll out of IPv6 and Internet2. This is, I believe, another crucial confusion. Peer behind the “consortia” that have been developed to provide IPv6 and Internet2 with an appearance of a private-market “buy in” and you will find governmental organizing factors that many in the industry either will not admit to or are simply too naïve to recognize. If one does accept that the basic impulse of the new technology being developed is bureaucratic, then one is left to argue that the governance involved has the best interests of consumers – and the Internet - at heart. I remain profoundly skeptical of government’s ability to produce anything worthwhile – and I have never seen a government initiative that did not benefit some players at the expense of others. I don’t believe for a minute that any major government exists today which would not gladly push a button to shut down the Internet if one actually existed. Just watch what governments around the world, including the U.S., are starting to do to the Internet through taxes and regulation. Yet these are the major players, in my opinion, behind the roll out of the “new Internet.” The resistance to recognizing these realities – especially by those within the industry who are overly impressed by any shiny, new technology - is troubling since there is a difference between technology generated and accepted by the marketplace and technology plucked from the lab by government-backed consortia and presented to the citizenry via additional government backing and funding. It reminds me of the old Soviet Union with its massively funded technologies and five-year plans that never worked the way they were supposed to. There is trouble yet to come here, and at least some of it could be avoided if people within the industry would recognize the difference between market-based solutions and government-sponsored ones.

[Feedback on Chris Macks's news story GOVERNMENT’S ‘INTERNET2’ SEEN AS NEXT ‘NET BATTLEFIELD ...]

Jason T. takes aim at Mr. Mack’s perception of IPv6 as problematic in a letter excerpted below, along with Chris Mack’s answers and then again (the letter) verbatim.

Excerpted from Mr. Jason T.’s letter: IPv6 is intended to solve many of the problems with security on today's widely-used-but-very-out-of-date IPv4. Everything touting 'security' on today's North American networks is actually an add-on, a 'hack' if you will. No security features at all exist in the underlying protocols that make the network work.

Author’s answer: Nonetheless, the current Internet does provide a measure of security and privacy through a number of free-market applications, jury-rigged though they may be – as is often the case with software, and hardware – in the early 2000s. Technology is a tool, and has no morality by itself. What technology brings is change, and history repeatedly shows that the change it brings always benefits the people who are prepared for it and ahead of the curve.

Excerpted from Mr. Jason T.’s letter: Anything on the net today is encrypted by specific applications, and if you want your communication encrypted, you have to use applications that support it, have it properly configured, at both ends!

Author’s answer: Perhaps that is actually a good thing, as we explain below, next point.

Excerpted from Mr. Jason T.’s letter: In IPv6, it is easily possible to have everything encrypted, without ever having to configure anything, or run special applications, since it would all be done in the protocol, and this transparent to applications.

Author’s answer: This statement seems to be proposing standardized encryption at the network level – below the application level - between counterparties. Just who will be doing the configuration of such massively standardized encryption – Microsoft, the government, the military, an EU consortium? Today there is a market for encryption at the application level and people are aware of security issues. Will we rely on network level security, and stop building it at the application level, only to find we have no security? Remember, those who provide encryption standards will likely have a way to break it, wouldn’t they? Will we rely on Microsoft to implement all the security we need, or the government to regulate it? The government already regulates encryption algorithms that can be used, making sure that no one uses strong enough encryption that they can’t break. Today 128-bit encryption keys are the maximum length legally allowed, and in 1999, the DES crack challenge successfully broke 56-bit encryption in 22 hours.

Excerpted from Mr. Jason T.’s letter: Also, increasing the address pool is not only desired, but required, and also gives you a privacy bonus. If you equate evesdropping on the internet with tapping a phone line, then imagine a town with 4 phones that only can talk to each other, and all have direct lines ............ For the full article visit us @ www.FreeMarketNews.com

hmm the current routers are not compatible with ipv6...so basically it's all junk ;)

there might be a converter but you'll prolly only be able to go one way or need a series of them...either way it's not worth saving your 50 dollar linksys ;)

As for the ISP question, I dunno. But i'd say yes. You still need a central location to route all the traffic which is all the Internet is...A giant routing mechanism that is sending traffic where it needs to go. The ISP won't need to break the ip address down as much and they could be more lazy with the management of IP address. Right now in No. VA you have to have a commerical account for verizon dsl to give you a static IP, basically cause there isn't a whole lot of them to give away for free...with ipv6...it'd be like hording dirt...it could feasibly run out, but not likely

The difficulty with allowing the free market to establish multiple standards in this particular arena and then allowing competition to determine the most successful one is that (1) duplication of effort is inherently wasteful, and (2) it isn't really any more successful a ploy than simple diktat for ensuring that the best technical solution is the one deployed. (Neither way really works, necessarily - VHS vs. Beta didn't do it following the free-market model and the continued existence of ADA shows that diktat didn't do it for programming languages either.) This is one of the arguments behind "natural monopoly."

I doubt very seriously if this will result in the proliferation of static IP addresses throughout the entire networking world. For one thing, the administrative challenges in managing the assignment of IPv4 address ranges are quite challenging enough. For another, the proliferation of laptops and other mobile devices make DHCP more necessary, not less.

As far as identification by some sinister governmental authority, IPv6 isn't all that much more effective than IPv4, especially not in comparison to such innovations as the late, unlamented Intel PSN. The real question to me is at what point some government agency, here or elsewhere, is going to arrogate to itself the management of IP address ranges overall. China is attempting something like this. It is there the problem will lie, and not in simply doubling the number of octets in an addy. All IMHO, of course, and I'd be glad of any correction by the more knowledgable.

The DoD is pushing the transistion to IPv6

DOD is developing a roadmap for getting to IPv6
http://www.gcn.com/vol1_no1/daily-updates/28090-1.html

Defense Department networks will have to demonstrate that they are capable of running securely and reliably under IP Version 6 before receiving approval to use the new protocols.

The deadline for moving to the new version of the Internet Protocol is 2008. Until then, IPv6 will be restricted to early adopter environments and will not be allowed on operational DOD networks. The DOD IPv6 Transition Office is developing guidelines to help networks get approval to operate.

Networks will receive authorizations to run at two levels before proceeding to the first level of operational capability, said James Schifalacqua, part of the Transition Office support team from SI International Inc. Information assurance will be a key element in receiving authorization to operate, Schifalacqua said Thursday at the U.S. IPv6 Summit in Reston, Va.

Developing a process for risk management will be the key element in getting authorization to operate with IPv6, he said.

“It’s not the technology, it’s the process,” he said. Not all risk on the network has to be eliminated, but administrators must be able to document how risks are analyzed and managed.

more at link above

You are going to need some device to connect to the ISP's network. They are presumably going to provide the same functionality they provide now (why wouldn't they?)

If you are knowledgable enough to build your own, then you could do that... but you could do that today, and you could buy your own block of IPv4 addresses if you wanted to, and ask the ISP to route traffic to your own homemade router, and allow whatever lack of security you felt like having. I've already got 5 IP addresses because I bought 5 from my ISP. With IPv6 I could probably buy something more like a few thousand, but it's the same principle.

The only real difference in IPv6 is that the hack that maps one set of IP addresses to another set of IP addresses isn't necessary (note that you're still allowed, if you want, to do some sort of NAT mapping, if you want to... but it's unlikely that anyone will bother.) Everything else is the same as it used to be.

I guess my point is, IPv6 is going to be a good thing because it will remove a lot of complexity involved in the current set of hacks, and will also make Internet access a lot more possible for other countries, and we don't need people generating panic where it's totally unjustified. Next thing you know we will have Congressional hearings and a bunch of Democratic congressman demogoguing it and passing legislation regulating how engineers are allowed to design networking software.

For the sake of arguing needlessly, The internet will be the commerce and communication system of the beast.

Revelations 13:17 "And that no man might buy or sell, save he that had the mark, OR the name of the beast, OR the number of his name."

You will either get a mark (implant), OR the name of the beast "www.mybeastid.com", OR the number "0000:0000:0000:0000:0000:0000". Each in itself will cross reference to a master database to uniquely identify, regulate, and control every individuals commerce and communication.

Best wishes and a happy new year!

Nice notion, only NAT and DHCP were never intended as privacy measures, they were band-aids to cover the festering inadequacies of the IPv4 protocol in the realm of scalability and management.

If machines came with statically-assigned global addresses that could not be reassigned, configuring local networks would be a nightmare. Under current methods, machines are assigned local addresses (manually or automatically) when they are installed into a subnet. A router knows when it sees a packet for 192.168.254.97 that it's supposed to be delivered to some other machine on the local subnet and it can issue an ARP locally to find it. If my machine is assigned some globally-unique and unchangeable 128-bit address, how is anything supposed to route that?

I suppose it would be possible to have IP "nameservers", but if that's going to be done why use these monster IP's instead of simply using hostnames for everything?

The only real difference in IPv6 is that the hack that maps one set of IP addresses to another set of IP addresses isn't necessary (note that you're still allowed, if you want, to do some sort of NAT mapping, if you want to... but it's unlikely that anyone will bother.) Everything else is the same as it used to be.

Right now, a packet can be routed to an ISP using the first 16-24 (more or less) bits of the IP address. Each ISP, regardless of how many hosts it serves, will only have a few (often only one) continuous range of addresses it serves.

If addresses are disconnected from routing, how is any packet supposed to get where it's going? The only way I can see that working is if there's a "routeserver" that acts like a nameserver but tells a client the sequence of hosts it should use to reach a particular IP address; routeservers would have to be even bigger than nameservers (since many machines have IP addresses but not top-level domain names) and the 128-bit "address" would be no more useful for hardware routing than a hostname.

From what you know about IPv6's implementation of VPN, would it resolve the author's concern's about privacy? For example, a company could set up a VPN for clients. All clients would tunnel encrypted data to the company, turn off all other traffic (ports and addresses), and then access the internet through them. This should take care of privacy concerns. The company could even constantly rotate addresses assigned to each client much as DHCP works today.

In a fully IPv6 home, most items could be set to only interact with other household equipment and access the outside world only through a gateway.

In addition, new IPv6 home routers will probably include some sort of mechanism to handle legacy IPv4 equipment. At a minimum, computers would have both protocols and could be set up as gateways. That in itself would need to be a NAT product between the to versions of IP.

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.