IPV6/INTERNET2 ARTICLE IGNITES INTERNET FIRESTORM

An FMNN story pointing out privacy concerns related to IPv6 received emphatic responses & thousands of page views across the Internet. (See sample FMNN feedback and responses, below, following article.)

People should be alarmed when a fire starts. IPv6 with Internet2 is a firestorm waiting to happen.

That was the thesis of my reporting in mid-December 2004 about IPv6 and Internet2 (apparently my effort was one of the first to truly grapple with the potentially troublesome nature of this new technology). The commentary I have received on the article – and it has been a truly astonishing reaction – has only reinforced my perception that the new ‘Net technology coming our way is a good deal more controversial than proponents like to let on.

The article – originally available to viewers at Free Market News Network (www.freemarketnews.com) for which I write – was eventually posted to a number of different reader-response sites including what may be the largest and best-managed, www.freerepublic.com. This allowed for a good cross-sampling of reaction.

Readers who responded positively to the article were often seemingly those already convinced that government bureaucracies will attempt, sooner or later, to control or subvert whatever seems to be a threat to their power - and that the Internet is undoubtedly seen in certain quarters as a radical threat. Those with this point of view do not see IPv6 and Internet2 as free-market creations but as technologies that have in some sense been birthed and nurtured by the government.

Many corporations and universities involved in these projects – so the logic goes – are probably receiving U.S. federal grants and contracts and are thus beholden to the government and apt to fall in line. Internet2.edu: puts it this way: “The federal government has played, and is playing, a crucial role in both support of some key technology development projects as well as in collaboration with university and industry researchers investigating next generation internet technologies and infrastructures.”

Technologists critical of the article (I have come up with the term “technologists” to refer to a broad cross-section of engineers, programmers and others who have professional interactions with the computer industry and its attendant implementations) often seemed to imply that either the reporter was technologically naïve or that there was some kind of Luddite motivation driving the positioning and reporting. Nothing like this was intended.

Over and over, sources expressed their enthusiasm at what the Internet had become once the marketplace had worked its magic. The point of the article was to express attendant alarm over the potential resurgence of influence by certain founding forces – the military and particular academic powers – rendered less of a factor by the decade-long evolution of the Internet.

Technologists also focused on the previous article’s conflation of IPv6 and Internet. In truth, the IPv6 project has several nicknames and there are at least two versions of Internet2 floating around (see below, the U.S. government’s effort, Next Generation Internet, NGI).

Despite the industry’s insistence that these efforts are separate and unorchestrated, the sources I spoke to often tended to treat them as one broad, high-tech initiative and on occasion referred to that effort interchangeably as “IPv6,” “Internet2, etc” In this article, however, and in subsequent articles these various initiatives are treated with formal nomenclature.

Internet2 is a collaborative effort by the government, universities, and private corporations to operate a network with superior performance to the current Internet, with the goal of deploying the technologies involved to the general public. Internet2 supports the current communication protocol, Internet Protocol version 4 (IPv4), but it also supports a newer version named Internet Protocol version 6 (IPv6).

IPv6 is a protocol specification that tells how machines can communicate to each other by sending and receiving packets of data. It improves Internet performance and increases the number of static IP addresses available so that every user in the world can have as many as they would like. By specification, both IPv4 and IPv6 protocols embed IP addresses in their packets, so it would seem that IPv6 makes improvements in the technology while having no change on its privacy implications.

For the record, let me restate the position to which my reporting led me: The next generation Internet – IPv6-within-Internet2 – is probably coming to your house and mine within the next 3-6 years. Major governments including the U.S. apparently intend to roll it out wholesale before or by 2008, Once it is an accepted government standard, the impetus for private industry to adopt the technology will be virtually unstoppable and will, in its wake, bring substantive privacy concerns.

Let me state again why my sources believe this to be so: IPv6 itself is apparently intended to provide every computer on the planet (and that includes computers in cars, phones and walls, etc.) with a specific address – one that is ideally suited to every kind of snooping and tracking imaginable. The current protocol, IPv4 does NOT allow for this kind of widespread electronic labeling.

Yes, of course, such labeling will bring benefits. But to insist, as many intimately connected to the industry seem to, that any reporting focusing on the negatives is somehow irresponsible or rooted in ignorance is to resort to the kind of ad hominem attack that attempts to slay the messenger but ends up by begging the question.

Finally, let me restate why current privacy solutions may not apply to IPv6 within Internet2: The new Internet communications technology is privacy-neutral and therefore relies on vendors to make security adjustments. In theory, IPv6 could be used exactly the same way as IPv4 is used today, in conjunction with privacy measures such as Network Address Translation (NAT) and Dynamic Host Configuration Protocol (DHCP). But these may have to undergo substantial modification for use with IPv6 and in any case the original implementation - as technologists know - had everything to do with the scarcity of IPv4 addresses NOT privacy concerns. Given that privacy was a CONSEQUENCE of the implementation of NAT and DHCP but not the PURPOSE, what on earth makes people think that corporations and vendors will be eager to re-engineer the software at considerable expense when there are more than enough addresses to go around due to IPv6?

The Internet is under attack. Those in power have a good deal of difficulty in tolerating it. Users have long expected the Internet to be taxed into irrelevance but more and more it looks as if combat will also be waged on several fronts that have not received so much attention – via the technology itself and through the blunt but powerful weapon of regulation.

In a related article, I have reported on threats to Internet via regulation. And there are other privacy challenges from additional technologies that exist today, and will certainly be enhanced tomorrow, which I have not even touched on yet.

The U.S. government is growing increasingly aggressive about regulating technological innovation. It already regulates encryption algorithms - making sure the encryption is not too strong. I believe today 128-bit encryption keys are the maximum length legally allowed, and in 1999, a 56-bit encryption was successfully broken in 22 hours.

Even without IPv6, the Web already poses a security threat to users in numerous ways. Forget about email viruses, hacking and phishing. The CIA has developed software that can intercept email, read it, and send it to the recipient looking unread. Some people use encrypted mail, but most users aren't even aware that the technology exists.

IPv6 is surely a powerful technology bringing additional benefits as well as challenges. Yet a thorough Google search reveals only a scattering of concerns about IPv6, disparately voiced, often in chat rooms, as part of a much larger discussion usually focused on the bells and whistles of the new technology coming our way.

Is it practical to rely on Microsoft and other large resellers of IPv6 implementations to provide elegant and utile privacy solutions? Such large corporations have every reason to want to collect the kind of voluminous information that the IPv6 protocol promises to supply with the bandwidth of the next generation Internet. This smacks of the proverbial “fox guarding the hen house.”

Yes, IPv6 does improve technology - but its implementation may remove much of our privacy if consumers don’t actively move to protect that privacy. Today most Internet users don’t have a static IP address; in the future they will, thus very possibly allowing their always-on static IP address to be constantly tracked.

Things may or may not simply “work out” once the upcoming technology is widely used in the marketplace. Forewarned is forearmed. Viruses, hacking and phishing are already difficult, unanticipated problems.

Some savvy users have made some efforts to increase their privacy online, but often at the expense of losing the ability to use certain sites and functionality. Some have switched to use Internet browsers such as Mozilla Firefox instead of using Internet Explorer. Others are disabling cookies and using privacy services such as beHidden.com and Guardster.com. However, many websites don’t support users if they disable cookies and don’t reveal an IP address.

In theory, users can build or find obscure software that will hide their IP address, but in reality Microsoft dominates the software market especially for consumers, leaving only highly technical people even aware of these privacy issues. At some point – using the justification that static IP addresses stop spam and phishing cold - pressure may build for laws insisting on the presentation of static IP addresses – and even laws making it a crime to hide one’s identity.

People are often manipulated into assuming that the technologies involved with the Internet require an absence of privacy. However this isn’t true. As Guardster co-founder Dan Rung explains, “As history has shown, governments have a tendency to use any new tools available to them to invade people’s personal privacy. We would also hope that more software providers would build automatic privacy protocols into their software. A simple example of this is that all email software should automatically encrypt and decrypt all messages on the user’s computer before sending them to their ISP and on into the Internet.”

Guardster is an Internet proxy service that enables people to surf the web without being tracked. Since they don’t track any user information or IP addresses, users can feel comfortable about their privacy. The service has become so popular that “overall bandwidth has tripled in the last year alone,” says Dan Rung. Internet users are becoming aware of privacy issues and are increasingly choosing to take action. He adds “We do anticipate additional users anytime Internet users feel more of their personal privacy slipping away.”

In an effort to satisfy increasing demand, Guardster is investigating many more privacy tools such as “anonymous email, SOCKS support, anonymous IM, virtual private networks, and anonymous newsgroups, as well as anti-spyware/adware/popup blocker possibilities.”

Thomas Jefferson warned: "The natural progress of things is for liberty to yield and government to gain ground." But Jefferson did offer hope when he wrote: "The force of public opinion cannot be resisted when permitted freely to be expressed. The agitation it produces must be submitted to." Let it arise.

Below, are twelve points that seem to reflect not just a popular - but an overwhelming - sentiment in favor of Internet2 and IPv6 among even the industry’s savviest technologists. After each bolded statement is additional, documented information - material in many cases residing on Internet2 and IPv6 websites themselves - that would seem to contradict the stance of the many technologists regarding IPv6.

Those who enthusiastically propound the dangers of global warming, do so with an almost religious fervor that brooks little or no opposition. In some cases, it seems as if IPv6 and Internet2 are being approached the same way.

1) IPV6 IS A TIMELY TECHNOLOGY THAT IS FILLING A CURRENT NEED FOR MORE STATIC IP ADDRESSES. THE SOONER IT IS IMPLEMENTED, THE BETTER. There are about four billion available IP addresses with IPv4, and one billion Internet users globally. Right now, most Internet users don’t use a static IP address. Instead they use DHCP to share the same IP addresses over time, and NAT to share the same static IP address among many machines that use internal IP addresses. It is estimated that the supply of IPv4 addresses could last for at least another 20 years. Why the rush? Apparently, the timeline for IPv6 is being rushed to improve traceability of users and to enable the implementation of certain Patriot Act laws - especially those that allow would allow more wiretapping if only the technology would support it.. If Internet users all had registered static IP addresses, there would be no need to go through ISP’s in order to obtain information about users.

2) IPV6 IS SAFE FOR SECURITY AND PRIVACY. According to the IETF, “IPv6 addresses on a given interface generated via Stateless Autoconfiguration contain the same interface identifier, regardless of where within the Internet the device connects. This facilitates the tracking of individual devices [and thus potentially users].” Translation: Unless measures are taken to specifically protect privacy, there will be no privacy.

3) THE INTERNET2 PROJECT AND IPV6 ARE A MARKETPLACE PHENOMENON DRIVEN BY INDIVIDUALS AND PRIVATE ORGANIZATIONS. THE GOVERNMENT IS NOT INVOLVED IN THESE TECHNOLOGIES. According to Internet2.edu, “The federal government has played, and is playing, a crucial role in both support of some key technology development projects as well as in collaboration with university and industry researchers investigating next generation internet technologies and infrastructures.” In fact, the federal government has its own advanced Internet initiative, called the Next Generation Internet (NGI) initiative. The NGI program was announced just about seven days after the establishment and announcement of the Internet2 project. Many government agencies taking part in the NGI Initiative are also collaborating on Internet2.” Last year the Department of Defense mandated that all of its agencies should be IPv6 ready by 2008, which will clearly put pressure on large corporate vendors to quickly follow suit. What about the academic community? The government has plenty of leverage here as well. Internet2.edu points out the following: “[The] Clinton administration established a new cross-cutting initiative, called IT2 (IT-squared). This initiative provides much increased funding - mainly to universities - to long-term research into information technology areas.” Government, especially the U.S. government, would seem to be playing a leading role in the creation and implementation of IPv6 and Internet2, along with government’s own NGI. Despite the seeming cluster of marketplace-driven stakeholders – large tech manufacturers and Universities - IPv6 and Internet2 are anything but private label.

4) INTERNET2 AND IPV6 ARE ENTIRELY SEPARATE TECHNOLOGIES THAT HAVE DIFFERENT PLAYERS. THE COMPLEXITY AND LACK OF COORDINATION BETWEEN THESE INITIATIVES SHOWS THAT NO ONE IS ORCHESTRATING THEIR EVOLUTION. Internet2 is a project involving a coalition of universities, companies, and the government whose goal is to “create a leading edge network capability for the national research community; enable revolutionary Internet applications; ensure the rapid transfer of new network services and applications to the broader Internet community.” According to Internet2.edu “The IPv6 WG (Working Group) is focused both on understanding how IPv6 will enable Internet2 to achieve its goals and on promoting and coordinating the deployment of IPv6 throughout the Internet2 infrastructure.” Coordination? Certainly sounds like it.

5) THESE ARE VAST SYSTEMS, NOT EASILY AVAILABLE TO GOVERNMENT CONTROL. To truly believe that there is no governmental influence being brought to bear on the choice and disposition of future Internet technologies is to believe that the bureaucracy does not actively seek to perpetuate its own strategic interests. Proponents of a smooth rollout of the latest technology will point to the massive private involvement with IPv6 and Internet2, but this does not necessarily preclude active or aggressive government involvement from behind the scenes.

6) THERE IS ENOUGH TO WORRY ABOUT THESE DAYS WITHOUT POSTULATING INDUSTRY-WIDE CONSPIRACIES. As has been pointed out, above, risk/reward discussions regarding IPv6 and Internet2 seem curiously lacking. In fact, there seems some antipathy – in some quarters – to even broaching such issues. But noting a resistance to meaningful discussion of a worrisome and complex issue is not the same as promoting the existence of a demonic New World Order. There is reality and there is speculation.

7) IPV6 IS NOT A THREAT IT’S JUST A TECHNOLOGY UPGRADE. Technology has no morality. If IPv6 is used in the same way that IPv4 is, then it wouldn’t be much of a threat. However, the biggest reason to roll out IPv6 is to offer a virtually endless number of static IP addresses. For this reason, although the two protocols seem very similar, they will be used in completely different ways.

8) THERE IS NO DIFFERENCE BETWEEN TEMPORARY AND ALWAYS-ON INTERNET CONNECTIONS. MOST PEOPLE HAVE ALWAYS ON INTERNET CONNECTIONS NOW AND HAVE NO PROBLEMS. The IETF pointed out in a recent draft: “A more interesting case concerns always-on connections (e.g., cable modems, ISDN, DSL, etc.) that result in a home site using the same address for extended periods of time. This is a scenario that is just starting to become common in IPv4 and promises to become more of a concern as always-on internet connectivity becomes widely available.” Furthermore, temporary Internet users with DHCP connections are often given different IP addresses each time they reconnect. Always-on users will never reconnect, and the same IP address may be used for an extended period of time even with DHCP. Programmer Rob Leslie explains, “With the advent of always-on cable and DSL connections, even so-called dynamic addresses assigned via DHCP will very often remain the same for very long periods of time…” This means that DHCP will only be helpful for privacy protection if IP addresses are changed frequently, while maintaining an always-on connection.

9) WHAT ARE YOU WORRIED ABOUT? IPV6 TECHNOLOGY IS THE SAME AS IPV4. …NAT and DHCP were created as solutions for sharing IP addresses, and not for privacy. Rob Leslie points out that: “The scarcity of valuable IP addresses, particularly blocks of contiguous addresses, was one of the motivations behind the development of NAT. With NAT, a user could share a single globally-addressable IP address with a number of machines, each of which would use an internal, non-globally-addressable address. These non-global addresses could be re-used by each private network using NAT. This greatly reduced the pressure on ISPs to allocate more than a single IP address to many customers.” The increased availability of static IP addresses implies an immediate dismantling or NAT and DHCP technologies from the Internet.

10) IF I HAD A NUMBER OF APPLIANCES IN MY HOME CONNECTED TO THE INTERNET THROUGH NAT, THEN THE APPLIANCE WOULDN’T BE KNOWN. The particular appliance may not be known, however the static IP that the entire household uses would still reference you and your house. This will do almost nothing to protect a user’s privacy. NAT would be more effective for privacy if it were used for many households, however DHCP is probably a better solution for privacy.

11) NAT AND DHCP WILL STILL BE USED FOR SECURITY AND PRIVACY WITH IPV6. Technically, these technologies could be used. However, many opponents to these technologies argue that they are hacks used only for the purpose of relieving the lack of available static IP addresses. They add complications to the network and have additional costs. Once static IP addresses proliferate, many networks will cease to use NAT and DHCP. As one Wall Street lead developer pointed out “Although DHCP can help with privacy, I can’t see the wide use of DHCP and NAT with IPv6 since it defeats the purpose of upgrading in the first place. Unfortunately, if our bank used static IP addresses we would be targeted by denial of service attacks and be shut down. With DHCP we can hide our identity from hackers.”

12) EVEN IF NAT AND DHCP ARE GONE, THERE WILL BE OTHER PRIVACY TECHNOLOGIES BUILT. Brian Carpenter, a participant in the IETF, has pointed out that those promoting the IPv6 protocol are not responsible for how it is implemented. “I don't find anything in draft-ietf-ipv6-privacy-addrs-v2-00 that makes privacy addresses a default, unless the implementer happens to make that a configuration choice, which isn't the IETF's decision.” The government and large corporations such as Microsoft are IPv6 stakeholders with no incentive to promote privacy on the Internet. There is every indication that such participants are eager to COLLECT as much information as possible about users. Asking them to look out for consumer privacy is like asking the wolf to take care of the sheep.

FMNN's Technology and New Media Correspondent, Chris Mack received a degree in economics and artificial intelligence at Carnegie Mellon University, and then worked as a software engineer and consultant to a number of different organizations ranging from startup companies to large corporations such as IBM and Lockheed Martin. Early in his career, Chris worked with Nobel laureate Herbert Simon, helping create artificial neural networks to predict time series of stock market patterns. Today, he looks for patterns and emergent properties to aid in the understanding of economics, human behavior and technology.

---------------------------------------------------------------------------------------

[Feedback on Chris Macks's news story GOVERNMENT’S ‘INTERNET2’ SEEN AS NEXT ‘NET BATTLEFIELD]

In a detailed, erudite letter to FMNN, Rob Leslie (apparently a programmer) makes at least five strong points - excerpted here, verbatim, along with Chris Mack’s answers.

Excerpted from Mr. Leslie’s letter: Mr. Mack confuses IPv6, a network protocol, with Internet2, a physical network of high-speed infrastructure and advanced applications. While Internet2 may use IPv6 as its underlying network protocol, they are not the same thing. Internet2 is a creation of a consortium of universities working in partnership with industry and government for the development of new and innovative uses of network technology. It is essentially an independent and private high-speed network dedicated to uses of research by its members. IPv6, in contrast, is a creation of the IETF (Internet Engineering Task Force, a large international non-membership community open to participation by any individual) intended to address the deficiencies of IPv4. It is already in widespread use on the global Internet, although it is not as common in North America as in some other parts of the world.

Author’s answer, A: Technically, IPv6 and Internet2 are different. However, the Internet2 project already uses IPv6 and IPv4, and it’s clear that there is no intention of using IPv4 in the future, except as a means to support old systems. The sentence in question did not seek to refer to specific, formal nomenclature; it is the author’s experience these terms, informally, are used interchangeably.

Author’s answer, B: Where is IPv6 and Internet2 in “widespread use?” China? Europe? India? Possibly certain governments and agencies are using or testing IPv6, but that’s not the same as a general roll out which does not seem to have occurred, according to available information on the Internet or elsewhere.

Author’s answer, C: The letter seems to imply that both IPv6 and Internet2 are the result of an independent private-market effort. This does not appear to be the case. An educational site called “Internet2.edu: puts it this way: “The federal government has played, and is playing, a crucial role in both support of some key technology development projects as well as in collaboration with university and industry researchers investigating next generation internet technologies and infrastructures.” I believe the IPv6 and Internet2 effort bears as much resemblance to a free-market initiative as a tank does to a family sedan.

Excerpted from Mr. Leslie’s letter: Mr. Mack writes that "The current Internet was not built with the idea of every machine in the world using static IP addresses." This is not true. In the early days of the Internet, it was understood that any machine that wanted to be connected to the global network required a unique, static address. This was before the days of firewalls, and long before the invention of DHCP or NAT.

Author’s answer: The key word here is “current.” No one envisioned billions of machines (not just PC’s but cars, refrigerators, etc) using static IP addresses when the Internet was first created. Otherwise, they would have started with a larger number of IP address or would have had other solutions, wouldn’t they?

Excerpted from Mr. Leslie’s letter: Mr. Mack writes, concerning his perception of the ramifications of static addressing, "every single computer-based activity could be subject to surveillance." It is difficult to understand how static addressing alone poses a risk to surveillance, or how IPv6 could be considered any more of a risk than the current IPv4, considering that most always-on connections already keep the same address for long periods of time.

Author’s answer: Very few people have static, long-running static IP addresses. Not your average user, anyway. The people that do, I imagine, are well aware of the security and privacy issues involved.

Excerpted from Mr. Leslie’s letter: If the concern is that IPv6 addresses will expose the globally-unique 48-bit Ethernet MAC address of one's equipment, then the solution will be for vendors to offer alternatives to this method of address assignment in their IPv6 implementations, or to resort to NAT-like features in firewall products. …

Author’s answer: This is the crux of the matter. Who is responsible for IPv6 and its roll out? Probably large vendors like Microsoft – and such vendors are the ones that will likely provide the “security” that most people now provide for themselves at a local, not network, level. Thus one or several large vendors, in conjunction with domestic and perhaps international governmental bureaucracy will develop a standard encryption for use. This is the logical conclusion of all what is occurring now. Government and “private enterprise” together are generating a massive new communication’s technology that will be delivered via commercial vendors such as Microsoft. These vendors have no incentive to provide security, and even if they did – and perhaps public clamor will force them to – the solutions will be neither elegant nor especially sophisticated. Of course, it is easy to declare that such scenarios are fanciful but millions of computer users have been struggling with computer viruses for the last few years that have wiped out hard drives, frozen whole networks and even, occasionally, destabilized the Internet itself. To simply claim that the same scenario absolutely cannot repeat itself in a different venue when the same factors are present – broad-based systems with brittle, one-size-fits-all solutions – does not seem to make a great deal of sense.

Excerpted from Mr. Leslie’s letter: I urge Mr. Mack to become better informed of the reality of IPv6; I do not think it poses the dangers to freedom, civil liberties, or privacy that he suggests. Quite the opposite, it has a number of clear benefits over the existing IPv4, not the least of which is the possibility for increased privacy and security. With the benefit of the free market, we may hopefully see its use continue to grow here in the U.S.

Author’s answer: It seems to me that there is little of the “free market” involved in the creation or roll out of IPv6 and Internet2. This is, I believe, another crucial confusion. Peer behind the “consortia” that have been developed to provide IPv6 and Internet2 with an appearance of a private-market “buy in” and you will find governmental organizing factors that many in the industry either will not admit to or are simply too naïve to recognize. If one does accept that the basic impulse of the new technology being developed is bureaucratic, then one is left to argue that the governance involved has the best interests of consumers – and the Internet - at heart. I remain profoundly skeptical of government’s ability to produce anything worthwhile – and I have never seen a government initiative that did not benefit some players at the expense of others. I don’t believe for a minute that any major government exists today which would not gladly push a button to shut down the Internet if one actually existed. Just watch what governments around the world, including the U.S., are starting to do to the Internet through taxes and regulation. Yet these are the major players, in my opinion, behind the roll out of the “new Internet.” The resistance to recognizing these realities – especially by those within the industry who are overly impressed by any shiny, new technology - is troubling since there is a difference between technology generated and accepted by the marketplace and technology plucked from the lab by government-backed consortia and presented to the citizenry via additional government backing and funding. It reminds me of the old Soviet Union with its massively funded technologies and five-year plans that never worked the way they were supposed to. There is trouble yet to come here, and at least some of it could be avoided if people within the industry would recognize the difference between market-based solutions and government-sponsored ones.

[Feedback on Chris Macks's news story GOVERNMENT’S ‘INTERNET2’ SEEN AS NEXT ‘NET BATTLEFIELD ...]

Jason T. takes aim at Mr. Mack’s perception of IPv6 as problematic in a letter excerpted below, along with Chris Mack’s answers and then again (the letter) verbatim.

Excerpted from Mr. Jason T.’s letter: IPv6 is intended to solve many of the problems with security on today's widely-used-but-very-out-of-date IPv4. Everything touting 'security' on today's North American networks is actually an add-on, a 'hack' if you will. No security features at all exist in the underlying protocols that make the network work.

Author’s answer: Nonetheless, the current Internet does provide a measure of security and privacy through a number of free-market applications, jury-rigged though they may be – as is often the case with software, and hardware – in the early 2000s. Technology is a tool, and has no morality by itself. What technology brings is change, and history repeatedly shows that the change it brings always benefits the people who are prepared for it and ahead of the curve.

Excerpted from Mr. Jason T.’s letter: Anything on the net today is encrypted by specific applications, and if you want your communication encrypted, you have to use applications that support it, have it properly configured, at both ends!

Author’s answer: Perhaps that is actually a good thing, as we explain below, next point.

Excerpted from Mr. Jason T.’s letter: In IPv6, it is easily possible to have everything encrypted, without ever having to configure anything, or run special applications, since it would all be done in the protocol, and this transparent to applications.

Author’s answer: This statement seems to be proposing standardized encryption at the network level – below the application level - between counterparties. Just who will be doing the configuration of such massively standardized encryption – Microsoft, the government, the military, an EU consortium? Today there is a market for encryption at the application level and people are aware of security issues. Will we rely on network level security, and stop building it at the application level, only to find we have no security? Remember, those who provide encryption standards will likely have a way to break it, wouldn’t they? Will we rely on Microsoft to implement all the security we need, or the government to regulate it? The government already regulates encryption algorithms that can be used, making sure that no one uses strong enough encryption that they can’t break. Today 128-bit encryption keys are the maximum length legally allowed, and in 1999, the DES crack challenge successfully broke 56-bit encryption in 22 hours.

Excerpted from Mr. Jason T.’s letter: Also, increasing the address pool is not only desired, but required, and also gives you a privacy bonus. If you equate evesdropping on the internet with tapping a phone line, then imagine a town with 4 phones that only can talk to each other, and all have direct lines ............ For the full article visit us @ www.FreeMarketNews.com

Speaking as someone in the networking business -- would it be fair for me to summarize that this huge alarmist article that no one will read carefully is basically complaining that IPv6 doesn't require you to use NAT?

In theory, IPv6 could be used exactly the same way as IPv4 is used today, in conjunction with privacy measures such as Network Address Translation (NAT) and Dynamic Host Configuration Protocol (DHCP).

Nice notion, only NAT and DHCP were never intended as privacy measures, they were band-aids to cover the festering inadequacies of the IPv4 protocol in the realm of scalability and management.

Let me restate my understanding of the article.

With the current IPv4, you trust someone to sell you a box that implements NAT software that blocks outside people from accessing your private machines. If you want outside people to access your stuff, you configure the NAT software to allow a specific connection to go through.

In the future, with IPv6, you will trust someone to sell you a box that implements firewall software tha blocks outside people from accessing your private machines. If you want outside people to access your stuff, you configure the firewall software to allow a specific connection to go through.

There is absolutely no interest among U.S. internet service providers in implementing IPv6. There are efforts in places like Japan and China to push it out, but they are going to take a long time. I wouldn't bet you'll see any significant deployment of IPv6 in the United States before 2010.

hmm i'll haveta read this one in deapth later.

I did my ccna about a year ago and it covered some prelim IPv6 stuff...as in what it is/for.

As i skimmed through it ( i didn't like the author's tone at the start of the article squealing about government conspiracy and what not) i noticed a claim that IPv4 was good for another 20 years or so...thats just not true.

NAT, sub-netting and all those goodies were fixes to expand the life of ipv4. I'm going to compare the ipv4 to the old memory structure of the dos machines...8086..286 ect when they said who would ever need more then 640kb of ram then they added Himem and xms and some other stuff to rig it to take more...now look at computers ram isn't considered when a project manager sits down to code a project. It's just too cheap and there is no reason to be thrifty.

I was fairly certain that we'd just about run out of class A address (to the point where the people who doll them out, which isn't the us feds won't give them to your average person) hurten on the class b's and low on class c's because there just aren't that many of them. So i dunno I'll check it out later when i have time to read

In a word: Hunh?

Your current IP address explicitly identifies you -- if ISPs wished to keep that many logs. Try sending something unpleasant to president@whitehouse.gov and see how long it takes the feds to visit with cattle prods.

The primary purpose of IPV6/NG is to create more potential IP addresses/concurrent connections.

cisco's been toolen around with ipv6 routers/switches since before last year so their ready to deploy. I'm sure they've even made nifty little black boxes that can go from ipv6 to ipv4 at some infinate cost ;)

A better technology than NAT and DHCP is a VPN (virtual private network). I would guess that it's use will increase with IPv6 and will take care of all of the problems this author foresees.

Haven't followed this issuse in a while, but it strikes me that if we each had our own IP address (guess we'd buy one?) we really wouldn't need an ISP. Could we connect right to the internet?
Also, are current routers equipped for the extended IP addresses?

Most PCs support IPv6 (Windows XP & Mac OS X all have native support. Most network gear supports IPv6 (e.g. routers), but only for software-based forwarding. Hardware-based forwarding is not yet available, meaning that while you can run IPv6 in a production network, you can't run it at the same scale as you can with IPv4. In addition, most firewalls, DHCP servers, mail servers, and other support servers aren't yet IPv6 capable.

The biggest obstacle to IPv6 deployment is that they haven't figure out yet how to allow folks to connect to multiple ISPs. There are still a lot of hurdles to overcome, and of course the biggest hurdle is that nobody has figure out how to make any money with it yet.

I'm reading it the same way as you are... this guy is afraid that switching technology to IPv6 will somehow do away with firewall devices. His misguided point seems to be that because there will be enough IP addresses that NAT and therefore private addressing will not be needed.
Obviously to the author(LOL), the only reason people buy firewalls is for NATing.

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.