Should I Disable IPv6?

Discussion in 'privacy technology' started by lucygrl, Jan 7, 2014.

Thread Status:
Not open for further replies.
  1. lucygrl

    lucygrl Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    202
    Should I Disable IPv6 in Linux and Firefox?
     
  2. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    599
    Yes you should disable IPv6 because IPv6 is nothing more than surveillance tool for the government.
     
  3. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    :rolleyes: As IPv4 still carries the majority of internet traffic IPv6 wouldn't be the best choice as a spy tool. Break out the tin hats.
     
  4. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,340
    Location:
    Québec, Canada
    Proof of that?
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    It's clear that we'll need IPv6 to keep the Internet working.

    However, IPv6 addresses by default incorporate hardware MAC addresses, and that's a very bad thing for privacy in two ways. Few if any VPN services route IPv6, and so IPv6 traffic on your physical NIC may leak information about your online activity. And even if VPNs route IPv6, it's leaking your hardware MAC address.

    For now, it's best to disable IPv6 in all possible ways, until you understand how to manage it to protect your privacy.
     
  6. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    599
    mirimir is correct. IPv6 is really terrible for privacy and you should definitely disable it to protect your privacy.
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Last edited: Jan 7, 2014
  8. lucygrl

    lucygrl Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    202
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Good :)

    No, don't do that.

    If you do, you will have no network connection.

    But eventually, once IPv6 is fully implemented, you could disable IPv4.
     
  10. kronckew

    kronckew Registered Member

    Joined:
    Aug 27, 2006
    Posts:
    455
    Location:
    CSA Consulate, Glos., UK
    my ISP (BT) has not got ipv6 enabled yet, so it's also not enabled in my router. ipv6 is thus not required for my internet use. ipv4 IS, and thus must remain enabled.

    ipv6 IS required for win7/8 homegroups if you have such a lan enabled in your home.

    up to you if you want to disable it. try it and see what breaks. re-enable it if needed. you won't gain much by disabling.
     
  11. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    599
    I think IPv6 renders Tor useless, because your Mac address is sent over to the websites you are visiting. And your Mac address is directly tied to your real identity, assuming you bought the computer with a credit card.

    Any laptop you purchase with a credit card is going to have your real identity attached to it. It works like this..

    Your credit/your real identity<----->Your laptop<----->Your Mac address<---->Web site you are visiting

    Your real identity/credit card are tied directly to the laptop and your mac address. And the website you are visiting sees your mac address, which is tied to your real identity. And since a website can see your mac address, they can know your real identity (i.e. John Smith) visited a certain site.

    Don't use IPv6 if you want to maintain your privacy and anonymity online!
     
  12. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    How do you do this in Firefox?
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    You don't do that in a browser.

    You do that in the OS's network setup. Search and you'll find instructions for your OS.
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    That's generally good advice.

    However, consider a VM that has never seen the Internet except through some particular arrangement of VPNs and Tor. Its MAC address and IPv6 address are unique. However, that's OK as long as you always use that VM with that particular arrangement of VPNs and Tor, and only for activities that you don't mind being associated.
     
  15. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    How to disable IP version 6 or its specific components in Windows

    http://support.microsoft.com/kb/929852



    We do not recommend disabling IPv6. However, if you must disable IPv6 or components of
    IPv6, follow the steps in this article. For more information about why we do not recommend
    disabling IPv6, see the "What are Microsoft's recommendations about disabling IPv6?"
    question in the following article:

    http://technet.microsoft.com/en-us/network/cc987595.aspx#


    Microsoft also provides a supported IPv6 protocol stack for Windows Server 2003, Windows XP
    with Service Pack 1 (SP1) or later, and Windows CE .NET 4.1 or later. However, these
    operating systems have very limited IPv6 support for built-in applications and system
    services and are not recommended for an IPv6 deployment.
     
  16. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    Hi ComputersRock,

    It is not only whether you bought your computer with a credit card that associates your identity with your default mac address, but when you sign up with almost any ISP that does the same, and do not consistently spoof the mac address prior to enabling your network connection when using your computer. Even in that case, the ISP when it supplies you a router and sets it up for your computer gains access to your computer's mac address through the router.

    -- Tom
     
  17. DoctorPC

    DoctorPC Banned

    Joined:
    Jan 9, 2014
    Posts:
    813
    Whatever happened to IPv6? Dead in the water (mostly);
    http://www.networkworld.com/news/2014/021714-ipv4-278692.html?page=2

    Anyway, disable IPv6, and the tunneling WORM Teredo in MS;

    Start:CMD, then Ctrl-Shift-Enter to enter CMD as admin.

    Enter the commands;

    netsh int ipv6 isatap set state disabled
    netsh int ipv6 6to4 set state disabled
    netsh interface teredo set state disabled

    Go into network, device, then uncheck all but IPv4.

    Services.msc, then stop+disable IPHELPER service.

    Why?

    http://tools.ietf.org/html/draft-iet...ty-concerns-02
    This analysis uncovered some security concerns associated with Teredo which are not documented in the Teredo specification. This document discloses these additional concerns and includes any recommendations where relevant. IPv6 traffic tunneled with Teredo will not receive the intended level of inspection or policy application by network-based security devices, unless the devices are specifically Teredo aware and capable. This reduces defense in depth and may cause security gaps. This applies to all network-located devices and to end-host based firewalls whose existing hooking mechanism(s) would not show them the IP packet stream after the Teredo client does decapsulation.


    IPv6 raises privacy concerns;

    Another oft-heard IPv6 concern is how it might be exploited for online behavioral tracking, as practiced by online advertisers who rely on cookies and sometimes quasi-legal, persistent tracking technologies. Given the relatively low level of IPv6 deployment so far, however, it's too soon to know the answer to that question. In fact, the same can be said for IPv6 and virtually any related privacy concern. "Much will depend upon how IPv6-enabled networks are ultimately designed and deployed," said Arbor's Cerveney.

    Defcon WP - IPv6 is bad for your privacy;
    http://www.defcon.org/images/defcon-...ndqvist-WP.pdf
     
  18. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    I assume this works without causing any issues? There is no internet connectivity anywhere I am for IPv6 anyway. It does seem to speed things up a bit to disable it all. I'll probably disable it on all machines if for no other reason than that.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    In order to be "anonymous" once IPv6 is required, it will probably be necessary to 1) use VMs with carefully crafted static IPv6 addresses, and 2) use VPN services that don't leak local IPv6 addresses. I gather that the Tor Project is planning to support IPv6. At this point, that's about all that I can say coherently ;)
     
  20. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Sounds like a mark of the beast in the book of reveleations :rolleyes:

    Yes better disable IPv6 as long as we can.
     
  21. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126
    Can you still the internet :confused:
     
  22. justfyi

    justfyi Registered Member

    Joined:
    May 8, 2014
    Posts:
    1
    Privacy in IPv6 was addressed a long time ago in RFC 4941. Windows 7 and 8 use a temporary address instead of the EUI-64 standard, Linux distros will probably vary. Addresses created using EUI-64 can be quickly identified by the "FFFE" squeezed into the middle of the interface portion of your address.

    You can always just use DHCPv6 or static addresses as well. I will be using static so I can spell stuff with my addresses, like FE80::DEAD/64 or FE80::ACE/64.
     
  23. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    OK, cool. I'll just use made-up static addresses in my VMs :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.