„IPv4 was implemented in 1981, the Internet has grown dramatically, and there are no more available IPv4 addresses – Get Your Network Ready for IPv6 – The last block of IPv4 addresses have been allocated, and it’s time to get your network ready. OpenDNS now supports IPv6 addresses — meaning that, by using the OpenDNS Sandbox, you’ll be able to resolve your DNS using IPv6 DNS servers.“ (src)

You can test if you are using IPv6 like this: http://www.kame.net/kame-mosaic.html

Like that – view your publicly visible IPv4 and IPv6 address: https://www.wieistmeineip.de/

If i am understanding correctly – the idea behind IPv6 is not ONLY to allow more addresses & devices to be connected directly to the Internet – they also want to get rid of NAT.

NAT = Network Address Translation means – the only address visible from „outside“ „the Internet“ „the hacker“ „the FBI and CIA agent“ is your router’s.

They have ways to guess how many devices are connected to your router – and yes they are also logging and profiling user activity like „ah this router connects often to porn site X with browser Y and operating system Z“ (so it must be the same guy) – but they do not have the possibility to track down activity to a single device.

Therefore if you up or download copyright protected material – they can not tell what device – behind the NAT-router – is doing it – basically not being able to persecute it – if multiple people are in the same subnet – using the same DSL-NAT-router.

This could change with IPv6 – because IPv6 wants to get rid of NAT – for exactly those reasons – to better track, hunt down and persecute – YOU! and your digital activity – not only to the household but to the actual person – „brave new mass surveillance and mass manipulation world“.

Carrier-grade NAT has been proposed as an approach for mitigating IPv4 address exhaustion.[1]

Critics of carrier-grade NAT argue the following aspects:

  • Like any form of NAT, it breaks the end-to-end principle.[2]
  • It has significant security, scalability, and reliability problems, by virtue of being stateful.
  • It makes record-keeping for law-enforcement operations more difficult, except if the translation of the addresses is logged.
  • It makes it impossible to host services.
  • It does not solve the IPv4 address exhaustion problem when a public IP address is needed, such as in web hosting.
    • seriously – WHO is HOSTING a WEBSERVICE like a WEBSERVER on an IPHONE? and wants to access that FROM THE INTERNET???

I would argue against that:

  • NAT works like a firewall, it protects your devices from outside hacking and viruses
    • especially if you use the filtered OpenDNS server in your nat-capable-router
      • which blocks servers of (NSA and CIA) hackers as soon as they become known sources for viruses

src: https://en.wikipedia.org/wiki/Carrier-grade_NAT

=== IPv6Ping of Youtube.Com via LandLine ===
@DebianWorkstation:~$ ping6 youtube.com
PING youtube.com(ham02s12-in-x0e.1e100.net) 56 data bytes
64 bytes from ham02s12-in-x0e.1e100.net: icmp_seq=1 ttl=56 time=53.9 ms
64 bytes from ham02s12-in-x0e.1e100.net: icmp_seq=2 ttl=56 time=54.7 ms

=== IPv4Ping of Youtube.Com via MobilePhone ===
@DebianWorkstation:~$ ping youtube.com
PING youtube.com (172.217.23.174) 56(84) bytes of data.
64 bytes from fra15s22-in-f14.1e100.net (172.217.23.174): icmp_seq=1 ttl=49 time=402 ms
64 bytes from fra15s22-in-f14.1e100.net (172.217.23.174): icmp_seq=2 ttl=49 time=396 ms
64 bytes from fra15s22-in-f14.1e100.net (172.217.23.174): icmp_seq=3 ttl=49 time=399 ms

PS: The ms don’t say a thing – because IPv4 was done via MobilePhone = substantial slower and higher latency.

Why the FBI wants IPv6: It’s better for tracking criminals

There are plenty of reasons to like or hate Network Address Translation.

Network administrators like it because it provides a way to eke out small pools of IP addresses and allows them to hide portions of their networks from the public Internet. Engineers hate it because it breaks the end-to-end nature of the Internet by separating users from their address.

The FBI hates it because it stops them from gathering data from Internet service providers about their customers.

“If we are going to capture the bad guys, it goes back to attribution,” the ability to associate an individual’s online activity with a specific address, said supervisory special agent Robert Flaim.


Related coverage:

IPv6 traffic shoots up on World Launch Day; dot-gov domains join in

Turn on IPv6, get attacked by malware


But when carriers put hundreds of customers behind a single public IP address using Carrier Grade NAT, the link is broken and it becomes difficult or impossible to identify the activities of an individual.

Carriers are required to provide police with records of user activity under court order, but if the records do not exist, the police are out of luck.

“We’re already seeing this,” Flaim said June 6 at a conference on government IPv6 sponsored by the Digital Government Institute.

This seems to be „a new thing“ – or at least – there is not even a Wikipedia article about them: https://en.wikipedia.org/wiki/DGI

“We are serving them subpoenas and they have nothing to provide us.”

The FBI formed the Law Enforcement CGN Working Group in June 2011 to address this problem, said Flaim, who chairs the group. There are some workarounds that could help, but the ultimate answer is adoption of IPv6, which will provide enough Internet addresses to allow every user and every device to have its own address, he said.

IPv6 is the next generation of Internet Protocols, the rules that specify how networked devices communicate and interoperate on the Internet. The IPv6 address space is exponentially larger than that in the current version, IPv4, which is running out of new addresses as the growth of the Internet accelerates. Adoption of IPv6 has begun, but is moving slowly because, for the time being at least, using the new addresses requires operating and maintaining a separate network on top of existing IPv4 infrastructure.

The CGN working group wants to see the adoption of IPv6 proceed more quickly, before carriers spend millions of dollars on a Carrier Grade NAT infrastructure that would likely remain in place for decades once the investment is made.

Network Address Translation allows multiple users on a network to share a single IP address behind a device that translates the public IP address to a private network address. It has long been used by enterprises to extend their pool of addresses. But as the pool of unallocated IPv4 addresses dries up, Carrier Grade or Large Scale NAT is being seen as a tool for carriers and network providers to put off the transition to IPv6.

Nearly everyone agrees that the transition is inevitable because the addition of new customers will increasingly come with IPv6 addresses. In an effort to jump-start the transition, the Internet Society sponsored IPv6 Launch Day June 6 to encourage networks, service providers and content providers to make the transition.

The law enforcement working group has held five meetings in its first year, and has scheduled another for July. “We’re gaining a lot of momentum,” Flaim said, with state and local law enforcement agencies from the United States as well as foreign agencies working, along with carriers and equipment providers, to explore ways around the CGN roadblock until IPv6 replaces the need for translation.

“They are going to have to start logging a lot more,” Flaim said. The working group is developing applications to identify and log user information for lawful intercept purposes. But this is no simple solution. Logging intercept data can generate petabytes of data that have to be stored and managed, requiring significant investments by carriers, and not all servers and applications support logging by default. And unlike Europe, the United States has no data retention laws specifying how data is to be gathered and handled. On top of these difficulties, the collection and retention of such information also raises serious privacy issues.

“It’s a very touchy issue,” Flaim said.

Even wholesale adoption of IPv6 will not completely solve the problem because users still would be able to use anonymous proxy servers to hide or obscure activities.

“A criminal can always find a way around anything,” Flaim said. “What we are trying to do is eliminate most of the problems, but there are always ways around it.”

About the Author

William Jackson is a Maryland-based freelance writer.

src: https://gcn.com/articles/2012/06/07/fbi-wants-ipv6-hard-to-track-ipv4-with-nat.aspx

admin