desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #45725
[Bug 176125] Re: Ubuntu should activate the IPv6 privacy extension by default (echo 2 >/proc/sys/net/ipv6/conf/all/use_tempaddr)
** Changed in: network-manager (Ubuntu)
Assignee: (unassigned) => Mathieu Trudel-Lapierre (mathieu-tl)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/176125
Title:
Ubuntu should activate the IPv6 privacy extension by default (echo 2
>/proc/sys/net/ipv6/conf/all/use_tempaddr)
Status in “network-manager” package in Ubuntu:
Confirmed
Status in “procps” package in Ubuntu:
Confirmed
Bug description:
Binary package hint: procps
Some background information:
recently "Free ADSL", one of the biggest ISP in France, added IPv6 support possibly exposing 2.5 millions of users to IPv6
The address are configured automatically and by default linux will build it using the MAC address. However this presents a risk of privacy loss:
- there is an unique identifier which can be used by website to track the location of a laptop or pda
- some information about the model of the network card (other information can be probably derived if you know the serial number of the card) is leaked
The following rfc (http://tools.ietf.org/html/draft-ietf-ipngwg-temp-
addresses-v2-00) mitigitates this problems by introducing temporary
addresses to be used by outgoing connection (in addition to the static
address which can be used for incoming connection and have a dns name
associated with it).
To activate it under linux you just need to activate the following in sysctl:
echo 2 >/proc/sys/net/ipv6/conf/all/use_tempaddr
or add "net.ipv6.conf.all.use_tempaddr=2"
thanks for protecting the privacy of the clueless users by default :)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/176125/+subscriptions