On Mon, 2010-12-06 at 18:28 -0500, Bob McConnell wrote: > > IPv6 is not broken by design. NAT was implemented to extend the time > > until IPv4 exhaustion. A side effect was hiding the internal IPv4 > > address, which complicates a number of protocols like FTP and SIP. The > > only downside I see is ISPs could try and charge based on the number > > of IPv6 addresses being used. > No, the downside is that each address used will be exposed to the world. False. That is *NOT* a downside. NAT is *NOT* a magic sauce - install a firewall [which you probably already have]. Problem solved. > I consider that a serious security flaw. It is not. > Having my ISP know how many > computers I have is a minor issue covered by the contract I have with > them. So you want to cheap on the legal contract you agreed to? > But having all of those addresses exposed to Russian mobsters, > terrorists, crackers and everyone else that knows how to capture packets > is another matter altogether. If IPv6 exposes that information to the > world, it is definitely unsafe to use. The "Russian mobsters" can already do that; if you think NAT is protecting you from that then you are mistaken.