On Mon, 2010-12-06 at 20:55 -0500, Bob McConnell wrote: > David wrote: > > Folks > > I have been following the IPV6 comments. > > What concerns me with the loss of NAT are the following issues > > 3) When I connect my IPV6 refrigerator with its automatic inventory > > system tracking every RFID-enabled carrot I use, won't I be making my > > shopping habits visible to all those annoying advertisers? Or, in > > other words, am I compromising my privacy? Actually, although such > > dissemination of information can be blocked by a correctly designed > > firewall, I suspect the "Free IPv6 DSL Modem and Router, Sponsored by > > <your-favorite-commercial-site>" that comes with your ISP contract, > > would err on the side of promiscuity. > Why yes, yes you are giving up some of your privacy. And unless you have > the time and are willing and able to learn how to configure firewalls > for each device and application you use, or have the money to pay > someone else you trust to do it for you, there is very little to protect > you from the rest of the world. > I just finished reviewing my firewall logs for last week. There are > 127MiB with ipmon reports of rejected connection attempts. That's > actually on the low side for any seven day period. I have some weeks > that are half again that much. Somebody out there is pounding on that > firewall pretty hard, trying to break in. I'm certain they don't have my > best interests at heart. Most of the ports attacked are linked to well > known services and worms on one particular OS, which I don't happen to > have running on my network. But this log tells me that it is important > to make it as difficult as possible for whomever is knocking on the > door. I don't see that IPv6 helps improve that protection. In fact, it > appears to eliminate some of the protection I have now. It does *NOT* help with that situation; nobody credible says it does. It also does *NOT* "eliminate some of the protection I have now". You apparently *believe* that NAT is about "protection" You are wrong. NAT [at best, and not really] adds obfuscation to the source / destination. Obfuscation is not security.