Replying to Avatar DZC

"This would not happen in an IPV6 context, because the offended service can simply block traffic from the particular subnet. In other words, with IPV6 rather than NAT/ CGNAT, endpoints can distinguish different households and users"

That's the point: NAT allows "mixing users behind a common IP".

If you can not be distinguished from other users, that's privacy.
Avatar
Jivan Pal 1mo ago

You misunderstand my use of "distinguish" there. Even with IPv4, you can already be distinguished from other users when it comes to your identity/fingerprint, because such fingerprinting doesn't come from IP metadata, but from application-layer data. However, filtering based on this requires deeper packet inspection, which is more resource-intensive.

With IPv6, endpoints can distinguish your IP packets from those of other users/households based solely on the IP address. That doesn't increase or decrease your privacy in any way; they still don't know *who*, only *what*. The only thing an endpoint gains from this is the ability to more selectively block/filter packets based on IP address alone. That's good for both you and the endpoint, not bad.

In other words, you have no good reason to think that distinguishing household A from household B, whilst still not knowing anything more specific about A and B, such as their street addresses, is harmful to privacy. Or at least, so far, you have failed to convince me that this actually harms your privacy. Perhaps you could give a concrete example of where this would be the case?

Reply to this note

Please Login to reply.

Discussion

Avatar
DZC 1mo ago

Sorry, butI didn't misunderstand anything, in any case you didn't explain yourself properly. If you didn't want me to read it as "distinguish", maybe don't use that word.

And I also didn't failed to convince you of anything. I'm not trying to do that actually.

You are already completely convinced that you have the right opinion here.

I'm old enough to know that when people argue on the internet with the dedication that you're showing here, they don't want to be convinced, but they want to be right.

Anyway, if fingerprinting a device were enough, and knowing the final IP were of no use, there wouldn't be forcing the ISPs to keep one year of logs.

🫂

Avatar
Jivan Pal 1mo ago

"Distinguish" means "tell two things apart", e.g. one household from another. It doesn't mean "identify".

Fingerprinting is likewise a means of distinguishing, but not necessarily identifying. The need for law enforcement to identify is where the need for the logs arises.

I assure you that I don't care about whether I'm right, I just care about the reasoning and what the correct conclusion is. If being willing to engage in discussion about something comes across to you as wanting to be right, that's just your personal inference.