Slashdot Mirror
MIT Technology Review Slams IPv6
PCM2 writes "In the MIT Technology Review, Simson Garfinkel, noted author of Internet security books, writes that "the next version of the Internet Protocol, IPv6, will supply the world with addresses by the trillions. Too bad it will also make the Net slower and less secure." His article goes on to explain that all IPv6 code is untested and therefore insecure; that IPv6 makes encourages 'peer-to-peer based copyright violation systems'; and of course, that the switch is never going to happen anyway (and yet, somehow, the United States is 'falling behind')."
MIT is one of the great hogs of current IP addresses, maybe if issues like this were addressed no knew system would be neccesary.
vampirical
Well sure the ipv6 code isn't as tested as ipv4 and might be insecure at first... But did that stop the internet from being built on ipv4? It's a stupid argument against upgrading to a new technology.
Cthulhu Saves.
These problems go away when every computer on the Internet really does have its own IP address--something that's impossible today with IPv4, but which is the raison d'etre for IPv6. In a world with IPv6 and without NAT, every computer in my house has its own unique IP address on the public Internet. That means my desktop can open up a peer-to-peer connection with my desktop at work, but it also means that my daughter can network her machine directly with some teenybopper P2P network in San Jose. Getting everybody's home machine out from being a NAT box should make possible a lot of interesting applications that are either very difficult or downright impossible today. And in all likelihood, some of those applications will not be popular with the Recording Industry Association of America or the Motion Picture Association of America, both of which have taken the lead against peer-to-peer networks. As soon as they understand what a threat IPv6 is to their police actions, they are likely to start fighting against.
It's hard to be religious when certain people are never incinerated by bolts of lightning.
Your statement that 'no routers have it' is quite simply a pile of rubbish; Cisco, Juniper, Foundry, and Nortel routers all support IPv6 in at least one version of code, if not multiple versions.
If by 'routers' you mean Linksys, Belkin, or D-Link, you really need to redefine your concept of the word.
IPv6 makes encourages 'peer-to-peer based copyright violation systems'
That sounds like a plus to me.
Karma: It's all a bunch of tree-huggin' hippy crap!
Maybe I read the wrong article, but I don't think he said that at all. The gist of the article is this:
1) I will define 'IP' for you now
2) This is why we need more Internet addresses (something above and beyond IPv4)
3) One problem with IPv6 is that no one uses it now. So the best thing to do is to make dual v4/v6 machines. But then you can never make v6 only because someone will always have v4. (wtf? 'we can never adopt v6 because we have not yet adopted v6'?)
4) NAT is super evil because its security is "a mirage"
5) The RIAA and MPAA will probably hate IPv6 because people can connect to each other more
6) IPv6 will only be introduced in the US when a government supplier wants it
I think that timothy must've posted this without reading the article itself -- or I've read the wrong article -- but the article author _NEVER_ says 'untested and therefore insecure', only talks about the increase in p2p applications as 'interesting' and likely to be opposed by the *AA, and the problems posed by inertia in the US as opposed to adoption in Asia.
NOWHERE does he slam IPv6 - he seems rather happy about it, in fact.
We recently had heard in the office over one of the Yellow Machine that's made by Anthology Solutions.
"It will be the biggest, the most drastic, and the most comprehensive change to the underlying structure of the Internet in more than 20 years. "
I'd love that thought applied to space.. It's so confusing, and hard to do, we should tuck our tail between our legs and run! This change will happen one router at a time.. correct me if I'm wrong.. but I do believe IPv4 addresses will coexist with IPv6. And lets face it.. for the most part, this will be done my highly experienced techs at the ISPs, and filter down to very experienced end users at business. Dialup and High Speed users could use IPv4 for ages sitting behind their ISP's big gateways.
"The deployment of IPv6--the sixth version of the Internet Protocol--will be a massive undertaking that will require the reconfiguration of more than 100 million computers."
It's not like this will happen over night.. and one day all the end users (hi mom) will have to become IPv6 Gurus. Once again, we're back to.. It's hard.. lets run away.
"But when the IPv6 rollout is finally done, not all the effects will be positive"
Argh.. this guy bugs me.. He seems to totally forget about the evolution of software.. Of course it'll be slow at the beginning.. then some company like Nortel will put it all into a hightech ASIC chip.. and we'll leave IPv4 in the dust. For each of his arguements.. there's a swell counter arguement, that's never far from reach.
Faz
-=-Ze End-=-
Quote: "Put another way, the switchover will result in roughly 5,000 addresses for every square micrometer of the Earth's surface. There are so many IPv6 addresses that humanity will never run out of them--never, ever."
I bet they said that when IPv4 was invented.
This sig is in Spanish when you're not looking....
That's absolutly not true. IPv6 info @ Cisco. I quote: "In May 2003, the availability of Cisco IOS 12.3 Mainline that integrates the IPv6 feature set from 12.2(15)T enables production deployment for all Cisco based networks." Obviously routers have it. Linux has it as well, so its certainly not a MS only thing.
The problem with IPv6 isn't software or hardware -- it's politics and money. Theres no benefit to service providers to update their IPv4 setup to do IPv6 because they'd have to find some way to still talk to the "normal" IPv4 internet (because, really, who wants to get on an ISP that isn't on the internet?). Additionally, many many ISP's charge a premium on extra IP addresses. What makes you think that they want to ditch that income so you and I can each address our refrigerator from the supermarket to see how much milk is left?
Actually, many backbones have switched to IPv6 because ROUTING is FASTER on IPv6 than IPv4.
On this simple fact I assume that the author of this article just don't know what he is talking about. As for security and as for NAT (which is less secure than he even thinks it is, as a protection).
IPv4 has seen many, many security issues in the *recent* past btw (ISN Prediction anyone ? Spoof with any ip)
He also forgot that there are tunnels from ipv4 to ipv6 and from ipv6 to ipv4, effectivly adding compatibility. If someone is stuck with ipv4 somewhere on the globe, np, he setup a tunnel to ipv6 and none is stuck. Damn FUD, I say.
refs:
IPv6 FAQ
Routing
(IPv6 has less headers => faster routing
(Better QoS => more efficient network
(etc.)
Once upon a time, the entire internet was shut down for a day or so to switch over to IPV4. We survived. I suspect we would survive the switchover to IPV6, especially since it won't require a complete shutdown. It will be a lot like the current situation for VGA monitors; nobody really worries too much about the folks still running 640x480 anymore. Likewise, when IPV6 starts to take over, people will gradually switch over until a critical mass develops, after which the rest of the world will follow very quickly. Then after a while, most of the world will stop catering to anybody still running V4. That doesn't mean that everybody will switch then, but the ones that don't will simply pay the price in inconvenience.
I didn't really follow the assertion that V6 would be less secure -- I expect that any such problem will be quickly fixed, and probably long before the majority of folks actually make the switch. As for the timing, I don't think it will be as long as Mr. Weekly says. I think that 2005 is a reasonable prediction for V6 reaching critical mass.
--
Insurance for H1-Bs: http://www.H1Bins.com
Healthcare for the uninsurable: http://www.AFFHC.com
Medigap insurance information: http://medigap.supremesite.net
Concealed Handgun License Courses in Plano, Texas
Getting everybody's home machine out from being a NAT box should make possible a lot of interesting applications that are either very difficult or downright impossible today. And in all likelihood, some of those applications will not be popular with the Recording Industry Association of America or the Motion Picture Association of America, both of which have taken the lead against peer-to-peer networks. As soon as they understand what a threat IPv6 is to their police actions, they are likely to start fighting against.
I have no strong opinions on the technical merits of IPv6 but I want to address the above statement, and the (IMHO) wrongheaded mentality behind it.
Why should the fact that these monopolistic groups oppose new, useful technologies, lead anyone to the conclusion that those technologies should be abandoned? Shouldn't we rather abolish the MPAA and RIAA?
When the light bulb was invented, did anyone argue we should abandon it because the candlestick industry would oppose it?
The truth is that new digital technologies are making "content" businesses like those represented by the *AA's obsolete. There is no benefit to society to engage in costly, counterproductive and futile "wars" against P2P and other useful new technologies in the name of enforcing "intelectual property" laws created in a different era that now benefit only special interests and not the public interest.
Yea, sure, if they plan on keeping track of all the bathrooms.
Don't worry, having IPV4 addresses as a sub-block of IPV6 addresses, dual IPV4/IPV6 hosts, and IPV6 protocol encapsulation was such a good idea that the designers of the IPV6 protocol decided to use it.
::203.131.45.99)
They even made it simple! If my IPV4 address is 203.131.45.99 my IPV6 address will be 0:0:0:0:0:0:203.131.45.99 (there's even an abbreviated notation for a V6 address which would just be
The likelyhood is that the migration to V6 isn't proceeding as fast as possible for political and financial reasons rather than technical ones.
Yes, even then.
Let's assume every single one of the 100 billion stars in the galaxy is inhabited, and each star has a population of 10 trillion humans in orbit around it, and each human has 1 billion devices that need IP addresses. In that case, only 1/340,282nd of the possible 128-bit IPv6 addresses would need to be assigned.
"Five is RIGHT OUT!"
IIRC, MIT has a class B IP range, meaning it has 255^3, or 16,581,375 IP addresses. while China and South Korea--with a combined population of more than 1.3 billion--have been allocated 38.5 million and 23.6 million respectively. Does that sound unfair to anyone? MIT having 6139 students, plus faculty and staff, compared to China having over 1 billion people. China as a whole barely has over twice what MIT has in IP allocation, while having 160,000 times more people. I believe this is a biased, pointless article, written by a moron who does not realize the enormity of what he's saying. Many Asian countries are literally running out of IP addresses, and he's complaining about "lack of security", and thinks that no routers support IPv6 (Pretty much ALL Cisco routers support IPv6 flawlessly.) This man does not know what he's talking about.
got sig?
I have IPv6 from my ISP. Its enabled by default for every one of their clients, and has been for more than 2 years. Most of the other small providers in Europe are now offering it standard, and I have talked with one large telco who will be trialing it this year, for a rollout before a big marketing push in September.
/48 block of IPv6 at home. All my machines speak it, Solaris, Mac, Windoze, BSD, cisco, Nokia, Ericsson. My firewall filters both IPv4 and IPv6 with no problem, the rulesets are quite similar. With autodiscovery, router advertisements, and all the other cool protocols built into the IPv6 specs, adding a new machine means it just works.
But as the whingey Garfinkel points out, the U.S. is very much behind the curve in IPv6 rollouts. Typical corporate american incompetence.
As for routers, all real routers have it. It takes more effort today to get a cisco router without IPv6, because all the machines being delivered recently come with a version of IOS which has IPv6 installed. Just waiting for a Cisco Certified Button Pusher to configure it correctly, and bob's your uncle.
I have my own
While typing this response, I ran some statistics on web servers I manage. Approximately 5% of the traffic was IPv6 during the month of December, up from about 2% last June. That means that 5% of the PCs out there have IPv6 enabled, connected to an ISP offering IPv6, and are using an IPv6 capable browser like mozilla or IE6.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
The motive will be that IPv4 will be increasingly a second-class citizen in a world where IPv6 co-exists.
Mine neither. So I'm planning to use the well documented 6to4 system which allows anyone with a routable IPv4 address, preferably static, to start IPv6ing. You don't need to shut-off IPv4 when migrating to IPv6. Indeed, 6on4 which you diss as "defeating the purposes" demonstrates that fact by its very existance. We're not going to have a sudden changeover, one protocol is going to be phased in as another is phased out. Even now, I suspect a sizable chunk of people could be migrated to IPv6 right away: simple Web and email users can do so for example as everything they need to do can be accessed via proxies and servers provided by the ISP. Absolute hogwash. While IPv6 is not an extention of IPv4, it is specifically designed to co-exist with IPv4. You can assign both IPv4 and IPv6 addresses to your interfaces in all the implementations I've seen, and routing is done on the basis of the IP address you use (use an IPv4 address, and your connection will be via the IPv4 network, use an IPv6 address, and your connection will be via the IPv6 network.)You are not alone. This is not normal. None of this is normal.