IPv6 and Tor Project Websites

by phobos | June 8, 2011

In February 2011, we enabled IPv6 access to the majority of our websites, such as decvnxytmk.oedi.net, trac.torproject.org, archive.torproject.org, media.torproject.org, gitweb.torproject.org, and check.torproject.org. We've seen a growing amount of ipv6 traffic going to www, gitweb, and archive since then.

However, this isn't what people think about, nor want to hear about, when thinking of Tor and IPv6. Nick posted our efforts on this front in late April. There is an opportunity for someone to make a big impact by helping us enable ipv6 in the tor codebase. We're keeping our thoughts in a draft proposal. We have more thoughts about supporting IPv6 exits written down in 2007.

If IPv6 is the future, protecting your privacy online should be part of that future. We're looking for help to make it happen.

Comments

Please note that the comment area below has been archived.

June 12, 2011

Permalink

IPv6 is a disaster for privacy since every household will get a COMPLETE /64 sub net! That means that your devices will be traceable over extended periods of time!

The Privacy Extensions don't help because they only randomize the last 64 bit but NOT the first 64 bit of any given IPv6 address.

IPv6 is a privacy disaster!

There is nothing in IPv6 that requires customers to get a static /64 subnet any more than there was anything in IPv4 that required them to get a dynamic /32 address. Most customers will probably get a dynamic /64 from the ISP's pool unless they explicitly ask for a permanent one, just like the current practice with IPv4 addresses.

On the other hand, many customers with 'dynamic' /32 addresses are actually getting pseudo-static ones, keeping the same address for weeks, at least when it comes to Swedish ISPs. Also, it is becoming easier and easier for different parties to subpoena ISPs for the identities of customers behind addresses, dynamic or not.

True privacy starts with a proxy, like e.g. TOR.