Tag Archives: Marc Heuse

[Update] IPv6, Security, Future Near

The 27th Chaos Communication Congress – subtitled We Come In Peace had an excellent presentation on IPv6 by Marc Heuse, an expert in the field and creator of several tools to test IPv6 security.

IPv6 is the coming standard for intranets, the internet and most IT/IP interconnect equipment. It is quite different from the IPv4, which is currently in place in all of our network systems. The IPv4 protocols use the typical 4 octet system, e.g. 192.168.1.1 (taking 32 bits), while IPv6 uses 128 bit address of numbers and letters. The comparison is 232 v 3.4 x 1038 – the number is 340 undecillion unique addresses.

Other advantages include autoconfiguration of IP addresses and networking, a hierarchical address structure which reduces operational cost and several Integrated security features. 

As Mr. Heuse points out, all major operating systems and most modern routers already support IPv6, but it is turned off. For most intranet installations, IPv4 will probably continue to be sufficient and won’t need to be replaced by IPv6. But as with all new protocols, there are some advantages that might move manufacturers to use the system to uniquely identify equipment for communication security, or other features that are not available with IPv4. Therefore we need to stay abreast of its advantages and potential pitfalls. Especially when one of the current problems being worked out is security weaknesses in tunneling, when using IPv4 and IPv6 together (like that will ever happen!). And though it handles multicasting more securely than with IPv4, that area is also one that has some issues. 

The issues with security come from the standard’s original outline being laid out 15 years ago. It dealt with the security problems of the time. Recommended practices have been developed to upgrade the protocol’s implementaion, but there are many, and they aren’t always dealt with the same way by all manufacturers.

Notwithstanding this, IPv6 is being tested this month in a ‘live on the internet’ plug fest fashion. It will be rolled out in the coming months. The Youtube video that follows isn’t for everyone, but it should be for everyone who claims to be a professional in the entertainment technology field of digital cinema, as cinema is by its nature ‘unique addresses’, on the internet and very concerned with security.

This link points to a page that has several slide presentations on the subject:
27C3: Recent advances in IPv6 insecurities
Don’t miss this slide presentation: 
Recent Advances In IPv6 Insecurities

Side note before the 53 minute video, if you run across any interesting information in this field, or recommendations or comments by the technologists in the d-cinema field about IPv6, please forward it to the editor.

Other articles: 
Last of the IPv4 Addresses Allocated
Understand IPv6 Addresses

YouTube – [27C3] (en) Recent advances in IPv6 insecurities

{youtube}c7hq2q4jQYw{/youtube}