Le 03/04/2013 21:08, Doug Barton a écrit :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 04/03/2013 09:00 AM, Michael Richardson wrote: | So, I have a
question: how much privacy is actually contained in the | VIN or
indexed by the VIN? Given that it's printed on the windshield. |
Yes, it contains model, year and manufacturer of the car, but all of
| that information is also visible by looking at the vehicle.
There's orders of magnitude different in having to walk up to the
windshield of every car you're interested in vs. passively sniffing
IP traffic to discover VINs of thousands of cars in a go.
Automatic shooting (taking picture of) license plate is a common
practice in certain automatic law enforcement, and parking security.
The VIN being smaller than the plate may be just a matter of when higher
sensor resolutions become available. I would not be surprised to see
automated shooting of VIN in the future for various applications.
The VIN must remain visible. One of the privacy problems may lie in
that requirement per se. And, on the contrary, it could also be used to
securely produce a request of an IP service from the vehicle in line of
sight, when infrastructure is not available.
And dare I mention the big brother aspect of setting up roadside
monitors?
That possibility may already be there. It may be that 802.11p/DSRC/WAVE
sends periodic beacons unsecured out of the car, which may contain MAC
addresses. (I just suppose).
And what about son-of-google-street-view?
I suppose even the father-google-street-view may already have some
privacy concerns. Although it is obvious that the engineers went to
large efforts to anonymize faces and license plates, its application
still misses some points. I have seen a easily dateable picture of
StreetView with easily recognizable faces of law enforcement officer
and a person being fined. And pictures of intimate clothes out in the
air drying, invisible otherwise. I guess they collect these fun things
somewhere.
The privacy aspects of being able to reverse-map IP traffic to VINs
are staggering.
I remain unconvinced that there should be any special case in the
protocol for this, as I've yet to see an argument as to why ULAs are
not sufficient. I remain violently opposed to any protocol
definition that supports VIN <> IP address mapping.
Ok.
Alex
Doug
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux)
iQEcBAEBCAAGBQJRXH4vAAoJEFzGhvEaGryEkvAIAL72fEzKUqpLEcvdyh177Vla
dZov3A88iIMJuq6dE4xG7RzMSRG5ueFkelIB07jxo0TyXQmvvliS029RKeWlZed9
BhIMZwWw2AY2jQVnQTvT9pwZ+8KrY94s4q0YpVzdKsJKKhErvISKnzwn1qCtKFlv
7tsfSXcCq7E4WgcuQSxtUIyaTN/Psw27QVTrJ8PJTHlGTIzrkJrRIczjLJy0pHvv
Ekq9Bi/n/w65CQYn1zNume/goW0eUDk9rVHf/XopD5ugnRHW1gn6fkDxjDKc9Jc9
I1QU4nHhP82NiRiqS9xzgXUpMjm/+RCSHYPvAKCcTGdACBDtXUhd5QU9w4gJ3YA=
=EAHc -----END PGP SIGNATURE-----
--------------------------------------------------------------------
IETF IPv6 working group mailing list [email protected] Administrative
Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
