On Tue, Jul 8, 2008 at 3:13 PM, RJ Atkinson <[EMAIL PROTECTED]> wrote: > Earlier, Tony Li wrote: > % That's been widely discussed during > % the first iteration of GSE and pretty generally viewed > % as a Bad Idea. At the very least, there needs to be a > % mechanism to escape from the MAC address and jump > % to a separately assigned space. > > This concern is misplaced, and there is nothing magic > here about a MAC as the Identifier. Any Identifier > will have the same essential properties.
You are mistaken. As a former employee of comScore (the leading Internet measurement firm) I can assure you that the concern is most decidedly *NOT* misplaced. Furthermore, global publication of the MAC address also theoretically permits identification of the make, model and firmware revision of the NIC with a high probability of success. Coupled with an OS fingerprint, it offers identification of the exact running driver with a high probability of success. Both are useful knowledge when attempting to breach a system. > Traffic analysis techniques have been employed commercially > since at least the middle 1990s to track users -- even users > that change IP addresses often. I understand that such methods > continue to be used (and continue to be effective) by a number > of firms on the network. Note that these methods can track > "users", and are not limited to just tracking "nodes". This does not accurately describe the state of the art. I can't go into any detail without breaching a confidentiality agreement, but in IPv4 the ability to mass-discriminate an individual home PC's traffic day over day based on the contents of the network traffic alone is very limited. Regards, Bill Herrin P.S. Just to be clear: I found the folks at comScore to be -very- ethical in their behavior. Nothing I wrote here should be taken to suggest otherwise. -- William D. Herrin ................ [EMAIL PROTECTED] [EMAIL PROTECTED] 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004 -- to unsubscribe send a message to [EMAIL PROTECTED] with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
