Now that the IPv4 address pool is depleted and the IPocalypse is at hand, wrinkles are emerging in IPv6. One of the wrinkles is with mobile devices. Most of the cool mobiles devices have been able to handle IPv6 for a while. Apple’s (AAPL) iPhones, iPads and iPods have been capable of handling IPv6 Since version 4 of the iOS operating system and most Google (GOOG) Android devices have been capable since version 2.1. H Security is reporting that these mobile operating systems send information about their users to the network.
A device on an IPv6 network usually determines half of their address (the “interface identifier”) themselves, but H Security says that smartphones are sloppy with this task. According to the article, the smartphones simply add the same two bytes to their globally unique MAC address and use it as their identifier. As a result, they transfer a unique hardware ID whenever they communicate with an IPv6-enabled server.
The basic problem isn’t an IPv6 issue because there are other methods for generating the address. The article says that a device can generate a random interface identifier and replace it on a regular basis. This is called Privacy Extensions method and is the factory-set option in Windows; it can also be enabled in other operating systems. The article points out that devices running Apple’s iOS or Android offer neither the option to enable Privacy Extensions nor the option to disable IPv6, anyone who uses an affected device on an IPv6-enabled wireless network will send their ID.
The only thing the smartphones are lacking is a control option in the user interface, as the Privacy Extensions do come as part of their kernel. For instance, on a (jailbroken) iOS 4 device with root access, they can be enabled with the same command that enables them on a desktop device running Mac OS X:
sysctl -w net.inet6.ip6.use_tempaddr=1
The blog claims the problem is only affecting a small number of users because IPv6 is not yet in widespread use. However, more ISPs plan to offer IPv6 in addition to the old IPv4 in the future. In addition, there are routers like the Cisco (CSCO) Linksys E3000, which will, automatically set up an IPv6 connection via a 6to4 conversion when their internet access is purely IPv4.
The author concludes that the issue is particularly sensitive because such devices tend to be used by one specific person. As a result, the MAC address, which is accessible to any server operator and network monitor, allows this user to be identified.
If this sounds familiar, it is I wrote about mobile apps uploading UDID’s here.