Tuesday, 5 November 2013

iOS7 uses IPv6 privacy address extensions

I got a curious warning from Google about a 'Suspicious sign in prevented' which turned out to be a connection over IPv6 from my iPhone to Gmail. I'm aware that I've been using IPv6 for a while now - it's been in iOS since iOS4 I think - so either Google has recently started warning people about changing IPv6 logins, or iOS7 has updated their implementation to include IPv6 privacy extensions (Specified in RFC4941). Either way it seems iOS7 is definitely using IPv6 privacy addressing (and possibly older versions of iOS also) which means that the IPv6 address of your iPhone/iPad will change over time and will not reflect the underlying Ethernet hardware MAC address (as it does for the basic stateless autoconfiguration).

It seems that privacy addressing is becoming the default as a number of OSes have adopted them (Linux, OSX, Windows) a while ago. Overall I think it's a good thing as I'm not sure I want my device to potentially be tracked by its hardware address (which is largely contained in a normal autoconfigured IPv6 address).