You literally wrote "Once device is identified all its past traffic is discernible." How is that compatible with devices changing their address every day?
you identify device each day, identity is X, daughter of Y on iPad. Once identified via data broker all its traffic is identifiable including torrents for example and porn websites, etc (say X goes to facebook with new address it now has real name)
Once identity is known for address X you know its traffic for the day, including past traffic for the day.
once address changes you do the whole identification again.
All these logs where address is identified goes to bucket X.
On addresses where you couldnt identify that day you put them in unknown bucket.
Once you have a profile of the network, you can do exclusion (Only 4 people in household, 3 active with known addresses, not X, one unknown address, you can assume its X)
Nobody bothers to do this kind of tracking because web browsers leak 100x more information by default anyway.
The “I don’t care if they track my household but it’s critical that Daddy’s activity not get disambiguated from my dealing daughter” is just not a valid reason to abandon the benefits of IPv6.
Please stop with this line of argument.
If you’re really desperate to ensure that the ads shown to your daughter are based on your porn viewing habits, then just set up IPv6 NAT.
> Nobody bothers to do this kind of tracking because web browsers leak 100x more information by default anyway.
That's a broad assumption, and I can assure you they will due to lower costs (no need to pay data broker if you already know target, no need for extra traffic, load, etc). Also due to better targetting you get better prices per ads served.
> just not a valid reason to abandon the benefits of IPv6
What are the benefits to allow each device its own address if I'm going to firewall them anyway?
> Please stop with this line of argument.
Why?, my concern is valid, all you've said so far is nobody cares. I disagree.
> If you’re really desperate to ensure that the ads shown to your daughter are based on your porn viewing habits, then just set up IPv6 NAT
That says a lot about yourself if you resort to this sort of snarky comments, I have no wish to continue this conversation.
Note: I said in another comment I have set up IPv6 NAT and it works great.
wait ... when you say nobody bothers ... that's a high bar. Most likely a ton of adtech companies are just drooling to use (or already are using) this type of correlation even if browsers leak more info.
> because web browsers leak 100x more information by default anyway.
I don’t quite feel convinced yet by this argument.
For example, one essential difference is that while it’s true that my web browser does have those leaks, I can be reasonably sure that it’s only leaking to specific hosts, i.e. the one I’m visiting and its embedded resources.
Tracking on the IP source address level, however, would be a whole other thing: that means that whoever happens to see the byte stream can now track who is visiting what. That includes, for example, my ISP, all large Internet exchanges, and anyone tapping into those.
> Nobody bothers to do this kind of tracking because web browsers leak 100x more information by default anyway.
If I told my security information officer "We don't protect against foreseeable threat X because we assume no one will bother to try X" she would not be very happy with me.
When a valid data concern has been expressed and described, putting your head in the sand is the incorrect response. I want IPv4 to die as much as the next person but at a minimum organizations such as hospitals and government installations will not accept that sort of outside visibility into their network.
