Sad News For IPv6

Tuesday, April 17th, 2007

On IRC I was pointed to this very interesting, and kind of depressing, article about the IPv6 security issue on Airport routers.

As someone who’s done a lot of work on an IM client fighting NATs and firewalls, IPv6 was often alluded to as a future utopia where everything would be perfect, and we wouldn’t have to deal with UPnP or NAT-PMP or ICE or STUN — it was our version of relaxing in a hammock on a tropical island.

Now, we’re stuck in, basically, the same boat. We might be able to uniquely identify a host, but if we both can’t punch through the NAT we’re still dead in the water.

What’s most unbelievable to me, though, is the suggestion by Fred Baker, of Cisco, at the end of the article. Sorry, mucking around with your router’s configuration is far too advanced for someone just trying to send files over an Instant Messenger. It’s a horrible solution, and if anyone who thinks otherwise has got quite the reality check coming their way. Although, Cisco does makes its money on training courses teaching you how to configure your braindead router that should Just Work, so it’s not all that surprising a suggestion, really.

I wonder we’ll ever get to that island with the hammock. Right now, looks like we’re going to crash into a reef first.