Album

It’s really hard to not have a unique fingerprint in a casual browsing experience. Even with minimising techniques because some of that will make you stand out and so the easiest way is to look like the crowd. You only need a few pieces of low entropy information to make you stand out. Spoofing is detectable and so can be discarded when generating the fingerprint.

Tor browser plus ubo is going to be your least fingerprintable route.

After that I’d say Firefox with arkenfox’s user.js plus ubo.

You can get Fennec + arkenfox on Android which is Mull Browser.

Arkenfox uses the RFP feature you enabled plus some other things like letterboxing so your monitor resolution doesn’t give you away.

If you’re not using tor you need VPN or your IP is going to give you away.

I suggest reading the arkenfox wiki for more info.

Try mull.

It’s Fennec plus arkenfox.

Yea, prolly already using it.

Layer 8!

I thankfully have never had the misfortune of cgnat

Yeah dropping Nat is the biggest net benefit I agree but I think the avg person won’t really find that much value in it when Nat works ok

Your prefix can change yes but the recommendation is that it shouldn’t in practice. You’ll find ISPs doing it right will extend your PD lease infinitely unless you release it for a long enough period of time. Similar to ipv4.

The privacy is similar to ipv4 also. All your traffic on ipv4 looks like it’s coming from your WAN IP… Your PD is in this sense equivalent (though not literally equivalent for all the pedants reading) to your WAN IP.

It’s honestly super simple to set up. Outside of your ISP config it’s almost all autoconfig. 100% of the complication (at least for me) comes from knowing ipv4 first for 20 years and then trying to incorrectly map those concepts to V6.

As soon as I “let go” it was fine.

There’s not a huge net benefit you’re right. I mostly wanted to learn and I hope to be at the front edge of disabling ipv4 in the near distant future.

I agree with this but I would say the prefix is the only thing you should focus on.

It’s important that ISPs don’t regularly rotate your PD and it’s part of the rfc recommendations that they don’t. And the remainder of the prefix is your vlan space that is as important for VLAN routing as always.

Ipv6 requires fundamental rethinking about how addressing is done. If you’re trying to apply v4 concepts to V6 you likely end up running into something they intentionally designed out.

A unique local address is an address space where you could do that. It’s the equivalent to RFC1918 eg. 172/192/10. So you could statically assign fd0::x, and that is expected, but not required generally.

I wouldn’t give each device a static unique global address unless they need to be accessed via wan without domain consistently. You lose device privacy really quickly that way because every device gets a unique globally routable address. It’s fine for internet facing services but most Linux, Windows, and mobile implementations are using ipv6 privacy extensions by default to ensure you get a random GUA every day.

My network is dual stack and I connect mostly over ipv6 to all my internal clients using internal DNS. If my internal DNS is ever down I can fall back to ipv4 or it’s basically the one box on my network with an easy to remember ULA.

Super cool!!

https://www.google.com/intl/en/ipv6/statistics.html

Globally it’s at about 47% and growing at about 4% per year. If the rate remains unchanged it’ll be about a decade for >95%.

But the reality of it is, you don’t need global adoption out of the box. You just need majority adoption in the countries you visit, which for me are western countries (north America and Europe) which now have a majority adoption.

Most of China can’t reach Google so the reporting is off anyway. But in 2023 the govt mandated ipv6 support to all carriers and manufacturers.

https://www.theregister.com/2023/10/17/china_networking_hardware/

IPvFoo

https://addons.mozilla.org/en-US/firefox/addon/ipvfoo/

There is a chrome version too.

You think an asus, linksys, netgear,etc doesnt handle ipv6???

Do you have an example? Because it works great on openwrt, dd-wrt, pfsense, opnsense, unifi, mikrotik…and then if you’re using the isp equipment it works out of the box.

Honestly this isn’t even true anymore. Most major ISPs have implemented dual stack now. The customer doesn’t know or care because it’s done at the CPE for them.

I use a browser extension which tells me if the site I’m at is 6 or 4 or mixed. In 2024 most major sites support V6. A lot of this is due to CDN supporting it natively.

The fact that GitHub doesn’t is quickly becoming the exception.

Chmod +t

And then chown root

If the LIBRARIAN doesn’t understand this as a service the library offers - then they don’t offer it - or if you think they’re wrong you need to have an adult conversation that they do and that it should be ok. It’s weird to just assume you can go around sticking your cat5e into other peoples ethernet ports like that.

It’s kind of all that matters though. We don’t need to trust her - we need her acceptance of the act for which she is the gatekeeper of. If we don’t have it - trust over what she said is irrelevant since we don’t even have the basic trust over the act.