@brettglass In that case, obviously you do not know what their devices support or do not support. Regardless, devices that do not support IPv6 are not damaged by a running DHCPv6 server.
There is, surprisingly, some truth to this statement from ISP operator Brett Glass.
Some consumer routers do not have proper firewalls, and allow remote access to their web administration interface. However, most consumer devices do not allow this, and are "okay".
@JohnMH_Jr @EFFFalcon @EFF Both of those statements are correct. NAT has protected our users from many infections and attacks, and most of their routers and other devices, to this day, are IPv4-only.
@brettglass Unless you provide your end users with the routers they have (in which case, you should update the software so that they may use IPv6, and the point is void), I would be very worried for user security that you know more than the vendor of their routers.
@brettglass As an experienced embedded systems designer, we would hope that you would follow modern standards and practices, both for IPv6 connectivity, and for user security.
Of course, most consumer devices sold after 2012 do have IPv6 support, and, even if they don't, DHCPv6 would not harm them in any way. They would simply not be able to get IPv6 addresses.
@JohnMH_Jr @EFFFalcon @EFF BitTorrent was designed primarily for piracy, and secondarily to shift bandwidth costs to ISPs without paying them for hosting. In both cases, ISPs are within their rights to throttle it or block it altogether.
We present NetSpectre: A remote Spectre attack without attacker-controlled code on the victim, and the first Spectre attack which works without the cache as covert channel. misc0110.net/web/files/nets… /cc @lavados@mlqxyz