How to avoid exposing my MAC address when using IPv6?
Problem
On my Macs, each IPv6 address includes the MAC address of a specific computer (not of my router). Sites such as ipv6-test.com not only show it, but even tell me it belongs to an Apple computer. This feels like a super cookie, and might apply to other operating systems as well. How can I avoid my MAC addresses from being exposed? Background: the MAC address is not in plain sight. Like for : Take the last 64 bits (the host identifier) and add leading zeroes: . Strip the part from the middle. If these bytes are not there, then there's no MAC address. For the first byte: complement the second low-order bit (the universal/local bit; if the bit is a 1, make it 0, and if it is a 0, make it 1). So: (00000000) becomes (00000010). Presto: translates back to MAC address . Note: since macOS 10.12 Sierra, according to Ars Technica Apple has adopted a new way of generating stable addresses that are not based on a MAC address, which Windows apparently had already been doing for years. This question …
Error Output
2001:0db8:1:2:60:8ff:fe52:f9d8
Unverified for your environment
Select your OS to check compatibility.
1 Fix
Fix for: How to avoid exposing my MAC address when using IPv6?
This is solved by two extensions to IPv6: RFC 4941 aka "Privacy Addressing" lets outbound connections use temporary, randomly generated addresses (which are rotated every few hours). RFC 7217 allows the primary, static address to be generated from an opaque hash which does not reveal any information. At least one but increasingly both methods are supported by popular operating systems. Note that these features are orthogonal. You can use both at the same time, if you want to. Stable private add…
Awaiting Verification
Be the first to verify this fix
Sign in to verify this fix