# Net privacy:  forcing ISP to allocate new DHCP address periodically?



## MMacD (Jan 31, 2020)

I have a lan guarded by a pfsense firewall box and connected to the inet via (currently) a fiber-optic gateway/router (I still call it a "modem").  The inet side has a DHCP IPV6 address assigned by the ISP.

Is there a simple way to get the ISP to change that ip address frequently enough so that anything trying to collect metadata will have a hard time?  I've noticed that even deadstarting the fiber-optic gateway doesn't seem to produce a new address.  If it matters, the ISP is V****** (I'd prefer not to risk raising the devil by naming it).


----------



## SirDice (Jan 31, 2020)

MMacD said:


> Is there a simple way to get the ISP to change that ip address frequently enough so that anything trying to collect metadata will have a hard time?


No, there isn't. And most ISPs are going to flat-out refuse.


----------



## MMacD (Jan 31, 2020)

The better privacy laws in Europe don't help with that?


----------



## SirDice (Jan 31, 2020)

In the Netherlands ISPs and hosting providers have to upload a list of IP addresses and which customer is assigned to it to the CIOT every 24 hours. Besides that, there are also various other data retention laws (local and European).

https://nl.wikipedia.org/wiki/CIOT (It's in Dutch though; can't find an English version of it)


----------



## obsigna (Jan 31, 2020)

If I want a new IP, I shutdown the modem for a longer period of time, apprx. 2 hours. After a short shutdown, it comes up with the old IP. I didn’t investigate this thoroughly, however, I guess, the necessary out time may be linked to the lease time.


----------



## MMacD (Jan 31, 2020)

Dank je wel.  Ik kan een beetje nederlands verstaan, maar I think I must be missing something because I can't quite understand what exactly is being anonymised.


----------



## SirDice (Jan 31, 2020)

MMacD said:


> maar I think I must be missing something because I can't quite understand what exactly is being anonymised.


The CIOT is probably the absolute opposite of anonymization. Law enforcement uses the database to find the individual (or company) that is linked to a specific IP address.


----------



## obsigna (Jan 31, 2020)

https://www.translatetheweb.com/?from=nl&to=en&a=https://nl.wikipedia.org/wiki/CIOT

Oh no, that's a disappointment. In Germany we thought for years, that the Dutch are the freest citizens in Europe.


----------



## SirDice (Jan 31, 2020)

obsigna said:


> In Germany we thought for years, that the Dutch are the freest citizens in Europe.


Germany has better and more strict privacy rules than the Dutch.


----------



## obsigna (Jan 31, 2020)

Just another prove for: _„Thinking is not the same as knowing.“_


----------



## Crivens (Jan 31, 2020)

SirDice said:


> Germany has better and more strict privacy rules than the Dutch.


Rules. Who is following rules? You have heard about the G10 rooms in the network nodes? Explicitly named after the article forbidding the very same?


----------



## ralphbsz (Jan 31, 2020)

MMacD said:


> ... to change that ip address frequently enough so that anything trying to collect metadata will have a hard time?


Who are you trying to protect against? Facebook? Sorry, but you are logged into your account when you use it. Web advertising? Then you also have to get rid of all your cookies, switch to a different browser, and changing your browsing behavior. For example, just the fact that you like to visit certain topics on the web is enough to put you into certain categories. Those people whose business is based on identifying browsing behavior know full well that IP addresses are fleeting. And if you are worried about law enforcement and spy agencies, you certainly won't be able to hide from a concerted effort on their part.


----------



## Alain De Vos (Jan 31, 2020)

I receive ,
inet6 2a02:... prefixlen 64 autoconf
inet6 2a02:... deprecated autoconf temporary
inet6 2a02:... prefixlen 64 autoconf temporary


----------



## MMacD (Feb 1, 2020)

ralphbsz said:


> Who are you trying to protect against? Facebook? Sorry, but you are logged into your account when you use it. Web advertising? Then you also have to get rid of all your cookies, switch to a different browser, and changing your browsing behavior. For example, just the fact that you like to visit certain topics on the web is enough to put you into certain categories. Those people whose business is based on identifying browsing behavior know full well that IP addresses are fleeting. And if you are worried about law enforcement and spy agencies, you certainly won't be able to hide from a concerted effort on their part.



I'd just like to stay as unidentifiable as possible.  Wouldn't you?  It's not for nothing that websites have almost all switched to secure-ish https.  The percentage of psychopaths is still the same as ever, but many who don't quite qualify for diagnosis, but are nevertheless psychopathic in their personality makeup, are emboldened by their ability to prey on others while remaining largely anonymous themselves.


----------



## getopt (Feb 1, 2020)

MMacD said:


> If it matters, the ISP is V****** (I'd prefer not to risk raising the devil by naming it).



If you regard your ISP (Vodafone?) as something like a "devil" I suggest to use high voltage airgaps.



MMacD said:


> psychopaths ... diagnosis ... psychopathic ... personality ... prey ...


The use of such words in IT context is not so common but is more likely to appear during weekends. Yeah, it's off-topic time. Popcorn, please!

On the other hand you could of course have a not so socialized tech talk about privacy and anonymity in the Internet. See the difference? Wording matters.


----------



## Phishfry (Feb 1, 2020)

While I sympathize with your  sediments this is a losing battle.
Here is what I have found. My ISP plan offers Dynamic IP's but in reality they are fixed IP's.
Upon further battling this (By releasing my WAN DHCP lease in OPNSense to no effect) I realized what the ISP is doing.
So with my ISP they seem to lock the IP to the router directly behind my modem.
Probably through the MAC address. The only way I have found around this is to disconnect the router from the modem for 3 days.
So a 72 hour DHCP lease tied to the router MAC.

There is another way to get new IP. I have several OPNSense routers that I can place behind the modem and each gets a different IP address.
(Because of different MAC addresses of each device)
This is not really any security technique but it is nice to know that you can get a different IP somehow.
Think of your IP as a phone number.
There is no way to stop robocalls. 'Do Not Call List' is a joke to these people.
Just like IP sniffers trying to guess your security posture.


----------



## ralphbsz (Feb 1, 2020)

MMacD said:


> I'd just like to stay as unidentifiable as possible.


But in this quest, you are wasting your time on something that has zero or very little benefit, considerable cost (to reliability and complexity), and may actually backfire (by doing highly unusual behavior, you might actually attract attention).



> Wouldn't you?


Yes and no. I understand that certain parts of live are simply public. For example, if you want to see the exact details of the building permit I used to finish our basement, that's completely public (as are most interactions with government agencies). My political activity (campaign donations, participation in official meetings) can be found in the published records. If you know my name, you can find out where I work and what I work on, by reading patents and scientific publications. There is absolutely no point trying to hide that. I use Facebook to communicate with friends, and I know that everything done there is public. That gives away some of my hobbies and friendships, but I make deliberate choices about what to post there and what to stay silent about. For example, if you know my name, it is very easy to find out what OS I use at home, and what I think about it ... that's all on this forum, where my username is a simple and unique abbreviation of my name. I don't worry about people knowing what OS is running at home, but I try to be careful that nobody knows the IP address or root password of that installation.

On the other hand, while I use the web, I try to restrict that to organizations that are at least reasonably trustworthy, where I have the choice. And I admit that both my ISP and the security agencies know everything I do, but I rely on the former being incompetent and uninterested, and the latter being unstoppable.

Your quest of trying to stay unidentifiable in public is a little bit like the Unabomber only running around with large sunglasses and a hooded sweatshirt.



> It's not for nothing that websites have almost all switched to secure-ish https.


That's not so much for privacy of their end users. Facebook and Google and Amazon still know exactly what you are doing on their web properties, even with https. It means that the ISP or a deliberate attacker can't snoop on the content of your communication, but they can still do traffic analysis. It has very little to do with being unidentifiable.


----------



## MMacD (Feb 1, 2020)

ralphbsz said:


> But in this quest, you are wasting your time on something that has zero or very little benefit, considerable cost (to reliability and complexity), and may actually backfire (by doing highly unusual behavior, you might actually attract attention).


Cost to reliability & complexity?  How so?  What more than a cron job would be required?



> That's not so much for privacy of their end users. Facebook and Google and Amazon still know exactly what you are doing on their web properties, even with https. It means that the ISP or a deliberate attacker can't snoop on the content of your communication, but they can still do traffic analysis. It has very little to do with being unidentifiable.


Perhaps I'm missing something.  The whole point of changing ip addresses, as with changing phone numbers (burner cell phones)  is to defeat traffic analysis.  Certainly those who are under legal suspicion and talk only with a few specific people aren't going to get much benefit unless both parties switch cell phones and physical locations on a common rota.  But for those who aren't doing anything governmentally surveillworthy, why wouldn't randomly changing ip addresses defeat the malicious who lack government power?

Of course, if the ip addresses are hooked to the MAC addresses, as Phishfry discovered, via some code wedged into the modem's firmware (or just running on the modem, if it's that smart) might increase the size of the problem, if the assignments were determined by a known algorithm.   But otherwise?


----------



## Phishfry (Feb 1, 2020)

Well your internet facing OPNSense WAN port will definitely have its MAC exposed to the ISP's equipment. Everything behind it should be isolated.


----------



## ralphbsz (Feb 2, 2020)

MMacD said:


> Cost to reliability & complexity?  How so?  What more than a cron job would be required?


You write the cron job. Then test it, fix any bugs, put it under source control, put the test harness under source control. Write an install script. Regularly check that it still works. Deal with when it breaks (it will, somewhat regularly). Regularly run the test harness. Reinstall after every OS reinstall, and perhaps after OS upgrades.

And what happens with long-running IP connections? What if you are ssh'ed into something when the IP address changes? Are you sure all your software that uses the link can do retries of the somewhat bizarre connection errors that happen when the IP address changes? How about session authentication?



> Perhaps I'm missing something.  The whole point of changing ip addresses, as with changing phone numbers (burner cell phones)  is to defeat traffic analysis.


Agree, some simple traffic analysis (IP address X spoke to Facebook and Yahoo, and then stopped) will get the benefit from your plan. But anyone who does intelligent traffic analysis will figure it out: IP address X was talking to Facebook and to the SMTP server at a.b.com every few seconds, then it suddenly stopped, and IP address Y started exactly the same pattern. Exactly an hour later IP address Y stopped, and IP address Z started. Done.

Plus: Those people who want to identify you (like ad providers) will do it independent of IP address anyway, they know that users change IP addresses regularly.


----------



## neel (Feb 2, 2020)

It depends on the ISP.

Many ISPs using DHCP allocate based on the MAC address. In this, change your MAC address when you want a new IP. If you want to automate this, just write a script which generates a random MAC address, pushes it to the config, and restart the connection.

If your ISP uses PPPoE, you can get away by just rebooting the router or restarting PPPoE session.

But if you want privacy, use Tor or a VPN. It's more private than any dynamic IP will be. Trackers are good at identifying a user despite IP changes (remember: mobile devices).

If you complain your IP changes too infrequently, I want a static IP on my broadband. In fact, I want a static subnet all to myself. I just wished the US ISPs were forced to share so I wouldn't have to pay business class prices for one.


----------



## gnath (Feb 2, 2020)

ralphbsz said:


> but I try to be careful that nobody knows the IP address or root password of that installation


 If it is open s... , let us know the tricks please.


----------



## ralphbsz (Feb 2, 2020)

Tricks? I simply don't make them public. For example, I won't post here that the IP address of my home server is 192.168.0.1, and the root password is 12345. The same password as for my luggage.


----------

