> There’s no way in which IPv6 is less private than IPv4

With IPv4 behind CGNAT you share an address with hundreds of other users. This won't protect you against a targeted subpoena, but tracking companies typically don't have this kind of power, so they have to resort to other fingerprinting options.

On the other hand, an IPv6 address is effectively a unique, and somewhat persistent, tracking ID, 48/56/64-bit long (ISP dependent), concatenated with some random garbage. And of course every advertiser, every tracking company and their dog know which part is random garbage; you are not going to fool anyone by rotating it with privacy extensions.

▲

kstrauser 5 hours ago | parent [-]

CGNAT is nowhere near the common case yet. And frankly, I’m horrified that anyone’s describing it as a good thing. CGNAT is the devil, even if it accidentally has one not-terrible feature, and especially when ISPs realize that they can sell those NAT logs to companies who still want to track end users.

For tracking purposes, an IPv6 address is 48 bits long. That’s what identifies a customer premise router, exactly like a IPv4 /32 identifies one. The remaining 80 random bits might as well be treated like longer source port numbers: they identify one particular connection but aren’t persistent and can’t map back to a particular device behind that router afterward.

▲

orangeboats an hour ago | parent [-]

>CGNAT is nowhere near the common case yet. And frankly, I’m horrified that anyone’s describing it as a good thing.

For some reason, "CGNAT == privacy" is a very common sentiment on Hacker News. Yeah, Hacker News. It's bewildering, and after my last comment [0] talking about it, I have kinda already given up trying to convince people that CGNAT is devilish and not at all a privacy protector.

[0]: https://news.ycombinator.com/item?id=40180058

	▲	kstrauser 33 minutes ago \| parent [-]
		It’s right up there with “NAT == security”, which is also disappointing for here. It’s not so much the sentiment, as how confidently it’s asserted.