5·
6 months agoI wouldn’t rely on the size of the address space to provide security. It’s possible to find hosts through methods other than brute force scanning. I remember seeing a talk from a conference (CCC? DEF CON? I can’t remember) where they were able to find hosts in government IPv6 address space (might have been DOD?) through stuff like certificate transparency logs and other DNS side channels.
Man, I need to go find that talk now…
Edit: I don’t think this is the one I saw previously but is in a similar vein: https://www.youtube.com/watch?v=AayifEqLbhI
Problem is, there’s an entire generation of users that have gotten super used to “discard changes” as a means of signalling “on second thought, don’t do anything”.