Letting machines connect directly to each other in any context, and especially in the context of an online game, is a massive security and privacy risk.
No. Please stop spreading this nonsense that NAT is solution for security and privacy. NAT was solution for getting systems online without increasing address space. It served that well. Now it needs to die.
If you have security issues that is because you failed to configure your firewall properly. Besides Internet was always supposed to work the way IPv6 would allow.
All the major firewalls have GUIs. But try this with some of your non tech family, and tell me how difficult it was. Then imagine this on a global scale. Then imagine how many people are gonna disable said firewall to allow them to play some game or because something asked them too.
Not all games use p2p for matches. Fortnite is the easiest example of one that’s not. Hell, games are not even built the same way anymore and what you think is a server is in reality a cluster of AWS services.
You mean without? Well you're wrong. It's not a security concern at all. Allowing anyone from the outside to connect to any port they want is a security concern, simply because there's a lot of insecure software people run that doesn't account for malicious connections. However, allowing a user to intentionally let a piece of software listen for outside connections is in no way insecure.
> However, allowing a user to intentionally let a piece of software listen for outside connections is in no way insecure.
It is. Considering the kernel access often given to multiplayer games for anti cheat, and the abysmal attention to security and ability to write secure code by the average application developer, letting Internet randos send arbitrary instructions directly to your machine may not be the best idea.
If the software is executing "arbitrary instructions" from remote sources, then its a malicious piece of software, or so horribly negligent to amount to the same thing. So I don't agree that direct connections are the problem - the badly written software is the problem.
No, "a user" in my sentence is intended to mean a human. Its very possible to program software to require human approval for connections. Also, if malicious software is already running, then it will be able to make connections to remote servers that it wants, no need for it to passively listen. IPv6 does not make this problem worse.
It’s not nonsense though. The implementation of NAT literally implies a stateful firewall.
I want ipv4 dead as well but to bury your head in the sand and pretend NAT doesn’t offer the protections it does only hurts your argument.
> Besides Internet was always supposed to work the way IPv6 would allow.
Yep, but the real world - where all of the unpatched IoT devices are running - has NAT at basically every home protecting devices from unsolicited connections.
NAT doesn't imply stateful firewall at all. NAT is literally just rewriting IP addresses on incoming/outgoing packets. I could have a single machine behind a middlebox, and the middlebox could just rewrite the IP source/destination of egress/ingress packets, and that would be NAT - and I'd still be able to successfully receive incoming packets from the big bad web. In fact, you can do this without the middlebox using an iptables MASQUERADE rule.
But even then, the added security of a stateful firewall as provided by a router is dubious. You know what else has a "stateful firewall"? Your kernel's TCP/IP stack. It isn't gonna accept random connections from the Internet unless there is an application actively listening to a port and accepting packets. And I trust the Linux/NT/BSD kernel to be more secure with ensuring that than a binary firmware blob from a router manufacturer.
Sorry, you’re very confused about the NAT that is widely deployed. It’s absolutely not 1:1 NAT because that buys effectively nothing from a scaling perspective.
> But even then, the added security of a stateful firewall as provided by a router is dubious. You know what else has a "stateful firewall"? Your kernel's TCP/IP stack. It isn't gonna accept random connections from the Internet unless there is an application actively listening to a port and accepting packets.
That’s the fucking problem. All kinds of vulnerable/misconfigured software just binds to 0.0.0.0:<whatever> and calls it good. My fridge does this, my washer does this, my TV does this. This is the world of IoT.
> And I trust the Linux/NT/BSD kernel to be more secure with ensuring that than a binary firmware blob from a router manufacturer
It’s not, it takes a single API call to have a program start listening because that’s the entire job of the kernel. You have to configure a firewall on top of it to make sure vulnerable software isn’t exposed to the internet.
The kind of NAT that's widely deployed doesn't act as a firewall though. It buys you nothing from a security perspective. It's entirely possible to connect inwards over a NATing router unless there's also an additional firewall configured.
Stateful NAT does imply state tracking, which is a major component needed to implement a stateful firewall, but it is not itself a stateful firewall.
"Beware of appeals to the 'real world'; and to what it supposedly demands. It is always an invitation to leave unchallenged the speaker's tacit assumptions."
Not demands. It’s just the reality of where we are. People who claim everything will improve by allowing p2p connections by default are woefully out of touch with the shit show that is IoT.
The IoT shitshow is never going to improve, if IoT device makers can't be made to stop offloading the cost of their laziness and bad systems thinking onto a network layer that was never intended, and is poorly suited, to be the ne plus ultra of device security.
NAT is not security. If some people need a relay because gamers commit harassment that can used on top of IPv6. Everyone else can connect directly to lower latency.
Still you are revealing your IP address to the other parties, which will be more than happy to DoS you to force you to disconnect, exploit 0-days in the game networking code to crash your game or get your private info, know where you are located by IP geolocation...
The idea of P2P in competitive videogames strikes me as absolutely insane
When using NAT, you're revealing the IP address of your router. I don't know about you, but I don't have so many devices running on my home network that would drown out what I'm doing.
With NAT, you can still receive DoS attacks, still have your game networking exploited, and still be geolocated. The only remotely security-related benefit is that instead of your ports being exposed to the wild internet, they're exposed to your router which is more of a side-effect rather than an actual benefit. Its not a reason to not bother having a firewall.
"The idea of P2P in competitive videogames strikes me as absolutely insane"
What's insane, is the idea that you want me to use and pay for some crappy AWS server that spies on my data instead of directly connecting to my friend using my own equipment
Well, have fun guessing 2^64 possibilities. YouTube lists even private videos "secured" using 11 BASE64 characters (66 bits in theory, but they seem to use just 64 bits). You can watch Tom Scott explain it: https://www.youtube.com/watch?v=gocwRvLhDf8
CG-NAT doesn't really prevent geolocation. Better services will still pin-point you to the nearest city. There are perhaps easier ways to get your private info or your money - phishing and ransomware seem to be still very popular. Don't have to hack games that only relatively few people have. It is more profitable to attack a bigger market or more wealthy institutions or companies in foreign countries. Also, if you hack the central game server, you will have a lot more victims... Choose your poison.
I guess, there are no games or other software that cannot be audited in high security installations. At home, having a work computer and a game computer (or a VM with GPU pass through or whatever) might be a safer choice in any case independent of IPv4 or IPv6 usage or the quality of your firewall.
Getting rid of NAT doesn't mean that you have to let every machine connect to every other machine. It just means that if you choose to let machines connect, they can do so without their packets needing to be rewritten.
If you have security issues that is because you failed to configure your firewall properly. Besides Internet was always supposed to work the way IPv6 would allow.