spoiler
Via https://radar.cloudflare.com/adoption-and-usage
Here is a different source with slightly different results https://www.6connect.com/blog/global-adoption-of-ipv6-top-ten-countries/
For fun you can comment your guesses first :)
Via https://radar.cloudflare.com/adoption-and-usage
Here is a different source with slightly different results https://www.6connect.com/blog/global-adoption-of-ipv6-top-ten-countries/
For fun you can comment your guesses first :)
Governments should require IPv6 support for any online service or connected device they buy. If that’s not a requirement for (sub)contractors, then they won’t put effort into it.
This kind of requirements might also exclude a lot of crappy devices/services that have an outdated tech stack.
A common requirement in government contracts is “there must be no IPv6 support, and if there is it must be verifiably disabled to decrease the size of the vulnerability surface.”
Many years ago, that misconfigured firewall that let IPv6 traffic through without even bothering to log it, resulting in a years-long compromise scared a lot of govvies, but unfortunately it taught them the wrong lesson.
Source: I’m a former Beltway Bandit.
The wrong lesson?
I’m not sure how reducing your attack surface area is the wrong lesson here.
The wrong lesson learned was, “don’t use IPv6.” Which has, to a large extent, hurt the uptake of IPv6 everywhere, because “if the government doesn’t use it, we’re not going to use it.” Rather than do something sensible, like enable the IPv6 functionality of the firewalls and configure them properly.
Imagine this:
You shot yourself in the foot (literally) due to sheer incompetence. How do you fix it?
Do you: (a) take shooting classes or (b) have your foot amputated so you can’t shoot it again
I think the right choice is clear.