Android-IPv6Config

Last updated on 2019-02-23

Executive summary

This project provides an Android application to configure some of the IPv6 kernel settings. Most importantly, it allows to automatically enable the “Privacy Extensions for Stateless Address Autoconfiguration in IPv6” as specified in IETF RFC4941 and implemented by the standard Linux kernel.

Download

The compiled application (Android APK) is now available from the Android Market and from F-Droid. Alternatively, you can install it from here.

Why address privacy?

With IPv6 as the next Internet Protocol, the default behavior on current Android systems is to derive IPv6 addresses from a so-called prefix that is automatically announced (broadcast) in a network that has been IPv6-enabled and the so-called suffix that includes the MAC address of the network card.
Including the MAC address in this automatically generated IPv6 addressing scheme means that, independently of the network a specific device connects to, the last 64 Bits of its IPv6 address will always remain the same. Even when moving between different networks, each device using this scheme is therefore uniquely identifieable by its suffix. This allows to easily track devices as they connect to different networks and whenever they use any network resources.

What does address privacy do?

When enabled, the RFC4941 extensions cause a device to generate dynamic IPv6 address with random suffixes and change these addresses randomly. This prevents tracking a device, as it is unlikely that it will use the same address again (and if so, then only by chance).

What does this application do?

This android application can be set to start at device bootup and automatically set the appropriate Linux kernel configuration option on all known network interfaces (WiFi and GPRS/UMTS, mostly) so that they will use randomly generated addresses instead of those derived from the device MAC address.

Android-IPv6Config after startup
IPv6Config after fetching global IPv6 address without privacy extensions enabled
IPv6Config after fetching global IPv6 address with privacy extensions enabled

What are the requirements?

This is only possible on rooted Android devices, because the kernel configuration options are only writable by the root user.

Isn’t rooting unsafe? What does this application really do?

Don’t just trust me. Please check the source code.

Tested devices and rooting applications/methods:

This application has been tested successfully on:

  • Google Nexus S GT-i9023 with Android 2.3.3 (rooted with Clockwork Recovery 3.0.0.0-crespo, then busybox installed with Busybox Installer app)
  • HTC Desire with Android 2.2 (unrevoked)
  • HTC Desire HD with Android 2.3 (Visionary+ r14)
  • Motorola Milestone with Cyanogenmod 7 rc3

IPv6Config will not currently work on:

  • Motorola Milestone with stock Android 2.1 (ip binary missing)
  • Samsung Galaxy Tab GT-P1000 (z4root) because the Samsung kernel has not been compiled with IPv6 address privacy extensions. (busybox also doesn’t link to the ip binary, but that could be worked around by calling “busybox ip” instead of “ip”.)

Source code

Full source code of this application can be downloaded from https://gitorious.org/android-ipv6config under the terms of the GNU General Public License version 3 unless indicated otherwise. The notable exception are all icons (designed by Doris Mayrhofer) contained in the res/drawable folder of the source code, which may not be used for modified versions of this application. Any modified program redistributed publicly needs to use different icons to be distinguishable from those versions released by the original author.

Donations or “Why should I pay for this application if it is open source?”

You don’t have to. There are two versions available in the Android Market thatI compile: one that can be installed for free and one version that will donate a small amount. Both versions are completely the same, and the free version is not restricted in any way. In fact, anybody can take the source code and compile and install the APK and even redistribute it as long as they conform to the terms of the GNU GPL version 3 (that is, the modified source code is redistributed as well) and use different application icons.

The donate version is in the market if you would like to donate to the further development of this and other applications. Luckily, I do not have to make a living with my applications, and therefore release all of them as open source. However, I do have infrastructure costs for my own server, which I use as a development resource and e.g. to support determining the globally visible IPv6 address in this application. If you wish to contribute towards these development costs, then please buy the donate version. If not, then just take the free one.

Android IPv6 Privacy Rooting Open source
René Mayrhofer
René Mayrhofer
Professor of Networks and Security & Director of Engineering at Android Platform Security; pacifist, privacy fan, recovering hypocrite; generally here to question and learn