IPv6 address leaking despite VPN?
Given that commands like ifconfig or ip address don't require root privileges, apps can access information about ip address. If you use ipv4, you are normally behind NAT and apps would get an address in the 192.168... range, which is not very valuable.
But one of the points about ipv6 is the absence of NAT. I imagine that when browsing the web, web applications don't have access to your file system, except the portions used by the browser.
But what if you run a non web application, it would still be able to get your real ipv6 address since it runs on your system.
Is this the case? And if so, how to protect against leaking?
Edit: I already run untrusted apps in a VM to sandbox, spoof strings etc. But IPv6 address still gives me away.
If I use NAT for IPv6 in a VM, it still allows for fingerprinting as not many people use NAT for IPv6.
One option is to disable it. I'm asking this question exactly to find out if it can be used safely. The IPv6 adoption rate is through the roof and we've already run out of Ipv4 addresses. Sure there's still ways to get it, but I imagine that in a few years there may be only IPv6 addresses available at your ISP. So yeah it's gonna be a ubiquitous technology that I'd like to use with VPN.
Edit 2: Okay, NAT6 is not much of a fingerprint since apps have much better ways to tag you. On a private network where you will use VPN, using NAT6 makes sense even though you lose the benefits of not using NAT.
