Maybe I missed an intermediate post or two, but is the assertion
here that IPv6 is more secure because it's impractical to scan such
a large number of possible host IP addresses? Sort of like zebra
camouflage--it's easy to see the herd, but hard to see a single
I didn't assert that it was more secure, rather that scanning as it works now, to collect the ip's of exploitable embedded or other devices is infeasible.
Miscreants will of course looks for other ways if they can't feasibly scan. The IETF is full of resource discovery mechanism work and there's no reason to expect that those selfsame mechanisms wouldn't be subverted to other ends. There's no point in conneccting a device to the internet if you can't find it or manange it.
As my firewall logs would testify though, host discovery throught probing is one of the low hanging fruit.