Mac, Linux, Windows, FreeBSD variant (all at work. At home, Linux)
IOS (tablet), Android (phone)
Linux in my television, Tivo, and game console.
Whatever the heck RTOS runs my car, car's GPS, my work telephone, microwave, the badge-swipe system at work, and my work monitor (no, not joking. Darn thing can lock up, and has a boot screen)

That's all I'm coming up with on a daily basis.

Less often, ATMs, routers (Mostly linux), NAS devices, smart-switches (didn't seem like a linux box, but had some copyright lines in the packaging) and anything else with a UI more complex than a mechanical watch. Increasingly, EVERYTHING has an OS: I'm sure it won't be long until someone finds a reason to put a fancy UI on a charcoal grill; and then all future grills will have an OS.

Ok.

Our ISP gave us the subnet fd00:cafe:babe/64. I'll put the RA daemon and router on ::1, and use autoconf for the rest

That was easy.

and then once they've excavated what your MAC address is, telling your router to route traffic to your node is trivial.

Could you further explain this attack vector, cause I've not really understood it so far. The bad guy has your IP address. Exactly what is the additional harm in letting him know your MAC address?

I understand the issue of "probable iphone MAC => iphone specific vulnerabilities", but that doesn't seem to be what you're talking about here. (And really, that's not a significant barrier to the attacker anyway. You did something that let him see your IP address: the odds are quite good that he already could figure out your OS more reliably than using a MAC -> OS mapping)

Since my work laptop isn't allowed to join my "home" workgroup, there is no DNS which will work between by laptop and my machine

Huh? Um, exactly what's the DHCP server on that network there? Does that DHCP server advertise a DNS server? Can you modify the DNS server?

Alternately, can turn of the DHCP server on that wireless router that only does caching recursive DNS, and install a DNS server and DHCP server on your other computer, and run that?

And then, why again do you need to run your own DNS server anyway? Won't the people who give you the /64 take requests to add records? Or use one of the dynamic DNS protocols that allows you to register your IP? And I think there's yet another answer that involves anycast and autoconf...

Or maybe I'm just completely not understanding what you mean by "join my 'home' network".

IPv6 has some pretty good autoconf out of the box. You use RADVD to just announce services, you don't need any software managing IP addresses because the nodes will do that themselves. And when you want to use some service that isn't a pure client-server-http thing, the fact that each computer has a unique IP on that other side of the firewall is helpful. And for the most part, the "OMG, that's hard" retoric is horribly overblown. Get a /64. Configure a route-announce daemon (things your ISP can do for you). IPv6! Free!

Setting up a game, I was trying to debug a connection problem someone had, and sent them to a site that tells you IP addresses. A different friend went there, and discovered he had an IPv6 address. His ISP had provided it for him, and he had literately never known. It wasn't relevant. That's the experience you should expect.

Actually, I just recently did it. (with a Galaxy Nexus, not an iPhone, but that shouldn't be a huge difference). Now, I'm paying the same amount I would under contract. I was getting a break with T-Mobile though.

Just FYI, depending on exactly when in 2010 it was hacked, Verisign may not have been in the certificate business. Symantec purchased the business in May of 2010, and IIRC the operational transfer happened pretty quickly.

That "just" leaves the DNS system as a possible valid target. You know, the system that's probably more important than SSL.

(Yes, I know that my reply is missing the joke. I thought it was important to post anyway)

Verisign runs the top-level domain DNS servers for com, net, edu, cc, name, and a few other smaller ones. If you lookup gmail (ignoring caching), you have to ask Verisign-owned servers where the google DNS servers are, so you can ask those servers what the gmail IP address is. For the security of the internet: it's pretty important.

Until late 2010, Verisign also ran the dominant SSL business. That red circle with the black digitized check at the bottom of your bank's web page? Yeah, that. The SSL business was sold to Symantec, are are trying to slowly rebrand. For the security of the internet, SSL is also kinda important.

So google's doing it wrong? So is Yahoo? They shouldn't have so many computers? How about Amazon? Supercomputers are all doing it wrong?

It's called "running a successful service at internet scale". And it's a really good gig if you can get it