IPv6 Stateless Address Autoconfiguration is used for autoconfiguring addresses without a server in IPv6 networks. The autoconfiguration mechanism consists of choosing an address candidate and verifying its uniqueness with Duplicate Address Detection. The autoconfiguration mechanism has privacy issues which have been identified before. However, we show that the autoconfiguration mechanisms can be used as a covert channel. The covert channel is a serious threat for communication security and privacy if used by malicious third party IPv6 vendors or malware implementors. We present practical attacks for divulging sensitive information such as secret keys of encryption protocols using the covert channel and lower layer information. The scheme can also be used for very effective Big Brother type surveillance.