diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md
index c71857929..9597fc54b 100644
--- a/RELEASE-NOTES.md
+++ b/RELEASE-NOTES.md
@@ -1,38 +1,40 @@
 ZeroTier Release Notes
 ======
 
-# 2018-01-XX -- Version 1.2.6
+# 2018-04-12 -- Version 1.2.6
 
  * Features and Core Improvements
     * Path selection has been overhauled to improve path stability, simplify code, and prepare for multi-path and trunking in the next major release.
-    * This version introduces remote tracing for remote diagnostics. Network controllers can set a node (usually the controller itself) to receive remote tracing events from all members of the network or from select members. Events are only sent if they pertain to a given network for security reasons. These can be used to help remotely diagnose problems. In the future we'll be refining and enhancing this feature.
-    * Multicast replication can now be done by designated multicast replicators on a network (flagged as such at the controller) rather than by the sender. This offers a hub-and-spoke multicast replication topology that may be faster or more bandwidth efficient in certain cases. It's also attractive for use on networks with low powered devices that need to send multicast or where there are very large numbers of multicast recipients.
-    * Documentation fixes in network controller.
-    * Performance improvements in crypto and memory operations.
+    * This version introduces remote tracing for remote diagnostics. Network controllers can set a node (usually the controller itself) to receive remote tracing events from all members of the network or from select members. Events are only sent if they pertain to a given network for security reasons.
+    * Multicast replication can now be done by designated multicast replicators on a network (flagged as such at the controller) rather than by the sender. Most users won't want this, but it's useful for specialized use cases on hub-and-spoke networks and for low-power devices.
+    * Cryptographic performance improvements.
     * Multithreaded performance improvements throughout the code base, including the use of an inline lightweight spinlock for low-contention resources.
- * Bug fixes
+ * Bugs fixed
     * Disappearing routes on Mac (GitHub issue #600)
     * Route flapping and path instability in some dual-stack V4/V6 networks
     * Blacklist (in local.conf) doesn't work reliably (GitHub issue #656)
-    * Connection instabilities due to unsigned integer overflows in timing comparisons under high load on some multi-core systems
-    * Binaries don't run on some 32-bit ARM chips (build problem)
+    * Connection instabilities due to unsigned integer overflows in timing comparisons (use int64_t instead of uint64_t)
+    * Binaries don't run on some older or lower-end 32-bit ARM chips (build problem)
     * ARM NEON crypto code crashes (build problem)
     * Fixed some lock ordering issues revealed by "valgrind" tool
     * The "zerotier-idtool" command could not be accessed from "zerotier-one" via command line switch
-    * Leaking UDP sockets on some platforms when NAT-PMP is enabled
-    * Fixed a very very rare thread deadlock that seemed to only manifest on some systems
+    * Leaking sockets on some platforms when uPnP/NAT-PMP is enabled
+    * Fixed two very rare multithreading issues that were only observed on certain systems
  * Platform-Specific Changes
     * MacOS
-        * Installer now loads the kernel extension right away so that High Sierra users will see the prompt to authorize it. This is done in the "Security & Privacy" preference pane and must be done driectly on the console (not via remote desktop).
-        * About dialog in UI now actually contains something useful.
+        * Installer now loads the kernel extension right away so that High Sierra users will see the prompt to authorize it. This is done in the "Security & Privacy" preference pane and must be done driectly on the console (not via remote desktop). On High Sierra and newer kexts must be authorized at the console via security settings system preferences pane.
     * Windows
-        * The Windows installer should now install the driver without requiring a special prompt in most cases. This should make it easier for our packages to be accepted into and updated in the Chocolatey repository and should make it easier to perform remote installs.
-        * The Windows official packages are now signed with an EV certificate (with hardware key) from DigiCert for better security and fewer warnings in some cases.
-        * The Windows UI now contains a preview of features to more deeply integrate it with ZeroTier Central. You can enter a ZeroTier Central API key and join networks, etc. from the UI itself. We'll be expanding this in the future and possibly changing it, so this is just a test to see how users respond.
-        * The `zerotier-idtool` command should now work on Windows.
-        * Hopefully we've fixed all instances of the "Windows package will not uninstall" problem on Windows 10.
+        * The Windows installer should now install the driver without requiring a special prompt in most cases. This should make it easier for our packages to be accepted into and updated in the Chocolatey repository and should make it easier to perform remote installs across groups of machines using IT management and provisioning tools.
+        * The Windows official packages are now signed with an EV certificate (with hardware key).
+        * The Windows UI can now log into ZeroTier Central and join networks via the Central API.
+        * The `zerotier-idtool` command should now work on Windows without ugly hacks.
+        * Upgraded the installer version.
+        * Made a few changes to hopefully fix sporadic "will not uninstall" problems, though we cannot duplicate these issues ourselves.
     * Linux
-        * Devices are now named deterministically from a base32-encoded packed version of the network ID for newly joined networks. This makes device names longer but also makes them globally unique and canonical. Now a given network will always have the same device name on every Linux system. This makes a lot of devops, deployment, and scripting tasks easier since you can hard code device names by network and they will always work in things like iptables rules and routes. (It's been this way on FreeBSD since the beginning.)
+        * Device names are now generated deterministically based on network IDs for all newly joined networks.
+    * Android
+        * Multicast now works on Android in most cases! Android apps can send and receive multicast and subscribe to multicast group IPs. Note that in some cases the app must bind to the specific correct interface for this to work.
+        * IPv6 can be disabled in UI for cases where it causes problems.
 
 # 2017-04-20 -- Version 1.2.4
 
diff --git a/osdep/LinuxEthernetTap.cpp b/osdep/LinuxEthernetTap.cpp
index 6ef427449..06bbbadac 100644
--- a/osdep/LinuxEthernetTap.cpp
+++ b/osdep/LinuxEthernetTap.cpp
@@ -146,18 +146,21 @@ LinuxEthernetTap::LinuxEthernetTap(
 			OSUtils::ztsnprintf(procpath,sizeof(procpath),"/proc/sys/net/ipv4/conf/%s",ifr.ifr_name);
 		} while (stat(procpath,&sbuf) == 0); // try zt#++ until we find one that does not exist
 #else
-		char devno = 0;
+		uint64_t trial = 0; // incremented in the very unlikely event of a name collision with another network
 		do {
-			uint64_t tmp2[2];
-			tmp2[0] = Utils::hton(nwid);
-			tmp2[1] = 0;
-			char tmp3[17];
+			const uint64_t nwid40 = (nwid ^ (nwid >> 24)) + trial++;
+			uint8_t tmp2[5];
+			char tmp3[11];
+			tmp2[0] = (uint8_t)((nwid40 >> 32) & 0xff);
+			tmp2[1] = (uint8_t)((nwid40 >> 24) & 0xff);
+			tmp2[2] = (uint8_t)((nwid40 >> 16) & 0xff);
+			tmp2[3] = (uint8_t)((nwid40 >> 8) & 0xff);
+			tmp2[4] = (uint8_t)(nwid40 & 0xff);
 			tmp3[0] = 'z';
-			tmp3[1] = 't' + (devno++);
-			_base32_5_to_8(reinterpret_cast<const uint8_t *>(tmp2),tmp3 + 2);
-			_base32_5_to_8(reinterpret_cast<const uint8_t *>(tmp2) + 5,tmp3 + 10);
-			tmp3[15] = (char)0;
-			memcpy(ifr.ifr_name,tmp3,16);
+			tmp3[1] = 't';
+			_base32_5_to_8(tmp2,tmp3 + 2);
+			tmp3[10] = (char)0;
+			memcpy(ifr.ifr_name,tmp3,11);
 			OSUtils::ztsnprintf(procpath,sizeof(procpath),"/proc/sys/net/ipv4/conf/%s",ifr.ifr_name);
 		} while (stat(procpath,&sbuf) == 0);
 #endif
@@ -286,7 +289,7 @@ bool LinuxEthernetTap::addIpSyn(std::vector<InetAddress> ips)
 	if (cpid == 0) {
 		OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
 		setenv("PATH", "/sbin:/bin:/usr/sbin:/usr/bin", 1);
-		// We must know if there is at least (one) of each protocol version so we 
+		// We must know if there is at least (one) of each protocol version so we
 		// can properly enumerate address/netmask combinations in the ifcfg-dev file
 		for(int i=0; i<(int)ips.size(); i++) {
 			if (ips[i].isV4())
@@ -318,7 +321,7 @@ bool LinuxEthernetTap::addIpSyn(std::vector<InetAddress> ips)
 			if (ips[i].isV4())
 				::execlp("ip","ip","addr","add",ips[i].toString(iptmp),"broadcast",ips[i].broadcast().toIpString(iptmp2),"dev",_dev.c_str(),(const char *)0);
 			else
-				::execlp("ip","ip","addr","add",ips[i].toString(iptmp),"dev",_dev.c_str(),(const char *)0);			
+				::execlp("ip","ip","addr","add",ips[i].toString(iptmp),"dev",_dev.c_str(),(const char *)0);
 		}
 		::_exit(-1);
 	} else if (cpid > 0) {