280 posts • joined 11 Jan 2008
Re: US is right, unluckily it can't sustain its position after the NSA debacle.
Yes it can, assuming the people at the other side of the table are capable of holding two ideas in their head at the same time:
1. USA was wrong to let the NSA act illegally.
2. USA is right to argue against governmental control of the Internet.
Idea 1 is of course a very strong argument in support of idea 2.
Re: The difference is not traffic priority....
The trouble is, that quote from RFC 791 has been obsolete since RFC 2474 in 1998. That RFC is called "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers" and its whole point is indeed what Huawei says: give different types of traffic a service level that suits that traffic. And it isn't about precedence (or priority) - it's about delivering an audio stream with low jitter while competing with a background download, for example. And yes, horror of horrors, some services might cost more than others.
Re: Wait a sec, that's Geneva
When they are outside WIPO's site they are subject to Swiss law, except in the course of their duties as international civil servants. otoh, the Geneva police are always very careful when dealing with internationals, because they know where Geneva's bread and butter comes from. What is more important is whether WIPO is indeed riding roughshod over their staff's rights, and that's very hard to judge from outside. For the staff to appeal directly to the member states is par for the course.
btw most NGOs in Geneva are *not* tax-exempt. The UN treaty organisations and CERN are generally tax-exempt, so that the tax payers of other countries do not effectively subsidise the tax payers of Geneva. Salaries are supposed to be calculated allowing for the absence of income tax.
Excellent! What else is there to say?
Re: They are probably right
Especially since allegation was that the taps are in Auckland and at a location north of Auckland, whereas the S Cross cables enter the water at two different locations. Who wants to tap the whole fibre anyway? A few DAGs in the equipment racks are what you need.
However, the PM's defence that NZ doesn't have the capability of analysing a tap rings true. Most likely the relevant taps are at the other ends of the cables. That they exist somewhere is pretty much obvious.
Yes, you could be wrong...
> if this happens i can see IPv6 never taking off
I think you're wrong for 2 reasons:
1) IPv6 has actually taken off in the last year or so. Just because you don't see it on *your* screen doesn't mean it's not there and growing fast.
2) NDN is a completely different and *much* more radical change; it won't have any impact on the need for ever more layer 3 addresses, and if it takes off outside the academic world (which is a *big* if) it will co-exist with the non-NDN network for, at a conservative guess, 25 years or more. By which time you will either be using IPv6 or runnning everything via 4 layers of NAT44.
Don't misunderstand me; I think NDN is a very cool design (and not even remotely comparable to OSI) but it's too radical a change to have an easy start.
Re: Could he consider
On the other hand, if Cam Slater was in the UK, we wouldn't have to deal with his biased selection of stories here. The whole thing is quite funny though: a left-wing conspiracy (alleged) outing a right-wing conspiracy (alleged) using (alleged) hacked emails, tweets and FB postings. The good news for the (alleged) left-wing conspiracy is that in the last few days, the Teflon (TM) coating on the Prime Minister John Key has been visibly flaking. The election might even be interesting as a result.
Please justify your statements with facts
"The US has recently asserted their control over the .com .org and .net domains in several court cases."
Can you please give specific citations to prove this statement?
"So I don't see ICANN's role changing much."
Since NTIA has specifically said that it wants to drop its existing contract with ICANN next year, there is certainly a good chance of significant change in ICANN's chain of accountability. And its role is mainly independent of its agreement with NTIA anyway.
"There are also agreements in place which guarantee continued US government involvement."
Again, please give specific citations.
Re: Call me naive, but ...
It certainly means you're grabbing data from an ARP cache, a neighbour discovery cache, or something in the DSLAM etc. In other words you are poking around much closer to the target machine than the normal Snowden-style snooping. Or it means that they have no idea what they're talking about....
Thank the Democrats
"This still leaves us with plenty of room to argue about state or planned involvement in basic technology, in the funding and finding of inventions. These can be helpful, but we crucially need to have that market bit as well: we might be able to do without the state part in invention but we simply cannot do without the market part in innovation."
The reason there's a market in this case is because the US Govt, in the shape of the Clinton Administration, notably V.P. Al Gore and Ira Magaziner, took explicit steps to open the Internet up as a competitive space in 1995. It didn't happen spontaneously or by chance. The "state part" was essential. (And if the web hadn't come along when it did, some other form of information infrastructure would have filled the same role. Technology details aren't really essential.)
A derivative work is a version that has been *changed* in some way, and the person who makes the changes can claim copyright in the changes, but not in the derivative work as a whole. When you licence your next novel, make sure you forbid derivative works as a condition of the licence.
Couldn't happen to a nastier company
I'm sad that it's only 20% though.
Re: Don't pretend it's a freedom of speech issue
Actually it's more serious than that. It's a freedom of the press (a.k.a media) issue. Where does the Eurocabal get off claiming that public notices and public news stories can magically become private data if the person involved is ashamed of them? This is the thin end of a slippery slope, to mix a couple of metaphors.
I have to give Google credit though: Google "Google removes 12 BBC News links" and you get the BBC page containing those links.
Re: Fixing at the wrong layer
No. Fixing it at layer 2 (or 3) is much worse than fixing it at layer 4. Actually the successful work at MIT on coded TCP proves this very neatly. If you detect errors at layer 2 (which is by definition hop-by-hop, not end-to-end) then a burst of bit errors followed by layer 2 retransmission (which is very common on a radio link) will result in a dramatic increase in the transfer time for a packet. This is a common problem on WiFi or 4G connections. Vanilla TCP will see a dramatically increased RTT, mistake this for congestion, and slow down as a result. Your performance goes down the tubes. That's why the MIT people figured out how to switch off layer 2 retransmission to get their factor 20 gain in throughput (Google "coded tcp" to find the evidence). The work reported in this story seems to be along the same lines.
Re: IPv6 like OSI is far more complex than necessary
" camel was a horse designed by a committe."
Actual, the camel was selected by evolution because it is very well suited to living in a desert where sources of water are few and far between. So it's a pretty good design for its environment, and the complexity compared to a horse adds value.
If you were stuck in the desert, would you rather see a horse or a camel approaching?
The analogy with IPv6 is perhaps not so bad.
It's really time to stop bitching about IPv6 being different
"simply added more bytes on the left"
Yet again I have to point out that this "simple" change would make all un-updated systems incompatible with all the new ones with bigger addresses, and therefore *all* the tricky problems of v4/v6 coexistence that we have been dealing with would have occurred just the same (dual stacks, tunnels, NAT64,...).
Also - contrary to the article, multihoming IPv6 sites without NAT is not a problem:
It's really time to stop bitching about IPv6 being different and just run it, already.
Longer version: Filtering of long prefixes is going to get quite a bit more aggressive in the next few days/weeks/months. Some paths will get longer as a result, and some black holes will appear as a result.
"Do these things that are broken by MPTCP support IPv6?"
Well, NAT doesn't, but we don't need or want NAT for IPv6, so that's fine.
Apart from that I think MPTCP is IP-version-agnostic. Also consider that multiple paths *require* multiple addresses, which are much more likely to occur with IPv6. So it's really the other way round: Is MPTCP actually any use for IPv4, considering that multiple paths are extremely rare?
"ICANN does not own the property it sells."
I suspect that if you read the small print, what they are selling is the right to use a slot in a database. But they didn't ever sell the right to use the slot named "ir"; ccTLD registrations cannot be sold by ICANN, because they have always been presumed to be for the exclusive use of the territory concerned, with any dispute settled within that territory.
The name "ir" is defined by an ISO standard (IS 3166). The right to use it, I think you will find, is a matter of international law and the UN Charter.
Quite different from the name "xxx", which came out of a process defined by ICANN.
That's pretty wrong about several aspects of v6, but in particular:
"strip away any hope of privacy from the average job by making damned sure that an IP in fact DOES map to a person."
Not so. Firstly, the worst case is that it maps to a MAC address, but even that is going away with the widespread adoption of pseudo-random interface identifiers that change at a reasonable frequency. Secondly, most privacy breaches happen at application level anyway (that's this metadata stuff that Mr Snowden brought to our attention). The IP version is a detail.
As for the other comments: yeah, we could have done a bit less engineering, but once you change the address length, you're incompatible anyway and most of the resulting transition problems would be just the same. Really.
Re: Late April Fool?
Well yes: "uses standards such as HTTPS, Restful APIs and JSON as a data format." In other words, fig-leaf security, a sloppy transaction model, and a very prolix data format. Not what I expected for cheap, low-end, battery conserving devices. Internet of Heavyweight Thingies, more like.
Dave Clark's a US citizen who lives in the Boston area. You may recall that they rejected a King, and the UK Parliament, some time ago. Rejecting Presidents and voting would still be contentious I guess. But the real message here is that if the opinions on a technology standard are split 51:49, the discussion isn't done yet. Voting on technical choices is a really dumb idea.
respect the existing rules for naming wine
Why does anybody, including even the dumbest French politician or fonctionnaire, imagine that any court judging a trademark or appellation violation would see any distinction whatever between misusing (say) champagne.com, champagne.fr, champagne.vin, champagne.wine, or for that matter champagne.xxx?
These new gTLDs are idiotic, but they don't change intellectual property law.
Re: This is not the ruling the press is making it out to be
On the contrary, there's nothing vague about the demolition job in paragraph (3).
<<Because petitioner’s system and media claims add nothing of substance to the underlying abstract idea, they too are patent ineligible... This Court has long “warn[ed] . . . against” interpreting §101 “in ways that make patent eligibility ‘depend simply on the draftsman’s art.’ ” >>
IANAL, but that could be used against any number of junk patents.
Re: I don't see why?
I take it you mean the existing hooks in Cisco, Juniper, etc. They've been providing those hooks for years as an unwritten condition of their own US market share. Probably Huawei's real sin was failing to offer such hooks.
Re: We learned from the best
Huh? The Germans were way behind the 5 Eyes countries in cryptanalysis during WW2. A lot of scientists were whizzed across the Atlantic though: look up Operation Paperclip in your favourite search engine, or see this URL:
Re: When did computing & networking close?
I'm guessing that the old Mathematics Division morphed into http://www.npl.co.uk/science-technology/mathematics-modelling-and-simulation/.
You might like David Yates' book: D.M. Yates, Turing’s Legacy: A History of Computing at the National Physical Laboratory 1945–1995, Science Museum, 1997.
Shouldn't there be a Turing icon available?
Re: I'm curious
If you speak geek, try https://www.sixxs.net/
Re: IPV6 Sucks
> I miss NOVELL
You should be pleased then, because IPv6 borrowed its separation between the routing prefix and the interface identifier from Novell, who borrowed it from Xerox XNS. The automatic configuration of IPv6 hosts was also inspired by Novell, along with Appletalk and DECnet.
As I noted in an earlier comment on this thread, backwards compatibility is dreamware. Phones have always used variable length addresses, so adding digits was pretty easy. IPv4 uses strictly fixed length addresses, so adding extra bits is automatically incompatible.
Yes, I'm an old fart too, and I am fed up with glitches and limitations caused by NAT. Fortunately my home ISP and my work network both have native IPv6. It isn't hard, it doesn't suck, so let's all just do it...
Re: Too complicated for Non-BPFHs
It's generally recognised that homenets will soon be much more complicated than today, with several routers and several physical links (wires, glass or wireless). So Joe Sixpack's problem will get a lot harder. It will get solved by IPv6 (for more felxibility and features than IPv4+NAT) and smart routers that configure themselves. It's not science fiction; there's running code.
Re: two errors
> 1) RFC7040
That's only one out of many, many specs for tunnelling v4 over v6 or v6 over v4, going back almost 20 years. A mixed infrastructure has always been assumed.
> When they ask for an allocation, they should have been told to prepare an IPv6 plan
afaik, the registries have been at the forefront of inciting ISPs to prepare for IPv6 for about the last ten years. The fact that many ISPs and large enterprises simply chose to ignore the problem is definitely not the fault of the registries.
Re: A Win Win solution!
> making IPv6 back compatible with IPv4
Do you seriously imagine that wouldn't have been done if it was physically possible?
An IPv4-only host cannot interpret or create a packet that is not in IPv4 format. So there is no such thing as a backwards compatible solution whereby an IPng-only host can communicate directly with an IPv4-only host. Logically, that requires that we have some or all of dual-stack hosts, IP-in-IP tunnels, and IPv4-IPng translators. We have all three.
You can argue that IPv6 could have been more similar to IPv4, but it was physically impossible to make it backwards-compatible.
HP "Wasted" IP ranges
I expect you'll find that they have ranges originally assigned to DEC and Compaq, and to other minor acquisitions. IP address space has been treated as an asset in mergers and acquisitions for many years. And who says that large companies with hundreds of sites and many thousands of machines are wasting space to a significant extent anyway? You have to structure your address assignments somehow. Also, renumbering to release a "spare" range is an operational nightmare generally reckoned to cost megabucks for a large enterprise network.
Oh, and when will I be able to reach Vulture Central via IPv6?
Re: Excuse the philosophical question...
It turns out to be quite amusing to ask Eugene that question over and over:
Q. Can the Turing Test be automated?
A. Oops! I don't have an answer... It might have been stolen by malicious android!
Q. Can the Turing Test be automated?
A. Don't repeat yourself, please:-) Could you tell me about your job, by the way?
Q. Do you know about Spinoza?
A. Dutch philosopher. It looks like you didn't go to school. So you don't know anything about Baruch Spinoza.
Q. Can the Turing Test be automated?
A. Ummm... Frankly, I didn't get your question:-(
Q. Can the Turing Test be automated?
A. Could you rephrase your question? I've been bewildered a bit!
Q. Can the Turing Test be automated?
A. Don't repeat yourself, please:-) Oooh. Anything else?
How could anybody be misled for a moment by this?
And meanwhile, the number of hits on "Mario Costeja Gonzalez" continues to rise (212,000 on Google today, many of which explain the content of the article he objected to in the language of your choice). An almost perfect shot in his own foot.
"taking bandwidth away from others"
Er, that is how the Internet has always worked. It shares the available capacity out dynamically. That's what the congestion control aspects of TCP are all about. If you rent more bit-carrying capacity from the underlying carriers, you are thereby increasing your potential throughput. So what? That's physics. If Apple's competitors want to increase their potential throughput, they can do the same thing. Whether they can afford to do so is economics. It's kind of hard to argue against the facts of physics and economics.
Re: he has a point
One point the Reg story doesn't make quite clear is that Peter isn't saying that we don't need strong crypto. He isn't saying that weak crypto is good enough. If we had good security practices and weak crypto, they'd attack the crypto. He's saying that we need strong crypto AND good security practices.
re HeartBleed: just too recent to have made it into the slides, I think, since it's such a perfect illustration of his point.
(I wasn't at AUScert but I have heard the talk previously. It's ROTFL material.)
...I think you'll find that a search for "Mario Costeja Gonzalez" gives many more hits today than it did a few weeks ago.
Be careful what you ask for
Um, it isn't coincidence that this comes after the recent news about network "neutrality" in the US. What else do you expect carriers to do if they aren't allowed to manage traffic rationally? Under capitalism, they will charge for it.
As always, be careful what you ask for.
(And I'm still not a shill for any carrier, as somebody suggested recently.)
Re: "it can't really work any other way"
Actually the reason the original RFC 791 type-of-service never got much use is that it was fairly useless, except for giving absolute precedence to routing-protocol traffic, which was (and is) quite widely supported. But don't worry, help is on the way. RFC 2474 defines a replacement called "differentiated services" that works identically for IPv4 and IPv6, and allows a network to support various classes of service (such as one class for audio, another class for video, etc.). That's completely neutral as far as service providers and content providers go, but it avoids things like a big file transfer screwing up your phone call. It's used quite a lot to support IP telephony within enterprise networks, and is slowly, slowly getting attention from ISPs (who are far from early adopters of anything these days). There are even recommendations on how to make differentiated services work for traffic between different ISPs. And drafts on how to make it work for real-time web traffic. We'll get there.
Why they do it
Why they do it is probably money. I'm out of touch with current Canadian and US pricing for long lines, but certainly some years ago trans-continental capacity between Eastern and Western Canada was considerably cheaper via the USA.
In the end, judges are the last people in America still sometimes allowed to apply common sense. If the patent said something like "separated by approximately one hundredth of a cubit" the judge could rule as a matter of common sense whether, say, a device with a separation of 0.03 cubits infringed. In other words, the patent could have been written as an *implementable* specification without allowing an x+delta imitation to squeak through. On that basis, I think Mary Wilson and her colleagues could easily strike down the vague patent with the observation that it didn't need to be *that* vague. (BTW, it's the original patent examiner who blew it.)
Re: 1Gb/s for all...
"perhaps everyone should have more bandwidth"
There's no such thing as free lunch. More capacity does actually cost more money (and I guarantee that I'm not a shill for a carrier: I'm just somebody that understands a little about the technology and elementary facts of economics).
Exactly; there's your problem right there. In far too many countries, incumbents have kept a de facto monopoly of the tubes to your house and that allows them to gouge you. That monopoly, if it exists for physical reasons (the cost of installing cables), needs to be regulated to the bone.
@ecofeco Re: The American Way
I don't think you're very familiar with adoption curves and cost curves for new technology, not to mention the influence of monopolists. Of course capacity cost a lot more when the Internet was young. Long distance trunks were made of copper and leased by monopolists. Each dial up connection tied up a phone line at the ISP end as well as at the user end. And there were fewer economies of scale. And the .com registry was an unregulated monopoly. Actually, it's the American way of doing business, and its worldwide clones, that brought prices down to where they are today, plus a little regulation and competition in the registry business. But the fact is, if you want to double your capacity this afternoon, you'll have to pay more (maybe not double, of course). That's another aspect of capitalism. Get real, please.
Re: The American Way
I doubt you'll notice any difference. While I don't appreciate the legal comedy that the Americans have played out, paying more to get more has been the way the Internet has worked all its life. The other extreme - essentially banning traffic engineering, as the stupid wording recently adopted by the European Parliament seems to do - is just as dumb. Fortunately the technology is pretty resilient and will manage to go on working, and more capacity will be added when needed, as always. This is not the end of the world.
Internet governance professional??
Well yes, sadly there actually *are* Internet governance professionals. It's a completely redundant profession, of course. And since NSA/GCHQ etc. surveillance of telecommunications is at least 75 years older than the Internet, it's no surprise that NETmundial has uttered nothing relevant to the Snowden revelations. Blah blah governance blah as usual.
But please don't knock,or mock, Steve Crocker. He's done a great deal to make the Internet work better, including taking his turn in the ICANN barrel. If ICANN didn't do what it does, somebody else would have to do it anyway. (Agreed, they have scraped more money off the side of the "new gTLD" frenzy than is seemly, but for whatever bizarre reasons, the money is there for the scraping.)
Homenets [Re: To be perfectly frank...]
Firstly, with a sensible ISP and sensible wireless router, running IPv6 on your home network is trivial (nothing to do except switch it off and on again). A Fritzbox is good for example; and find an ISP that offers dual stack by default.
Second, with IPv6 there is a reasonable hope of being able to plug-and-play a much more complicated home network with multiple segments and routers, and all kinds of "things" connected to it. With firewalling, since we all agree that you don't want those "things" to be accessible by GCHQ or worse. But this is still in the future as a consumer product set; IPv6 is a long-term solution.
" it is unclear if anything substantive will end up in the meeting's final document."
How true, although the organizers took it upon themselves to write the conclusions in advance. Slogans, not substance.
Blame the programming language, not the programmer
" Essentially, he forgot to check the size of a received message"
No. The world took a wrong turn many years ago (in the early 1980s) and ignored the known fact that languages without strong typing, rigorously enforced at compile time, are dangerous. In particular they're subject to array overrun bugs. In the mistaken name of efficiency, we've been using sloppy languages ever since. It's perfectly possible to get efficient code out of a strongly-typed language where this class of bug is simply impossible; it's just more difficult to get your code through the compiler, because it won't let you do potentially dangerous things. This isn't a wakeup call for individual coders: it's a wakeup call for the whole industry to look again at the basics of systems programming languages.
Re: Nuno trancoso
If the EU governments don't already have end to end encryption for intra- and inter-governmental communications, that's a massive fail. Ditto European companies. They have been aware since 1985 or thereabouts that networks can be tapped by bad actors. (Actually, make that 1974 for those that read The Ultra Secret, or 1945 for a lucky few.)
As others have pointed out, a geographically bound network is immaterial for general purpose traffic that either crosses the ocean anyway, or is subject to local surveillance anyway. Encryption is the only answer, and does not need a separate network.
- +Comment 'Private Facebook' Ello: There's a REASON we're still in beta. SPAMGASM!
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'
- WHY did Sunday Mirror stoop to slurping selfies for smut sting?
- Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
- Shellshock: 'Larger scale attack' on its way, warn securo-bods