261 posts • joined 11 Jan 2008
That's pretty wrong about several aspects of v6, but in particular:
"strip away any hope of privacy from the average job by making damned sure that an IP in fact DOES map to a person."
Not so. Firstly, the worst case is that it maps to a MAC address, but even that is going away with the widespread adoption of pseudo-random interface identifiers that change at a reasonable frequency. Secondly, most privacy breaches happen at application level anyway (that's this metadata stuff that Mr Snowden brought to our attention). The IP version is a detail.
As for the other comments: yeah, we could have done a bit less engineering, but once you change the address length, you're incompatible anyway and most of the resulting transition problems would be just the same. Really.
Re: Late April Fool?
Well yes: "uses standards such as HTTPS, Restful APIs and JSON as a data format." In other words, fig-leaf security, a sloppy transaction model, and a very prolix data format. Not what I expected for cheap, low-end, battery conserving devices. Internet of Heavyweight Thingies, more like.
Dave Clark's a US citizen who lives in the Boston area. You may recall that they rejected a King, and the UK Parliament, some time ago. Rejecting Presidents and voting would still be contentious I guess. But the real message here is that if the opinions on a technology standard are split 51:49, the discussion isn't done yet. Voting on technical choices is a really dumb idea.
respect the existing rules for naming wine
Why does anybody, including even the dumbest French politician or fonctionnaire, imagine that any court judging a trademark or appellation violation would see any distinction whatever between misusing (say) champagne.com, champagne.fr, champagne.vin, champagne.wine, or for that matter champagne.xxx?
These new gTLDs are idiotic, but they don't change intellectual property law.
Re: This is not the ruling the press is making it out to be
On the contrary, there's nothing vague about the demolition job in paragraph (3).
<<Because petitioner’s system and media claims add nothing of substance to the underlying abstract idea, they too are patent ineligible... This Court has long “warn[ed] . . . against” interpreting §101 “in ways that make patent eligibility ‘depend simply on the draftsman’s art.’ ” >>
IANAL, but that could be used against any number of junk patents.
Re: I don't see why?
I take it you mean the existing hooks in Cisco, Juniper, etc. They've been providing those hooks for years as an unwritten condition of their own US market share. Probably Huawei's real sin was failing to offer such hooks.
Re: We learned from the best
Huh? The Germans were way behind the 5 Eyes countries in cryptanalysis during WW2. A lot of scientists were whizzed across the Atlantic though: look up Operation Paperclip in your favourite search engine, or see this URL:
Re: When did computing & networking close?
I'm guessing that the old Mathematics Division morphed into http://www.npl.co.uk/science-technology/mathematics-modelling-and-simulation/.
You might like David Yates' book: D.M. Yates, Turing’s Legacy: A History of Computing at the National Physical Laboratory 1945–1995, Science Museum, 1997.
Shouldn't there be a Turing icon available?
Re: I'm curious
If you speak geek, try https://www.sixxs.net/
Re: IPV6 Sucks
> I miss NOVELL
You should be pleased then, because IPv6 borrowed its separation between the routing prefix and the interface identifier from Novell, who borrowed it from Xerox XNS. The automatic configuration of IPv6 hosts was also inspired by Novell, along with Appletalk and DECnet.
As I noted in an earlier comment on this thread, backwards compatibility is dreamware. Phones have always used variable length addresses, so adding digits was pretty easy. IPv4 uses strictly fixed length addresses, so adding extra bits is automatically incompatible.
Yes, I'm an old fart too, and I am fed up with glitches and limitations caused by NAT. Fortunately my home ISP and my work network both have native IPv6. It isn't hard, it doesn't suck, so let's all just do it...
Re: Too complicated for Non-BPFHs
It's generally recognised that homenets will soon be much more complicated than today, with several routers and several physical links (wires, glass or wireless). So Joe Sixpack's problem will get a lot harder. It will get solved by IPv6 (for more felxibility and features than IPv4+NAT) and smart routers that configure themselves. It's not science fiction; there's running code.
Re: two errors
> 1) RFC7040
That's only one out of many, many specs for tunnelling v4 over v6 or v6 over v4, going back almost 20 years. A mixed infrastructure has always been assumed.
> When they ask for an allocation, they should have been told to prepare an IPv6 plan
afaik, the registries have been at the forefront of inciting ISPs to prepare for IPv6 for about the last ten years. The fact that many ISPs and large enterprises simply chose to ignore the problem is definitely not the fault of the registries.
Re: A Win Win solution!
> making IPv6 back compatible with IPv4
Do you seriously imagine that wouldn't have been done if it was physically possible?
An IPv4-only host cannot interpret or create a packet that is not in IPv4 format. So there is no such thing as a backwards compatible solution whereby an IPng-only host can communicate directly with an IPv4-only host. Logically, that requires that we have some or all of dual-stack hosts, IP-in-IP tunnels, and IPv4-IPng translators. We have all three.
You can argue that IPv6 could have been more similar to IPv4, but it was physically impossible to make it backwards-compatible.
HP "Wasted" IP ranges
I expect you'll find that they have ranges originally assigned to DEC and Compaq, and to other minor acquisitions. IP address space has been treated as an asset in mergers and acquisitions for many years. And who says that large companies with hundreds of sites and many thousands of machines are wasting space to a significant extent anyway? You have to structure your address assignments somehow. Also, renumbering to release a "spare" range is an operational nightmare generally reckoned to cost megabucks for a large enterprise network.
Oh, and when will I be able to reach Vulture Central via IPv6?
Re: Excuse the philosophical question...
It turns out to be quite amusing to ask Eugene that question over and over:
Q. Can the Turing Test be automated?
A. Oops! I don't have an answer... It might have been stolen by malicious android!
Q. Can the Turing Test be automated?
A. Don't repeat yourself, please:-) Could you tell me about your job, by the way?
Q. Do you know about Spinoza?
A. Dutch philosopher. It looks like you didn't go to school. So you don't know anything about Baruch Spinoza.
Q. Can the Turing Test be automated?
A. Ummm... Frankly, I didn't get your question:-(
Q. Can the Turing Test be automated?
A. Could you rephrase your question? I've been bewildered a bit!
Q. Can the Turing Test be automated?
A. Don't repeat yourself, please:-) Oooh. Anything else?
How could anybody be misled for a moment by this?
And meanwhile, the number of hits on "Mario Costeja Gonzalez" continues to rise (212,000 on Google today, many of which explain the content of the article he objected to in the language of your choice). An almost perfect shot in his own foot.
"taking bandwidth away from others"
Er, that is how the Internet has always worked. It shares the available capacity out dynamically. That's what the congestion control aspects of TCP are all about. If you rent more bit-carrying capacity from the underlying carriers, you are thereby increasing your potential throughput. So what? That's physics. If Apple's competitors want to increase their potential throughput, they can do the same thing. Whether they can afford to do so is economics. It's kind of hard to argue against the facts of physics and economics.
Re: he has a point
One point the Reg story doesn't make quite clear is that Peter isn't saying that we don't need strong crypto. He isn't saying that weak crypto is good enough. If we had good security practices and weak crypto, they'd attack the crypto. He's saying that we need strong crypto AND good security practices.
re HeartBleed: just too recent to have made it into the slides, I think, since it's such a perfect illustration of his point.
(I wasn't at AUScert but I have heard the talk previously. It's ROTFL material.)
...I think you'll find that a search for "Mario Costeja Gonzalez" gives many more hits today than it did a few weeks ago.
Be careful what you ask for
Um, it isn't coincidence that this comes after the recent news about network "neutrality" in the US. What else do you expect carriers to do if they aren't allowed to manage traffic rationally? Under capitalism, they will charge for it.
As always, be careful what you ask for.
(And I'm still not a shill for any carrier, as somebody suggested recently.)
Re: "it can't really work any other way"
Actually the reason the original RFC 791 type-of-service never got much use is that it was fairly useless, except for giving absolute precedence to routing-protocol traffic, which was (and is) quite widely supported. But don't worry, help is on the way. RFC 2474 defines a replacement called "differentiated services" that works identically for IPv4 and IPv6, and allows a network to support various classes of service (such as one class for audio, another class for video, etc.). That's completely neutral as far as service providers and content providers go, but it avoids things like a big file transfer screwing up your phone call. It's used quite a lot to support IP telephony within enterprise networks, and is slowly, slowly getting attention from ISPs (who are far from early adopters of anything these days). There are even recommendations on how to make differentiated services work for traffic between different ISPs. And drafts on how to make it work for real-time web traffic. We'll get there.
Why they do it
Why they do it is probably money. I'm out of touch with current Canadian and US pricing for long lines, but certainly some years ago trans-continental capacity between Eastern and Western Canada was considerably cheaper via the USA.
In the end, judges are the last people in America still sometimes allowed to apply common sense. If the patent said something like "separated by approximately one hundredth of a cubit" the judge could rule as a matter of common sense whether, say, a device with a separation of 0.03 cubits infringed. In other words, the patent could have been written as an *implementable* specification without allowing an x+delta imitation to squeak through. On that basis, I think Mary Wilson and her colleagues could easily strike down the vague patent with the observation that it didn't need to be *that* vague. (BTW, it's the original patent examiner who blew it.)
Re: 1Gb/s for all...
"perhaps everyone should have more bandwidth"
There's no such thing as free lunch. More capacity does actually cost more money (and I guarantee that I'm not a shill for a carrier: I'm just somebody that understands a little about the technology and elementary facts of economics).
Exactly; there's your problem right there. In far too many countries, incumbents have kept a de facto monopoly of the tubes to your house and that allows them to gouge you. That monopoly, if it exists for physical reasons (the cost of installing cables), needs to be regulated to the bone.
@ecofeco Re: The American Way
I don't think you're very familiar with adoption curves and cost curves for new technology, not to mention the influence of monopolists. Of course capacity cost a lot more when the Internet was young. Long distance trunks were made of copper and leased by monopolists. Each dial up connection tied up a phone line at the ISP end as well as at the user end. And there were fewer economies of scale. And the .com registry was an unregulated monopoly. Actually, it's the American way of doing business, and its worldwide clones, that brought prices down to where they are today, plus a little regulation and competition in the registry business. But the fact is, if you want to double your capacity this afternoon, you'll have to pay more (maybe not double, of course). That's another aspect of capitalism. Get real, please.
Re: The American Way
I doubt you'll notice any difference. While I don't appreciate the legal comedy that the Americans have played out, paying more to get more has been the way the Internet has worked all its life. The other extreme - essentially banning traffic engineering, as the stupid wording recently adopted by the European Parliament seems to do - is just as dumb. Fortunately the technology is pretty resilient and will manage to go on working, and more capacity will be added when needed, as always. This is not the end of the world.
Internet governance professional??
Well yes, sadly there actually *are* Internet governance professionals. It's a completely redundant profession, of course. And since NSA/GCHQ etc. surveillance of telecommunications is at least 75 years older than the Internet, it's no surprise that NETmundial has uttered nothing relevant to the Snowden revelations. Blah blah governance blah as usual.
But please don't knock,or mock, Steve Crocker. He's done a great deal to make the Internet work better, including taking his turn in the ICANN barrel. If ICANN didn't do what it does, somebody else would have to do it anyway. (Agreed, they have scraped more money off the side of the "new gTLD" frenzy than is seemly, but for whatever bizarre reasons, the money is there for the scraping.)
Homenets [Re: To be perfectly frank...]
Firstly, with a sensible ISP and sensible wireless router, running IPv6 on your home network is trivial (nothing to do except switch it off and on again). A Fritzbox is good for example; and find an ISP that offers dual stack by default.
Second, with IPv6 there is a reasonable hope of being able to plug-and-play a much more complicated home network with multiple segments and routers, and all kinds of "things" connected to it. With firewalling, since we all agree that you don't want those "things" to be accessible by GCHQ or worse. But this is still in the future as a consumer product set; IPv6 is a long-term solution.
" it is unclear if anything substantive will end up in the meeting's final document."
How true, although the organizers took it upon themselves to write the conclusions in advance. Slogans, not substance.
Blame the programming language, not the programmer
" Essentially, he forgot to check the size of a received message"
No. The world took a wrong turn many years ago (in the early 1980s) and ignored the known fact that languages without strong typing, rigorously enforced at compile time, are dangerous. In particular they're subject to array overrun bugs. In the mistaken name of efficiency, we've been using sloppy languages ever since. It's perfectly possible to get efficient code out of a strongly-typed language where this class of bug is simply impossible; it's just more difficult to get your code through the compiler, because it won't let you do potentially dangerous things. This isn't a wakeup call for individual coders: it's a wakeup call for the whole industry to look again at the basics of systems programming languages.
Re: Nuno trancoso
If the EU governments don't already have end to end encryption for intra- and inter-governmental communications, that's a massive fail. Ditto European companies. They have been aware since 1985 or thereabouts that networks can be tapped by bad actors. (Actually, make that 1974 for those that read The Ultra Secret, or 1945 for a lucky few.)
As others have pointed out, a geographically bound network is immaterial for general purpose traffic that either crosses the ocean anyway, or is subject to local surveillance anyway. Encryption is the only answer, and does not need a separate network.
Re: I have to say
Shorely The Internet is already on the pedal stool.
Not to contradict Vint, but...
I don't doubt a word Vint says, but re: "practical reality had to wait until Ron Rivest, Adi Shamir and Leonard Adleman published the RSA algorithm in 1977."
That ignores the fact that real practical reality had to wait until the RSA patent expired in September 2000. It was pretty much impossible to deploy public key crypto on an unlimited scale until then.
(Also, BTW, the actual *existence* of the NSA was surely top secret until about 1975, and little known until The Puzzle Palace was published in 1982?)
Re: Net neutrality nonsense
> So spam filtering is against the law then ?
That would be a perfectly reasonable reading of the text. I don't understand the downvotes - they imply that people enjoy it when their Skype call breaks up because one of their neighbours is downloading something big. The text simply doesn't match technical reality. You *should* discriminate in a way that favours timely delivery of audio packets, for example; you *shouldn't* discriminate in favour of some audio services as compared to others. The language needs to be more subtle.
Net neutrality nonsense
Hmm. Let's look at the net neutrality amendment from
'The principle of "net neutrality" means that traffic should be treated equally, without discrimination, restriction or interference, independent of the sender, receiver, type, content, device, service or application. ... Furthermore, traffic management measures should not discriminate between competing services and applications.'
This is absurd. If interpreted literally, as lawyers tend to do with laws, it means that a greedy video or audio stream and a non-urgent email transfer (for example) will be treated exactly the same. Would you like your phone call to pause while the next web page loads? That's what the MEPs just voted for. Technical ignorance is not bliss.
ICANN is mostly a success
"There are a few bright spots like DNSSEC and IDN, but they are few and far between."
What on earth is he talking about? ICANN has mainly done what it's supposed to do: hosted the Internet Assigned Numbers Authority, which has worked perfectly there since 1998; managed the process of adding Top Level Domains to the DNS - some (including me) disagree with some of the decisions, but nobody can deny that ICANN has managed the process; overseen the DNS root; and indeed assisted the start of deployment of DNSSEC and IDNA.
ICANN has multiple stakeholder bodies to which it's accountable, including the ICANN Board itself. Yes, there's an element of greed in the gTLD game, which I deprecate too, but that can be blamed on capitalism more than on ICANN. And if anybody has sat back and let that rip, it's the US Dept of Commerce, so the sooner they step down, the better. A few procedural changes are needed for that to happen; but there is no scenario in which any other government obtains control.
According to https://datatracker.ietf.org/ipr/search/, none so far. But the lawyers might still be chewing on that.
BTW, it doesn't look like an SDN protocol to me. It's more of a YANMP (yet another network management protocol) and I don't think the IETF is quite ready for that while still digesting NETCONF and RESTCONF.
Why (not) IBM
> Why does IBM think(lie) that it was able to evoid the NSA whereas MS, Google & Apple couldn't?
Because, having got rid of the IBM Global Network many years ago and with all their PC operations moved to LeNovo, IBM doesn't actually have clients among the general public any more. So their client databases are completely different in nature from those of MS, Google, FB, etc. and probably less interesting, except for industrial espionage. Please don't down-vote me just for saying this, but IBM might even be telling the truth - because their data is boring.
Paris, because I expect Hilton is still an IBM client.
Re: Protectionsim and hypocrisy
Maybe it depends on the site. At the one I'm thinking of they glue up your USB slots (literally). Maybe not so much at a sales and support site?
otoh I remember once being left alone at DEC in a meeting room that had their departmental product development plan for several years ahead posted on the wall. It was at least 15 minutes before someone noticed and yanked me out of there.
Protectionsim and hypocrisy
It's clearer with each new revelation about the USG machinations against Huawei that all this has little to do with security (since, obviously, US vendors are even more exposed to NSA backdoors than Huawei can possibly be) and everything to do with protecting the US market in favour of US suppliers. It isn't irony as much as it's hypocrisy.
Huawei, not coincidentally, has much stricter rules governing laptops entering and leaving their sites than any US vendor I've visited. It would be interesting to learn how the alleged backdoor code was actually inserted.
coming out fighting
> either shut up or say that he is "confident of being cleared"
Why? That's how people react who are slavishly obeying a defence lawyer's advice. Lynch is coming out fighting. That proves nothing about the facts of the case; it does suggest that he's not too afraid of the truth.
s/Autonomy/Whatsapp/ and see how the real value of the acquisitions compare. This is a business full of BS valuations - apparently HP wasn't aware of this until recently.
Re: What if ICANN goes renegade?
That's what the multistakeholder buzzlanguage is about - checks and balances on ICANN. Actually that's how it works today; NTIA has had almost no influence via its contract. The end of the contract is a Good Thing, especially given the widespread distrust of the US Government in recent months.
A little escape hole here...
Have a careful look at the text of the actual Presidential Directive: "In particular, when the United States collects nonpublicly available signals intelligence in bulk, it shall use that data only for the purposes of detecting and countering: [various specific threats] "
Two comments on that word "nonpublicly":
1. That's a word?
2. This text means that the restriction to the specific threats listed doesn't apply to publicly available bulk sigint (such as scraping Facebook pages).
Re: Seems reasonable to me
And yes, I will upvote this because indeed the issue is one of fair trading and consumer protection. Trying to use the common-carrier argument always struck me as strange.
Big fan of http://tools.ietf.org/html/rfc4084
Re: Conflicts of Interest
As usual, you don't understand the IETF, and in particular you don't understand that the IRTF is not a standards body.
Of course, all standards bodies consist of people with opinions, some of whom work for organisations with opinions. Of course, people communicate outside the official sessions and of course, rough drafts of documents exist before more polished drafts are made public. Of course,people try to influence the work in accordance with their opinions. How could it possibly be otherwise?
But I suspect we agree that making conflicts of interest as visible as possible is a Good Thing.
Storm in a RESEARCH teacup
And in case nobody else has pointed it out, he isn't co-chair of a "standards group". He's co-chair of a research forum - admittedly one that offers advice to various standards working groups in need of a crypto algorithm. And he's co-chair because having more than one chair lowers the risk of biased chairing.
Me, I think it's better to know that the NSA is interested in cryptography; but I didn't need Mr Snowden to tell me that.
Bulging in advance
"... cause the ground above to rise "hundreds of metres" in advance of the eruption"
Right. So you see this big bulge which says that there'll be a supervolcano there in 1000 years or so. What next? (I mean seriously, not unreasonable dreams like living on Mars.) I think there might be a bit of social breakdown.
Re: He refused to allow the NSA snooping rights.
For sure, if Mega was outside the scope of both National Security Letters and DMCA takedown notices, it would piss off both the spooks and the Mickey Mouse industry. But in that case, how can Mega also be inside the scope of US jurisdiction when it comes to this vengeful extradition attempt?
And note the tendentious language they use. By repeating the words "criminal" and "conspiracy" often enough, they hope they reader will believe they are true, rather then simply being allegations, which Mr Dotcom denies.
Also note how legal fictions can change to suit whatever you're trying to prove. Sometimes a URL that points to an infringing copy is itself an infringement. This time, deleting such a URL doesn't count as deleting an infringement.
Let's hope the Kiwi courts keep their eyes on the ball.
Switzerland and Crypto AG [Re: This just undescores...]
I think you need to look into Crypto AG a bit before being too bullish about Switzerland.
- Asteroid's DINO KILLING SPREE just bad luck – boffins
- Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
- Stick a 4K in them: Super high-res TVs are DONE
- BEST BATTERY EVER: All lithium, all the time, plus a dash of carbon nano-stuff
- Review You didn't get the MeMO? Asus Pad 7 Android tab is ... not bad