I agree. GeoIP was never a good idea, but here we are. Any ASN could be broken up and routed wherever (and changed) but it’s still far too prevalent.
I agree. GeoIP was never a good idea, but here we are. Any ASN could be broken up and routed wherever (and changed) but it’s still far too prevalent.
I might be misunderstanding. It’s definitely possible to have as many IPv4 aliases on an interface as you want with whatever routing preferences you want. Can you clarify?
I agree with your stance on deployment.
Given how large the address space is, it’s super easy to segregate out your networks to the nth degree and apply proper firewall rules.
There’s no reason your clients can’t have public, world routeable IPs as well as security.
Security via obfuscation isn’t security. It’s a crutch.
This article is biased to selling you more F5 equipment but is a reasonable summary:
https://www.f5.com/resources/white-papers/the-myth-of-network-address-translation-as-security
Long story short is that NAT is eggshell security and you should be relying on actual firewall rules (I wouldn’t recommend F5) instead of the implicit but not very good protections of NAT.
I can potentially see that scenario if your transit provider is giving you a dynamic prefix but I’ve never seen that in practice. The address space is so enormous there is no reason to.
Otherwise with either of RADVD or DHCPv6 the local routers should still be able to handle the traffic.
My home internal network (v6, SLAAC) with all publicly routeable addresses doesn’t break if I unplug my modem.
Hurricane Electric have a free tunnel broker that is super simple to set up if you really want to get on the bandwagon.
Though honestly I’d say the benefits of setting it up aren’t really worth the trouble unless you’re keen.
IMO they shouldn’t have allowed ULA as part of the standard. There’s no good reason for it.
It also means you no longer need the kludge that is NAT. Full E2E connectivity is really nice – though I’ve found some network admins dislike this idea because they’re so used to thinking about it differently or (mistakenly) think it adds to their security.
At the cost of leg room.
I’d prefer they make it fatter if the battery would last more than a day as consequence.
This book helped me out significantly:
Yes.
I used Netscape “back in the day”. With some interim transition attempts including the likes of Opera, I eventually switched to Chrome because it was genuinely more featureful and faster.
I was a happy Chrome user until they decided to deprecate manifest V2 and fuck up my ad blocker, at which point I switched to Firefox and haven’t looked back.
Everything in this industry is circular I guess.
My problem is with the influence that a hostile foreign state actor has with TikTok.
Google is an independent company; I’m 99% certain their motivation is to make money and I’m confident their algorithms are tailored purely for engagement and profit. Whilst I’m sure they have some back room deals with US intelligence organisations I suspect that it’s a case of providing data vs providing influence (though I would not rule it out).
TikTok is controlled by the Chinese government. That’s not up for debate; if you have an entity in China it has to work that way. Imagine the damage they could do if they actively decided to increase, for example, messages of reunification with Taiwan in their algorithm by just 1% on a global scale. That frightens me and I’m not convinced it isn’t happening already on specific topics of concern to China’s foreign policy.
And that’s putting aside the amount of data that the Chinese are getting without even exerting any influence. They can likely discern worldwide sentiment on a range of topics and adjust political posture accordingly.
I’m not saying Google is perfect. I hate social media in general for the way it’s warping the zeitgeist. But I personally consider TikTok to be a huge threat to the world.
“They all looked like Silicon Valley startups,”
This hits too close to home.
Name and shame the airline.
I fly a lot for work, internationally most of the time. Haven’t seen this in many years.
Where do you think GPT got this data?
Twitter silently backing into the bushes
Honestly, these days I have no idea. When I said “wouldn’t recommend” that wasn’t an assertion to avoid; just a lack of opinion. Most of my recent experience is with Cloud vendors wherein the problem domain is quite different.
I’ve had experience with most of the big vendors and they’ve all had quirks etc. that you just have to deal with. Fundamentally it’ll come down to a combination of price, support requirements, and internal competence with the kit. (Don’t undermine the last item; it’s far better if you can fix problems yourself.)
Personally I’d actually argue that most corporates could get by with a GNU/Linux VM (or two) for most of their routing and firewalling and it would absolutely be good enough; functionally you can do the same and more. That’s not to say dedicated machines for the task aren’t valuable but I’d say it’s the exception rather than rule that you need ASICs and the like.