Supermarkets here even have $/<weight/volume> printed on all the shelf tickets, in addition to the item price, so that you can accurately compare similar products and different sizes of the same product.
In most of the world the advertised price is the price you actually pay. It's one of the things I hate about shopping in the US, having to remember that there is still tax to be added on. It's much simpler when the tax is included in the advertised price. You also don't have to remember which items are taxed at which rate or if they are taxed at all.
Which is exactly what I do for my T-Mobile sim which I have for when I'm in the US (a couple of weeks a year). The only pain is I need a US credit card to top up so I get a colleague with a US credit card to do it for me.
If one was just wanting to secure the authoritative to recursive server connection DNSCurve will work for that. DNSSEC on the other hand secures the entire path right into the application. Authoritative server -> [caching server] -> caching server -> stub resolver -> application.
Now when you can start up your laptop on a foreign network and are able to trust that the answers from the caching DNS server handed out by DHCP are good with DNSCurve come back. In the meantime DNSSEC does allow you to do that today.
When you put the vulnerability into a CVSS calculator you get a score of 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C) which is in the high range. Yes, CVSS isn't perfect but that is what is being used. About the only wiggle room is on access complexity even that may be deemed low. This is a race until you win attack.
They were sold as routers. I see no reference to IPv4 only even in the latest router described as "the ultimate wireless home router".
Model: Linksys E4200 Technology: Wireless-N Bands: Simultaneous 2.4 GHz and 5 GHz Transmit / receive: 2 x 3 (2.4 GHz) and 3 x 3 (5 GHz) Antennas: 6 Internal Ethernet ports x speed: 4 x Gigabit USB storage port: Yes Software setup: CD Install Cisco Connect software: Yes Support: 24/7 Award-winning Online Support Resources 90 days Complimentary Assisted Support Warranty: 1 year hardware limited warranty OS Compatibility: Windows, Mac Minimum System Requirements: Internet Browser: Internet Explorer 7, Safari 4 or Firefox 3 or higher for optional browser-based configuration PC: Wi-Fi enabled PC with CD or DVD drive, running Windows XP SP3, Windows Vista SP1 or later, or Windows 7 Mac: Wi-Fi enabled Mac with CD or DVD drive, running OS X Leopard 10.5 or Snow Leopard 10.6 Package Contents: Linksys E4200 Maximum Performance Wireless-N Router CD-ROM with setup software and resources Ethernet network cable Quick Installation Guide Power adapter
the v6 growth curve will still continue to follow its current expontential path for some time before colliding with stragglers in the comming years.
The question is what proportion of users will be "stragglers". So far i've not noticed IPv6 options when configuring any home router. Therefore my guess is there will be a hell of a lot of "stragglers", probablly over 50% of users here in the UK.
This is mostly because CPE vendors have been slackers. This however is changing D-LINK say "most of their new routers support IPv6". Other vendor will follow suite. Also you don't have to upgrade the CPE to turn on IPv6. You can tunnel over IPv4 from a internal machine though it is slightly more complicated to setup.
If 100% of users can access your website over IPv4 (some of them through a NAT) but only 50% can access it over IPv6 what is the motivation to offer both?
If you care about who is accessing your site you don't want all the IPv6 originated connections being hidden behind the NAT64.
What if I'm a new ISP or hosting provider and I can't get any IP Addresses?? This qualifies as a crisis to me.
You buy a block from an ISP who has "recovered" it from end users by forcing them behind NAT. This won't come cheap but you won't have a lot of choice.
Do we really need to have 3 ipv6 article a week on slashdot. I believe every single slashdotter knows and understands what the problem is about. So I suggest the editors to skip all the articles about "how my god we need to move to ipv6 FAST",
Actually, for all these articles I've yet to see a single one that explains what this whole IP4 IPv6 issue will mean to an actual person sitting at their computer. I run a small home network...no one has told me the world will come to an end if I just keep things set up the way they are. I'd really love someone to explain in simple lay terms whether this will cause me any grief at all...and what -- if anything -- I can do to prevent it.
If you don't do anything nothing much will happen for a while. Eventually your ISP will move you behind a large scale NAT, as they don't have enough address to give every customer their own address, and depending on what your do some things you currently do will stop working.
Also during this time there will be companies that can't get IPv4 addresses and you won't be able to reach them.
Eventually the ISP will want to stop routing IPv4 packets and you will be required to upgrade. You will still be able to reach IPv4 sites using DS-Lite or NAT64/DNS64
Y2K was an issue that everyone knew about and understood that because of the 2000, date stamps would get confused.
But what does this allocation mean? Will I be able to do anything? Should I be petitioning my ISP to offer IPv6 addresses...and if so, what the heck do I do with it?
You should ask your ISP for IPv6. You will connect it to a dual stack router which will connect all your IPv6 capable equipment to the global IPv6 network. You can then connect to anyone offering services over IPv6 which will become just about everyone in the next couple of years.
Does my Fedora 14 box support this?
Yes, Linux has supported IPv6 for over a decade
I think if more people focused on explaining why this is an issue rather than the number of remaining IP numbers, maybe more people would understand...and care. Right now, I'm still trying to find info about why this would possibly matter to me. I've scrolled halfway down this long Slashdot commentary looking for some kind of informative reply, and still don't have anything.
So far I've seen nothing along these lines. Everything keeps being "Add IPv6 to an existing IPv4 network!" Ya, ya ok that works in some cases but if the issue is running out of IPv4 addresses, that isn't the long term answer. The answer is to make routers that'll let IPv4 devices talk IPv6 without them knowing. Likewise you have a 6-to-4 tunnel at the ISP if you need to communicate to old 4-only networks.
Which is why people have been saying for the last decade that vendors should be making their equipment IPv6 capable. That as a consumer you should be looking for IPv6 capable equipment. We are in this position because people failed to listen and now demand kludges to make all their equipment work.
Instead of demanding kludges go to the vendors and demand updates.
Ask the vendors. All of these products were developed years after IPv6 was standardised. Most if not all of them can be updated over the net to support IPv6. It's not like IPv6 requires specialised hardware. Also most of them will be happy with a double NAT and ISP's will be supporting dual stack for year to come.
You don't need the external firewall in the first place. Current OS's can be put on the net without a external firewall. Remember you don't need to give every machine a publicly routable address in the first place.
For HE you can use "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=auto&pass=$pass&user_id=$user_id&tunnel_id=$tunnel_id" and the tunnel broker will figure out the IPv4 address. Run it whenever you renew your lease. If you can't do that run it from cron. I call it using dhclient-exit-hooks. Fill in the relevant details for your tunnel.
Firstly there are too many machines that won't route them for them to useful as general purpose addresses. That said one could use restricted environments like between the CPE and the LSN or 6RD border router provide there was a way for the CPE to signal that it supports unicast in class E (DHCP option) and the ISP was sure that all the intermediate boxes supported unicast class E then it would be allocated. It would give ISP's 15/8's to talk to their customers over. Any customer that needs a public IPv4 address would get something other than a unicast class E.
The only real question is "Can the ASIC's in the intermediate routers handle this?" If so you get fast path + IPv6 (using 6rd) with older routers.
As the ISP upgrades their infrastructure they move to IPv6 native and continue with LSN or move to DS-Lite or NAT64/DNS64 to provide access to the legacy IPv4 network.
You won't need a calculator with IPv6. Your subnets will all be/64 in size and you will have a 16 (/60), 256 (/56) or 65536 (/48) subnets depending upon the prefix size the ISP delegates. All nice and simple. If you don't want to work in hex just use 0-9 and you have 10, 100, and 10000 subnets to play with. Yes your ISP is allocated space on the assumption that they will hand out/48s.
IPv4 was never designed for every person on the planet having a address. It's use went outside the design parameters and would have runout a decade or more ago except for NAT. There was a time when you had to be sponsored to be able to connect to this Internet thing.
The moment there was no restrictions on who could get a address the writing was on the wall. Just be happy it's lasted as long as it has.
Slashdot Mirror
For passwords it's more like: echo "MD5${SALT}"`echo -n "${SALT}${DATA}"|md5sum`
where ${SALT} is random and unique to the user.
No, PGP creates probabilistic unique keys. These are not the same thing as unique keys.
Supermarkets here even have $/<weight/volume> printed on all the shelf tickets, in addition to the item price, so that you can accurately compare similar products and different sizes of the same product.
In most of the world the advertised price is the price you actually pay. It's one of
the things I hate about shopping in the US, having to remember that there is still
tax to be added on. It's much simpler when the tax is included in the advertised
price. You also don't have to remember which items are taxed at which rate or
if they are taxed at all.
Actually you don't get ripped off if you round to the nearest multiple of 5.
1.01 -> 1.00
1.02 -> 1.00
1.03 -> 1.05
1.04 -> 1.05
On any given bill you have 50/50 of rounding up or down and that is how cash transactions are rounded in Australia.
Which is exactly what I do for my T-Mobile sim which I have for when I'm in the US (a couple of weeks a year). The only pain is I need a US credit card to top up so I get a colleague with a US credit card to do it for me.
We are out of IPv4 addresses for 6to4 to be viable anymore.
6rd, however, could eb used.
If one was just wanting to secure the authoritative to recursive server connection DNSCurve will work for that. DNSSEC on the other hand secures the entire path right into the application. Authoritative server -> [caching server] -> caching server -> stub resolver -> application.
Now when you can start up your laptop on a foreign network and are able to trust that the answers from the caching DNS server handed out by DHCP are good with DNSCurve come back. In the meantime DNSSEC does allow you to do that today.
When you put the vulnerability into a CVSS calculator you get a score of 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C) which is in the high range.
Yes, CVSS isn't perfect but that is what is being used. About the only wiggle room is on access complexity even that may be deemed low.
This is a race until you win attack.
They were sold as routers. I see no reference to IPv4 only even in the latest router described as "the ultimate wireless home router".
Model: Linksys E4200
Technology: Wireless-N
Bands: Simultaneous 2.4 GHz and 5 GHz
Transmit / receive: 2 x 3 (2.4 GHz) and 3 x 3 (5 GHz)
Antennas: 6 Internal
Ethernet ports x speed: 4 x Gigabit
USB storage port: Yes
Software setup: CD Install
Cisco Connect software: Yes
Support: 24/7 Award-winning Online Support Resources
90 days Complimentary Assisted Support
Warranty: 1 year hardware limited warranty
OS Compatibility: Windows, Mac
Minimum System Requirements: Internet Browser: Internet Explorer 7, Safari 4 or Firefox 3 or higher for optional browser-based configuration
PC: Wi-Fi enabled PC with CD or DVD drive, running Windows XP SP3, Windows Vista SP1 or later, or Windows 7
Mac: Wi-Fi enabled Mac with CD or DVD drive, running OS X Leopard 10.5 or Snow Leopard 10.6
Package Contents: Linksys E4200 Maximum Performance Wireless-N Router
CD-ROM with setup software and resources
Ethernet network cable
Quick Installation Guide
Power adapter
the v6 growth curve will still continue to follow its current expontential path for some time before colliding with stragglers in the comming years.
The question is what proportion of users will be "stragglers". So far i've not noticed IPv6 options when configuring any home router. Therefore my guess is there will be a hell of a lot of "stragglers", probablly over 50% of users here in the UK.
This is mostly because CPE vendors have been slackers. This however is changing D-LINK say "most of their new routers support IPv6". Other vendor will follow suite. Also you don't have to upgrade the CPE to turn on IPv6. You can tunnel over IPv4 from a internal machine though it is slightly more complicated to setup.
If 100% of users can access your website over IPv4 (some of them through a NAT) but only 50% can access it over IPv6 what is the motivation to offer both?
If you care about who is accessing your site you don't want all the IPv6 originated connections being hidden behind the NAT64.
What if I'm a new ISP or hosting provider and I can't get any IP Addresses?? This qualifies as a crisis to me.
You buy a block from an ISP who has "recovered" it from end users by forcing them behind NAT. This won't come cheap but you won't have a lot of choice.
Do we really need to have 3 ipv6 article a week on slashdot. I believe every single slashdotter knows and understands what the problem is about. So I suggest the editors to skip all the articles about "how my god we need to move to ipv6 FAST",
Actually, for all these articles I've yet to see a single one that explains what this whole IP4 IPv6 issue will mean to an actual person sitting at their computer. I run a small home network...no one has told me the world will come to an end if I just keep things set up the way they are. I'd really love someone to explain in simple lay terms whether this will cause me any grief at all...and what -- if anything -- I can do to prevent it.
If you don't do anything nothing much will happen for a while. Eventually your ISP will move you behind a large scale NAT, as they don't have enough address to give every customer their own address, and depending on what your do some things you currently do will stop working.
Also during this time there will be companies that can't get IPv4 addresses and you won't be able to reach them.
Eventually the ISP will want to stop routing IPv4 packets and you will be required to upgrade. You will still be able to reach IPv4 sites using DS-Lite or NAT64/DNS64
Y2K was an issue that everyone knew about and understood that because of the 2000, date stamps would get confused.
But what does this allocation mean? Will I be able to do anything? Should I be petitioning my ISP to offer IPv6 addresses...and if so, what the heck do I do with it?
You should ask your ISP for IPv6. You will connect it to a dual stack router which will connect all your IPv6 capable equipment to the global IPv6 network. You can then connect to anyone offering services over IPv6 which will become just about everyone in the next couple of years.
Does my Fedora 14 box support this?
Yes, Linux has supported IPv6 for over a decade
I think if more people focused on explaining why this is an issue rather than the number of remaining IP numbers, maybe more people would understand...and care. Right now, I'm still trying to find info about why this would possibly matter to me. I've scrolled halfway down this long Slashdot commentary looking for some kind of informative reply, and still don't have anything.
And lots of things don't work in a double NAT environment. Unfortunately lots of people won't find this out until their ISP puts them behind a LSN.
So far I've seen nothing along these lines. Everything keeps being "Add IPv6 to an existing IPv4 network!" Ya, ya ok that works in some cases but if the issue is running out of IPv4 addresses, that isn't the long term answer. The answer is to make routers that'll let IPv4 devices talk IPv6 without them knowing. Likewise you have a 6-to-4 tunnel at the ISP if you need to communicate to old 4-only networks.
Which is why people have been saying for the last decade that vendors should be making their equipment IPv6 capable. That as a consumer you should be looking for IPv6 capable equipment. We are in this position because people failed to listen and now demand kludges to make all their equipment work.
Instead of demanding kludges go to the vendors and demand updates.
Ask the vendors. All of these products were developed years after IPv6 was standardised. Most if not all of them can be updated over the net to support IPv6. It's not like IPv6 requires specialised hardware. Also most of them will be happy with a double NAT and ISP's will be supporting dual stack for year to come.
You don't need the external firewall in the first place. Current OS's can be put on the net without a external firewall. Remember you don't need to give every machine a publicly routable address in the first place.
Given it is turned on by default on some platforms I think it will be implemented. :-)
http://www.faqs.org/rfcs/rfc3041.html
For HE you can use "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=auto&pass=$pass&user_id=$user_id&tunnel_id=$tunnel_id" and the tunnel broker will figure out the IPv4 address. Run it whenever you renew your lease. If you can't do that run it from cron. I call it using dhclient-exit-hooks. Fill in the relevant details for your tunnel.
Or they could use ULA address for internal communications and PA/PI addresses for external communications with a firewall.
Lots of them are behind LSN's or are IPv6 only with NAT64/DNS64. They were just another consumer of IP addresses.
The last /8s will be handed out later this week to the RIRs. IANA will then have no more unicast addresses to hand out.
Firstly there are too many machines that won't route them for them to useful as general purpose addresses. That said one could use restricted environments like between the CPE and the LSN or 6RD border router provide there was a way for the CPE to signal that it supports unicast in class E (DHCP option) and the ISP was sure that all the intermediate boxes supported unicast class E then it would be allocated. It would give ISP's 15 /8's to talk to their customers over. Any customer that needs a public IPv4 address would get something other than a unicast class E.
The only real question is "Can the ASIC's in the intermediate routers handle this?" If so you get fast path + IPv6 (using 6rd) with older routers.
As the ISP upgrades their infrastructure they move to IPv6 native and continue with LSN or move to DS-Lite or NAT64/DNS64 to provide access to the legacy IPv4 network.
You won't need a calculator with IPv6. Your subnets will all be /64 in size and you will have a 16 (/60), 256 (/56) or 65536 (/48) subnets depending upon the prefix size the ISP delegates. All nice and simple. If you don't want to work in hex just use 0-9 and you have 10, 100, and 10000 subnets to play with. Yes your ISP is allocated space on the assumption that they will hand out /48s.
IPv4 was never designed for every person on the planet having a address. It's use went outside the design parameters and would have runout a decade or more ago except for NAT. There was a time when you had to be sponsored to be able to connect to this Internet thing.
The moment there was no restrictions on who could get a address the writing was on the wall. Just be happy it's lasted as long as it has.