Of course, in the tradition of blackberry, the device will be a tablet with a keyboard, and won't have a touch screen. Fortunately they will instead use the new trackpad, instead of the trackball.
Blackberry don't have a good record with touchscreen... In fact, its pretty atrocious. People forget, the touchscreen is what makes a device. This is why iPhone, iPad, etc are so popular, Apple have nailed the touchscreen.
(btw - in case anyone accuses me of otherwise - Avid blackberry user, hate the iPhone, love the blackberry, but I call it like it is - Apple ownz touchscreens).
I don't understand the need for wide-area highly accurate (less than 1ms accurate) timing. Once you get beyond a reasonable distance, the speed of light starts playing into the equation.
Bottom line is if you never tell anyone that your base password starts with p455W0rd, then I don't think having a personalize system of 2+ characters to distinguish which system the password is for, and another 2+ characters to allow to reoccurring password changes would make your password any less secure, with the benefit of making them easier to remember. For extra security, add some ! _ - @ % etc characters to break up the 3 parts to your password. i.e. p455W0rd#02!01
Hi, please sign up for a system that I run, where I log every users IP, PTR record, username, full name, DOB, etc, etc, and PASSWORD to a nice database. Now I can begin work on cracking your other passwords.
I wish people would stop thinking that the systems you log in to are secure. This especially bad with the users who have one standard password, or the mysecret-slashdot. The ones who use apples01, apples02 are rarely better. Your system just adds a little bit more complexity.
I'm sorry, the only way to deal with the multitude of passwords today, given there is no wide-spread smartcard deployment, is a secure encrypted password DB stored on a portable eletronic device (eg phone, ipod touch, palm, etc, etc), and use the autogen password tool to generate new passwords.
What you want (being able to define pages) is wrong in many many ways.
You should, as an authoring tool, never define a page, or its dimensions, especially academic works, which will be printed in different formats, on different paper (A4/Letter/Tradeback/etc/etc)
At most, whatever markup you have, many define things like page breaks, but even then, they are more a typesetting issue.
"somewhere in the South Pacific, just watch out for the coups that happen every few years."
He's not wanting to holiday there, he wants to move there. A country with a history of unstable government, and one that is in the middle of a military coup d'état is not a good place to live.
I just read that the Earth is spherical. Can you point me to a precedent? If you don't do my homework for me I'll just DIE!
Actually, its not, well, not exactly spherical, and yes, I'll do your homework (though if you are older than 12, your teacher should shoot you for using Wikipedia as a reference) - http://en.wikipedia.org/wiki/Earth#Shape
(Hint - All wiki facts should be referenced, check the reference and quote it instead!)
Oy vei! Does anybody use T568A these days? I thought that was pretty much phased out?
Wikipedia answers:
TIA/EIA-568-B specifies that horizontal cables should be terminated using the T568A pin/pair assignments, "or, optionally, per [T568B] if necessary to accommodate certain 8-pin cabling systems." Despite this instruction, many organizations continue to implement T568B for various reasons, chiefly associated with tradition (T568B is equivalent to AT&T 258A). The United States National Communication Systems Federal Telecommunications Recommendations do not recognize T568B.
Eg - you are old and out of date - T568A is the correct, current standard.
We used mailman, but in theory any mailing list software will do. We created a non-archived moderator approved single subscriber mailing list called our_childs_name@our_domain. Then created a real mailbox called secret_mailbox@our_domain, then setup ACLs in the mailserver to deny anyone but localhost from delivering to secret_mailbox. Then subscribed the secret_mailbox to the mailing list. My wife and I are moderators of the list. When a new email comes in, we get an emailing notifying us theres a message, one click opens the approval page, and one click forwards the mail on, or drops it.
Done and done, all free software and it took only a few minutes with an already working mail server.
If you don't have your own mailserver, then I guess it gets more tricky:)
I remember when Hewlett Packard was a trusted name in printing. Their HP 9871A was an industry revolution and every printer they made was build to last. Then some time in the late '90s I bought an HP printer and IT WAS A DOG. The damn thing couldn't print on a straight line, was made of thin, thin plastic, had cartridges that cost more than the damn printer... and all my years of loyalty to the HP name went whooooooooshhhhh. That was about the time they started making computers.
How much did you pay for the HP 9871A? How much did you pay for the POS in the late 90s?
If you pay good money, you get good stuff. HPs midrange lasers are good quality.
Can anyone verify what, if any, difference these "testing ony" certificates are?
Do they come up with the name "TESTING ONLY - Mozilla corporation", or it it more like the sub-root key is named "Strictly testing only", which requires you to inspect the certificate fully for every connection?
Fortunately we've used client-side certificates for our 2 factor authentication for years. Its cheaper than tokens, and easier too.
My God, I remember (I honestly do!) the Geeks In Space episode where Taco is discussion the new 256MB video card. The discussion went something like this: "What would you do with 256MB of video ram!" "Store your porn in it" *laughs* "That'd make playing Doom fun... Hey Thats a *nice* wall"
Lower the dish so its pointing directly at your neighbours house. When they enquire about it; Tell them you can now read their email. Refuse to elaborate.
My shrink's neighbour has a dish pointed at the shrinks office. He says the paranoid delusionals love it. I love it too. Total coincidence.
It was at that moment that I realized what true depression was. I looked back on the moment a week later after the side effects had dithered and thought about how irrational those thoughts were.
One week of a drug induced depression is not clinical chronic depression. This would be like saying, I spent one week living on bread and water, and I now totally understand what its like to be living in a 3rd world country and starving every day.
I agree, that's the key weakness in Truecrypt. I hibernate both my desktop and laptop systems, and mounted Truecrypt drives remain mounted with no need to re-enter the password no matter how much time has passed. A data thief would have no problems
There are two kinds of people, those who understand cryptography, and those who think they do.
The encryption is live "on-the-fly" encryption, this means the bits and bytes stored on the disk are encrypted as they are written to disk, and decrypted as they are read. So if you laptop was booted, and you forgot to shut it down right, the whole disk(*), everything, is still encrypted.
Now, as for hibination, sleep mode, etc. If your laptop prompts you for a password everytime to goes to sleep or hibinates (and it SHOULD, even without full disk encryption!), then the would-be-attacker has three choices when he steals your laptop while its sleeping or hibinating.
1. Rip the disk out, and inspect it. Whoops, its still encrypted (even though it was running while it was ripped out).
2. Power cycle the PC, and try and boot it. Whoops, its still encrypted.
3. Crack/break/bruteforce your screensaver. Assuming you aren't running X in its default setup (where you can press Ctrl+Alt+F2 and bypass the screensaver(**)) then this should be very difficult.
So, the short story is, sleep mode and hibinate are not the giant loopholes you seem to think they are.
Now, just because in the world of cryptography, nothing is simple, you do have one point - a laptop that is sleeping would presumably still have the disk master key stored in memory (so it can read the disk). In *THEORY* a sufficiently advanced hacker, *COULD* steal a laptop that was sleeping, with full disk encryption, and password protected screensaver, and use some funky hardware to read the RAM on the system whilst it was still running/sleeping. We are talking NSA level hacks here, this isn't a simple task, but its in theory, possible. The only way to defeat this would be to wipe the master key just before going to sleep, and prompting the user for their full disk boot password when the laptop wakes up before userland is activated. You'd only be able to do this with the assistance of the kernel, as swap and everything else would be unavailable until the master key is retrieved again.
* - Yes, full disk encryption is most of the time, partition level encryption of the system partition, but to simplify the discussion, I'll refer to it being full disk.
** - Yes, the would be hacker would still be prompted for a getty user/pass, but thats assuming you haven't left a console open by mistake. I always disable the Ctrl+Alt+F keys on X on laptops. The other aspect is once the screensaver is prompting you for a password, the PC is back on the network. However, if a solution as above was implemented, the wake-up password would occur before userland is running again.
Bulk bandwidth can be bought at prices between $5 and $10 per mbit. 1mbit is approximatly 324GB (and that would be bidirectional, so double that when discussing residential bandwidth limits).
Say what?!? mbit = Megabit. Reading the site you posted, I'm guessing you are misusing Mbps, which is Megabit per second. Bandwidth is how big your pipe is, not how many gallons of water you can get per month. Saying 1mbps is approximately 324GB is like saying 100 yards is approximately 240mph. These are two totally different measurements. Now if you really mean to use mbit (which technically if milli-bit, but I'll assume you mean mega-bit), and assuming an 8 bit system, thats 125 Kilobytes.
Repeat after me, data usage != bandwidth. I can download 1GB per month on a 28.8kbps dialup modem, I can also download 1MB on a 1Gbps connection.
But, I suppose Linux can boot in under 14 seconds if it's an embedded device doing non-PC work.
LOL. Linux can boot in under 1 second if its an embedded device. My linux system boots in 14 seconds (grub to login), and its a full desktop. From login to first-run (eg until I can actually start a program by double clicking its icon*) is around 10 seconds.
* I hate that Windows in particular boots to the "desktop", then spends 30 seconds to a full 5 minutes starting every fricking desktop service all at once. Even if I did want my quicktime movies to play real-damn-fast, I don't need to play quicktime movies within the first 5 minutes of booting. Windows should allow finer control over Run and Startup registry/folders, with by default programs in these groups start up one at a time, and only after 2 minutes from desktop display, and only if the PC isn't busy loading another program.
I've got a box full and it's always fun trying to find the 2.0 cable hiding among the 1.0 cables
Here's a tip..... USB 1 CABLES - THROW THEM OUT. Serious. Under what possible circumstance could you ever say, "oh bugger, I need a USB cable, and all I have is these stupid 2.0 cables?" (ok, ok, the exception is when you need a USB3.0 cable).
"As for Fujitsu's 0W-standby monitor, they conveniently omit the fact that this extra relay's coil and related components will be drawing an extra 1W or so while the monitor/TV is on."
1 Watt??? I built a circuit that used a relay for precisely this. I just called it from the other point of view, it turned itself off. There is no way you need 1 Watt of power to hold anything but the largest relays.
Btw - this 0W standby only works when its a relatively simple thing to monitor for to come out of standby, a line level. Try making a TV that is 0W standby, yet I can boot it with just my remote. Actually, its quite simple, you use a rechargeable battery to power a IR monitoring circuit, but thats cheating:)
Nice idea, but you need to hand in your geek card. Short answer: That command fails with permission denied
Why? Because sudo runs the specified command with root priviledges. The command specified is echo "blah blah", this is run as root. The output is appended, using your *CURRENT* priviledges, to/etc/hosts.
The command you want is:
sudo sh -c 'echo "127.0.0.1 www.block.this.site" >>/etc/hosts'
"The company stumbled upon the technology while working with wind turbines to power remote surveillance CCTV cameras for ATM."
Why would you not plug the CCTV into the same power source that the ATM uses? I'm trying to imagine an ATM thats sitting in the middle of a forest somewhere, powered by who-knows-what, with a CCTV camera that is powered by wind turbines.
That said, I'm interested in how they are powering the ATM's? Maybe the ATM's are already using perpetual energy! Damn, the banking industry already has unlimited fiscal power, now it has unlimited electrical power!
Runs off into corner, puts his tinfoil hat back on
How would one get assigned such addresses? I'd like to stop using IPv4 RFC 1918 address ranges for my personal networks, so that I can VPN in from anywhere without worrying about my address ranges conflicting with those of whatever network I stick my laptop on. My ISPs don't do IPv6. I want a globally unique IPv6 range of my very own, which does not need to be routable from the Internet. (I've given up on that dream.) Its true, getting PI (Provider Independant) IPv6 space is almost impossible for anyone with a budget, but consider this:
Renumbering isn't as hard as it first seems with v6. DNS is almost a requirement for IPv6, and site autoconfiguration (The last 64bits of the address) is the default and standard. It works very well. The only reason you'd not auto configure is maybe for servers (maybe). Heck, you don't even need to give the routers static addresses. Given that, renumbering isn't the same hassle it use to be.
But the true solution to your now limited requirement is this: fc00::/7 Unique local IPv6 unicast addresses are routable only within a set of cooperating sites. They were defined in RFC 4193 as a replacement for site-local addresses. The addresses include a 40-bit pseudorandom number that minimizes the risk of conflicts if sites merge or packets somehow leak out.
Also, don't forget that multiple IP addresses per network interface is now the norm with IPv6. My PC, which gets its addresses autoconfigured, has 4 IPv6 addresses on its single interface. 2 global IPv6 addresses (one is from a tunnel provider 2001::, and the other is a 6in4 address 2002::), one link local address, and one site address (fc00::). Any hand typed IPv6 address in any config file always uses the fc00 address. For almost everything I use DNS, so that way if I change my tunnel, or my 6in4 v4 address changes, its a simple matter of editing the DNS records.
Surely, you should only need one port to communicate with your toaster. I'll even wager that you wont have 65535 devices in your house that you need to talk to. They only need one port. NAT it and be done.
And how do you remember which port is the toaster, and which is the fridge? If you want to SSH into them, you can't even use a reverse web proxy. At that point, if I was forced to use IPv4, I'd setup a PPTP VPN and route it using 10.0.0.0/8 address range.
So no, I choose to make my toaster accessible via IPv6, and if you are forced to use v4, you can still access the basic webpage with http://myhouse.example.com/toaster. Hmmm.. I'm hungry, I think I wanted slightly burnt bread.
I'm continually amazed at the number of people in the IT and Net industry who keep "wondering" when IPv6 will arrive. Its been here for a long time. I'm running a series of web servers for internal company use that have native IPv6 addresses. For public consumption, we have an IPv4 reverse proxy that allows us to run our entire web services behind one IPv4 address. Any customer who has an IPv6 address gets to talk to the individual servers.
The advantage comes when you consider management. In order to have 20 SSH/FTP/etc accessible Internet servers, I'd either need 20 separate IPv4 addresses (getting a decent segment of a class C here is expensive), or I'd have to play fun games with ports. All our technicians have IPv6 on their laptops, and use tunnel brokers for access to the v6 network.
Most of our clients have IPv6 connectivity, though they don't notice it. When we put in a firewall, IPv6 comes default setup with tunnel brokers.
People keep asking, when's there gonna be v6 content? There is no v6 content (ok, their is full colour ascii starwars). Any content provider would be nuts to say "you have to have v6 to see our content" at this point (with the exception of mobile phones). IT Techs brought v4 to the public, we'll bring v6 to the public. Its technicians like myself who appreciate having an Internet accessible toaster (ok, so its not yet accessible) that have already started the ball rolling.
Before long you'll see hosting providers saying, you can have one web gateway shared v4 address and a/64 v6 address for a cheap price. You'll design your websites to be usable on v4, but for management tools, etc, you'll need to install a v6 tunnel.
Slashdot Mirror
And a battery life of 3.6 seconds when all 4 cores are running.
Of course, in the tradition of blackberry, the device will be a tablet with a keyboard, and won't have a touch screen. Fortunately they will instead use the new trackpad, instead of the trackball. Blackberry don't have a good record with touchscreen... In fact, its pretty atrocious. People forget, the touchscreen is what makes a device. This is why iPhone, iPad, etc are so popular, Apple have nailed the touchscreen. (btw - in case anyone accuses me of otherwise - Avid blackberry user, hate the iPhone, love the blackberry, but I call it like it is - Apple ownz touchscreens).
I don't understand the need for wide-area highly accurate (less than 1ms accurate) timing. Once you get beyond a reasonable distance, the speed of light starts playing into the equation.
Hi, please sign up for a system that I run, where I log every users IP, PTR record, username, full name, DOB, etc, etc, and PASSWORD to a nice database. Now I can begin work on cracking your other passwords.
I wish people would stop thinking that the systems you log in to are secure. This especially bad with the users who have one standard password, or the mysecret-slashdot. The ones who use apples01, apples02 are rarely better. Your system just adds a little bit more complexity.
I'm sorry, the only way to deal with the multitude of passwords today, given there is no wide-spread smartcard deployment, is a secure encrypted password DB stored on a portable eletronic device (eg phone, ipod touch, palm, etc, etc), and use the autogen password tool to generate new passwords.
What you want (being able to define pages) is wrong in many many ways.
You should, as an authoring tool, never define a page, or its dimensions, especially academic works, which will be printed in different formats, on different paper (A4/Letter/Tradeback/etc/etc)
At most, whatever markup you have, many define things like page breaks, but even then, they are more a typesetting issue.
What you want is either LaTeX or DocBook.
"somewhere in the South Pacific, just watch out for the coups that happen every few years."
He's not wanting to holiday there, he wants to move there. A country with a history of unstable government, and one that is in the middle of a military coup d'état is not a good place to live.
Fiji: Not too bad
you are shitting me... Right?
I just read that the Earth is spherical. Can you point me to a precedent? If you don't do my homework for me I'll just DIE!
Actually, its not, well, not exactly spherical, and yes, I'll do your homework (though if you are older than 12, your teacher should shoot you for using Wikipedia as a reference) - http://en.wikipedia.org/wiki/Earth#Shape
(Hint - All wiki facts should be referenced, check the reference and quote it instead!)
Oy vei! Does anybody use T568A these days? I thought that was pretty much phased out?
Wikipedia answers:
TIA/EIA-568-B specifies that horizontal cables should be terminated using the T568A pin/pair assignments, "or, optionally, per [T568B] if necessary to accommodate certain 8-pin cabling systems." Despite this instruction, many organizations continue to implement T568B for various reasons, chiefly associated with tradition (T568B is equivalent to AT&T 258A). The United States National Communication Systems Federal Telecommunications Recommendations do not recognize T568B.
Eg - you are old and out of date - T568A is the correct, current standard.
We used mailman, but in theory any mailing list software will do.
We created a non-archived moderator approved single subscriber mailing list called our_childs_name@our_domain. Then created a real mailbox called secret_mailbox@our_domain, then setup ACLs in the mailserver to deny anyone but localhost from delivering to secret_mailbox. Then subscribed the secret_mailbox to the mailing list. My wife and I are moderators of the list. When a new email comes in, we get an emailing notifying us theres a message, one click opens the approval page, and one click forwards the mail on, or drops it.
Done and done, all free software and it took only a few minutes with an already working mail server.
If you don't have your own mailserver, then I guess it gets more tricky :)
I remember when Hewlett Packard was a trusted name in printing. Their HP 9871A was an industry revolution and every printer they made was build to last. Then some time in the late '90s I bought an HP printer and IT WAS A DOG. The damn thing couldn't print on a straight line, was made of thin, thin plastic, had cartridges that cost more than the damn printer... and all my years of loyalty to the HP name went whooooooooshhhhh. That was about the time they started making computers.
How much did you pay for the HP 9871A? How much did you pay for the POS in the late 90s?
If you pay good money, you get good stuff. HPs midrange lasers are good quality.
Can anyone verify what, if any, difference these "testing ony" certificates are?
Do they come up with the name "TESTING ONLY - Mozilla corporation", or it it more like the sub-root key is named "Strictly testing only", which requires you to inspect the certificate fully for every connection?
Fortunately we've used client-side certificates for our 2 factor authentication for years. Its cheaper than tokens, and easier too.
My God, I remember (I honestly do!) the Geeks In Space episode where Taco is discussion the new 256MB video card. The discussion went something like this:
"What would you do with 256MB of video ram!"
"Store your porn in it"
*laughs*
"That'd make playing Doom fun... Hey Thats a *nice* wall"
Lower the dish so its pointing directly at your neighbours house.
When they enquire about it; Tell them you can now read their email.
Refuse to elaborate.
My shrink's neighbour has a dish pointed at the shrinks office. He says the paranoid delusionals love it. I love it too. Total coincidence.
One week of a drug induced depression is not clinical chronic depression. This would be like saying, I spent one week living on bread and water, and I now totally understand what its like to be living in a 3rd world country and starving every day.
There are two kinds of people, those who understand cryptography, and those who think they do.
The encryption is live "on-the-fly" encryption, this means the bits and bytes stored on the disk are encrypted as they are written to disk, and decrypted as they are read. So if you laptop was booted, and you forgot to shut it down right, the whole disk(*), everything, is still encrypted.
Now, as for hibination, sleep mode, etc. If your laptop prompts you for a password everytime to goes to sleep or hibinates (and it SHOULD, even without full disk encryption!), then the would-be-attacker has three choices when he steals your laptop while its sleeping or hibinating.
1. Rip the disk out, and inspect it. Whoops, its still encrypted (even though it was running while it was ripped out).
2. Power cycle the PC, and try and boot it. Whoops, its still encrypted.
3. Crack/break/bruteforce your screensaver. Assuming you aren't running X in its default setup (where you can press Ctrl+Alt+F2 and bypass the screensaver(**)) then this should be very difficult.
So, the short story is, sleep mode and hibinate are not the giant loopholes you seem to think they are.
Now, just because in the world of cryptography, nothing is simple, you do have one point - a laptop that is sleeping would presumably still have the disk master key stored in memory (so it can read the disk). In *THEORY* a sufficiently advanced hacker, *COULD* steal a laptop that was sleeping, with full disk encryption, and password protected screensaver, and use some funky hardware to read the RAM on the system whilst it was still running/sleeping. We are talking NSA level hacks here, this isn't a simple task, but its in theory, possible. The only way to defeat this would be to wipe the master key just before going to sleep, and prompting the user for their full disk boot password when the laptop wakes up before userland is activated. You'd only be able to do this with the assistance of the kernel, as swap and everything else would be unavailable until the master key is retrieved again.
* - Yes, full disk encryption is most of the time, partition level encryption of the system partition, but to simplify the discussion, I'll refer to it being full disk.
** - Yes, the would be hacker would still be prompted for a getty user/pass, but thats assuming you haven't left a console open by mistake. I always disable the Ctrl+Alt+F keys on X on laptops. The other aspect is once the screensaver is prompting you for a password, the PC is back on the network. However, if a solution as above was implemented, the wake-up password would occur before userland is running again.
Say what?!? mbit = Megabit. Reading the site you posted, I'm guessing you are misusing Mbps, which is Megabit per second. Bandwidth is how big your pipe is, not how many gallons of water you can get per month. Saying 1mbps is approximately 324GB is like saying 100 yards is approximately 240mph. These are two totally different measurements. Now if you really mean to use mbit (which technically if milli-bit, but I'll assume you mean mega-bit), and assuming an 8 bit system, thats 125 Kilobytes.
Repeat after me, data usage != bandwidth. I can download 1GB per month on a 28.8kbps dialup modem, I can also download 1MB on a 1Gbps connection.
LOL. Linux can boot in under 1 second if its an embedded device. My linux system boots in 14 seconds (grub to login), and its a full desktop. From login to first-run (eg until I can actually start a program by double clicking its icon*) is around 10 seconds.
* I hate that Windows in particular boots to the "desktop", then spends 30 seconds to a full 5 minutes starting every fricking desktop service all at once. Even if I did want my quicktime movies to play real-damn-fast, I don't need to play quicktime movies within the first 5 minutes of booting. Windows should allow finer control over Run and Startup registry/folders, with by default programs in these groups start up one at a time, and only after 2 minutes from desktop display, and only if the PC isn't busy loading another program.
Here's a tip..... USB 1 CABLES - THROW THEM OUT. Serious. Under what possible circumstance could you ever say, "oh bugger, I need a USB cable, and all I have is these stupid 2.0 cables?" (ok, ok, the exception is when you need a USB3.0 cable).
Repeat after me; throw out old cables.
1 Watt??? I built a circuit that used a relay for precisely this. I just called it from the other point of view, it turned itself off. There is no way you need 1 Watt of power to hold anything but the largest relays.
Btw - this 0W standby only works when its a relatively simple thing to monitor for to come out of standby, a line level. Try making a TV that is 0W standby, yet I can boot it with just my remote. Actually, its quite simple, you use a rechargeable battery to power a IR monitoring circuit, but thats cheating
Nice idea, but you need to hand in your geek card.
Short answer: That command fails with permission denied
Why?
Because sudo runs the specified command with root priviledges. The command specified is echo "blah blah", this is run as root. The output is appended, using your *CURRENT* priviledges, to
The command you want is:
Why would you not plug the CCTV into the same power source that the ATM uses? I'm trying to imagine an ATM thats sitting in the middle of a forest somewhere, powered by who-knows-what, with a CCTV camera that is powered by wind turbines.
That said, I'm interested in how they are powering the ATM's? Maybe the ATM's are already using perpetual energy! Damn, the banking industry already has unlimited fiscal power, now it has unlimited electrical power!
Runs off into corner, puts his tinfoil hat back onRenumbering isn't as hard as it first seems with v6. DNS is almost a requirement for IPv6, and site autoconfiguration (The last 64bits of the address) is the default and standard. It works very well. The only reason you'd not auto configure is maybe for servers (maybe). Heck, you don't even need to give the routers static addresses. Given that, renumbering isn't the same hassle it use to be.
But the true solution to your now limited requirement is this:
fc00::/7 Unique local IPv6 unicast addresses are routable only within a set of cooperating sites. They were defined in RFC 4193 as a replacement for site-local addresses. The addresses include a 40-bit pseudorandom number that minimizes the risk of conflicts if sites merge or packets somehow leak out.
Also, don't forget that multiple IP addresses per network interface is now the norm with IPv6. My PC, which gets its addresses autoconfigured, has 4 IPv6 addresses on its single interface. 2 global IPv6 addresses (one is from a tunnel provider 2001::, and the other is a 6in4 address 2002::), one link local address, and one site address (fc00::). Any hand typed IPv6 address in any config file always uses the fc00 address. For almost everything I use DNS, so that way if I change my tunnel, or my 6in4 v4 address changes, its a simple matter of editing the DNS records.
The issue with this is that IP was designed so that each device has one IP address. When you visit google, you go to http://www.google.com/, not http://www.google.com:81/ (I tried to use :80 here, but slash removed it, so I'm using 81). So if I wanted my toaster and fridge to be accessible, to browser to their respective webpages, I'd have two choices; http://myhouse.example.com:81/ http://myhouse.example.com:82/ etc etc, or use a reverse proxy and use http://myhouse.example.com/toaster.
And how do you remember which port is the toaster, and which is the fridge? If you want to SSH into them, you can't even use a reverse web proxy. At that point, if I was forced to use IPv4, I'd setup a PPTP VPN and route it using 10.0.0.0/8 address range.
So no, I choose to make my toaster accessible via IPv6, and if you are forced to use v4, you can still access the basic webpage with http://myhouse.example.com/toaster. Hmmm.. I'm hungry, I think I wanted slightly burnt bread.
I'm continually amazed at the number of people in the IT and Net industry who keep "wondering" when IPv6 will arrive. Its been here for a long time. I'm running a series of web servers for internal company use that have native IPv6 addresses. For public consumption, we have an IPv4 reverse proxy that allows us to run our entire web services behind one IPv4 address. Any customer who has an IPv6 address gets to talk to the individual servers.
/64 v6 address for a cheap price. You'll design your websites to be usable on v4, but for management tools, etc, you'll need to install a v6 tunnel.
The advantage comes when you consider management. In order to have 20 SSH/FTP/etc accessible Internet servers, I'd either need 20 separate IPv4 addresses (getting a decent segment of a class C here is expensive), or I'd have to play fun games with ports. All our technicians have IPv6 on their laptops, and use tunnel brokers for access to the v6 network.
Most of our clients have IPv6 connectivity, though they don't notice it. When we put in a firewall, IPv6 comes default setup with tunnel brokers.
People keep asking, when's there gonna be v6 content? There is no v6 content (ok, their is full colour ascii starwars). Any content provider would be nuts to say "you have to have v6 to see our content" at this point (with the exception of mobile phones). IT Techs brought v4 to the public, we'll bring v6 to the public. Its technicians like myself who appreciate having an Internet accessible toaster (ok, so its not yet accessible) that have already started the ball rolling.
Before long you'll see hosting providers saying, you can have one web gateway shared v4 address and a