Honestly I don't see why that should make him look bad. Personally if some mega corp suddenly wanted my domain name, which I do use to receive mail at and to host some other personal stuff on which I can give people a memorable for, I'd ask for a pile of money too.
I mean why not? I have rights to a unique resource someone else has decided is valuable to them. They have no claim on it; I had the name first after all selected for my own reasons. Just like Nissan did, it was his last name after all a perfectly reasonably cause to choose it. Its going to inconvenience me and all of my contacts to change it; maybe not to the tune of a million dollars but its a thinly traded market if demand for it from entity like a Microsoft is high so should be the price.
I'll agree squatting and not using a domain should not be allowed; it is a limited resource there are only so many short, easy to remember, spellable names. Only the dipshits at TSA want to use name most users would need to enter character codes to type or use something like charmap and copy/paste to enter. Otherwise I think if you even so much as receive the occasion mail there and you have an even halfway credible reason why you selected the name in the first place, like "my first cat had that name" quality; it should be first come first serve.
Well water is anything but pure. In the best case its loader with dissolved minerals and full of microbes. Now admittedly they might be good tasting minerals and microbes, that actually help rather than hinder larger organisms like us that drink but to say its pure is crazy talk.
If the rule is that water has to be pure than they need to be use water that has been made darn near pure via distillation or made by oxidizing hydrogen gas; not pretending well water is pure.
Obviously allowing media companies to deploy root kits will increase the number of vulnerable machines on our nations part of the internet. Assuming this some how only finds its way on to home PC it still leaves many machines more vulnerable to attack by additional malware which might make them botnet members which could be used in DDOS attacks against critical business sectors like Finance and Healthcare.
Clearly the desire to do this shows the media companies behind it are irresponsible citizens endangering our national security at best actively aiding and abetting our enemies and terror organizations at worst. These are unAmerican activities and the industry participants need to be call out on it.
KVM is great for a environment where everyone is being cooperative; and sorta knows what they are doing. It lacks the resource management and isolation features you'd want in an academic lab. You need to be able control how much storage I/O a single vm can use. You might have someone learning about networking even doing things purposefully that are going to slam CPU resources like creating loops in Ethernet topologies.
Yes you might be able to get some Linux hosts with KVM to what you need with cgroups, and limits, etc but its going to be anything but simple and manageable across multiple physical hosts without tons of scripting and testing on your part. Libvirt is still a moving target, so keeping everything working is going to be adventure as well. All the precursors to provide the experience vSphere and Xen offer are there but lets not kidd anyone about the work that is still needed to get there. It would be wonderful if original poster could offer the resources to do that and even better if it could get contributed back to the community but its a tall order.
I don't agree. There is nothing really unique to virtualization, it's just really interdisciplinary, storage, network engineering, wintel admin, Linux admin, physical datacenter management, etc on these scales. Nothing anyone who has been in IT for awhile and worn a few hats in that time can't be expected to do so reading and then get started.
It is a useful question to ask though, at least several of the products mentioned can likely meet his needs, there are qualitative and technical differences and soliciting some info on he experience of others, to help direct his research effort is not unreasonable
I think it depends what the arrangement is. If you hire someone to create deliverable X with defined specs for $Y then if they take the contract they need to provide deliverable X to spec no matter how long it takes them; or you don't pay.
Its up to the contracted not to accept a job where the specs are inadequate. If the job is going to be big enough that its worth while maybe you provide some good customer service and help write clear specs; that everyone can understand and agree to.
On the other hand lots of contracts are written block of time. In which case I think you are obligated to pay for additional hours if that is what is needed to make something work or decide not to continue, but you still pay for the time used so far. Now you still may have issues with the quality and quantity of work falling below industry norms. If that happens you maybe don't hire that person again, and if its really really out-of-line that is what courts are for.
I think the parents point was that they were probably just some kids, not terrorists. I recall as a kid playing with fire, my friends and I would deliberately chose large relatively impervious cement structures like those big stome drain tubes etc because we could be pretty certain we would do no damage to them, and there would be nothing flammable near by for fire to spread to.
If you want see what a molatove cocktail will do, throwing agaist the side of a big concrete damn is probably about the safest place possible. Yes it's still a pollution source and such, and a stern word and even a fine probably make sense, but we don't know the intent and its silly assume its terrorism.
You don't name them because sometimes you have had enough trouble. He has no more interest in Belize; so he might be right they have done all the harm they can to him there and it should be over. Lets further speculate that they were not just interested in harming McAfee, they wanted to extort money from him like he says.
What has happened. Well they have used what leverage they had to get what they were able to out of him. There interest was always money they got what they want, they'll now move on. It sucks for McAfee but if the system is as corrupt their as he claims than its a safe bet anything he could do get restitution would cost him more than he could hope to recover. He'd probably have to hire his own goon squad. So for him it may be best to leave it alone now. Let these guys move on to more accessible targets.
On the other hand if he starts naming names and cause unwanted attention to be paid to these people now suddenly they might find motivation to shut him up. These are the type of people who commit extortion and arson, If I were him unless i had some way to get the upper hand in the situation I don't think I'd be especially inclined to find out if they are above murder. I'd want to disentangle myself from them.
Know when to hold'em, know when to fold'em. Fighting is best left for conflicts you can win; and revenge tastes just as sweet cold.
The truth is those older vaccines probably hurt lots people. Which is not to say that they did not help millions more. Its not just the era of litigation that is the issue. We are a lot better at identifying the cause of health problems now than we were 40 years ago. We have gotten much faster and widely distributed news, so even a handful of bad outcomes becomes know to the public.
I suspect the anit-vaccs movement would be stronger not weaker if the older vaccs were still in use. A few negative outcomes with very clear established causation would be impossible to make go away in terms of news cycle.
What society is not good at is risk assessment. People are afraid to get their kid vaccinated due to the tiny risk they have some rare as yet unknown immune condition that could cause problems, but were willing to subject them to the risk of driving to the physicians office. These are the same people that demand the TSA strip search their fellow passengers but think nothing of the danger of keeping a large crowd of people confined to a small area.
We need to get much better at teaching cost benefit analysis with regard to risk management. Because right now a whole lot of people are spending a whole lot of money to make themselves less safe.
The article makes this sound like its some new threat. Nobody has figured a way to infect your phone with malware by playing music or sowing a film, just trigger malware to do something whe. The phones sensors detect theses things. You have to have already been compromised via some more conventional vector.
So the question is why would anyone go to the trouble? I guess it could replace a command and control channel, I want my dodos to start at 8pm so have everyone's phone listen for the television themes for "the orrifice" or "CSI Newark", great but that is hardly a threat to mobile users more of an issue for carriers and ddos targets, who no longer have an irc channel to shut down or Dns entry to have the FBI yank but still not of great concern
Agree, never my snarky post higher up in this discussion. The fact is COBOL is proven to scale and does the things its really good at; probably better than anything else. IBM mainframe MVS platforms are probably the best damn environment to run it in to with the longest stretch of forward and backward compatibility to maximize your software development investment. Generally the calls to kill off COBOL come from the ignorant.
It might one day be possible for us to automate the production of everything we need. The thing is that will require incredible amounts of capital; which simply does not exist. A moments look around at all the abject poverty out there and that would be obvious.
Now a bunch of people are going to jump up and say "but but teh wealth gap". I don't think so. Much of the capital out there is on paper only. The total wealth is conceptually highly inflated. Its the wealth gap that enables the uber rich to exist. Political ideology aside, and philosophy aside; what would happen if say we could somehow distribute the wealth equally without impacting productivity?
The marginal costs of providing what most people would probably want to everyone would not be achievable at even if they look like today's dollars would buy them. I am talking basic things like clean living space of modest size say 1800sq feet and good transportation to wherever you need to go. The cost of having the few enjoy their 13000sq places is much less than putting everyone into something decent.
Before you have robots to do everything you go to get lots of infrastructure built to support them. I don't think it can be done in 30 years time. People like to pretend they and their nations are extremely wealthy but I suspect if people really started putting that wealth to work they'd find it does not go nearly so far as their fantasies say it should. Just look at the money we have put into infrastructure projects in Afghanistan and how alliteratively workable utility in terms of roads, factories, schools, electrification, there actually is to show for it.
Its not what they are doing here exactly but there is not reason you can't have a logical topology over top of a physical one. Actually its very useful, especially when combined with a virtual machine infrastructure. Perhaps you want to have two machines in separate data-centers to participate in software NLB they need network adjacency, for example, yet I doubt you want a continuous layer two link stretched across the country. Sure if its just two DCs maybe a leased line between them will work, what if you have sites all over the place and potentially want to migrate the hosts to any of them at any time? That would allow for maintenance at a facility, or perhaps you power on facilities during off peak local electrical use, and migrate your compute there?
People are doing these things today but once you get beyond a singe VM host cluster it gets pretty manual. With admins doing lots of work to make sure all the networks are available where they need to be hard coded GRE tunnels, persistent ethernet over IP bridges, etc. They all tend to be static, minimal overhead when not in use sure, but overhead and larger attack surface non the less. A really good soup to nuts SDN might make the idea of LAN and WAN as separate entities an anarchism. Being able to have layer two topology automatic wherever needed would be very cool.
Strawman; maybe. I'd call it a statement of one possible way to show the FED is politically independent. The fact is he is right. The FED chair is appointed by the President. Fed board members want to be able to move into administration jobs, or lobbying or vice verse via Washington's revolving door system.
There is basically no evidence to suggest the FED remains an apolitical care taker if it ever was.
Except that isn't even whats happening here. Its more like an issuing bank telling customers are retailers they are not going to do magnetic strip ATM cards any more and people need to replace their cards and equipment with the RIFD variety. Its a non-event except for people who were expecting to never have to upgrade software.
Don't know they are not doing this already too but seems you could go asymmetric. The handsets could send to the tower with 64QAM and the tower could use more radiated power to send 256QAM back to the handset.
Phones are no longer symmetric data entities it probably is the case most smart phone users pull down much more than they send now. Of course you can crank the radiated power from the towers up to much or you are just going to start competing with the neighboring cells more. So I don't know how big the gains would be.
Can we stop this fiction already. Obama promised to close GitMo. He has not done it. Its a military operation, he is the Commander and Chief; he is also the President with the power of pardon. He can't get congress to do what he wants but there is nothing at all stopping him from releasing the detainees and simply re-repatriating them to wherever they were pulled from. He does not need Congress to do that. This isn't a Left/Right issue. Both sides clearly favor extraordinary rendition and indefinite detention.
Ah, see? I can tell you're a republican. Hurricanes are a result of low barometric pressure...
Ah, see? I can tell you're a rank and file Democrat. You think that by catching someone in a minor misstatement or miss recalled fact you have prove to be their intellectual superior. So what you are entitled to choose a health plan for him now?
Side the first: I have personally watched drivers giving the middle finger, and occasionally hurtling trash and bile-filled shouts as they drove past pro-life protesters quietly praying with signs at a parking lot next to the Planned Parenthood clinic on MLK blvd.
This is exactly the problem. Both sides are guilty but what some Left have done is really insidious; casting the other side as "mean spirited." There are plenty on both sides that are mean spirited; but the vast majority are not. They may however have different and strong opinions about what is good for people and our nation.
What I find most upsetting though is the young Upworthy, Jezebel and Daily Kos reading types. These people would claim to be ardent supporters of civil liberties like free speech and than as in your example above think assault is perfectly justified when they encounter someone saying something they don't like.
Call the Fox News (though MSNBC was found to be worse) junkies reality challenged if you like, they certainly play fast an loose with the facts around a handful of issues. You get the occasional self identified TEA Party member demanding there be no cuts to medicare but for the most part these people are more consistent philosophically.
The only option is dual stack. There is just no way anyone isn't at least a avid slashdot reader in terms of techniess is going to be able to be on an ipv6 only endpoint; with or without NAT64.
Yes your ipv6 aware applications can use the v6 prefix you have stuff the ipv4 internet into. You could have a DNS server that generates synthetic AAAA records from the ipv4 A records and predefined prefix that routes to the NAT. This will probably work ipv6 aware applications using simple protocols like browsers.
Its going to make inspects and higher level protocol address rewrites pretty complex for the gateway. Think something like h.323 with the host address. You can't just swap out 6 bytes worth of src/port you going to have to completely re-craft that packet's content. That is just software that can do ipv6! Any older software that is expecting to open a ipv4 socket is going to have to have a local proxy of some kind on the client and point at a loop back ipv4 address. That client is going to have to have some sort of mapping of 127.0.0.0/8 addresses to predefined ipv6 address I guess. That is going to be a klugey mess no matter how you look at. I am sure YOU could make it work, but Aunt Tilly is going to be SOL.
I don't how exactly you are going to pull that one off. Its not like policy routing, where the client has no need to know or care what the next hops are. The client has to know its address. Once you have assigned a host an address there really is no non-disruptive way to change it.
I guess you could data mine your logs before going NAT to decide which customers to give NAT'd addresses to and which ones likely to have problems with it. That does not help you with new customers though; you won't have data. I guess you could ask them and the ones who can't form a coherent answer go in the NAT group....
I am fully aware of that actually, but in practice so are many applications these days. There are lots of NAT devices out there that do exactly this. Its why UDP hole punching techniques like STUN work in the first place.
I am not saying its a good thing. NAT breaks all kinds of protocols in all kinds of ways. Do think CGNAT implementation is going to do inspect to make traditional FTP work? My guess is no. I am sure customers trying to connect to remote servers that can't / won't do PASV will just be SOL. CGNAT will suck for end users in lots of ways but that suckiness is not going to take back seat to the accountability big ISPs need. "Sorry we can't tell you which of our customers was DOSing because they used udp"? Not going to fly because what is the remote site operator going to do? Null route the ISP that's what, and that screw over their other customers.
Its going to be ugly no matter what but I hardly think imposing sessions on udp is even half so invasive as all the other inspect type crap its going take to make popular apps work. Stuff is going be broken in subtle ways all over the place and it will be hell to figure out why.
(Something which NAT provides just as a side effect. Not a great firewall, but better than nothing).
Its 2013 can we please drop this stupid statement already. There darn near to as reverse attacks as forward ones for categories of equipment and software mostly used by retail internet customers. NAT provides you with no protection there what so ever.
Slashdot Mirror
Honestly I don't see why that should make him look bad. Personally if some mega corp suddenly wanted my domain name, which I do use to receive mail at and to host some other personal stuff on which I can give people a memorable for, I'd ask for a pile of money too.
I mean why not? I have rights to a unique resource someone else has decided is valuable to them. They have no claim on it; I had the name first after all selected for my own reasons. Just like Nissan did, it was his last name after all a perfectly reasonably cause to choose it. Its going to inconvenience me and all of my contacts to change it; maybe not to the tune of a million dollars but its a thinly traded market if demand for it from entity like a Microsoft is high so should be the price.
I'll agree squatting and not using a domain should not be allowed; it is a limited resource there are only so many short, easy to remember, spellable names. Only the dipshits at TSA want to use name most users would need to enter character codes to type or use something like charmap and copy/paste to enter. Otherwise I think if you even so much as receive the occasion mail there and you have an even halfway credible reason why you selected the name in the first place, like "my first cat had that name" quality; it should be first come first serve.
Well water is anything but pure. In the best case its loader with dissolved minerals and full of microbes. Now admittedly they might be good tasting minerals and microbes, that actually help rather than hinder larger organisms like us that drink but to say its pure is crazy talk.
If the rule is that water has to be pure than they need to be use water that has been made darn near pure via distillation or made by oxidizing hydrogen gas; not pretending well water is pure.
Use the fear.
Obviously allowing media companies to deploy root kits will increase the number of vulnerable machines on our nations part of the internet. Assuming this some how only finds its way on to home PC it still leaves many machines more vulnerable to attack by additional malware which might make them botnet members which could be used in DDOS attacks against critical business sectors like Finance and Healthcare.
Clearly the desire to do this shows the media companies behind it are irresponsible citizens endangering our national security at best actively aiding and abetting our enemies and terror organizations at worst. These are unAmerican activities and the industry participants need to be call out on it.
KVM is great for a environment where everyone is being cooperative; and sorta knows what they are doing. It lacks the resource management and isolation features you'd want in an academic lab. You need to be able control how much storage I/O a single vm can use. You might have someone learning about networking even doing things purposefully that are going to slam CPU resources like creating loops in Ethernet topologies.
Yes you might be able to get some Linux hosts with KVM to what you need with cgroups, and limits, etc but its going to be anything but simple and manageable across multiple physical hosts without tons of scripting and testing on your part. Libvirt is still a moving target, so keeping everything working is going to be adventure as well. All the precursors to provide the experience vSphere and Xen offer are there but lets not kidd anyone about the work that is still needed to get there. It would be wonderful if original poster could offer the resources to do that and even better if it could get contributed back to the community but its a tall order.
I don't agree. There is nothing really unique to virtualization, it's just really interdisciplinary, storage, network engineering, wintel admin, Linux admin, physical datacenter management, etc on these scales. Nothing anyone who has been in IT for awhile and worn a few hats in that time can't be expected to do so reading and then get started.
It is a useful question to ask though, at least several of the products mentioned can likely meet his needs, there are qualitative and technical differences and soliciting some info on he experience of others, to help direct his research effort is not unreasonable
I think it depends what the arrangement is. If you hire someone to create deliverable X with defined specs for $Y then if they take the contract they need to provide deliverable X to spec no matter how long it takes them; or you don't pay.
Its up to the contracted not to accept a job where the specs are inadequate. If the job is going to be big enough that its worth while maybe you provide some good customer service and help write clear specs; that everyone can understand and agree to.
On the other hand lots of contracts are written block of time. In which case I think you are obligated to pay for additional hours if that is what is needed to make something work or decide not to continue, but you still pay for the time used so far. Now you still may have issues with the quality and quantity of work falling below industry norms. If that happens you maybe don't hire that person again, and if its really really out-of-line that is what courts are for.
I think the parents point was that they were probably just some kids, not terrorists. I recall as a kid playing with fire, my friends and I would deliberately chose large relatively impervious cement structures like those big stome drain tubes etc because we could be pretty certain we would do no damage to them, and there would be nothing flammable near by for fire to spread to.
If you want see what a molatove cocktail will do, throwing agaist the side of a big concrete damn is probably about the safest place possible. Yes it's still a pollution source and such, and a stern word and even a fine probably make sense, but we don't know the intent and its silly assume its terrorism.
You don't name them because sometimes you have had enough trouble. He has no more interest in Belize; so he might be right they have done all the harm they can to him there and it should be over. Lets further speculate that they were not just interested in harming McAfee, they wanted to extort money from him like he says.
What has happened. Well they have used what leverage they had to get what they were able to out of him. There interest was always money they got what they want, they'll now move on. It sucks for McAfee but if the system is as corrupt their as he claims than its a safe bet anything he could do get restitution would cost him more than he could hope to recover. He'd probably have to hire his own goon squad. So for him it may be best to leave it alone now. Let these guys move on to more accessible targets.
On the other hand if he starts naming names and cause unwanted attention to be paid to these people now suddenly they might find motivation to shut him up. These are the type of people who commit extortion and arson, If I were him unless i had some way to get the upper hand in the situation I don't think I'd be especially inclined to find out if they are above murder. I'd want to disentangle myself from them.
Know when to hold'em, know when to fold'em. Fighting is best left for conflicts you can win; and revenge tastes just as sweet cold.
The truth is those older vaccines probably hurt lots people. Which is not to say that they did not help millions more. Its not just the era of litigation that is the issue. We are a lot better at identifying the cause of health problems now than we were 40 years ago. We have gotten much faster and widely distributed news, so even a handful of bad outcomes becomes know to the public.
I suspect the anit-vaccs movement would be stronger not weaker if the older vaccs were still in use. A few negative outcomes with very clear established causation would be impossible to make go away in terms of news cycle.
What society is not good at is risk assessment. People are afraid to get their kid vaccinated due to the tiny risk they have some rare as yet unknown immune condition that could cause problems, but were willing to subject them to the risk of driving to the physicians office. These are the same people that demand the TSA strip search their fellow passengers but think nothing of the danger of keeping a large crowd of people confined to a small area.
We need to get much better at teaching cost benefit analysis with regard to risk management. Because right now a whole lot of people are spending a whole lot of money to make themselves less safe.
The article makes this sound like its some new threat. Nobody has figured a way to infect your phone with malware by playing music or sowing a film, just trigger malware to do something whe. The phones sensors detect theses things. You have to have already been compromised via some more conventional vector.
So the question is why would anyone go to the trouble? I guess it could replace a command and control channel, I want my dodos to start at 8pm so have everyone's phone listen for the television themes for "the orrifice" or "CSI Newark", great but that is hardly a threat to mobile users more of an issue for carriers and ddos targets, who no longer have an irc channel to shut down or Dns entry to have the FBI yank but still not of great concern
Agree, never my snarky post higher up in this discussion. The fact is COBOL is proven to scale and does the things its really good at; probably better than anything else. IBM mainframe MVS platforms are probably the best damn environment to run it in to with the longest stretch of forward and backward compatibility to maximize your software development investment. Generally the calls to kill off COBOL come from the ignorant.
Never a death panel when you need one.
It might one day be possible for us to automate the production of everything we need. The thing is that will require incredible amounts of capital; which simply does not exist. A moments look around at all the abject poverty out there and that would be obvious.
Now a bunch of people are going to jump up and say "but but teh wealth gap". I don't think so. Much of the capital out there is on paper only. The total wealth is conceptually highly inflated. Its the wealth gap that enables the uber rich to exist. Political ideology aside, and philosophy aside; what would happen if say we could somehow distribute the wealth equally without impacting productivity?
The marginal costs of providing what most people would probably want to everyone would not be achievable at even if they look like today's dollars would buy them. I am talking basic things like clean living space of modest size say 1800sq feet and good transportation to wherever you need to go. The cost of having the few enjoy their 13000sq places is much less than putting everyone into something decent.
Before you have robots to do everything you go to get lots of infrastructure built to support them. I don't think it can be done in 30 years time. People like to pretend they and their nations are extremely wealthy but I suspect if people really started putting that wealth to work they'd find it does not go nearly so far as their fantasies say it should. Just look at the money we have put into infrastructure projects in Afghanistan and how alliteratively workable utility in terms of roads, factories, schools, electrification, there actually is to show for it.
Its not what they are doing here exactly but there is not reason you can't have a logical topology over top of a physical one. Actually its very useful, especially when combined with a virtual machine infrastructure. Perhaps you want to have two machines in separate data-centers to participate in software NLB they need network adjacency, for example, yet I doubt you want a continuous layer two link stretched across the country. Sure if its just two DCs maybe a leased line between them will work, what if you have sites all over the place and potentially want to migrate the hosts to any of them at any time? That would allow for maintenance at a facility, or perhaps you power on facilities during off peak local electrical use, and migrate your compute there?
People are doing these things today but once you get beyond a singe VM host cluster it gets pretty manual. With admins doing lots of work to make sure all the networks are available where they need to be hard coded GRE tunnels, persistent ethernet over IP bridges, etc. They all tend to be static, minimal overhead when not in use sure, but overhead and larger attack surface non the less. A really good soup to nuts SDN might make the idea of LAN and WAN as separate entities an anarchism. Being able to have layer two topology automatic wherever needed would be very cool.
Strawman; maybe. I'd call it a statement of one possible way to show the FED is politically independent. The fact is he is right. The FED chair is appointed by the President. Fed board members want to be able to move into administration jobs, or lobbying or vice verse via Washington's revolving door system.
There is basically no evidence to suggest the FED remains an apolitical care taker if it ever was.
Except that isn't even whats happening here. Its more like an issuing bank telling customers are retailers they are not going to do magnetic strip ATM cards any more and people need to replace their cards and equipment with the RIFD variety. Its a non-event except for people who were expecting to never have to upgrade software.
Don't know they are not doing this already too but seems you could go asymmetric. The handsets could send to the tower with 64QAM and the tower could use more radiated power to send 256QAM back to the handset.
Phones are no longer symmetric data entities it probably is the case most smart phone users pull down much more than they send now. Of course you can crank the radiated power from the towers up to much or you are just going to start competing with the neighboring cells more. So I don't know how big the gains would be.
Can we stop this fiction already. Obama promised to close GitMo. He has not done it. Its a military operation, he is the Commander and Chief; he is also the President with the power of pardon. He can't get congress to do what he wants but there is nothing at all stopping him from releasing the detainees and simply re-repatriating them to wherever they were pulled from. He does not need Congress to do that. This isn't a Left/Right issue. Both sides clearly favor extraordinary rendition and indefinite detention.
Ah, see? I can tell you're a republican. Hurricanes are a result of low barometric pressure...
Ah, see? I can tell you're a rank and file Democrat. You think that by catching someone in a minor misstatement or miss recalled fact you have prove to be their intellectual superior. So what you are entitled to choose a health plan for him now?
Side the first: I have personally watched drivers giving the middle finger, and occasionally hurtling trash and bile-filled shouts as they drove past pro-life protesters quietly praying with signs at a parking lot next to the Planned Parenthood clinic on MLK blvd.
This is exactly the problem. Both sides are guilty but what some Left have done is really insidious; casting the other side as "mean spirited." There are plenty on both sides that are mean spirited; but the vast majority are not. They may however have different and strong opinions about what is good for people and our nation.
What I find most upsetting though is the young Upworthy, Jezebel and Daily Kos reading types. These people would claim to be ardent supporters of civil liberties like free speech and than as in your example above think assault is perfectly justified when they encounter someone saying something they don't like.
Call the Fox News (though MSNBC was found to be worse) junkies reality challenged if you like, they certainly play fast an loose with the facts around a handful of issues. You get the occasional self identified TEA Party member demanding there be no cuts to medicare but for the most part these people are more consistent philosophically.
Maybe the Countess was not so crazy?
The only option is dual stack. There is just no way anyone isn't at least a avid slashdot reader in terms of techniess is going to be able to be on an ipv6 only endpoint; with or without NAT64.
Yes your ipv6 aware applications can use the v6 prefix you have stuff the ipv4 internet into. You could have a DNS server that generates synthetic AAAA records from the ipv4 A records and predefined prefix that routes to the NAT. This will probably work ipv6 aware applications using simple protocols like browsers.
Its going to make inspects and higher level protocol address rewrites pretty complex for the gateway. Think something like h.323 with the host address. You can't just swap out 6 bytes worth of src/port you going to have to completely re-craft that packet's content. That is just software that can do ipv6! Any older software that is expecting to open a ipv4 socket is going to have to have a local proxy of some kind on the client and point at a loop back ipv4 address. That client is going to have to have some sort of mapping of 127.0.0.0/8 addresses to predefined ipv6 address I guess. That is going to be a klugey mess no matter how you look at. I am sure YOU could make it work, but Aunt Tilly is going to be SOL.
I don't how exactly you are going to pull that one off. Its not like policy routing, where the client has no need to know or care what the next hops are. The client has to know its address. Once you have assigned a host an address there really is no non-disruptive way to change it.
I guess you could data mine your logs before going NAT to decide which customers to give NAT'd addresses to and which ones likely to have problems with it. That does not help you with new customers though; you won't have data. I guess you could ask them and the ones who can't form a coherent answer go in the NAT group....
I am fully aware of that actually, but in practice so are many applications these days. There are lots of NAT devices out there that do exactly this. Its why UDP hole punching techniques like STUN work in the first place.
I am not saying its a good thing. NAT breaks all kinds of protocols in all kinds of ways. Do think CGNAT implementation is going to do inspect to make traditional FTP work? My guess is no. I am sure customers trying to connect to remote servers that can't / won't do PASV will just be SOL. CGNAT will suck for end users in lots of ways but that suckiness is not going to take back seat to the accountability big ISPs need. "Sorry we can't tell you which of our customers was DOSing because they used udp"? Not going to fly because what is the remote site operator going to do? Null route the ISP that's what, and that screw over their other customers.
Its going to be ugly no matter what but I hardly think imposing sessions on udp is even half so invasive as all the other inspect type crap its going take to make popular apps work. Stuff is going be broken in subtle ways all over the place and it will be hell to figure out why.
(Something which NAT provides just as a side effect. Not a great firewall, but better than nothing).
Its 2013 can we please drop this stupid statement already. There darn near to as reverse attacks as forward ones for categories of equipment and software mostly used by retail internet customers. NAT provides you with no protection there what so ever.