However what it doesn't work for is the same store. You also never see that. Competing with yourself is stupid.
Except you do see it, all the time, it's really really common. In pretty much any city centre in the UK it is common to see Blacks and Millets next door to each other - they are both "outdoor gear" stores owned by the same company selling pretty much the same stuff (ok, so they started off as separate companies, but they've been the same company for years and years and have ample opportunity to thin the shops out and yet they haven't).
In the city I live in, H. Samuel (Jewellers) have 2 shops about 200 metres apart. Santander (bank) have 2 shops on the same road (again, these didn't used to be both Santander, but they have had ample opportunity to close one of them down and yet they haven't).
It also applies to shops owned by different companies that aren't the sort of shop to see people "shopping around" before buying - down in the local town centre, we have Tesco Express opposite Sainsburys Local - both "grocery convenience stores". No one is going to browse one and then browse the other before buying. It would seem more sensible to space the stores out a bit so that there is a good reason for people to go in one instead of the other (it's closer to them). Same just up the road - there's a Coop next to a Premier (again, grocery convenience stores).
As mentioned in TFS, they were crazy when it came to sotre placement. In my town, there were two GAME stores and one Gamestation all on the same shopping high street. There used to be a third GAME in a department store two minutes walk away, and there was briefly a fourth GAME directly opposite one of the current two. They all stocked exactly the same thing, with no great specialisation. What on earth did they think they were trying to acheve?
This one always confuses me. It isn't unique to games shops - go into any city centre and you will find like shops clustered together (here we have a bunch of banks all on the same street, the next street over there are a bunch of jewellers, etc.) I can only assume that it must work, otherwise they wouldn't do it, but I'm at a loss to understand why.
On the other hand, after hearing GAME's previous announcements about their financial problems, none of this surprises me: they appeared to have run the business by relying on regular bank loans to provide their working capital (for buying stock) rather than using their own profits to provide the working capital. One day the banks said "no" to their loan request and they were automatically screwed - they had no money of their own to buy stock. Using bank loans for one-off investments to expand the business is fine, but when you're relying on them on a day to day business for the normal operation of your business, you're putting everything in the hands of the bank with absolutely no guarantee that they won't withdraw their support without notice.
I'd be interested to know what ARIN consider to be "best practices" in this regard
Dual stack.
Dual-stack requires either: 1. Enough IPv4 addresses for each piece of equipment 2. NAT
Customer should get an entire/64 or larger to build subnets and do translation on their side.
Do what translation exactly? Are you talking about tunnelling or translating? Bearing in mind that we're talking about IPv4-only equipment at both ends of the connection, I can't see how you can be talking about translating here.
Carriers should provide a IPv6 -> IPv4 gateway to access v4 resources from v6 networks.
So you're suggesting that the customer's router (which has no globally routable IPv4 address) takes v4 traffic from the customer's network, encapsulates it in v6, shoves it over a v6-only connection to the ISP where it gets de-encapsulated back to plain IPv4 and (wait for it) goes through a CGNAT (since nothing customer-wards of here has a globally routable v4 address)?
Firstly, how does this eliminate the "not best practices" CGNAT from the setup (it doesn't, you still need to NAT the traffic at the point it hits the globally routable v4 network). Secondly, how does encapsulating it over the backhaul from the customer to the ISP help at all. Bear in mind that a PPPoE ADSL backhaul is basically IPv4 encapsulated within PPP, encapsulated within Ethernet, encapsulated within VC-Mux, encapsulated within ATM. The entire PPP stream is delivered to the ISP, so there seems to be no advantage in encapsulating v6 within the v4 rather than just shoving v6 directly on the PPP stream. Meanwhile, wrapping v6 in a v4 header increases the protocol overhead on the slowest part of the network even more.
It is true that the ISP may want to run the majority of their network as v6-only to avoid having to build out a v4 network, and that is may therefore be better to handle the v4 traffic as a plain v6 between a customer and the ISP's gateway, but this does not necessitate the customer's equipment doing any tunnelling - whether or not the ISP wants to do this is an internal affair and can be handled entirely internally (encapsulate the v4 traffic at the point the telco's backhaul reaches the ISP - no requirement to do this on customer-side equipment).
The big advantage is:
a) It puts the customer fully in control. They can implement their own NAT64 schemes however they choose.
Not really. The NAT64 gateway *has* to be on the ISP's network and shared by multiple customers, anything else requires each individual customer to have a global scope IPv4 address.
No routing tables, which means carriers grade routers can be upgraded to the much higher speeds possible with non table based routing.
I have no idea how you arrived at "no routing tables" from NAT64...
Which means that either upstream from them the device is going to be doing IPv6 -> IPv4. This capability is going to need to be in Home / Small business modem/router/switches provided by carriers.
That seems silly. If the carrier is going to provide hardware to to IPv6 over IPv4 tunnelling because the customer's router doesn't do IPv6, they may as well simply provide a replacement router that _does_ do IPv6.
legacy equipment won't be able to connect to IPv6 services
They are going to have to. Which means some piece of equipment upstream from them is going to have to handle translation.
I disagree. I can't really see a reason for legacy equipment to talk to IPv6-only equipment. The sort of equipment we're talking about is stuff like games consoles, which may need to contact the vendor's servers to do DRM, etc. There's no reason why the vendor can't continue to provide servers accessible over IPv4 for the lifetime of the product - after all, they already have the v4 addresses since the servers are already running. If someone's running a PC that can't do IPv6 then they seriously need to upgrade it anyway because its presumably running Windows 95.
For home/small business the carrier provides this service at the level of the router/modem. So the customer runs IPv4 internally, the equipment that can tunnel does and other stuff gets dynamically allocated IPv6 connections.
Why wouldn't the customer run a dual-stack network internally (on all devices that are v6-capable)? Running only v4 internally and then playing messy NAT games to let it talk to v6 kit is crazy if the equipment is v6-capable anyway.
So for example if my IPv4 printer needs to talk to AABB:CCDD... it gets told it is talking to 192.168.5.24 the same way NAT works internally now.
Why does your printer need to talk to any v6-only equipment? The only stuff it needs to connect to outside your LAN is possibly the vendor's firmware update server, which is already available on v4 and can continue to be so for the support lifetime of the printer. The printer can talk to everything on your LAN because the IPv6 machines are also running dual-stacked IPv4.
Lets be clear: no one is going to be running significant v6-only services any time soon - the customer base just isn't high enough to support it. There will be all sorts of crazy NAT and proxy games on the datacentre side of the connection to make as much as possible appear on v4 addresses. By the time anyone starts launching significant v6-only services, v4-only devices are going to be very old and people will be willing to forego supporting them, just like websites frequently no longer support IE6.
(Yes, I'm aware there are already v6-only services. However, these have been launched in restricted markets.)
In terms of ARIN they've declared this to not be "best practices" which means from a US legal standpoint using CGNAT would create liability situations that don't exist under an IPv6 transition.
I'd be interested to know what ARIN consider to be "best practices" in this regard. Obviously it is poor if ISPs are going to offer CGNAT *instead* of IPv6 support (I don't really see how this is viable in the long term though - at some point people will need to access v6-only content). However, ISPs are going to have to offer IPv4 connectivity for the forseeable future, until IPv4-only equipment and services have been almost entirely phased out. With a shortfall of IPv4 addresses, ISPs are going to have to use NAT in order to continue to provide IPv4 connectivity to everyone. The way I see it, best practice would be to provide IPv6 connectivity for everyone as standard, but also CGNAT IPv4 connectivity so that people can still access v4-only content and use v4-only equipment. By "v4 only equipment", I mean your IPv4-only games consoles, etc. which will continue to need to contact the vendor's servers, which the console vendor will need to ensure remain accessible over v4 for the normal lifetime of the equipment.
In other words if something went wrong for a client and it was a result of CGNAT they hurdle for proving negligence would be lower and the damages higher.
I don't quite see that - "something going wrong" is basically going to be 2 devices not being able to talk to each other. We see this all the time anyway, even where no NATs are involved. Misconfigured routers dropping TCP packets with the ECN bit set used to be a big problem, these days its still quite common for ICMP Frag Needed packets to be dropped by misconfigured routers, leading to hanging TCP sessions - all of this stuff is of a similar seriousness to any CGNAT related problems that might befall an ISP, and ISPs are rarely held responsible (in fact, in my experience, it's usually pretty hard to even convince the ISP to fix a problem, even when you provide ample evidence that it is a misconfiguration within their network, so they can't be that worried about their liability for obscure network problems).
What the carriers do is run IPv6 -> IPv4 translation so IPv4 resources look like they exist on a subnet within the carrier. From the v4 side it is a gateway with rapidly rotating IPv4 addresses.
This is DNS64/NAT64. It works fine in specific cases where you know the end-user equipment is fully v6 capable (for example, you sold them a v6-capable phone and you know the whole software stack does v6 just fine). I can't see it being an acceptable solution for generic networks, since they have all sorts of random equipment that won't do IPv6, and even on v6-capable machines, there's often lots of software higher up the stack that doesn't support v6. On the whole, I can't see a big advantage of NAT64 over CGNAT - in both cases you have a NAT interfering with the traffic, with pretty much every problem CGNAT causes also present in NAT64. The saving from NAT64 is that you don't need to build out a private IPv4 network, but the cost is that you break everything that relies on having an IPv4 network.
I should mention I assume carrier home/small business router/modems will do IPV6->IPV4 as part of their dual stack, so people with home small business equipment could run an IPV4 subnet and keep their equipment. More than just network equipment there are expensive network attached printers and no one wants to replace all of them,..
I'll address this in 2 parts:
Firstly, most consumer grade routers (that is: the sort of Netgear, etc. thing most people have at home and in small offices) do no IPv6 *at all*. Individual workstations are going to be able to use the likes of Teredo to tunnel v6 traffic over IPv4, but that's a really poor bodge at best.
Second: equipment like networked printers, etc. are largely unaffected anyway. No one (sane) is suggesting turning off IPv4 entirely on the LAN - most people will run IPv6 and IPv4 concurrently. All your old IPv4 equipment is still going to be able to talk to your workstations since they will all run IPv4 too. The router doesn't really affect what protocols you run internally - even if you were on an IPv6-only internet connection, you can still run IPv4 internally to keep your old equipment working.
The only real issues here involve old IPv4-only network equipment that needs to talk to something on the internet - since there won't be enough v4 addresses for each piece of equipment, it'll be going through some variety of NAT. Outgoing connections from your legacy equipment to v4 servers will be (largely) fine, although of course, legacy equipment won't be able to connect to IPv6 services. Inbound connections from the internet to your legacy equipment aren't going to be possible, which is going to be a problem for certain peer to peer technologies. I imagine that ISPs will sell "premium" accounts that provide globally reachable IPv4 addresses that don't go through a NAT - this is possible because they will be reclaiming IPv4 addresses from all those customers who don't pay for the premium account.
By the way, old v4-only equipment is an excellent reason why DNS64/NAT64 isn't the big solution that some people make it out to be: the idea behind DNS64/NAT64 is that the customer's network can be a single-stack IPv6 network whilst still allowing them to connect to IPv4 servers. This is done by passing all the DNS requests from the customer through a DNS64 server - this mangles the IPv4 addresses that are returned in response to a DNS request into IPv6 addresses (breaking DNSSEC in the process). The customer's equipment makes an IPv6 connection to this fake address, which is routed via a NAT64 system, which translates it into IPv4 traffic. Returning traffic is un-NATted back to IPv6 in much the same way as normal IPv4 NAT works. The problem here is that the customer's equipment needs to be able to do IPv6, and this clearly isn't going to be the case for some years. So the ISP is going to have to provide some kind of native IPv4 connectivity anyway, which renderd DNS64/NAT64 a bit pointless. To me, it seems like a solution looking for a problem.
BTW what is your company?
I run Opendium - we primarilly produce web filtering systems, mail servers, etc. for schools and small businesses and also often run or consult with them on their network infrastructures and network security.
In what way are the regulators hostile to it? Here in the UK, I've seen no comments from OFCOM on the subject at all (getting *something* from them about IPv6 would be good, at the moment they seem to just be completely silent on the subject. Which is a shame because they really should have enforced ISPs supporting IPv6 a long time ago).
Anyway, whether the regulators like it or not, CGNAT isn't going to go away - we are far past the point where a transition to IPv6 will be an easy disruption free affair. We're going to need IPv4 for the foreseeable future (there's going to be IPv4 services for a looong time to come, and when the ISPs run out of IPv4 addresses, their only sensible options for allowing their customers to access IPv4 services are CGNAT and DNS64/NAT64. IMHO NAT64 is going to break a lot more that CGNAT because it is trying to shoe-horn IPv6 into *all* applications, including software that has no support for IPv6 at all, and essentially offers all the scope for plain old CGNAT-style breakage on top of that. Also, DNS64 badly breaks DNSSEC.
Of course, what *should* have happened was that ISPs should have rolled out IPv6 10 years ago, hardware manufacturers should have supported IPv6 10 years ago and datacentres should have supported IPv6 10 years ago and content providers should have dual-stacked their servers 10 years ago. If this happened, pretty much all home users would now have IPv6 enabled networks and workstations without even knowing about it and everyone would've had 10 years to complete the transition. Instead what happened was *everyone* stuck their heads in the ground and pretended this wasn't going to be a problem until about 6 months before IANA ran out, then various people said "oh shit, we'd better do something" and started implementing IPv6, whilst the vast majority of people still did nothing at all.
Hell, it's *still* pretty hard to find a consumer grade router that has any kind of IPv6 support - you're very unlikely to find that the one you just bought does it by chance, you've got to actively look for it (which isn't something the average consumer is going to do). Then once you have a v6-enabled router, it's extremely unlikely that your ISP offers an IPv6 connection, so you have to shop around for a new ISP (again, not something the average user will do). Then when you find an ISP that does v6, they alsmot certainly won't do it by default, so you have to convince them to turn it on for you (not something the average consumer will do).
Even when you explicitly search for IPv6 stuff, you find that the vendors are often lieing rather than actually implementing v6 support - there are a number of consumer grade internet routers around that say "IPv6 ready" on the box... it turns out that "IPv6 ready" usually means "we might release a firmware update to provide IPv6 support at some point in the future.. maybe, if you're lucky".
Another example - one of my customers was recently shopping around for a new leased line and I advised them to look for an ISP that supports IPv6 since they are going to need it within a reasonably short period. Eclipse Internet said "yes, we support IPv6" so the customer had the leased line installed. Once it was installed, I contacted Eclipse to ask for IPv6 to be enabled and got the reply "Our network fully supports IPv6, however we are not rolling it out to any customers at this point in time"... well that's a fat lot of use and if I were the customer I would be demanding that they refund the installation costs and cancel the contract since it was clearly sold on false pretenses (no, I really don't believe that you can legally tell as potential customer "yes we support IPv6" when you have no intention of giving them an IPv6 connection when they ask for it).
The sad thing is, all the products my company sells fully support IPv6, yet *no one* has ever said anything about this - IPv6 *should* be on every customer's "must have" list when buying n
RIPE (Europe) is down to about 40 million addresses, including the last 16 million which will be assigned under a different, more stringent policy
Its worth noting that most (all?) the RIRs have similar/8 policies, which makes the idead of having "run out of IP addresses" slightly confusing. Basically, this means that once they are down to the last/8 (~16.8 million addresses), each LIR is only going to be allocated a single/22, forever. So with such a restrictive policy, it will take many years for the RIRs to actually run out of addresses, but as soon as they hit the last/8, addresses will get very scarce - this is the "crunch point" - by the time they actually run out we probably won't need IPv4 addresses any more.
The idea of this last/8 policy is mainly to allow new LIRs to get a small chunk of IPv4 addresses to allow them to continue to compete with the existing LIRs who already have IPv4 networks - imagine you're shopping around for a datacentre to host some servers in, the existing datacentres say "we can give you IPv4 and IPv6 connectivity" whilst the new datacentre says "we can only give you IPv6 because we have no v4 addresses". In that situation, no one would use the new datacentre, so by allowing them to have a/22 lets them compete on a more level ground. Of course, a/22 is only 1024 addresses, so they are going to have to be very careful with them, and are still at a disadvantage to the existing datacentres, who will be able to reclaim addresses from internal equipment, etc.
So, RIPE is about 26 million addresses away from the last/8 "crunch" and the addresses currently seem to be going at about 5 million a month, so we can probably expect them to run out around August/September, assuming the allocations stay at the same rate. Interestingly, APNIC saw a big increase in demand once they got down to about 7/8s and this hasn't happened for RIPE yet. It will be interesting to see if there is a last minute demand.
When those are depleted, it's going to be NAT all the way down.
I keep hearing ISPs say "we're not implementing IPv6 yet, we've got loads of IPv4 addresses so we're not worried". But at the end of the day, I don't think the ISPs are going to be the driving force - I think they really do have plenty of spare IPv4 addresses, and even when they run out, they can NAT most of their customers and charge a premium to anyone who needs an un-NATted connection. The people who are going to be really hit by the crunch are content providers - at some point, a content provider is going to want to add a new server, a new HTTPS site, etc; and they're going to get the answer "no" when they ask the datacentre for some more IPv4 addresses. Thats when things are going to get messy. Of course, the ISPs saying "we don't need IPv6 since we've got loads of addresses" is totally bogus - it doesn't matter how many v4 addresses they have, if the ISPs' customers want to access content hosted by people who _don't_ have v4 addresses, they are going to need v6 connectivity, and eventually any ISP that doesn't provide it is going to lose out because some content isn't going to work. What ISP wants to tell their customers that they don't allow connections to Facebook's new service, or Google's new product?
One thing that would be nice to see is more v6-only content *before* crunch-time to try and pressure the ISPs to act. This could be done without seriously impacting the bottom-line of content producers: for example, Google always likes to "soft-launch" their new products, often by doing an invitation-only thing. But they could soft-launch them by initially making them v6-only. Same effect for them (no massive influx of new users, whilst getting a steady str
I remember seeing a footage with some bureaucrat (an US president?) saying that in several years we will win the war with cancer. That was in the 70's.
In our (North American at least) justice system, it is money that wins the day. If you cannot afford to do legal battle, you lose. Very sad, but until we change it, it is the way things are.
My only suggestion is if you need the app, make sure you have it and a backup on your ipad. The company may stop producing and supporting it, but if you already have it and it is working, then keep it. (ps. Don't screw around with that ipad, in case you corrupt something and lose the 'irreplacebale' app.
And when your iPad dies? (e.g. I don't expect an iPad to last 15 years, but there may be a requirement for this software to last that long). At least if the company who writes it are still around then they might be selling a version for the iPad 20 or whatever happens to be around by that time.
Being from Australia I can honestly say that there isn't enough people here who understand what software patents are let alone the problems they cause to change it. I'd like to create the petition to abolish the creation of new software patents at the source, but I'm not a citizen.
You don't need to prevent software patents from being created in the US. You need to stop them being enforced elsewhere in the world. If the penalty for infringing a software patent is simply the inability to ship your product to the US then that's fine - the rest of the world benefits whilst the US suffers. Eventually maybe the US will lag so far behind the rest of the world that they might wake up and fix their patent system, but that bit is largely unimportant for the rest of the world.
The *problem* is that governments are bowing down to pressure from the US to enforce US laws on their citizens. I would argue that this is not in the interests of the government's own citizens, and since the role of government is supposidly to stand up for the interests of their population they have no business making these sorts of agreements with the US.
It seems the world is ruled by corporations. Shouldn't it be time to start limiting end eventually outlawing these entities? I think the world would be a better place without them.
I certainly don't think the world would be a better place without big corporations - without them, who is going to build CPUs for your computers, jet engines for planes, etc. These are things that require significant investment and man-power, and therefore something that small businesses and individuals can't really do themselves. However, corporations have way too much power, and that is something that needs limiting.
the point is protecting people who do not know any better.
The problem here is you basically achieve nothing, and at worst give people a false sense of security. Giving Google a hard time over storing data they realistically couldn't do a lot with* prevents no abuse (because they couldn't really have done much with that data anyway), meanwhile it does nothing to prevent people with bad motivation from logging and analysing the traffic.
So at best, nothing changed. At worst, some people decide they don't need to worry about encrypting their networks because the police will catch anyone naughty.
(*) Google captured wifi traffic from a vehicle moving at speed. As they drove past someone's network, they will have captured a few isolated fragments from the middle of a stream of data (assuming the network was actually being used at the time). It isn't like they were sitting outside someone's house for hours watching all their email traffic go by or something.
Wifi broadcasts a flag *specifically* to tell you if it is public or private, if people set that flag to public when they mean private I don't think the general public should be expected to have a vast amount of knowledge of a changing market place in order to judge whether the owner set it up wrong or not.
What is this flag, and how is it configured? I have often wondered if such a thing exists, but I can't see how to change it on my current router (DD-WRT, as it happens) and I wouldn't know how to tell my WiFi client to respect such a flag (or not).
The wifi AP broadcasts a flag to say whether the network is encrypted (and hence private) or open (therefore public).
If I asked a potential employee for their personal passwords and they handed them over, they most certainly wouldn't get the job. I want employees with a clue about security - if they are happy to hand over their personal passwords, I can only assume they would also be happy to hand over confidential company data to a third party.
Everybody complains about region restrictions. I don't like region restrictions but the reality is different regions have different laws and some movies aren't allowed there. I think region restrictions are primarily about making sure legal behinds are covered.
Legal restrictions make other (non-digital) goods illegal in some areas. They don't require region restrictions - the people importing the goods are responsible for complying with the law, not the manufacturer.
As an example, if you go for a coffee in "Bob's café" and you find an open access point called "bobs_wifi", are you to assume that this is intended to be used by the customers of the café, or should you assume that Bob lives above the café and this is his personal wifi that has been set up incorrectly? (And yes, it's pretty common for cafés to provide free wifi in the form of an open access point and not even bother to advertise the fact).
It would be _reasonable_ to assume it's only meant for customers. Just like it's _reasonable_ to assume those newspapers and magazines lying around are for customers and not random passers-by.
Did you read what I wrote or did you just read the first few words and make the rest up? I never said anything about non-customers, the choices I offered were: 1. it is intended to be used by customers of Bob's Caf'e 2. it is Bob's personal wifi network that has been accidentally left open and no one except Bob himself should be using it
I've never seen an ISP-provided wifi kit that didn't uniquely identify itself somehow. Usually with a MAC address, or something other random-but-unique number in the SSID.
And yet I have. It is less common now, but it certainly used to happen a lot. Also, access points with the manufacturer's name and no uniqueness are still pretty common (Linksys, Netgear, etc.) It may be obvious to someone familiar with all the different manufacturers of kit that these are the default names, but the law should not require people to be that knowledgable about the market. Wifi broadcasts a flag *specifically* to tell you if it is public or private, if people set that flag to public when they mean private I don't think the general public should be expected to have a vast amount of knowledge of a changing market place in order to judge whether the owner set it up wrong or not.
Also, if you are one of the people who leaves their home router's SSID set to "Linksys", your computer _will_ automatically associate with any other open network called "Linksys" and there's no sensible technological way to stop this from happening.
Remember: we're not necessarilly talking about techies with a good indepth knowledge of the technologies and marketplace. If a laptop has a "public wifi" icon next to a wifi network with a fairly generic name then it is reasonable for the _general public_ to believe this to be a public wifi hotspot. A law to protect unknowledgable people who can't configure their routers correctly automatically criminalises unknowledgable people who can't make a judgement based on fairly extensive knowledge of an ever-changing market.
google got a lot of trouble for doing so. because its inevitable they capture some actual content of connections on insecure wlans.
Google got into trouble for _storing_ that data, not capturing it.
(IMHO they shouldn't have got into trouble for any of it anyway, if you broadcast something into a public space you should have no expectation of it not being captured, stored, analysed, etc.)
Incidentally, why did the law enforcement authorities complain about Google storing data (which could have been analysed later, even though Google said they weren't going to do this), whilst shopping centres are starting to get away with capturing cellphone beacons and analysing them to build a picture of shopper movements? I'm much happier about Google capturing some random data that people have _chosen_ to transmit in the clear than someone capturing data that is mandated by international protocol standards to be transmitted in the clear.
On the other hand, I very much believe that it should _not_ be a crime to use an open network, because there is no reasonable way to know that it wasn't intended to be an open hotspot.
By your logic, it's reasonable to assume anyone without a fence and locked door is inviting me in for dinner.
No. Public areas (parks, etc) are usually clearly marked as such - it is pretty easy to tell the deifference between a park and someone's unfenced garden.
On the other hand, wifi has a flag in the protocol explicitly to tell you if it is public or private and there is no other sensible way to tell this. Unfortunately, access points that are accidentally left open will also be broadcasting an "I am a public hotspot" flag, even though the owner didn't intend to do this.
As an example, if you go for a coffee in "Bob's café" and you find an open access point called "bobs_wifi", are you to assume that this is intended to be used by the customers of the café, or should you assume that Bob lives above the café and this is his personal wifi that has been set up incorrectly? (And yes, it's pretty common for cafés to provide free wifi in the form of an open access point and not even bother to advertise the fact).
Another example: I have accidentally used someone's personal wifi in the past - it was an open access point that was broadcasting a pretty generic SSID (something like "BTOpenSpace"). BT provide internet connections to homes and businesses (with associated wifi kit), but they also provide public hotspots under a variety of names (BTOpenZone, BTFon and a few others). Without a good knowledge of all the hotspot providers and ISPs, it is impossible to know which ones are private and which are public without trusting that the ones that advertise themselves as public really are (as it turns out, the BTOpenSpace one was someone's home ADSL, but I didn't realise this until afterwards).
Also, anything that automatically looks for public wifi hotspots can *only* trust what the access point is advertising itself to be - since no human is reviewing its decisions, there are no judgement calls. My SIP handset will auto-associate with any public network if it can't find my private one - it isn't going to ask me every time it needs to change network, so even if your network has the SSID of "private_keep_out", it'll still happilly use that network if your AP is advertising itself as a public hotspot.
So sorry, since legitimate public hotspots are very common and there is no way to tell them apart from incorrectly configured private access points, I can't see how it can be considered a crime for someone to use a private hotspot that is advertising itself as being public. This isn't like an obvious private garden not having fences, it's more like an unfenced garden with a bloody great sign outside it saying "please come in".
While this is a nice service, I do think this does not fall under the purview of the state police
Why not? The police are in the business of crime prevention as well as catching criminals.
Breaking into someone's house and stealing their stuff is a crime. If you do it, the police will (hopefully) come after you and lock you up. The police also have programmes whereby they will tour the neighbourhoods and if they spot some bit of bad security they will knock on the door and tell you about it so you can fix it *before* someone takes advantage of it.
Breaking into someone's network is a crime*. If you do it, the police will (hopefully) come after you and lock you up. In this case, the police are also running a programme whereby they will tour the neighbourhoods and if they spot some bit of bad security they will knock on the door and tell you about it so you can fix it *before* someone takes advantage of it.
What's the difference?
(* cracking someone's security, even if it's lowly WEP, is a crime and should be punished - if someone is running any kind of encryption then it is clear that they don't want to let you into the network. On the other hand, I very much believe that it should _not_ be a crime to use an open network, because there is no reasonable way to know that it wasn't intended to be an open hotspot. I would, however, expect these police to tell you "did you know your network is open, here's how to lock it down" to help people who may have left it open by accident. Getting helpful information from the police does *not* mean you can't ignore it if you actually want to run an open network though).
If this is simply a community service, the state governement should use grants to coerce the industry to extend their voluntary code of practice so that ISP's are responsible for making their customers aware of the risks as part of the signup process.
What kind of "voluntary code of practice" are you talking about? Its true in the past that access points shipped with encryption turned off, but that hasn't been the case for years. So these days the people with open APs are generally either still running old hardware, or are intentionally running them open. I can't see what "code of practice" is going to help with either of these situations.
I am surprisingly ignorant of the tax codes of the world. I thought things like the UK's VAT were way, way more common than filling out tax forms (albeit in a much easier manner than is the nightmare of the United States). Why don't more places use some sort of flat tax?
You make it sound like VAT is the only tax we have to pay in the UK. This isn't true - we pay tax on income, capital gains, etc and there are all sorts of tax credits you can get based on your personal circumstances (the tax and benefits system sometimes seems so complex to me that I wonder if career benefits scroungers have to go to university to do a degree in scrounging!).
Anyway, for most people, there is no requirement to fill in a tax return - your bank automatically deducts tax from any interest they pay you, your employer automatically deducts tax and NI from your salary (Pay as you earn - PAYE) and both inform the HMRC and NI of what you've earned and whats been deducted. The HMRC preiodically changes your PAYE tax code that tells your employer how much to deduct (for example, if you get income from a second job then that affects the amount that needs to be deducted).
For some people, it is beneficial to fill in a tax return, even though your employer is doing PAYE. For example, you may want to claim back tax on the membership fees of professional bodies, business expenses that your employer isn't contracted to refund, etc. These tax returns are very simple (the HMRC actually gives you a cut down tax return that only includes the sections that are relevant to your circumstances). Also, if you have overseas savings then you may have to declare them and pay tax since in that case the bank won't be doing it for you. Usually any extra tax or rebates are handled by adjusting your PAYE tax code so that you pay slightly less/more tax over the next year to cover them.
For self employed people, you have to fill in a more extended tax return, and usually you wouldn't be doing PAYE, so you pay tax in 6-monthly lump sums (although they also now offer monthly direct-debit payment plans, if you prefer).
But what does 'learning how the world works' really mean here? Which part of learning how the world works might bring this sense of guilt? Is it becoming more familiar with societal expectations? Is it a richer understanding of how laws like copyright seek to support the arts? Is it a more altruistic idea of fairness?
You may be right, but I do wonder just which part of learning how the world works may produce this effect.
I think young people tend not to think so much about the consequences of their actions (especially when the consequences don't directly cause problems for themselves). So as you get older, you may start to realise that by copying you are depriving an artist of income, that this is a bit unfair to the artist, and potentially makes it impossible for some artists to dedicate their working life to the art (with the long term effect of reducing the amount of art available to you).
On the other hand, I'm sure that watching the artist's representitives actively trying to screw over your peers probably goes a long way to counteract any such feelings of guilt.
They may not necessarily feel any guilt about piracy to begin with. The younger generations certainly don't
I don't recall feeling guilty about copying tapes when I was young... maybe the guilt is something that is acquired with age as we learn how the world works - if that's the case then I fully expect the RIAA's actions to counteract this tendency for people to acquire guilt.
Slashdot Mirror
However what it doesn't work for is the same store. You also never see that. Competing with yourself is stupid.
Except you do see it, all the time, it's really really common. In pretty much any city centre in the UK it is common to see Blacks and Millets next door to each other - they are both "outdoor gear" stores owned by the same company selling pretty much the same stuff (ok, so they started off as separate companies, but they've been the same company for years and years and have ample opportunity to thin the shops out and yet they haven't).
In the city I live in, H. Samuel (Jewellers) have 2 shops about 200 metres apart. Santander (bank) have 2 shops on the same road (again, these didn't used to be both Santander, but they have had ample opportunity to close one of them down and yet they haven't).
It also applies to shops owned by different companies that aren't the sort of shop to see people "shopping around" before buying - down in the local town centre, we have Tesco Express opposite Sainsburys Local - both "grocery convenience stores". No one is going to browse one and then browse the other before buying. It would seem more sensible to space the stores out a bit so that there is a good reason for people to go in one instead of the other (it's closer to them). Same just up the road - there's a Coop next to a Premier (again, grocery convenience stores).
Doesn't surprise me, for a variety of reasons.
As mentioned in TFS, they were crazy when it came to sotre placement. In my town, there were two GAME stores and one Gamestation all on the same shopping high street. There used to be a third GAME in a department store two minutes walk away, and there was briefly a fourth GAME directly opposite one of the current two. They all stocked exactly the same thing, with no great specialisation. What on earth did they think they were trying to acheve?
This one always confuses me. It isn't unique to games shops - go into any city centre and you will find like shops clustered together (here we have a bunch of banks all on the same street, the next street over there are a bunch of jewellers, etc.) I can only assume that it must work, otherwise they wouldn't do it, but I'm at a loss to understand why.
On the other hand, after hearing GAME's previous announcements about their financial problems, none of this surprises me: they appeared to have run the business by relying on regular bank loans to provide their working capital (for buying stock) rather than using their own profits to provide the working capital. One day the banks said "no" to their loan request and they were automatically screwed - they had no money of their own to buy stock. Using bank loans for one-off investments to expand the business is fine, but when you're relying on them on a day to day business for the normal operation of your business, you're putting everything in the hands of the bank with absolutely no guarantee that they won't withdraw their support without notice.
As for the lifetime of printers. Good printers can have lifetimes in terms of many years. During the 90s I worked on channel printers from the 70s.
And yet still, I see no reason why a printer needs to connect to an IPv6-only service on the internet...
I'd be interested to know what ARIN consider to be "best practices" in this regard
Dual stack.
Dual-stack requires either:
1. Enough IPv4 addresses for each piece of equipment
2. NAT
Customer should get an entire /64 or larger to build subnets and do translation on their side.
Do what translation exactly? Are you talking about tunnelling or translating? Bearing in mind that we're talking about IPv4-only equipment at both ends of the connection, I can't see how you can be talking about translating here.
Carriers should provide a IPv6 -> IPv4 gateway to access v4 resources from v6 networks.
So you're suggesting that the customer's router (which has no globally routable IPv4 address) takes v4 traffic from the customer's network, encapsulates it in v6, shoves it over a v6-only connection to the ISP where it gets de-encapsulated back to plain IPv4 and (wait for it) goes through a CGNAT (since nothing customer-wards of here has a globally routable v4 address)?
Firstly, how does this eliminate the "not best practices" CGNAT from the setup (it doesn't, you still need to NAT the traffic at the point it hits the globally routable v4 network).
Secondly, how does encapsulating it over the backhaul from the customer to the ISP help at all. Bear in mind that a PPPoE ADSL backhaul is basically IPv4 encapsulated within PPP, encapsulated within Ethernet, encapsulated within VC-Mux, encapsulated within ATM. The entire PPP stream is delivered to the ISP, so there seems to be no advantage in encapsulating v6 within the v4 rather than just shoving v6 directly on the PPP stream. Meanwhile, wrapping v6 in a v4 header increases the protocol overhead on the slowest part of the network even more.
It is true that the ISP may want to run the majority of their network as v6-only to avoid having to build out a v4 network, and that is may therefore be better to handle the v4 traffic as a plain v6 between a customer and the ISP's gateway, but this does not necessitate the customer's equipment doing any tunnelling - whether or not the ISP wants to do this is an internal affair and can be handled entirely internally (encapsulate the v4 traffic at the point the telco's backhaul reaches the ISP - no requirement to do this on customer-side equipment).
The big advantage is:
a) It puts the customer fully in control. They can implement their own NAT64 schemes however they choose.
Not really. The NAT64 gateway *has* to be on the ISP's network and shared by multiple customers, anything else requires each individual customer to have a global scope IPv4 address.
No routing tables, which means carriers grade routers can be upgraded to the much higher speeds possible with non table based routing.
I have no idea how you arrived at "no routing tables" from NAT64...
Which means that either upstream from them the device is going to be doing IPv6 -> IPv4. This capability is going to need to be in Home / Small business modem/router/switches provided by carriers.
That seems silly. If the carrier is going to provide hardware to to IPv6 over IPv4 tunnelling because the customer's router doesn't do IPv6, they may as well simply provide a replacement router that _does_ do IPv6.
legacy equipment won't be able to connect to IPv6 services
They are going to have to. Which means some piece of equipment upstream from them is going to have to handle translation.
I disagree. I can't really see a reason for legacy equipment to talk to IPv6-only equipment. The sort of equipment we're talking about is stuff like games consoles, which may need to contact the vendor's servers to do DRM, etc. There's no reason why the vendor can't continue to provide servers accessible over IPv4 for the lifetime of the product - after all, they already have the v4 addresses since the servers are already running. If someone's running a PC that can't do IPv6 then they seriously need to upgrade it anyway because its presumably running Windows 95.
For home/small business the carrier provides this service at the level of the router/modem. So the customer runs IPv4 internally, the equipment that can tunnel does and other stuff gets dynamically allocated IPv6 connections.
Why wouldn't the customer run a dual-stack network internally (on all devices that are v6-capable)? Running only v4 internally and then playing messy NAT games to let it talk to v6 kit is crazy if the equipment is v6-capable anyway.
So for example if my IPv4 printer needs to talk to AABB:CCDD... it gets told it is talking to 192.168.5.24 the same way NAT works internally now.
Why does your printer need to talk to any v6-only equipment? The only stuff it needs to connect to outside your LAN is possibly the vendor's firmware update server, which is already available on v4 and can continue to be so for the support lifetime of the printer. The printer can talk to everything on your LAN because the IPv6 machines are also running dual-stacked IPv4.
Lets be clear: no one is going to be running significant v6-only services any time soon - the customer base just isn't high enough to support it. There will be all sorts of crazy NAT and proxy games on the datacentre side of the connection to make as much as possible appear on v4 addresses. By the time anyone starts launching significant v6-only services, v4-only devices are going to be very old and people will be willing to forego supporting them, just like websites frequently no longer support IE6.
(Yes, I'm aware there are already v6-only services. However, these have been launched in restricted markets.)
In terms of ARIN they've declared this to not be "best practices" which means from a US legal standpoint using CGNAT would create liability situations that don't exist under an IPv6 transition.
I'd be interested to know what ARIN consider to be "best practices" in this regard. Obviously it is poor if ISPs are going to offer CGNAT *instead* of IPv6 support (I don't really see how this is viable in the long term though - at some point people will need to access v6-only content). However, ISPs are going to have to offer IPv4 connectivity for the forseeable future, until IPv4-only equipment and services have been almost entirely phased out. With a shortfall of IPv4 addresses, ISPs are going to have to use NAT in order to continue to provide IPv4 connectivity to everyone. The way I see it, best practice would be to provide IPv6 connectivity for everyone as standard, but also CGNAT IPv4 connectivity so that people can still access v4-only content and use v4-only equipment. By "v4 only equipment", I mean your IPv4-only games consoles, etc. which will continue to need to contact the vendor's servers, which the console vendor will need to ensure remain accessible over v4 for the normal lifetime of the equipment.
In other words if something went wrong for a client and it was a result of CGNAT they hurdle for proving negligence would be lower and the damages higher.
I don't quite see that - "something going wrong" is basically going to be 2 devices not being able to talk to each other. We see this all the time anyway, even where no NATs are involved. Misconfigured routers dropping TCP packets with the ECN bit set used to be a big problem, these days its still quite common for ICMP Frag Needed packets to be dropped by misconfigured routers, leading to hanging TCP sessions - all of this stuff is of a similar seriousness to any CGNAT related problems that might befall an ISP, and ISPs are rarely held responsible (in fact, in my experience, it's usually pretty hard to even convince the ISP to fix a problem, even when you provide ample evidence that it is a misconfiguration within their network, so they can't be that worried about their liability for obscure network problems).
What the carriers do is run IPv6 -> IPv4 translation so IPv4 resources look like they exist on a subnet within the carrier. From the v4 side it is a gateway with rapidly rotating IPv4 addresses.
This is DNS64/NAT64. It works fine in specific cases where you know the end-user equipment is fully v6 capable (for example, you sold them a v6-capable phone and you know the whole software stack does v6 just fine). I can't see it being an acceptable solution for generic networks, since they have all sorts of random equipment that won't do IPv6, and even on v6-capable machines, there's often lots of software higher up the stack that doesn't support v6. On the whole, I can't see a big advantage of NAT64 over CGNAT - in both cases you have a NAT interfering with the traffic, with pretty much every problem CGNAT causes also present in NAT64. The saving from NAT64 is that you don't need to build out a private IPv4 network, but the cost is that you break everything that relies on having an IPv4 network.
I should mention I assume carrier home/small business router/modems will do IPV6->IPV4 as part of their dual stack, so people with home small business equipment could run an IPV4 subnet and keep their equipment. More than just network equipment there are expensive network attached printers and no one wants to replace all of them,..
I'll address this in 2 parts:
Firstly, most consumer grade routers (that is: the sort of Netgear, etc. thing most people have at home and in small offices) do no IPv6 *at all*. Individual workstations are going to be able to use the likes of Teredo to tunnel v6 traffic over IPv4, but that's a really poor bodge at best.
Second: equipment like networked printers, etc. are largely unaffected anyway. No one (sane) is suggesting turning off IPv4 entirely on the LAN - most people will run IPv6 and IPv4 concurrently. All your old IPv4 equipment is still going to be able to talk to your workstations since they will all run IPv4 too. The router doesn't really affect what protocols you run internally - even if you were on an IPv6-only internet connection, you can still run IPv4 internally to keep your old equipment working.
The only real issues here involve old IPv4-only network equipment that needs to talk to something on the internet - since there won't be enough v4 addresses for each piece of equipment, it'll be going through some variety of NAT. Outgoing connections from your legacy equipment to v4 servers will be (largely) fine, although of course, legacy equipment won't be able to connect to IPv6 services. Inbound connections from the internet to your legacy equipment aren't going to be possible, which is going to be a problem for certain peer to peer technologies. I imagine that ISPs will sell "premium" accounts that provide globally reachable IPv4 addresses that don't go through a NAT - this is possible because they will be reclaiming IPv4 addresses from all those customers who don't pay for the premium account.
By the way, old v4-only equipment is an excellent reason why DNS64/NAT64 isn't the big solution that some people make it out to be: the idea behind DNS64/NAT64 is that the customer's network can be a single-stack IPv6 network whilst still allowing them to connect to IPv4 servers. This is done by passing all the DNS requests from the customer through a DNS64 server - this mangles the IPv4 addresses that are returned in response to a DNS request into IPv6 addresses (breaking DNSSEC in the process). The customer's equipment makes an IPv6 connection to this fake address, which is routed via a NAT64 system, which translates it into IPv4 traffic. Returning traffic is un-NATted back to IPv6 in much the same way as normal IPv4 NAT works. The problem here is that the customer's equipment needs to be able to do IPv6, and this clearly isn't going to be the case for some years. So the ISP is going to have to provide some kind of native IPv4 connectivity anyway, which renderd DNS64/NAT64 a bit pointless. To me, it seems like a solution looking for a problem.
BTW what is your company?
I run Opendium - we primarilly produce web filtering systems, mail servers, etc. for schools and small businesses and also often run or consult with them on their network infrastructures and network security.
Further the regulators are hostile to it.
In what way are the regulators hostile to it? Here in the UK, I've seen no comments from OFCOM on the subject at all (getting *something* from them about IPv6 would be good, at the moment they seem to just be completely silent on the subject. Which is a shame because they really should have enforced ISPs supporting IPv6 a long time ago).
Anyway, whether the regulators like it or not, CGNAT isn't going to go away - we are far past the point where a transition to IPv6 will be an easy disruption free affair. We're going to need IPv4 for the foreseeable future (there's going to be IPv4 services for a looong time to come, and when the ISPs run out of IPv4 addresses, their only sensible options for allowing their customers to access IPv4 services are CGNAT and DNS64/NAT64. IMHO NAT64 is going to break a lot more that CGNAT because it is trying to shoe-horn IPv6 into *all* applications, including software that has no support for IPv6 at all, and essentially offers all the scope for plain old CGNAT-style breakage on top of that. Also, DNS64 badly breaks DNSSEC.
Of course, what *should* have happened was that ISPs should have rolled out IPv6 10 years ago, hardware manufacturers should have supported IPv6 10 years ago and datacentres should have supported IPv6 10 years ago and content providers should have dual-stacked their servers 10 years ago. If this happened, pretty much all home users would now have IPv6 enabled networks and workstations without even knowing about it and everyone would've had 10 years to complete the transition. Instead what happened was *everyone* stuck their heads in the ground and pretended this wasn't going to be a problem until about 6 months before IANA ran out, then various people said "oh shit, we'd better do something" and started implementing IPv6, whilst the vast majority of people still did nothing at all.
Hell, it's *still* pretty hard to find a consumer grade router that has any kind of IPv6 support - you're very unlikely to find that the one you just bought does it by chance, you've got to actively look for it (which isn't something the average consumer is going to do). Then once you have a v6-enabled router, it's extremely unlikely that your ISP offers an IPv6 connection, so you have to shop around for a new ISP (again, not something the average user will do). Then when you find an ISP that does v6, they alsmot certainly won't do it by default, so you have to convince them to turn it on for you (not something the average consumer will do).
Even when you explicitly search for IPv6 stuff, you find that the vendors are often lieing rather than actually implementing v6 support - there are a number of consumer grade internet routers around that say "IPv6 ready" on the box... it turns out that "IPv6 ready" usually means "we might release a firmware update to provide IPv6 support at some point in the future.. maybe, if you're lucky".
Another example - one of my customers was recently shopping around for a new leased line and I advised them to look for an ISP that supports IPv6 since they are going to need it within a reasonably short period. Eclipse Internet said "yes, we support IPv6" so the customer had the leased line installed. Once it was installed, I contacted Eclipse to ask for IPv6 to be enabled and got the reply "Our network fully supports IPv6, however we are not rolling it out to any customers at this point in time"... well that's a fat lot of use and if I were the customer I would be demanding that they refund the installation costs and cancel the contract since it was clearly sold on false pretenses (no, I really don't believe that you can legally tell as potential customer "yes we support IPv6" when you have no intention of giving them an IPv6 connection when they ask for it).
The sad thing is, all the products my company sells fully support IPv6, yet *no one* has ever said anything about this - IPv6 *should* be on every customer's "must have" list when buying n
RIPE (Europe) is down to about 40 million addresses, including the last 16 million which will be assigned under a different, more stringent policy
Its worth noting that most (all?) the RIRs have similar /8 policies, which makes the idead of having "run out of IP addresses" slightly confusing. Basically, this means that once they are down to the last /8 (~16.8 million addresses), each LIR is only going to be allocated a single /22, forever. So with such a restrictive policy, it will take many years for the RIRs to actually run out of addresses, but as soon as they hit the last /8, addresses will get very scarce - this is the "crunch point" - by the time they actually run out we probably won't need IPv4 addresses any more.
The idea of this last /8 policy is mainly to allow new LIRs to get a small chunk of IPv4 addresses to allow them to continue to compete with the existing LIRs who already have IPv4 networks - imagine you're shopping around for a datacentre to host some servers in, the existing datacentres say "we can give you IPv4 and IPv6 connectivity" whilst the new datacentre says "we can only give you IPv6 because we have no v4 addresses". In that situation, no one would use the new datacentre, so by allowing them to have a /22 lets them compete on a more level ground. Of course, a /22 is only 1024 addresses, so they are going to have to be very careful with them, and are still at a disadvantage to the existing datacentres, who will be able to reclaim addresses from internal equipment, etc.
So, RIPE is about 26 million addresses away from the last /8 "crunch" and the addresses currently seem to be going at about 5 million a month, so we can probably expect them to run out around August/September, assuming the allocations stay at the same rate. Interestingly, APNIC saw a big increase in demand once they got down to about 7 /8s and this hasn't happened for RIPE yet. It will be interesting to see if there is a last minute demand.
A useful graph of allocations by RIR
When those are depleted, it's going to be NAT all the way down.
I keep hearing ISPs say "we're not implementing IPv6 yet, we've got loads of IPv4 addresses so we're not worried". But at the end of the day, I don't think the ISPs are going to be the driving force - I think they really do have plenty of spare IPv4 addresses, and even when they run out, they can NAT most of their customers and charge a premium to anyone who needs an un-NATted connection. The people who are going to be really hit by the crunch are content providers - at some point, a content provider is going to want to add a new server, a new HTTPS site, etc; and they're going to get the answer "no" when they ask the datacentre for some more IPv4 addresses. Thats when things are going to get messy. Of course, the ISPs saying "we don't need IPv6 since we've got loads of addresses" is totally bogus - it doesn't matter how many v4 addresses they have, if the ISPs' customers want to access content hosted by people who _don't_ have v4 addresses, they are going to need v6 connectivity, and eventually any ISP that doesn't provide it is going to lose out because some content isn't going to work. What ISP wants to tell their customers that they don't allow connections to Facebook's new service, or Google's new product?
One thing that would be nice to see is more v6-only content *before* crunch-time to try and pressure the ISPs to act. This could be done without seriously impacting the bottom-line of content producers: for example, Google always likes to "soft-launch" their new products, often by doing an invitation-only thing. But they could soft-launch them by initially making them v6-only. Same effect for them (no massive influx of new users, whilst getting a steady str
I remember seeing a footage with some bureaucrat (an US president?) saying that in several years we will win the war with cancer. That was in the 70's.
"Mission Complete"? :)
In our (North American at least) justice system, it is money that wins the day. If you cannot afford to do legal battle, you lose. Very sad, but until we change it, it is the way things are.
My only suggestion is if you need the app, make sure you have it and a backup on your ipad. The company may stop producing and supporting it, but if you already have it and it is working, then keep it. (ps. Don't screw around with that ipad, in case you corrupt something and lose the 'irreplacebale' app.
And when your iPad dies? (e.g. I don't expect an iPad to last 15 years, but there may be a requirement for this software to last that long). At least if the company who writes it are still around then they might be selling a version for the iPad 20 or whatever happens to be around by that time.
Being from Australia I can honestly say that there isn't enough people here who understand what software patents are let alone the problems they cause to change it. I'd like to create the petition to abolish the creation of new software patents at the source, but I'm not a citizen.
You don't need to prevent software patents from being created in the US. You need to stop them being enforced elsewhere in the world. If the penalty for infringing a software patent is simply the inability to ship your product to the US then that's fine - the rest of the world benefits whilst the US suffers. Eventually maybe the US will lag so far behind the rest of the world that they might wake up and fix their patent system, but that bit is largely unimportant for the rest of the world.
The *problem* is that governments are bowing down to pressure from the US to enforce US laws on their citizens. I would argue that this is not in the interests of the government's own citizens, and since the role of government is supposidly to stand up for the interests of their population they have no business making these sorts of agreements with the US.
It seems the world is ruled by corporations. Shouldn't it be time to start limiting end eventually outlawing these entities? I think the world would be a better place without them.
I certainly don't think the world would be a better place without big corporations - without them, who is going to build CPUs for your computers, jet engines for planes, etc. These are things that require significant investment and man-power, and therefore something that small businesses and individuals can't really do themselves. However, corporations have way too much power, and that is something that needs limiting.
the point is protecting people who do not know any better.
The problem here is you basically achieve nothing, and at worst give people a false sense of security. Giving Google a hard time over storing data they realistically couldn't do a lot with* prevents no abuse (because they couldn't really have done much with that data anyway), meanwhile it does nothing to prevent people with bad motivation from logging and analysing the traffic.
So at best, nothing changed. At worst, some people decide they don't need to worry about encrypting their networks because the police will catch anyone naughty.
(*) Google captured wifi traffic from a vehicle moving at speed. As they drove past someone's network, they will have captured a few isolated fragments from the middle of a stream of data (assuming the network was actually being used at the time). It isn't like they were sitting outside someone's house for hours watching all their email traffic go by or something.
Wifi broadcasts a flag *specifically* to tell you if it is public or private, if people set that flag to public when they mean private I don't think the general public should be expected to have a vast amount of knowledge of a changing market place in order to judge whether the owner set it up wrong or not.
What is this flag, and how is it configured? I have often wondered if such a thing exists, but I can't see how to change it on my current router (DD-WRT, as it happens) and I wouldn't know how to tell my WiFi client to respect such a flag (or not).
The wifi AP broadcasts a flag to say whether the network is encrypted (and hence private) or open (therefore public).
If I asked a potential employee for their personal passwords and they handed them over, they most certainly wouldn't get the job. I want employees with a clue about security - if they are happy to hand over their personal passwords, I can only assume they would also be happy to hand over confidential company data to a third party.
Everybody complains about region restrictions. I don't like region restrictions but the reality is different regions have different laws and some movies aren't allowed there. I think region restrictions are primarily about making sure legal behinds are covered.
Legal restrictions make other (non-digital) goods illegal in some areas. They don't require region restrictions - the people importing the goods are responsible for complying with the law, not the manufacturer.
It would be _reasonable_ to assume it's only meant for customers. Just like it's _reasonable_ to assume those newspapers and magazines lying around are for customers and not random passers-by.
Did you read what I wrote or did you just read the first few words and make the rest up? I never said anything about non-customers, the choices I offered were:
1. it is intended to be used by customers of Bob's Caf'e
2. it is Bob's personal wifi network that has been accidentally left open and no one except Bob himself should be using it
I've never seen an ISP-provided wifi kit that didn't uniquely identify itself somehow. Usually with a MAC address, or something other random-but-unique number in the SSID.
And yet I have. It is less common now, but it certainly used to happen a lot. Also, access points with the manufacturer's name and no uniqueness are still pretty common (Linksys, Netgear, etc.) It may be obvious to someone familiar with all the different manufacturers of kit that these are the default names, but the law should not require people to be that knowledgable about the market. Wifi broadcasts a flag *specifically* to tell you if it is public or private, if people set that flag to public when they mean private I don't think the general public should be expected to have a vast amount of knowledge of a changing market place in order to judge whether the owner set it up wrong or not.
Also, if you are one of the people who leaves their home router's SSID set to "Linksys", your computer _will_ automatically associate with any other open network called "Linksys" and there's no sensible technological way to stop this from happening.
Remember: we're not necessarilly talking about techies with a good indepth knowledge of the technologies and marketplace. If a laptop has a "public wifi" icon next to a wifi network with a fairly generic name then it is reasonable for the _general public_ to believe this to be a public wifi hotspot. A law to protect unknowledgable people who can't configure their routers correctly automatically criminalises unknowledgable people who can't make a judgement based on fairly extensive knowledge of an ever-changing market.
google got a lot of trouble for doing so. because its inevitable they capture some actual content of connections on insecure wlans.
Google got into trouble for _storing_ that data, not capturing it.
(IMHO they shouldn't have got into trouble for any of it anyway, if you broadcast something into a public space you should have no expectation of it not being captured, stored, analysed, etc.)
Incidentally, why did the law enforcement authorities complain about Google storing data (which could have been analysed later, even though Google said they weren't going to do this), whilst shopping centres are starting to get away with capturing cellphone beacons and analysing them to build a picture of shopper movements? I'm much happier about Google capturing some random data that people have _chosen_ to transmit in the clear than someone capturing data that is mandated by international protocol standards to be transmitted in the clear.
By your logic, it's reasonable to assume anyone without a fence and locked door is inviting me in for dinner.
No. Public areas (parks, etc) are usually clearly marked as such - it is pretty easy to tell the deifference between a park and someone's unfenced garden.
On the other hand, wifi has a flag in the protocol explicitly to tell you if it is public or private and there is no other sensible way to tell this. Unfortunately, access points that are accidentally left open will also be broadcasting an "I am a public hotspot" flag, even though the owner didn't intend to do this.
As an example, if you go for a coffee in "Bob's café" and you find an open access point called "bobs_wifi", are you to assume that this is intended to be used by the customers of the café, or should you assume that Bob lives above the café and this is his personal wifi that has been set up incorrectly? (And yes, it's pretty common for cafés to provide free wifi in the form of an open access point and not even bother to advertise the fact).
Another example: I have accidentally used someone's personal wifi in the past - it was an open access point that was broadcasting a pretty generic SSID (something like "BTOpenSpace"). BT provide internet connections to homes and businesses (with associated wifi kit), but they also provide public hotspots under a variety of names (BTOpenZone, BTFon and a few others). Without a good knowledge of all the hotspot providers and ISPs, it is impossible to know which ones are private and which are public without trusting that the ones that advertise themselves as public really are (as it turns out, the BTOpenSpace one was someone's home ADSL, but I didn't realise this until afterwards).
Also, anything that automatically looks for public wifi hotspots can *only* trust what the access point is advertising itself to be - since no human is reviewing its decisions, there are no judgement calls. My SIP handset will auto-associate with any public network if it can't find my private one - it isn't going to ask me every time it needs to change network, so even if your network has the SSID of "private_keep_out", it'll still happilly use that network if your AP is advertising itself as a public hotspot.
So sorry, since legitimate public hotspots are very common and there is no way to tell them apart from incorrectly configured private access points, I can't see how it can be considered a crime for someone to use a private hotspot that is advertising itself as being public. This isn't like an obvious private garden not having fences, it's more like an unfenced garden with a bloody great sign outside it saying "please come in".
While this is a nice service, I do think this does not fall under the purview of the state police
Why not? The police are in the business of crime prevention as well as catching criminals.
Breaking into someone's house and stealing their stuff is a crime. If you do it, the police will (hopefully) come after you and lock you up. The police also have programmes whereby they will tour the neighbourhoods and if they spot some bit of bad security they will knock on the door and tell you about it so you can fix it *before* someone takes advantage of it.
Breaking into someone's network is a crime*. If you do it, the police will (hopefully) come after you and lock you up. In this case, the police are also running a programme whereby they will tour the neighbourhoods and if they spot some bit of bad security they will knock on the door and tell you about it so you can fix it *before* someone takes advantage of it.
What's the difference?
(* cracking someone's security, even if it's lowly WEP, is a crime and should be punished - if someone is running any kind of encryption then it is clear that they don't want to let you into the network. On the other hand, I very much believe that it should _not_ be a crime to use an open network, because there is no reasonable way to know that it wasn't intended to be an open hotspot. I would, however, expect these police to tell you "did you know your network is open, here's how to lock it down" to help people who may have left it open by accident. Getting helpful information from the police does *not* mean you can't ignore it if you actually want to run an open network though).
If this is simply a community service, the state governement should use grants to coerce the industry to extend their voluntary code of practice so that ISP's are responsible for making their customers aware of the risks as part of the signup process.
What kind of "voluntary code of practice" are you talking about? Its true in the past that access points shipped with encryption turned off, but that hasn't been the case for years. So these days the people with open APs are generally either still running old hardware, or are intentionally running them open. I can't see what "code of practice" is going to help with either of these situations.
it's still illegal to break it.
unless, of course, it seems if you're a cop.
The police aren't breaking anything, AFAICT they are just listening to the beacon from the access points and seeing if it is flagged as encrypted.
I am surprisingly ignorant of the tax codes of the world. I thought things like the UK's VAT were way, way more common than filling out tax forms (albeit in a much easier manner than is the nightmare of the United States). Why don't more places use some sort of flat tax?
You make it sound like VAT is the only tax we have to pay in the UK. This isn't true - we pay tax on income, capital gains, etc and there are all sorts of tax credits you can get based on your personal circumstances (the tax and benefits system sometimes seems so complex to me that I wonder if career benefits scroungers have to go to university to do a degree in scrounging!).
Anyway, for most people, there is no requirement to fill in a tax return - your bank automatically deducts tax from any interest they pay you, your employer automatically deducts tax and NI from your salary (Pay as you earn - PAYE) and both inform the HMRC and NI of what you've earned and whats been deducted. The HMRC preiodically changes your PAYE tax code that tells your employer how much to deduct (for example, if you get income from a second job then that affects the amount that needs to be deducted).
For some people, it is beneficial to fill in a tax return, even though your employer is doing PAYE. For example, you may want to claim back tax on the membership fees of professional bodies, business expenses that your employer isn't contracted to refund, etc. These tax returns are very simple (the HMRC actually gives you a cut down tax return that only includes the sections that are relevant to your circumstances). Also, if you have overseas savings then you may have to declare them and pay tax since in that case the bank won't be doing it for you. Usually any extra tax or rebates are handled by adjusting your PAYE tax code so that you pay slightly less/more tax over the next year to cover them.
For self employed people, you have to fill in a more extended tax return, and usually you wouldn't be doing PAYE, so you pay tax in 6-monthly lump sums (although they also now offer monthly direct-debit payment plans, if you prefer).
But what does 'learning how the world works' really mean here? Which part of learning how the world works might bring this sense of guilt? Is it becoming more familiar with societal expectations? Is it a richer understanding of how laws like copyright seek to support the arts? Is it a more altruistic idea of fairness?
You may be right, but I do wonder just which part of learning how the world works may produce this effect.
I think young people tend not to think so much about the consequences of their actions (especially when the consequences don't directly cause problems for themselves). So as you get older, you may start to realise that by copying you are depriving an artist of income, that this is a bit unfair to the artist, and potentially makes it impossible for some artists to dedicate their working life to the art (with the long term effect of reducing the amount of art available to you).
On the other hand, I'm sure that watching the artist's representitives actively trying to screw over your peers probably goes a long way to counteract any such feelings of guilt.
I foresee a large lawsuit settlement in his future
This isn't the USA
They may not necessarily feel any guilt about piracy to begin with. The younger generations certainly don't
I don't recall feeling guilty about copying tapes when I was young... maybe the guilt is something that is acquired with age as we learn how the world works - if that's the case then I fully expect the RIAA's actions to counteract this tendency for people to acquire guilt.