It is fascinating to me that know-nothing dweebs like you can simply invent facts out of thin air and assert them as arguments.
Huh. Then you must be quite fascinated with yourself.
Not that anyone as rude and ignorant as you deserves a response.
Yet, I'm replying to you. Ironic.
But I was THERE.
Then you should know better.
I knew Jon Postel at the IETF
Mmm'K.
and met with him several times on the governance of the.us TLD.
Sounds like you were bossom buddies.
If you were "there", you must recognize and respect folks like Hubert Zimmerman, Louis Pouzin, Donald Davies and Tim Berners-Lee, all working outside the US on technologies essential to TCP/IP and internet applications.
But, since you were there, I needn't bother telling you who they were or what they did, eh? You probably played poker with them every second Thursday.
If you were there, you should be ashamed of your attitude. It contradicts the whole point of internetworking and the cooperative spirit that drove the development and rapid adoption of the core internet protocols.
I am likely confused, as the article is light on details,
I don't think confusion is the right concept, but I think, "respectfully uninformed" is close.
but as I see it this seems perfectly legitmate, as much as I might disagree
You do have a confusing way of contradicting yourself though...
The.kz domain was set aside for a particular country, so It seems to me that they somewhat 'own' that, since it is labeled with their name.
Actually, normally and historically, governments don't own or control the country code Top Level Domains (ccTLDs) in the global IANA DNS system. Those ccTLDs are delegated to ccTLD managers who are qualified--predominantly private sector--"internet authorities" in those countries.
These delegations began in 1985 when John Postel began personally assigning them to various managers. IIRC, in 1994 Postel wrote IETF RFC 1591, that formalized the delegation and management guidelines for ccTLDs. ICANN/IANA took total control when Postel died, and added their own policies, but RFC 1591 is still considered valid.
Hence, if that government decides that there is something utilizing their.kz domain which they do not approve of, then it seems reasonable that they would be able to remove it, right?
Again, ccTLDs are delegated to managers, whose primary roles are to maintain TLD stability and perform required technical tasks to manage their ccTLD, and neither of those duties include content control or management.
However, since governments, local, regional and national, usually constitute a significant internet community presence in their localities, their influence with ccTLD managers is likely to be much greater than the average netizen's. This is different, though, than complete governence or authoritative control over a ccTLD. And it's this important difference that is the concern for many folks.
They aren't 'censoring' the site per-se, they are just saying they don't want it to use their name, the site can be posted under plenty of other domains, and is of course still accessible via it's IP address.
The tangible concern is that ICANN/IANA has, with the US government's guidance, implemented policies and practices that usurp competent ccTLD manager's rightful and proper delegations. The less tangible concern is that IANA has in some cases redelegated ccTLD management directly to governments--that may manage the ccTLDs to gain political advantage and bolster their power rather than in a stable, custodial manner.
If I let someone use my domain for their site, and then they put up a webpage bashing me, I would likely remove the DNS entry, making their site inaccessible via my domain.... I think that would be reasonable on my part, given that my domain reflects directly on me.
Not the same at all, as explained above.
On a side note, does it not seem reasonable that if you want to put up a site that is somewhat 'extreme' or that you fear would be censored by various governments, that you try to keep it independent of any government control?
Obviously.
Are there ways to do this? I can use different domains, or are all of these controlled by some government?
Well, you could have a friendly party outside your government's jurisdiction host your content for you.
Must I simply have my site accessible by IP address and without DNS to avoid outside control?
Of course, running an HTTP service on port 80 (or any other port) of any machine accessible from the internet will allow folks to view the HTTP content you serve, whether or not it is in global DNS.
Is there someway that someone could/would still shutdown access to my site even if I do not use DNS?
Your internet provider or any provider between you and the folks using your server could trivially redirect or simply drop HTTP packets to/from your IP address. If they are lawfully ordered to do that by authorities in their jurisdiction, they will.
We have NO Right to privacy granted ANYWHERE in the Constitution. Nowhere in that document (nor any Governmental Document of its like) does it state we as citizens have any rights to Privacy.
Well, while the phrase "right to privacy" may not appear in the articles, bill or rights or subsequent amendments, you have to admit that this speaks pretty explicitly to the subject of personal privacy:
Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Amendments III and V (look them up) also seem to enumerate and describe rights related to personal privacy, no?
I would think that "The right of the people to be secure in their persons...shall not be violated" was meaningful for Roe v. Wade. How 'bout you?
Even if you're not following that, Amendments IX and X clearly state that the federal government is Constitutionally bound to respect state's rights and personal rights whether they're explicitly defined or not.
So, any way you cut it, your profoundly ignorant interpretation is ill-considered, wrong, annoying and, again, profoundly ignorant.
First of all, consumers would obviously resist this hypothetical speed tracking hardware. Perhaps something like this will be implemented some day, perhaps not.
If you're talking about the first case--of an onboard computer tracking average speed--it's here, it's normal, and it's in most mid-class and above vehicles sold today. I've personally had in-dash "trip computers" with this info in a '91 Saab, a '95 Jeep, a '97 BMW, and a 2005 Suburu. And you have heard of GPS navigation systems, perhaps?
If you're talking about the second case--remote speed reporting--it has existed in commercial vehicle fleets for some time, and is touted as a fuel and safety management feature to the fleet owner/operators. In the consumer market, GM's On-Star is a tiny babystep away from this stuff privacy-wise and people are *purchasing* that service as an optional value-add.
In short, I think your position is weakly founded.
Hi... what a great reply. We are in the same business - sort of - but with differing approaches. Frist of all, remember that the original comment was P2P users not corporate or government users.
Thank you, yours too. And I agree that the contexts are different, but I would argue that you should get the service that your service agreement describes whether you're a residential, business or government customer.
I'll have take your word for it on active rate-limiters in the consumer market, I guess. It is disappointing to hear though.
It seems like we're mostly in agreement on the underlying issue that bandwidth campers are the enemy and must be handled somehow, but disagree on the finer points of that handling.
When I first became an engineer, I had a funny conversation with a senior eng who was kind of mentoring me...
He noted that our telco/ISP had a "Customer Care" group for customer advocacy, which was fine, but that it should have been complimented with a "Customer Don't Care" group for company advocacy that called up "poison" customers of whatever sort to give them the boot.
Well, my comment was quite tongue-in-cheek, but since you commented so sincerely...
I don't imagine there are many, if any, consumer oriented ISPs doing bandwidth-billing. Bandwidth-billing is almost exclusively a business-service oriented model. If there were such a consumer ISP, though, they'd be loving the P2P crowd; I'm telling you.
At least not without some method of limiting their ability to continuously move files at full b/w.
Okay, I'm coming at this from the perspective of someone who does capacity planning for a regional ISP that does 750M peak daily transit with a primarily small/medium business (25-300 employees) customer base and a couple Fortune 100 customers too.
In my work I must assume that there will be some percentage of my customer base who are bandwidth hogs and plan my network capacity accordingly. If the terms of my customer contract say the customer gets a burstable OC3 with a 50M mininum tier, priced at $70/Meg ($3500/Month + transport and overage charges), I must supply a minimum of 50M throughput regardless of how they use it. I can NOT arbitrarily rate limit them to a more convenient throughput.
I must ensure that my infrastructure and upstream connections can support the normal traffic patterns of my customers as a whole, including the ones who are mostly idle, the ones in the middle of the bell curve, and the hogs. In addition, I have to plan against sales forecasts and historic growth trends. It's interesting work.
As a broadband consumer myself, I would scream bloody hell if my provider actively rate-limited me below the advertised up/down rates I'm paying for. I can accept the natural ebb and flow of connection speeds as the network is busy or idle, but false ceilings or other sly schemes will NOT fly.
Bear in mind that I don't believe that my broadband provider applying QoS preference across my link or across their core, via IP Precedence or DSCP, is the same as the usage impairing rate-limiting you are suggesting. If they want to groom the network to benefit jitter or latency sensitive traffic over my web or email traffic, then that's fine. As long as it's documented in my service agreement, that's totally cool and probably more helpful than not.
The reason is that the ISP itself has limited upstream bandwidth and almost certainly has to pay extra when they burst upwards; at least if they burst beyond a time or b/w limit. If the ISP's b/w is capped then all users can be affected when the pipe fills with a few users allowing P2P access.
I do pay more for bursting above the tiers set on my upstreams, but my cost per megabit goes down; i.e. I pay $X/Mb up to my commited peak, but $(0.75*X)/Mb beyond my commited peak based on 95th-percentile measurements. So my cost of goods sold actually decreases, relatively.
Everyone's bandwidth is capped, either at line rate for the circuit, or at some *contracted* fraction thereof. Note the word "contracted", it's important. Oversubscription is, of course, essential to ISP profits, but it's got to be above-board. If they pay for it, I must provide it. Period.
On the money side, it's obviously imperative that you price your services above what it costs you to provide them. That's why you seek and encourage the average customer and handle the hogs as they come. By "handle", I mean that you must accept that they will find you and build your network to accomodate that.
When you're a business-oriented ISP, it's fairly easy to charge more per megabit than you pay for your upstreams. In consumer-based ISPs, you must build a higher volume of idle and average users to offset the real P2P hogs--or explicity forbid P2P (or the "killer" app du jour) in your AUP, and disconnect the violators. That's why most broadband providers ban customers from operating servers over their broadband.
While under the terms of their use Policies they can charge these users for the extra bandwidth, ISPs
I remember my 8th grade biology text (1986ish) showing some guy's drawings of various animal embryos and how similar they are. Now I find out it was an exaggeration.
Source?
And the peppered moths? I come to find out they were dead moths pinned to the trees.
Are folks reading this comment supposed to know this reference? Provide a context and the refuting source here too please.
Okay, now tell me how blood clotting works...
Already very simply and eloquently explained by another poster....
I'm not saying we should have to pick Intelligent Design OVER Evolution. Teach evolution but ask intelligent questions.
Well I'm saying that we should only teach testable theories in science classes. And, since science is all about asking intelligent questions---with repeatably testable answers---I'm glad we agree.
That's NOT true of places like Fedex, because Fedex has no way to determine what is in each box.
Ah yes, but the color of the box gives a quick visual reference to the type of service purchased by the sender, and that type of service dictates the treatment and delivery pacing of the box. Sound familiar?
Fedex should not be under a duty to open and look into each and every box. But if they did, their common carrier status would disappear too.
All of the information an ISP needs to apply a quality of service is in the packet headers. The packet payload need not be seen, studied, reviewed, saved, archived, processed, purviewed, hassled, taunted, or twiddled with in any way.
Do you really think the Feds would allow Fedex to knowingly ship cocaine into the country and accept payment without any consequences?!
Nowhere in the literature does it say to place the product in the living room. It isn't specifically marketed for the living room.
Oh? You sure?
I haven't yet seen an advertisement that displays it in a living room.
Really? Then let me help you out.
Remember this site? Check out the pull-quote on this page, and the even more prominent highlight on this page. I found them in less than 2 minutes of navigating focused on hardware and multimedia. Sometimes irony can bite you in the ass, my friend.
I wouldn't be surprised if people are putting them on their desktop next to their computer, to be honest. (That's where I have my Playstation 2)
So, you really think that's what all those folks with widescreens & front projectors in their family rooms will be doing, eh? You just stick with that then, don't let me tell you different.
This is more an instance of dumb consumers than "Microsoftness" as people are playing it up to be.
Hey, MS hasn't cornered the market on design blunders. I've got nothing against them specifically, but I think this does provide a good example of a fumbled product specification. Blame consumers if you like, but you've said nothing convincing me that this case is a consumer problem. It's a home entertainment center component, and it doesn't fit well in that environment. That's pretty flawed, from any angle.
The ability to just buy something, plug it in...VCR...
You keep using VCRs as the benchmark you believe people are holding to the XBox360. It's a little goofy to believe that folks dropping upwards of five bills on an HD/5.1 game console are VCR people. VCRs do neither HD or 5.1 out, and probably won't even share space with the Xbox360 in most HD home setups.
However HD DVRs/TiVos, HD cable/sat boxes and DVD players do (well standard DVD is SD [480p] but some upconvert to 1080i/720p). On technologically and cost, HD DVRs compare very well with the XBox360. But they don't tend to overheat when placed near other AV devices. Funny, that.
From wikipedia's entry on "opinion" Note that simply because a particular opinion is more popular still does not make the opposite opinion incorrect or wrong
All that says is that popularity is not evidence of accuracy. Duh.
You said: Facts can be wrong, opinions can't be.
And that's just not true. Facts, definitionally, are objective and can *not* be wrong. Opinion, definitionally implies subjectivity, and therefore has the capacity to be factually wrong in many cases.
Wiki's are great, but sometimes a vetted source is better:
OPINION implies a conclusion thought out yet open to dispute...
The three contextually meaningful entries for fact:
3 : the quality of being actual 4 a : something that has actual existence b : an actual occurrence 5 : a piece of information presented as having objective reality - in fact : in truth
It's my opinion that if something is in the product literature and people ignore it, they're getting what they deserve. I'm also of the opinion that, if something is stated in the product literature (and on xbox.com, by the way) that people have the information available to them in order to remedy any problem they are encountering by way of misuse.
Generally, we agree on this point. However, if a manufacturer markets a product specifically for general living room use, but then seriously caveats that in a manual inside the factory-sealed packaging, arguably to limit liability for a design flaw, that is not the consumer's fault, in my opinion.
It's all opinion-based, the only fact I've highlighted is that the information is indeed published. Whether or not it is a bad design is again, just an opinion.
You've put forth consistently fallacious and intellectualy dishonest arguments about the XBox360's nature and intended use. Just my opinion, of course.
You've confused the concept that's it's valid to *express* an opinion with the idea that all opinions are equally valid. They're not, and sometimes they can be factually wrong.
Thanks for restoring my lack of faith in slashdot.
I see. You only like debate when you think you've got an easy opponent. Ride on, friend.
Nice list. Sounds a lot like the TiVo I have in my AV cabinet.
It isn't just for gaming.
But it *is* for entertainment. Which is kind of the point, no?
It's also for watching movies
Exactly. That's traditionally done along with other AV equipment, right? I mean, they've provided 5.1 audio and HD output, they *have* to expect it will be near a receiver/controller that interprets those signals. I don't know of many HDTVs that also do 5.1 processing.
and communicating with those in different states or even countries (via XBOX Live).
How romantic and magical and "advanced" you make that sound. Odd, I thought it was just a fast ethernet connection to some $25 broadband router less than 300 feet away, combined with a basic TCP/IP stack. My PS2 does that too, for less than half the cost of the 360--in my AV stack.
Since it has more in common with a computer than a game console, why does it belong in the A/V cabinet, while the computer doesn't?
That's either intentially obtuse, or the dumbest fucking argument you've tried. You let me know when the XBox360 buying public starts NOT using their HDTVs and AV receivers with this product. I'll be waiting with baited breath.
1) It connects to TVs -- especially HD -- not a PC monitor. 2) It belongs there because, as you point out, it is intended for movies and gaming. 3) I've repeated ad nauseum, it does 5.1 out and HD out. At this point, enough said.
...It's a sophisticated piece of advanced technology, I would hardly expect to be able to treat it like a VCR or CD player.
Well, perhaps not like a VCR or CD player (how quaint), but it's just a game console for chrissake. At the price, I'd expect it to perform similar to my $500 DVD player, which has several advanced chipsets for video and audio processing and still works great in my AV rack along with a warm receiver powering 7 channels of nice quality audio.
But this does strike me as an odd restriction, given the nature of the device. Isn't it similar to GM saying, "Don't drive your car on a road, unless it is well paved."
Should he (or she, I'm an equal-opportunity blamer) assume that somebody will install 20gb drives in each hard drive position? How about 200gb? 400gb? Should they assume that each 5-1/4" drive bay will hold a CD-RW or a DVD+/-RW? How about a fanbus? Each of these peripherals have a different heat profile. The same type of components from different manufacturers also have different heat profiles.
The space, power availability, mounting hardware, and component operating specifications dictate the types of components that can go into a particular location. It's not hard to find the worst case scenario given current potential components and design to it. In fact, it doesn't have to be "the" worst case, it can be any case that's 3 or 4 standard deviations from the average case.
Just because we're able to do something doesn't mean it's a good idea. The speedometer on an average car goes up to 120 MPH. Should the designer assume that the car will be in constant operation at 120 miles per hour?
[sarcasm] Sure. The designer should design in a void of information, and have no inkling or concern regarding what conditions the product will normally be used in.[/sarcasm]
The designer must ensure that the car will operate within the range of predictable conditions a driver may commonly face. Owner's Manuals come with documented operating specifications. If those specs are met, the car should operate accordingly.
Every car has a first gear and it's entirely possible to drive around everywhere in first gear so should the designer accomodate that method of use?
Ideally, a good product design will withstand some amount of out-of-spec usage without failing immediately, because users are unpredictable. Realistically, it's up to a manufacturer to analyze the risk and reward of bulletproofing a design. If the reward is too small compared to the cost to improve it, then let the product go to market as is and let the chips fall.
An automobile trunk can accomodate generally about 10 cubic feet of stuff. Should the designer assume that the user will be filling that 10 cubic feet with quick-set concrete? I mean, they've provided space for it, why sholdn't I fill it with concrete? Maybe because that's a totally fucking stupid idea? Hmmmm...that might be it.
I'm going to assume that 10 ft^3 of cement exceeds a max load specification for most passenger cars and call pure unmitigated bullshit on your example. I'm talking about consumers using a product within it's documented specifications and expecting the product to work. Nothing more or less than that.
There's a valid mounting position for something, you're absolutely right. Who says what something is? I think that...
Unless what you think is what is documented in the operating manual for a product I buy, I don't much care.
If you give me power and space for three drives, I expect to be able to use three drives, unless the manual says that I can only use two bays concurrently because of heat. Documented limits are perfectly fair.
The designer shouldn't have to protect the system from the user, it's the user responsibility (a concept often lost on most people these days. le sigh) to protect their hardware.
Nope. The responsibilities are split.
The designer needs to design a product that operates under conditions the consumer is reasonably going to subject that product. If the product is a gaming console with high def output and 5.1 or better optical audio out, it should operate in an AV cabinet environment along with a 5.1 or better receiver and other source components.
The consumer is responsible for making sure that their AV cabinet or room provides an operating environment that is safe for the AV equipment. This includes controlling temperature, humidity, dust, AC power levels, etc. Past that, the consumer has no responsibility for equipment that fails during
We're taking components and cramming them in spaces with insufficient free air delivery and we're surprised when they crash and burn.
Consumer electronics should be designed to support consumer use, no?
A consumer should be able to use AV cabinet "A" and AV device "B" the way both were intended. If not, then one thing, the other, or both were poorly designed.
As a consumer, I would expect that any AV cabinet I buy is designed to accommodate or dissipate the heat from several devices consuming several amps each at 120 Volts. As a consumer, I would assume the X360 is designed to operate in reasonable temparture and humidity ranges, and also that it is designed to manage the BTUs it generates during operation. What exactly is wrong with this?
I've lost many hard drives and three computers (one Linux, one Mac and one Windows,) to "heat prostration".
I've owned and operated Macs, Wintel, and Linux boxen for almost 20 years, and I've run them on or under desks, and in closed, poorly ventilated "computer desk" cabinets. Not one has overheated, even the Mac that spent its entire 6 years as my main machine, in the closed cabinet, and had 3-4 HDDs at times.
Sometimes the cases are not really capable of handling everything we can shove in there.
Then why are we able to shove things in there? If there is a valid mounting position for something, the case designer should assume it's going to be used and design accordingly.
I hate the monolith in Redmond as much as the next guy but... heat is the enemy here.
I'm not specificly digging MS here, they just provided a context for the discussion. This is a fundemental design standard that all consumer products should meet, regardless of the product type or manufacturer.
Heat is not an enemy, it's a predictabe condition. In this case, MS could easily tell how many amps the box pulls, and could easily compute the BTUs it would be generating. From there it's a risk management question: What is an acceptable mean failure rate, and how hot can we let it operate before we exceed that rate?
I bet NOBODY who lives in a frozen food section at Safeway is reporting a crash.
And I bet NOBODY considers that a valid consumer electronics operting specification.
Wrong, I am controlling a risk to a comapny network.
Sure. But a wise admin at least periodically asks, "What opportunity is the company missing due to my particular risk management techniques?" Risks and rewards often correlate.
If you, for example, have a senior executive who is exploring a new or potential vendor's online training resources, but can't use them due to your policy, then the company may have missed an opportunity. If the vendor was offering something that seriously improved a manufacturing process, your employer could forfeit several millions in profit to avoid employing a single helpdesk employee dedicated to removing spyware from employee machines.
Throwing around words like "totalitatian" doesn't make you right!
Man up and don't get so defensive. I don't think anyone means to imply that totalitarian network administration policies and totalitarian governments are morally equivalent.
The resources in question belong wholely to the employer, the risks of allowing this traffic are to the employer, and the right to control traffic is also on the employer.
That's the right answer, but the wrong question. Better than asking, "Who's network is this," is, "Why is this network here?" It's there to improve workflow, increase productivity, and more precisely, reduce the cost of operating the company and make it more profitable.
If your well-intended security policies are counterproductive to this goal, then what real benefit are they? BTW, I'm not assuming they are counterproductive; I'm just offering a pragmatic perspective.
We are not talking about a evil regime, we are talking about a company that provides wonderful flexibility for employees including hours that employees get to set and time off on a whim for childrens emergencies etc,
More unnecessarily defensive hoopla...
but also controls costs by controlling the websites allowed in the trusted sites list.
Empirical operating costs can be easily measured, but other costs, such as productivity reduction, can't.
For example, my company has online timesheets. We changed from a very employee friendly system a couple years back to a system with a very clunky, inefficient, and time-consuming employee interface, so that our small HR staff could do their work more easily and save processing time. So we slowed hundreds of employees down drastically to speed less than half a dozen employees up drastically. Good idea? Probably not.
You are making many assumptions about the company based on the IT staff making the right decision (for once) in using white lists for trusted sites. Utilizing black lists is a wasted effort, putting on loads of anti-spyware just slows computers and doesn't catch everything.
For your company, whitelisting may be a perfect solution. For others, it may not be. How do you guess it would scale if your company grew 10x? Whitelisting and scalability are not good friends.
Sometimes anti-spyware, especially FOSS anti-spyware, is very cost effective and can scale quite well. And "catches enough" may be a more useful criteria for many companies than "catches everything".
No employee complains,
Just because you don't hear it doesn't mean...
they can still read news sites, go to sports team sites, etc etc. We are not blocking websites, we are just disabling active code.
Sounds perfectly reasonable, which is why your defensive posture is so funny.
Yes... some stuff doesn't work,
Uhoh. Time to tune your solution. Everything worthwhile should work.
but everything else on the network does cause it isn't infested with anti-totalitatianism
Yep. Keeping people from using resources generally keeps resource utilization low.
(You know... Bonzi buddy)
Mmm'K.
What do you work for Spyware companies or something? Trying to wrap the security of a network with being a nazi? Ha... nice try....
Awkward and clumsy, but good-natured ribbing? Or ridiculus ad hominem insult? Too close to call, from here.
I thought that this was pretty much a moot point with the widening use of routers and NAT.
No, for one thing, routers themselves don't do anything to limit IPv4 utilization. They just keep a table of known IP network destinations and forward traffic between interfaces based on that table. Not all routers have a "extenal" side and a "local" side. I have routers in my network that have thousands of interfaces and that switch many 100s of megabits every second of every day. On those routers, there is no concept of internal or external, and there is _no_ NAT.
I believe you're thinking of one sort of router, that sits on the network edge between a service provider (probably broadband) and service customer with a single publicly routed address doing network and port translation for a local network. Many home network users have this sort of router , but most of the routers that comprise the internet itself don't operate that way at all.
NAT is not a perfect solution to IP address utilization either. For one thing, it can break some very significant protocols and applications such as VoIP, video and IPSec. How?
Some features in those protocols bury important IP address information in parts of an IP packet that NAT ignores. Thus, the translated address is used to route the packet across the internet, but the end application breaks when it tries to use the untranslated address found in the buried information.
Secondly, NAT doesn't keep the internet routing table from growing, which is a problem for core internet providers. When I started in this field less than a decade ago, there were under 75,000 routes to other networks in the public internet, now there are almost 175,000. That's a 100,000 more paths to add, remove, or change as links go up & down from moment to moment around the world. That takes more memory and processor than most can currently afford.
IPv6 by policy, keeps a hierarchy of IP address assignments, which drastically limits the number of routes seen globally. Currently, IIRC, there are less than 20,000 routes globally.
IPv6 helps limit the need for NAT as we know it today, because with 2^64 addresses, we could practically give every molecule on this planet its own unique address.
My folks are very comfortably retired and can easily afford to purchase, operate and maintain their pick of upmarket luxury sports sedans. However, they're waitlisted in their market for a $23K Prius.
Why?
They want to encourage more manufacturer R&D by pushing up market popularity for alternatively powered vehicles. They recognize that the current state of the technology is not a panacea of savings, nor a real solution to fossil fuel dependence, but it's something. They're more than willing to put their money where there mouth is, which is more than many can say.
Correct me if I'm wrong, but isn't NAT and the separation of networks a good thing, security wise?
NAT is an evil hack, since it seriously breaks some very popular protocols (IPSec, VoIP, P2P) that bury IP layer info into other layer headers. Wouldn't you say that breaking IPSec sucks for, well, IP security?
Separation of networks is fine, but it's diametricly opposite of internetworking, which is what TCP/IP was designed to do. If security _requires_ network separation, the best method is to cut the cable, not hack the addressing.
Even if we had IP6 it seems we'd still want DMZs and the like.
The protected side of any DMZ is behind a firewall, not NAT. Otherwise it's a WTFDMZ (Worthless-to-Futile-DMZ) or some other obvious acronym.
I don't know about you, but I feel much safer having my computers on a private network connected via one IP and a router than I would having all of them exposed.
What do you call a private network? An RFC1918 addressed LAN behind a consumer router doing NAT? That's private addressing, but hardly private. NAT will just keep honest hackers honest while hindering you from doing great things with VoIP,P2P applications, and: insert next killer app here.
Slashdot Mirror
It is fascinating to me that know-nothing dweebs like you can simply invent facts out of thin air and assert them as arguments.
.us TLD.
Huh. Then you must be quite fascinated with yourself.
Not that anyone as rude and ignorant as you deserves a response.
Yet, I'm replying to you. Ironic.
But I was THERE.
Then you should know better.
I knew Jon Postel at the IETF
Mmm'K.
and met with him several times on the governance of the
Sounds like you were bossom buddies.
If you were "there", you must recognize and respect folks like Hubert Zimmerman, Louis Pouzin, Donald Davies and Tim Berners-Lee, all working outside the US on technologies essential to TCP/IP and internet applications.
But, since you were there, I needn't bother telling you who they were or what they did, eh? You probably played poker with them every second Thursday.
If you were there, you should be ashamed of your attitude. It contradicts the whole point of internetworking and the cooperative spirit that drove the development and rapid adoption of the core internet protocols.
I am likely confused, as the article is light on details,
.kz domain was set aside for a particular country, so It seems to me that they somewhat 'own' that, since it is labeled with their name.
.kz domain which they do not approve of, then it seems reasonable that they would be able to remove it, right?
I don't think confusion is the right concept, but I think, "respectfully uninformed" is close.
but as I see it this seems perfectly legitmate, as much as I might disagree
You do have a confusing way of contradicting yourself though...
The
Actually, normally and historically, governments don't own or control the country code Top Level Domains (ccTLDs) in the global IANA DNS system. Those ccTLDs are delegated to ccTLD managers who are qualified--predominantly private sector--"internet authorities" in those countries.
These delegations began in 1985 when John Postel began personally assigning them to various managers. IIRC, in 1994 Postel wrote IETF RFC 1591, that formalized the delegation and management guidelines for ccTLDs. ICANN/IANA took total control when Postel died, and added their own policies, but RFC 1591 is still considered valid.
Hence, if that government decides that there is something utilizing their
Again, ccTLDs are delegated to managers, whose primary roles are to maintain TLD stability and perform required technical tasks to manage their ccTLD, and neither of those duties include content control or management.
However, since governments, local, regional and national, usually constitute a significant internet community presence in their localities, their influence with ccTLD managers is likely to be much greater than the average netizen's. This is different, though, than complete governence or authoritative control over a ccTLD. And it's this important difference that is the concern for many folks.
They aren't 'censoring' the site per-se, they are just saying they don't want it to use their name, the site can be posted under plenty of other domains, and is of course still accessible via it's IP address.
The tangible concern is that ICANN/IANA has, with the US government's guidance, implemented policies and practices that usurp competent ccTLD manager's rightful and proper delegations. The less tangible concern is that IANA has in some cases redelegated ccTLD management directly to governments--that may manage the ccTLDs to gain political advantage and bolster their power rather than in a stable, custodial manner.
If I let someone use my domain for their site, and then they put up a webpage bashing me, I would likely remove the DNS entry, making their site inaccessible via my domain.... I think that would be reasonable on my part, given that my domain reflects directly on me.
Not the same at all, as explained above.
On a side note, does it not seem reasonable that if you want to put up a site that is somewhat 'extreme' or that you fear would be censored by various governments, that you try to keep it independent of any government control?
Obviously.
Are there ways to do this? I can use different domains, or are all of these controlled by some government?
Well, you could have a friendly party outside your government's jurisdiction host your content for you.
Must I simply have my site accessible by IP address and without DNS to avoid outside control?
Of course, running an HTTP service on port 80 (or any other port) of any machine accessible from the internet will allow folks to view the HTTP content you serve, whether or not it is in global DNS.
Is there someway that someone could/would still shutdown access to my site even if I do not use DNS?
Your internet provider or any provider between you and the folks using your server could trivially redirect or simply drop HTTP packets to/from your IP address. If they are lawfully ordered to do that by authorities in their jurisdiction, they will.
Well, while the phrase "right to privacy" may not appear in the articles, bill or rights or subsequent amendments, you have to admit that this speaks pretty explicitly to the subject of personal privacy:
Amendments III and V (look them up) also seem to enumerate and describe rights related to personal privacy, no?
I would think that "The right of the people to be secure in their persons...shall not be violated" was meaningful for Roe v. Wade. How 'bout you?
Even if you're not following that, Amendments IX and X clearly state that the federal government is Constitutionally bound to respect state's rights and personal rights whether they're explicitly defined or not.
So, any way you cut it, your profoundly ignorant interpretation is ill-considered, wrong, annoying and, again, profoundly ignorant.
First of all, consumers would obviously resist this hypothetical speed tracking hardware. Perhaps something like this will be implemented some day, perhaps not.
If you're talking about the first case--of an onboard computer tracking average speed--it's here, it's normal, and it's in most mid-class and above vehicles sold today. I've personally had in-dash "trip computers" with this info in a '91 Saab, a '95 Jeep, a '97 BMW, and a 2005 Suburu. And you have heard of GPS navigation systems, perhaps?
If you're talking about the second case--remote speed reporting--it has existed in commercial vehicle fleets for some time, and is touted as a fuel and safety management feature to the fleet owner/operators. In the consumer market, GM's On-Star is a tiny babystep away from this stuff privacy-wise and people are *purchasing* that service as an optional value-add.
In short, I think your position is weakly founded.
Hi... what a great reply. We are in the same business - sort of - but with differing approaches. Frist of all, remember that the original comment was P2P users not corporate or government users.
Thank you, yours too. And I agree that the contexts are different, but I would argue that you should get the service that your service agreement describes whether you're a residential, business or government customer.
I'll have take your word for it on active rate-limiters in the consumer market, I guess. It is disappointing to hear though.
It seems like we're mostly in agreement on the underlying issue that bandwidth campers are the enemy and must be handled somehow, but disagree on the finer points of that handling.
When I first became an engineer, I had a funny conversation with a senior eng who was kind of mentoring me...
He noted that our telco/ISP had a "Customer Care" group for customer advocacy, which was fine, but that it should have been complimented with a "Customer Don't Care" group for company advocacy that called up "poison" customers of whatever sort to give them the boot.
How can someone come up with opinions like yours without understanding the basics of monopolies, bundling, anti-trust law, or this particular case?
God Bless talk radio, eh? It sure breeds some great critical thinkers...
Nope... they don't even want these guys.
Well, my comment was quite tongue-in-cheek, but since you commented so sincerely...
I don't imagine there are many, if any, consumer oriented ISPs doing bandwidth-billing. Bandwidth-billing is almost exclusively a business-service oriented model. If there were such a consumer ISP, though, they'd be loving the P2P crowd; I'm telling you.
At least not without some method of limiting their ability to continuously move files at full b/w.
Okay, I'm coming at this from the perspective of someone who does capacity planning for a regional ISP that does 750M peak daily transit with a primarily small/medium business (25-300 employees) customer base and a couple Fortune 100 customers too.
In my work I must assume that there will be some percentage of my customer base who are bandwidth hogs and plan my network capacity accordingly. If the terms of my customer contract say the customer gets a burstable OC3 with a 50M mininum tier, priced at $70/Meg ($3500/Month + transport and overage charges), I must supply a minimum of 50M throughput regardless of how they use it. I can NOT arbitrarily rate limit them to a more convenient throughput.
I must ensure that my infrastructure and upstream connections can support the normal traffic patterns of my customers as a whole, including the ones who are mostly idle, the ones in the middle of the bell curve, and the hogs. In addition, I have to plan against sales forecasts and historic growth trends. It's interesting work.
As a broadband consumer myself, I would scream bloody hell if my provider actively rate-limited me below the advertised up/down rates I'm paying for. I can accept the natural ebb and flow of connection speeds as the network is busy or idle, but false ceilings or other sly schemes will NOT fly.
Bear in mind that I don't believe that my broadband provider applying QoS preference across my link or across their core, via IP Precedence or DSCP, is the same as the usage impairing rate-limiting you are suggesting. If they want to groom the network to benefit jitter or latency sensitive traffic over my web or email traffic, then that's fine. As long as it's documented in my service agreement, that's totally cool and probably more helpful than not.
The reason is that the ISP itself has limited upstream bandwidth and almost certainly has to pay extra when they burst upwards; at least if they burst beyond a time or b/w limit. If the ISP's b/w is capped then all users can be affected when the pipe fills with a few users allowing P2P access.
I do pay more for bursting above the tiers set on my upstreams, but my cost per megabit goes down; i.e. I pay $X/Mb up to my commited peak, but $(0.75*X)/Mb beyond my commited peak based on 95th-percentile measurements. So my cost of goods sold actually decreases, relatively.
Everyone's bandwidth is capped, either at line rate for the circuit, or at some *contracted* fraction thereof. Note the word "contracted", it's important. Oversubscription is, of course, essential to ISP profits, but it's got to be above-board. If they pay for it, I must provide it. Period.
On the money side, it's obviously imperative that you price your services above what it costs you to provide them. That's why you seek and encourage the average customer and handle the hogs as they come. By "handle", I mean that you must accept that they will find you and build your network to accomodate that.
When you're a business-oriented ISP, it's fairly easy to charge more per megabit than you pay for your upstreams. In consumer-based ISPs, you must build a higher volume of idle and average users to offset the real P2P hogs--or explicity forbid P2P (or the "killer" app du jour) in your AUP, and disconnect the violators. That's why most broadband providers ban customers from operating servers over their broadband.
While under the terms of their use Policies they can charge these users for the extra bandwidth, ISPs
I remember my 8th grade biology text (1986ish) showing some guy's drawings of various animal embryos and how similar they are. Now I find out it was an exaggeration.
Source?
And the peppered moths? I come to find out they were dead moths pinned to the trees.
Are folks reading this comment supposed to know this reference? Provide a context and the refuting source here too please.
Okay, now tell me how blood clotting works...
Already very simply and eloquently explained by another poster....
I'm not saying we should have to pick Intelligent Design OVER Evolution. Teach evolution but ask intelligent questions.
Well I'm saying that we should only teach testable theories in science classes. And, since science is all about asking intelligent questions---with repeatably testable answers---I'm glad we agree.
How does an "anonymous" VPN work again?
That's NOT true of places like Fedex, because Fedex has no way to determine what is in each box.
Ah yes, but the color of the box gives a quick visual reference to the type of service purchased by the sender, and that type of service dictates the treatment and delivery pacing of the box. Sound familiar?
Fedex should not be under a duty to open and look into each and every box. But if they did, their common carrier status would disappear too.
All of the information an ISP needs to apply a quality of service is in the packet headers. The packet payload need not be seen, studied, reviewed, saved, archived, processed, purviewed, hassled, taunted, or twiddled with in any way.
Do you really think the Feds would allow Fedex to knowingly ship cocaine into the country and accept payment without any consequences?!
Maybe. Who is FedEx's CEO friends with?
What ISP would *want* P2P users?
One that charges by the megabit. Amusingly, they're also more accepting of users whose machines lack virus/worm immunity.
I would never acknowledge and participate in such a degrading method of showing my abilities.
Duly noted, Mr. Coward.
Nowhere in the literature does it say to place the product in the living room. It isn't specifically marketed for the living room.
Oh? You sure?
I haven't yet seen an advertisement that displays it in a living room.
Really? Then let me help you out.
Remember this site? Check out the pull-quote on this page, and the even more prominent highlight on this page. I found them in less than 2 minutes of navigating focused on hardware and multimedia. Sometimes irony can bite you in the ass, my friend.
I wouldn't be surprised if people are putting them on their desktop next to their computer, to be honest. (That's where I have my Playstation 2)
So, you really think that's what all those folks with widescreens & front projectors in their family rooms will be doing, eh? You just stick with that then, don't let me tell you different.
This is more an instance of dumb consumers than "Microsoftness" as people are playing it up to be.
Hey, MS hasn't cornered the market on design blunders. I've got nothing against them specifically, but I think this does provide a good example of a fumbled product specification. Blame consumers if you like, but you've said nothing convincing me that this case is a consumer problem. It's a home entertainment center component, and it doesn't fit well in that environment. That's pretty flawed, from any angle.
The ability to just buy something, plug it in...VCR...
You keep using VCRs as the benchmark you believe people are holding to the XBox360. It's a little goofy to believe that folks dropping upwards of five bills on an HD/5.1 game console are VCR people. VCRs do neither HD or 5.1 out, and probably won't even share space with the Xbox360 in most HD home setups.
However HD DVRs/TiVos, HD cable/sat boxes and DVD players do (well standard DVD is SD [480p] but some upconvert to 1080i/720p). On technologically and cost, HD DVRs compare very well with the XBox360. But they don't tend to overheat when placed near other AV devices. Funny, that.
Note that simply because a particular opinion is more popular still does not make the opposite opinion incorrect or wrong
All that says is that popularity is not evidence of accuracy. Duh.
You said: Facts can be wrong, opinions can't be.
And that's just not true. Facts, definitionally, are objective and can *not* be wrong. Opinion, definitionally implies subjectivity, and therefore has the capacity to be factually wrong in many cases.
Wiki's are great, but sometimes a vetted source is better:
OPINION implies a conclusion thought out yet open to dispute...
The three contextually meaningful entries for fact:
It's my opinion that if something is in the product literature and people ignore it, they're getting what they deserve. I'm also of the opinion that, if something is stated in the product literature (and on xbox.com, by the way) that people have the information available to them in order to remedy any problem they are encountering by way of misuse.
Generally, we agree on this point. However, if a manufacturer markets a product specifically for general living room use, but then seriously caveats that in a manual inside the factory-sealed packaging, arguably to limit liability for a design flaw, that is not the consumer's fault, in my opinion.
It's all opinion-based, the only fact I've highlighted is that the information is indeed published. Whether or not it is a bad design is again, just an opinion.
You've put forth consistently fallacious and intellectualy dishonest arguments about the XBox360's nature and intended use. Just my opinion, of course.
Facts can be wrong, opinions can't be.
I'm sorry. That's completely bass-ackwards.
You've confused the concept that's it's valid to *express* an opinion with the idea that all opinions are equally valid. They're not, and sometimes they can be factually wrong.
Thanks for restoring my lack of faith in slashdot.
I see. You only like debate when you think you've got an easy opponent. Ride on, friend.
It...
Nice list. Sounds a lot like the TiVo I have in my AV cabinet.
It isn't just for gaming.
But it *is* for entertainment. Which is kind of the point, no?
It's also for watching movies
Exactly. That's traditionally done along with other AV equipment, right? I mean, they've provided 5.1 audio and HD output, they *have* to expect it will be near a receiver/controller that interprets those signals. I don't know of many HDTVs that also do 5.1 processing.
and communicating with those in different states or even countries (via XBOX Live).
How romantic and magical and "advanced" you make that sound. Odd, I thought it was just a fast ethernet connection to some $25 broadband router less than 300 feet away, combined with a basic TCP/IP stack. My PS2 does that too, for less than half the cost of the 360--in my AV stack.
Since it has more in common with a computer than a game console, why does it belong in the A/V cabinet, while the computer doesn't?
That's either intentially obtuse, or the dumbest fucking argument you've tried. You let me know when the XBox360 buying public starts NOT using their HDTVs and AV receivers with this product. I'll be waiting with baited breath.
1) It connects to TVs -- especially HD -- not a PC monitor.
2) It belongs there because, as you point out, it is intended for movies and gaming.
3) I've repeated ad nauseum, it does 5.1 out and HD out. At this point, enough said.
You're simply wrong. Enough now.
...It's a sophisticated piece of advanced technology, I would hardly expect to be able to treat it like a VCR or CD player.
Well, perhaps not like a VCR or CD player (how quaint), but it's just a game console for chrissake. At the price, I'd expect it to perform similar to my $500 DVD player, which has several advanced chipsets for video and audio processing and still works great in my AV rack along with a warm receiver powering 7 channels of nice quality audio.
It actually does say that, at least on xbox.com:
:)
So, my first reaction to this is to say, "DOH!"
But this does strike me as an odd restriction, given the nature of the device. Isn't it similar to GM saying, "Don't drive your car on a road, unless it is well paved."
Ok, so the designer should make what assumptions?
Worst case.
Should he (or she, I'm an equal-opportunity blamer) assume that somebody will install 20gb drives in each hard drive position? How about 200gb? 400gb? Should they assume that each 5-1/4" drive bay will hold a CD-RW or a DVD+/-RW? How about a fanbus? Each of these peripherals have a different heat profile. The same type of components from different manufacturers also have different heat profiles.
The space, power availability, mounting hardware, and component operating specifications dictate the types of components that can go into a particular location. It's not hard to find the worst case scenario given current potential components and design to it. In fact, it doesn't have to be "the" worst case, it can be any case that's 3 or 4 standard deviations from the average case.
Just because we're able to do something doesn't mean it's a good idea. The speedometer on an average car goes up to 120 MPH. Should the designer assume that the car will be in constant operation at 120 miles per hour?
[sarcasm] Sure. The designer should design in a void of information, and have no inkling or concern regarding what conditions the product will normally be used in.[/sarcasm]
The designer must ensure that the car will operate within the range of predictable conditions a driver may commonly face. Owner's Manuals come with documented operating specifications. If those specs are met, the car should operate accordingly.
Every car has a first gear and it's entirely possible to drive around everywhere in first gear so should the designer accomodate that method of use?
Ideally, a good product design will withstand some amount of out-of-spec usage without failing immediately, because users are unpredictable. Realistically, it's up to a manufacturer to analyze the risk and reward of bulletproofing a design. If the reward is too small compared to the cost to improve it, then let the product go to market as is and let the chips fall.
An automobile trunk can accomodate generally about 10 cubic feet of stuff. Should the designer assume that the user will be filling that 10 cubic feet with quick-set concrete? I mean, they've provided space for it, why sholdn't I fill it with concrete? Maybe because that's a totally fucking stupid idea? Hmmmm...that might be it.
I'm going to assume that 10 ft^3 of cement exceeds a max load specification for most passenger cars and call pure unmitigated bullshit on your example. I'm talking about consumers using a product within it's documented specifications and expecting the product to work. Nothing more or less than that.
There's a valid mounting position for something, you're absolutely right. Who says what something is? I think that...
Unless what you think is what is documented in the operating manual for a product I buy, I don't much care.
If you give me power and space for three drives, I expect to be able to use three drives, unless the manual says that I can only use two bays concurrently because of heat. Documented limits are perfectly fair.
The designer shouldn't have to protect the system from the user, it's the user responsibility (a concept often lost on most people these days. le sigh) to protect their hardware.
Nope. The responsibilities are split.
The designer needs to design a product that operates under conditions the consumer is reasonably going to subject that product. If the product is a gaming console with high def output and 5.1 or better optical audio out, it should operate in an AV cabinet environment along with a 5.1 or better receiver and other source components.
The consumer is responsible for making sure that their AV cabinet or room provides an operating environment that is safe for the AV equipment. This includes controlling temperature, humidity, dust, AC power levels, etc. Past that, the consumer has no responsibility for equipment that fails during
We're taking components and cramming them in spaces with insufficient free air delivery and we're surprised when they crash and burn.
Consumer electronics should be designed to support consumer use, no?
A consumer should be able to use AV cabinet "A" and AV device "B" the way both were intended. If not, then one thing, the other, or both were poorly designed.
As a consumer, I would expect that any AV cabinet I buy is designed to accommodate or dissipate the heat from several devices consuming several amps each at 120 Volts. As a consumer, I would assume the X360 is designed to operate in reasonable temparture and humidity ranges, and also that it is designed to manage the BTUs it generates during operation. What exactly is wrong with this?
I've lost many hard drives and three computers (one Linux, one Mac and one Windows,) to "heat prostration".
I've owned and operated Macs, Wintel, and Linux boxen for almost 20 years, and I've run them on or under desks, and in closed, poorly ventilated "computer desk" cabinets. Not one has overheated, even the Mac that spent its entire 6 years as my main machine, in the closed cabinet, and had 3-4 HDDs at times.
Sometimes the cases are not really capable of handling everything we can shove in there.
Then why are we able to shove things in there? If there is a valid mounting position for something, the case designer should assume it's going to be used and design accordingly.
I hate the monolith in Redmond as much as the next guy but... heat is the enemy here.
I'm not specificly digging MS here, they just provided a context for the discussion. This is a fundemental design standard that all consumer products should meet, regardless of the product type or manufacturer.
Heat is not an enemy, it's a predictabe condition. In this case, MS could easily tell how many amps the box pulls, and could easily compute the BTUs it would be generating. From there it's a risk management question: What is an acceptable mean failure rate, and how hot can we let it operate before we exceed that rate?
I bet NOBODY who lives in a frozen food section at Safeway is reporting a crash.
And I bet NOBODY considers that a valid consumer electronics operting specification.
Wrong, I am controlling a risk to a comapny network.
Sure. But a wise admin at least periodically asks, "What opportunity is the company missing due to my particular risk management techniques?" Risks and rewards often correlate.
If you, for example, have a senior executive who is exploring a new or potential vendor's online training resources, but can't use them due to your policy, then the company may have missed an opportunity. If the vendor was offering something that seriously improved a manufacturing process, your employer could forfeit several millions in profit to avoid employing a single helpdesk employee dedicated to removing spyware from employee machines.
Throwing around words like "totalitatian" doesn't make you right!
Man up and don't get so defensive. I don't think anyone means to imply that totalitarian network administration policies and totalitarian governments are morally equivalent.
The resources in question belong wholely to the employer, the risks of allowing this traffic are to the employer, and the right to control traffic is also on the employer.
That's the right answer, but the wrong question. Better than asking, "Who's network is this," is, "Why is this network here?" It's there to improve workflow, increase productivity, and more precisely, reduce the cost of operating the company and make it more profitable.
If your well-intended security policies are counterproductive to this goal, then what real benefit are they? BTW, I'm not assuming they are counterproductive; I'm just offering a pragmatic perspective.
We are not talking about a evil regime, we are talking about a company that provides wonderful flexibility for employees including hours that employees get to set and time off on a whim for childrens emergencies etc,
More unnecessarily defensive hoopla...
but also controls costs by controlling the websites allowed in the trusted sites list.
Empirical operating costs can be easily measured, but other costs, such as productivity reduction, can't.
For example, my company has online timesheets. We changed from a very employee friendly system a couple years back to a system with a very clunky, inefficient, and time-consuming employee interface, so that our small HR staff could do their work more easily and save processing time. So we slowed hundreds of employees down drastically to speed less than half a dozen employees up drastically. Good idea? Probably not.
You are making many assumptions about the company based on the IT staff making the right decision (for once) in using white lists for trusted sites. Utilizing black lists is a wasted effort, putting on loads of anti-spyware just slows computers and doesn't catch everything.
For your company, whitelisting may be a perfect solution. For others, it may not be. How do you guess it would scale if your company grew 10x? Whitelisting and scalability are not good friends.
Sometimes anti-spyware, especially FOSS anti-spyware, is very cost effective and can scale quite well. And "catches enough" may be a more useful criteria for many companies than "catches everything".
No employee complains,
Just because you don't hear it doesn't mean...
they can still read news sites, go to sports team sites, etc etc. We are not blocking websites, we are just disabling active code.
Sounds perfectly reasonable, which is why your defensive posture is so funny.
Yes... some stuff doesn't work,
Uhoh. Time to tune your solution. Everything worthwhile should work.
but everything else on the network does cause it isn't infested with anti-totalitatianism
Yep. Keeping people from using resources generally keeps resource utilization low.
(You know... Bonzi buddy)
Mmm'K.
What do you work for Spyware companies or something? Trying to wrap the security of a network with being a nazi? Ha... nice try....
Awkward and clumsy, but good-natured ribbing? Or ridiculus ad hominem insult? Too close to call, from here.
I thought that this was pretty much a moot point with the widening use of routers and NAT.
No, for one thing, routers themselves don't do anything to limit IPv4 utilization. They just keep a table of known IP network destinations and forward traffic between interfaces based on that table. Not all routers have a "extenal" side and a "local" side. I have routers in my network that have thousands of interfaces and that switch many 100s of megabits every second of every day. On those routers, there is no concept of internal or external, and there is _no_ NAT.
I believe you're thinking of one sort of router, that sits on the network edge between a service provider (probably broadband) and service customer with a single publicly routed address doing network and port translation for a local network. Many home network users have this sort of router , but most of the routers that comprise the internet itself don't operate that way at all.
NAT is not a perfect solution to IP address utilization either. For one thing, it can break some very significant protocols and applications such as VoIP, video and IPSec. How?
Some features in those protocols bury important IP address information in parts of an IP packet that NAT ignores. Thus, the translated address is used to route the packet across the internet, but the end application breaks when it tries to use the untranslated address found in the buried information.
Secondly, NAT doesn't keep the internet routing table from growing, which is a problem for core internet providers. When I started in this field less than a decade ago, there were under 75,000 routes to other networks in the public internet, now there are almost 175,000. That's a 100,000 more paths to add, remove, or change as links go up & down from moment to moment around the world. That takes more memory and processor than most can currently afford.
IPv6 by policy, keeps a hierarchy of IP address assignments, which drastically limits the number of routes seen globally. Currently, IIRC, there are less than 20,000 routes globally.
IPv6 helps limit the need for NAT as we know it today, because with 2^64 addresses, we could practically give every molecule on this planet its own unique address.
*There* are just some people who should check *their* posts whenever *they're* submitting, and I'm one of they! :)
My folks are very comfortably retired and can easily afford to purchase, operate and maintain their pick of upmarket luxury sports sedans. However, they're waitlisted in their market for a $23K Prius.
Why?
They want to encourage more manufacturer R&D by pushing up market popularity for alternatively powered vehicles. They recognize that the current state of the technology is not a panacea of savings, nor a real solution to fossil fuel dependence, but it's something. They're more than willing to put their money where there mouth is, which is more than many can say.
Correct me if I'm wrong, but isn't NAT and the separation of networks a good thing, security wise?
NAT is an evil hack, since it seriously breaks some very popular protocols (IPSec, VoIP, P2P) that bury IP layer info into other layer headers. Wouldn't you say that breaking IPSec sucks for, well, IP security?
Separation of networks is fine, but it's diametricly opposite of internetworking, which is what TCP/IP was designed to do. If security _requires_ network separation, the best method is to cut the cable, not hack the addressing.
Even if we had IP6 it seems we'd still want DMZs and the like.
The protected side of any DMZ is behind a firewall, not NAT. Otherwise it's a WTFDMZ (Worthless-to-Futile-DMZ) or some other obvious acronym.
I don't know about you, but I feel much safer having my computers on a private network connected via one IP and a router than I would having all of them exposed.
What do you call a private network? An RFC1918 addressed LAN behind a consumer router doing NAT? That's private addressing, but hardly private. NAT will just keep honest hackers honest while hindering you from doing great things with VoIP,P2P applications, and: insert next killer app here.