Secondly, nobody is sacrificing anything. Anything at all.
If nothing was being sacrificed, we wouldn't be having this discussion would we, nat would be fine for all purposes.
There is no server that my mother wants to run. Gamers are a minority on the net and amongst them those that even know what a dedicated server is are a much smaller minority. VOIP with SIP is an even more niche case.
The point is users don't have to know about dedicated servers etc, they don't have to map ports, they could just click 'host game' and their friends could click 'join my friends game' on the master server list. Much as q3a and other such games already do, but removing the port forwarding and allowing multiple people on a network to host.
The non-tech savvy wouldn't even know they are running a server, it would be that simple. To them they are just making a phone call or playing a game
As it stands application developers have to work around being non-routable and doing a bunch of hacks to get things to work, far from optimal and sometimes it still doesn't work.
To say you've sacrificed nothing with nat is ridiculous.
Which is not the same as saying that it doesn't open ports for all sorts of reasons that expose vulnerabilities to the world.
Misconfigured software will still get you owned even with a nat or firewall. You've sacrificed a lot of connectivity for the sake of only taking care of one vector, when all the others are still open. Congratulations.
And yet 99% of the public don't know a thing about security and their router has kept them safe from remote exploits anyway. Strange.
So you're trying to say that not more than 1% of people who do not know about networking have ever been victim to any kind of exploit. I call bullshit.
I don't see the point in sacrificing functionality when what it aims to stop won't be stopped anyway because of all the other methods a user that has no idea leaves open to them.
When you have someone to administer the system properly that knows what they are doing it is a different story. They know what they do not need and can safely toss that functionality out.
Basically only having nat in regards to security is like trying to plug a leak in a dam with your finger, not effective to the point of why bother and in doing so you've sacrificed other things.
Have you ever considered what happens in companies that have a class A address space? Do you think even 1% of the machines IBM owns are publicly accessible? Hell no they aren't. They may have a 'real' address but there's no way for any access to occur that's not exactly the same as if it was through a NAT.
And they have a network admin and clear needs to which any other consideration can be left behind. We were talking about home situations. I completely agree that businesses and large networks should have a network admin that can do whatever he likes to the firewall.
And it still isn't the same as with nat, he can add (and likely does) exceptions to it to allow certain hosts to have two way access to the net, with the exception of port forwarding which only works for one host for that port, you cannot do the same with nat.
They tend to know how to configure a router and therefore will have no problem changing the default-deny firewall setup they got from their ISP or vendor to something that suits them.
But if they only have one IP address and NAT, how can they fix it with multiple people wanting the same services really? Thats still an argument AGAINST nat.
Your main argument is pro NAT, as I've said before ipv6 with firewall is far better but still not suited to everyone. The real solution of course is if you care about security, get someone who knows what they are doing. NOTHING will fix this but that. Even with NAT devices will still get owned by noobs.
You're a complete moron if you think that most consumer (not to mention business) machines should have anything like complete exposure to the internet.
It would still be limited, but at the device not the network router/firewall. Nothing is stopping devices from rejecting any packet that has not come from the local subnet if the owner wishes. Which makes perfect sense for such devices.
You are free to make your mobile phone, television, NAS and other devices first-class internet citizens. You're going to get pwned.
Most of them have their own publicly routable IP address, with no firewall rules at the entire network level, they each have their own firewall rules on their own machines suitable to their purpose. Anything that I don't want to be accessible just drops the packets if they aren't from the local subnet.
You mistake me for saying every service should be open to everyone, it is still security just at a different stage of the game.
You want to lock down the network for everyone, I think it would be wiser to just lock down what you attach to the network in small network situations, and of course in large ones to have a network admin worth their salt.
Every modern device either has a stateful firewall built into the IP stack anyway, or just ignores any packets it isn't expecting anyway.
Guess you've never seen a complete household with several voip phones before, or a household full of twenty-something males that play computer games.
I don't think you have any idea of security.
Actually I'd argue that you don't. Security is a constant trade-off between having things work and making life difficult.
Who are you to decide that everything should be blocked off? Arguably this choice is for the network admin (even if it is a clueless person) to decide.
Of course personally i'd go with the view of having things work as default instead of killing functionality. Since if the functionality is dead from the start how can they utilize it if they don't know about it?
What you are proposing is trying to protect people from themselves. All you wind up doing is putting people in a padded room, not surprisingly most people don't like it when they realize they've been limited by these things (NAT, which is not fixable and not globally routable, as opposed to ipv6 globally routable addresses).
Your argument is still pro-nat. Mine is that Nat is a nasty horrible hack, whereas globally routable addresses with an outgoing only firewall is slightly better, still useless for many but at least those who know what they are doing can fix it. But why should people have to deal with broken connectivity from the get go.
You will never have security with users that don't know anything about what they are doing combined with a lack of oversight by anyone competent. To think otherwise is pointless.
What you are proposing as a blanket solution provides many drawbacks, ones that even common users encounter without any real security benefit (stupid users will still get owned) considering the workarounds needed.
Your view of security seems to be, fuck the users needs, lets make this secure! and taking that to it's extreme you're better off just removing net access entirely.
I don't really see the difference except in the situation where multiple machines on the network wish to run the same service on the same port. Otherwise, from my perspective as a user, it's identical.
Multiple people even within a household wanting to use the same thing on their pc is really so rare to you?
and so is auto port opening using UPnP because it's pointless... ?
It is pointless because it is designed for poking holes through NAT. And even a blocks all incoming firewall is better than nat because at least you can fix it if you know what you want.
And N00bs already have functioning software and do only care about consuming, you're talking about putting people with no training (and no idea where they are) on the front lines of a war.
The point is even while consuming they can still be serving, the point of the internet is communications, things such as p2p protocols and voip and gaming all provide communication between parties, all of which work much better when people can directly contact eachother (i.e. routable)
Any restrictions you place on the connection inhibit the ability to freely communicate. The only thing that effectively stops the need to know some details on how it works is stopping that ability to communicate, I mean hell to stop browser vulnerabilities all you have to do is block all http/ftp etc traffic. Easy solution hey?
Defeats the point of being able to communicate. It is better to allow people to communicate and run the risk of running stupid software that can allow their machine to get owned (which they already tend to do by trojans off the net anyway) than to block off the main purpose of the internet, communication.
Who are you to judge what everyones needs may be. Sure if you can analyze their needs you can make a nice firewall that will suit them perfectly if they cannot themselves. But why gimp the populations internet access in the name of if they cannot connect they cannot get owned.
Would be far better to secure the individual nodes and allow free communication except where the person knows enough that they don't need a specific type etc.
Just out of interest, how is having a default-deny inbound firewall (with no exceptions configured) different from a NAT situation for SIP?
You can icmp echo request them to see if they are up? but but the main advantage is that you CAN allow certain ports through, and unlike NAT every host can use it instead of just one single host being port forwarded.
If I am hosting a quake server on default ports, I can only have one server on the port with nat, with a unique publically addressable IP each of my servers can run default ports with ipv6.
1. People open ports manually (bad, relies on end users to input a bunch of numbers)
Depends on the context, if you have a network admin this is fine, for home use it is not recommended, one situation does not fit all.
That said port forwarding is stupid, if the network admin is opening ports it would be on the firewall, not port forwarding.
2. Software opens ports automatically via UPnP (security risk)
Port forwarding to get around the braindeath that is NAT is pointless, and so is this option.
3. Routers pre-configured to let through some common ports (security risk)
Doing this is silly, unless you are very aware of the users needs you will never accurately predict what they want.,/p>
4. Routers ship 'open' (security risk)
Better to ship open and rely on the os' stateful firewall than to by default kill functionality for everyone on the network.
The software itself can reject connections from IP addresses outside of the local subnet if it wishes to not be present on the internet (most software of this nature does already).
Unless you are running some very horribly insecure software it is the best option according to many.
Essentially your choices are,
1. get someone who knows what they are doing and your needs to set up a firewall.
2. Break the two-way internet for everyone and only allow outgoing connections for everything (stupid).
3. Leave the network open even for noobs. All their software will function and they will only be at risk if they run software that both accepts connections outside the local subnet and it has sufficient security flaws.
Of course having a proper admins is ideal, but failing that, leaving it open really isn't so bad compared to breaking the internet for anyone who doesn't merely want to be a consumer (and even some consumer uses)
X can be run on top of Wayland, but then you're still stuck with X's obsolete protocol,
Once again, wayland does not do a third of what X does, I repeat, wayland is NOT a suitable replacement for x, it does not handle window creation or mouse events or anything (which is what x11 is mostly used for these days)
Wayland is still useful as a screen multiplexer etc. But it does not do what most people think it does, hell read it's website with it's goals.
It is far simpler because it doesn't have anywhere near the scope of X, by itself it is useless. This is why x is still needed.
Voip- only true if you are hosting the VOIP server itself (violation of a residential subscriber agreement). Any decent voip service will establish a connection to the public server when it is ready to accept inbound calls, thus you have an already open connection and it works through NAT 100% seamlessly.
Even with public servers NAT still throws a spanner in the works for sip unless the client goes through a whole heap of hacks to get around the nat. Sip nat traversal can be a pain in the ass but it is getting better (slightly).
The point of the parent was that people like you keep saying shit like this but you can't ever give any kind of reasonable example.
Put up or shut up.
I just gave one.
Ya, that works great, IF you know what you're doing.
Show me a router that will pay for and register a domain name for you, and whenever you switch internet providers will automatically reduce your DNS entry's TTL record and register your new scope from your new provider.
Only people who know what they are doing will need that anyway, those that don't will simply let programs handle all the connection business by having a central server tell them the ip of the person they are connecting to etc, like how sip works now and how central servers work for games like q3a.
If you have honestly never run into problems with nat, you really haven't done much at all with networking.
And finally, I'd just like to mention that all of the arguments you've presented against NAT would also apply to any kind of firewall or load-balancing mechanisms.
Firewall rules can be fixed to your needs, NAT is not so flexible.
So your mother likes it when random programs cannot connect to the network and do their job properly? (such as voip etc) something tells me she'll just shift the blame to the program instead of the broken use of nat.
the only attached devices that would need a domain or subdomain are servers and the like, so most people would not need to do this, this is mainly only needed for people that do networking stuff (and they usually would anyway).
Things like voip clients and game servers would not even need that, and the end user wouldn't be entering in the ip6 address either it would all be handled in the application as it is at present only that presently NAT breaks the functionality.
Unless you want to argue that people being able to click 'host game' and having their friends connect to it is not something a normal person would like to do among other things, people DO need two way communication.
Why on earth should consoles and internet-aware appliances at my folks house need a public address?
VOIP is one application, being the game host in a multiplayer game is another. Nat essentially makes the internet one-way and to get around it involves serious hacks.
NAT == BAD seems to be a religious expression more than anything actually practical.
Suuure, because being against seriously breaking networks is a religion...
As for DNS... are we going to have a DNS server in every home now too?
router does this job, most modern ones already do. get a domain for your network and allocate subdomains from your router.
If you don't wear a uniform and move in a group with others who have weapons, you are, for every legal measure, a legal target to engage. Period.
So I can just shoot hostages now since they are moving with the target?
There are now three men and they are moving together. One has a gun. How many are civilians.
If this were the US, all of them although the one with the weapon would likely have the cops make them drop the weapon etc.
Now then, that's not to say innocent civilians are not killed. That unfortunately does happen. But the reality is, all too often, reported civilian deaths, actually died with a weapon in their hand.
If I lived in such a country, you can bet your ass I'd have a weapon on me at all times.
MAJOR improvements to its multimedia support (both sound and video architecture are a total mess).
First of all, how is the video architecture a mess? you open an x11 window and create an opengl context and you're fine.
On the audio side the single biggest problem is the widespread use of pulseaudio, switch to jack and if you code your audio right pretty much all the problems go away
and a single distro must step forward as the supported face of desktop Linux. Probably Ubuntu. I'll likely be castigated for saying that, but that is the only way it can ever happen IMO.
There are major problems with this. For starters some of the more retarded things ubuntu has done which drive away many long term (before ubuntu existed) linux users. You would be punishing people who like to run their system their own way for no good reason (although in all likelihood they could get it to run anyway).
Linux as it stands is perfectly capable of doing gaming, I would say the largest problem is simply lack of game developer experience in supporting it as a target.
Linux users have given up on playing games by now, and those that haven't just aren't used to paying for software at all,
Bullshit, I run linux, I game and I don't pirate. That being said my tastes for games is different from your average frothing at the mouth teenager.
My favourite games while old have ports to linux (quake3, nwn, baldur's gate 2) and most modern games (CoD and other such) I have played I have little to no interest in.
I'd argue legal gaming on linux is good, if you have a specific subset of tastes and are not after the flavour of the month.
absolute frame changes are useless, talk in percentages. a change from 100fps to 50fps is dramatic, but from 1300fps to 1250 is not. You made people click the link to see what your numbers even meant
Also a 10-15% typical hit is to be expected to a small extent when you wrap directx to opengl, native opengl games tend to be a lot closer or even better performance.
Unreal Tournament series' gameplay, mechanics & multiple game modes was always superior to the quake series (not to mention much more fun and prettier). Oh, and the graphics are pretty gorgeous!
It should be noted, that you seem to define 'superior' as 'slower' just because you get fragged every five seconds because you're not used to the pace doesn't mean the game is faulty. The entire reason q3 has so many players these days is because it is so twitch. (oh, and graphically it did age much better than the original UT)
After the Internet, the intent of most users of English is to express themselves with as much ambiguity as possible while still clearly conveying their point.
This defeats the point of language (to convey meaning). And _is_ a degradation because of that.
tolerance is becoming a much more important commodity than it was for our parents.
You can be tolerant without being vague. To quote voltaire.
What is tolerance? It is the consequence of humanity. We are all formed of frailty and error; let us pardon reciprocally each other's folly — that is the first law of nature.
Your argument seems to be that throwing out any semblance of rules and common things in english is a _good_ idea
"I can haz cheezburger?" is not just amusing, it is also a declaration of how flexible we need English to be as it increasingly takes on the role of the universal human language.
No it is a sign of people having a laugh at those who cannot speak english properly. 'fuck the rules of the language and let everything be valid' does not help to convey meaning.
Everything in language is about correctly conveying meaning to those you wish to, the number of people that understand your meaning increases as they understand the meaning and context of the words you are using.
Changing the meaning and syntax rules of a language only alienates those that speak it and in essence creates a new language.
Rating web content by syntax markers, vocabulary, and key phrases just does not make any sense.
The quality of the writing often reflects the level of effort put into the research as a whole. It is a sign of quality. No matter how good the research is I am not going to sit there and read disjointed english to try and figure out what they are actually meaning to say.
Once it's known that your hash (which granted would be a strong password by itself) is in fact the hash of a weak password, then calculating which weak password generated it would be easy.
And having them find out what your actual password is with only a password makes finding it easy. The whole point is for it to be kept a secret. (in this case what algo you used and that you even hashed it is also a secret).
Having a strong password and then telling them 'it is x characters long and starts with xyz' to get the strong password negates it's value also. There is no difference to what is being done here.
Relying on lack of information about your password to protect it is insecure,
Your password itself is 'lack of information' so essentially you are arguing a password is security through obscurity.
Good hashes should be able to share everything about themselves except the values that generated them. If you use a weak value to generate it, then any security hash is weak.
In this instance the hash is not public, the hash is the secret used as your password. unless you want to argue 60+ character essentially random passwords are less secure than hunter2, your argument is moot.
Think of it as an easy way to remember your ridiculously long password, without writing it down.
you consider something like jkafhnhbhhsgfjkhl02948329075843jknewuwdfm a crappy password?
something tells me you don't understand what I have suggested. and also I think rainbowtables for passwords 60+ characters long will be rather.. not feasible.
Think of it more of an easy way of remembering your ridiculously long random password.
Slashdot Mirror
Secondly, nobody is sacrificing anything. Anything at all.
If nothing was being sacrificed, we wouldn't be having this discussion would we, nat would be fine for all purposes.
There is no server that my mother wants to run. Gamers are a minority on the net and amongst them those that even know what a dedicated server is are a much smaller minority. VOIP with SIP is an even more niche case.
The point is users don't have to know about dedicated servers etc, they don't have to map ports, they could just click 'host game' and their friends could click 'join my friends game' on the master server list. Much as q3a and other such games already do, but removing the port forwarding and allowing multiple people on a network to host.
The non-tech savvy wouldn't even know they are running a server, it would be that simple. To them they are just making a phone call or playing a game
As it stands application developers have to work around being non-routable and doing a bunch of hacks to get things to work, far from optimal and sometimes it still doesn't work.
To say you've sacrificed nothing with nat is ridiculous.
Which is not the same as saying that it doesn't open ports for all sorts of reasons that expose vulnerabilities to the world.
Misconfigured software will still get you owned even with a nat or firewall. You've sacrificed a lot of connectivity for the sake of only taking care of one vector, when all the others are still open. Congratulations.
And yet 99% of the public don't know a thing about security and their router has kept them safe from remote exploits anyway. Strange.
So you're trying to say that not more than 1% of people who do not know about networking have ever been victim to any kind of exploit. I call bullshit.
I don't see the point in sacrificing functionality when what it aims to stop won't be stopped anyway because of all the other methods a user that has no idea leaves open to them.
When you have someone to administer the system properly that knows what they are doing it is a different story. They know what they do not need and can safely toss that functionality out.
Basically only having nat in regards to security is like trying to plug a leak in a dam with your finger, not effective to the point of why bother and in doing so you've sacrificed other things.
Have you ever considered what happens in companies that have a class A address space? Do you think even 1% of the machines IBM owns are publicly accessible? Hell no they aren't. They may have a 'real' address but there's no way for any access to occur that's not exactly the same as if it was through a NAT.
And they have a network admin and clear needs to which any other consideration can be left behind. We were talking about home situations. I completely agree that businesses and large networks should have a network admin that can do whatever he likes to the firewall.
And it still isn't the same as with nat, he can add (and likely does) exceptions to it to allow certain hosts to have two way access to the net, with the exception of port forwarding which only works for one host for that port, you cannot do the same with nat.
They tend to know how to configure a router and therefore will have no problem changing the default-deny firewall setup they got from their ISP or vendor to something that suits them.
But if they only have one IP address and NAT, how can they fix it with multiple people wanting the same services really? Thats still an argument AGAINST nat.
Your main argument is pro NAT, as I've said before ipv6 with firewall is far better but still not suited to everyone. The real solution of course is if you care about security, get someone who knows what they are doing. NOTHING will fix this but that. Even with NAT devices will still get owned by noobs.
You're a complete moron if you think that most consumer (not to mention business) machines should have anything like complete exposure to the internet.
It would still be limited, but at the device not the network router/firewall. Nothing is stopping devices from rejecting any packet that has not come from the local subnet if the owner wishes. Which makes perfect sense for such devices.
You are free to make your mobile phone, television, NAS and other devices first-class internet citizens. You're going to get pwned.
Most of them have their own publicly routable IP address, with no firewall rules at the entire network level, they each have their own firewall rules on their own machines suitable to their purpose. Anything that I don't want to be accessible just drops the packets if they aren't from the local subnet.
You mistake me for saying every service should be open to everyone, it is still security just at a different stage of the game.
You want to lock down the network for everyone, I think it would be wiser to just lock down what you attach to the network in small network situations, and of course in large ones to have a network admin worth their salt.
Every modern device either has a stateful firewall built into the IP stack anyway, or just ignores any packets it isn't expecting anyway.
Outside of bittorrent, yes.
Guess you've never seen a complete household with several voip phones before, or a household full of twenty-something males that play computer games.
I don't think you have any idea of security.
Actually I'd argue that you don't. Security is a constant trade-off between having things work and making life difficult.
Who are you to decide that everything should be blocked off? Arguably this choice is for the network admin (even if it is a clueless person) to decide.
Of course personally i'd go with the view of having things work as default instead of killing functionality. Since if the functionality is dead from the start how can they utilize it if they don't know about it?
What you are proposing is trying to protect people from themselves. All you wind up doing is putting people in a padded room, not surprisingly most people don't like it when they realize they've been limited by these things (NAT, which is not fixable and not globally routable, as opposed to ipv6 globally routable addresses).
Your argument is still pro-nat. Mine is that Nat is a nasty horrible hack, whereas globally routable addresses with an outgoing only firewall is slightly better, still useless for many but at least those who know what they are doing can fix it. But why should people have to deal with broken connectivity from the get go.
You will never have security with users that don't know anything about what they are doing combined with a lack of oversight by anyone competent. To think otherwise is pointless.
What you are proposing as a blanket solution provides many drawbacks, ones that even common users encounter without any real security benefit (stupid users will still get owned) considering the workarounds needed.
Your view of security seems to be, fuck the users needs, lets make this secure! and taking that to it's extreme you're better off just removing net access entirely.
I don't really see the difference except in the situation where multiple machines on the network wish to run the same service on the same port. Otherwise, from my perspective as a user, it's identical.
Multiple people even within a household wanting to use the same thing on their pc is really so rare to you?
and so is auto port opening using UPnP because it's pointless... ?
It is pointless because it is designed for poking holes through NAT. And even a blocks all incoming firewall is better than nat because at least you can fix it if you know what you want.
And N00bs already have functioning software and do only care about consuming, you're talking about putting people with no training (and no idea where they are) on the front lines of a war.
The point is even while consuming they can still be serving, the point of the internet is communications, things such as p2p protocols and voip and gaming all provide communication between parties, all of which work much better when people can directly contact eachother (i.e. routable)
Any restrictions you place on the connection inhibit the ability to freely communicate. The only thing that effectively stops the need to know some details on how it works is stopping that ability to communicate, I mean hell to stop browser vulnerabilities all you have to do is block all http/ftp etc traffic. Easy solution hey?
Defeats the point of being able to communicate. It is better to allow people to communicate and run the risk of running stupid software that can allow their machine to get owned (which they already tend to do by trojans off the net anyway) than to block off the main purpose of the internet, communication.
Who are you to judge what everyones needs may be. Sure if you can analyze their needs you can make a nice firewall that will suit them perfectly if they cannot themselves. But why gimp the populations internet access in the name of if they cannot connect they cannot get owned.
Would be far better to secure the individual nodes and allow free communication except where the person knows enough that they don't need a specific type etc.
Just out of interest, how is having a default-deny inbound firewall (with no exceptions configured) different from a NAT situation for SIP?
You can icmp echo request them to see if they are up? but but the main advantage is that you CAN allow certain ports through, and unlike NAT every host can use it instead of just one single host being port forwarded.
If I am hosting a quake server on default ports, I can only have one server on the port with nat, with a unique publically addressable IP each of my servers can run default ports with ipv6.
1. People open ports manually (bad, relies on end users to input a bunch of numbers)
Depends on the context, if you have a network admin this is fine, for home use it is not recommended, one situation does not fit all.
That said port forwarding is stupid, if the network admin is opening ports it would be on the firewall, not port forwarding.
2. Software opens ports automatically via UPnP (security risk)
Port forwarding to get around the braindeath that is NAT is pointless, and so is this option.
3. Routers pre-configured to let through some common ports (security risk)
Doing this is silly, unless you are very aware of the users needs you will never accurately predict what they want.,/p>
4. Routers ship 'open' (security risk)
Better to ship open and rely on the os' stateful firewall than to by default kill functionality for everyone on the network.
The software itself can reject connections from IP addresses outside of the local subnet if it wishes to not be present on the internet (most software of this nature does already).
Unless you are running some very horribly insecure software it is the best option according to many.
Essentially your choices are,
1. get someone who knows what they are doing and your needs to set up a firewall.
2. Break the two-way internet for everyone and only allow outgoing connections for everything (stupid).
3. Leave the network open even for noobs. All their software will function and they will only be at risk if they run software that both accepts connections outside the local subnet and it has sufficient security flaws.
Of course having a proper admins is ideal, but failing that, leaving it open really isn't so bad compared to breaking the internet for anyone who doesn't merely want to be a consumer (and even some consumer uses)
X can be run on top of Wayland, but then you're still stuck with X's obsolete protocol,
Once again, wayland does not do a third of what X does, I repeat, wayland is NOT a suitable replacement for x, it does not handle window creation or mouse events or anything (which is what x11 is mostly used for these days)
Wayland is still useful as a screen multiplexer etc. But it does not do what most people think it does, hell read it's website with it's goals.
It is far simpler because it doesn't have anywhere near the scope of X, by itself it is useless. This is why x is still needed.
Voip- only true if you are hosting the VOIP server itself (violation of a residential subscriber agreement). Any decent voip service will establish a connection to the public server when it is ready to accept inbound calls, thus you have an already open connection and it works through NAT 100% seamlessly.
Even with public servers NAT still throws a spanner in the works for sip unless the client goes through a whole heap of hacks to get around the nat. Sip nat traversal can be a pain in the ass but it is getting better (slightly).
The point of the parent was that people like you keep saying shit like this but you can't ever give any kind of reasonable example. Put up or shut up.
I just gave one.
Ya, that works great, IF you know what you're doing. Show me a router that will pay for and register a domain name for you, and whenever you switch internet providers will automatically reduce your DNS entry's TTL record and register your new scope from your new provider.
Only people who know what they are doing will need that anyway, those that don't will simply let programs handle all the connection business by having a central server tell them the ip of the person they are connecting to etc, like how sip works now and how central servers work for games like q3a.
If you have honestly never run into problems with nat, you really haven't done much at all with networking.
And finally, I'd just like to mention that all of the arguments you've presented against NAT would also apply to any kind of firewall or load-balancing mechanisms.
Firewall rules can be fixed to your needs, NAT is not so flexible.
Which is PERFECT for people like my mother.
So your mother likes it when random programs cannot connect to the network and do their job properly? (such as voip etc) something tells me she'll just shift the blame to the program instead of the broken use of nat.
the only attached devices that would need a domain or subdomain are servers and the like, so most people would not need to do this, this is mainly only needed for people that do networking stuff (and they usually would anyway).
Things like voip clients and game servers would not even need that, and the end user wouldn't be entering in the ip6 address either it would all be handled in the application as it is at present only that presently NAT breaks the functionality.
Unless you want to argue that people being able to click 'host game' and having their friends connect to it is not something a normal person would like to do among other things, people DO need two way communication.
Why on earth should consoles and internet-aware appliances at my folks house need a public address?
VOIP is one application, being the game host in a multiplayer game is another. Nat essentially makes the internet one-way and to get around it involves serious hacks.
NAT == BAD seems to be a religious expression more than anything actually practical.
Suuure, because being against seriously breaking networks is a religion...
As for DNS... are we going to have a DNS server in every home now too?
router does this job, most modern ones already do. get a domain for your network and allocate subdomains from your router.
If you don't wear a uniform and move in a group with others who have weapons, you are, for every legal measure, a legal target to engage. Period.
So I can just shoot hostages now since they are moving with the target?
There are now three men and they are moving together. One has a gun. How many are civilians.
If this were the US, all of them although the one with the weapon would likely have the cops make them drop the weapon etc.
Now then, that's not to say innocent civilians are not killed. That unfortunately does happen. But the reality is, all too often, reported civilian deaths, actually died with a weapon in their hand.
If I lived in such a country, you can bet your ass I'd have a weapon on me at all times.
MAJOR improvements to its multimedia support (both sound and video architecture are a total mess).
First of all, how is the video architecture a mess? you open an x11 window and create an opengl context and you're fine.
On the audio side the single biggest problem is the widespread use of pulseaudio, switch to jack and if you code your audio right pretty much all the problems go away
and a single distro must step forward as the supported face of desktop Linux. Probably Ubuntu. I'll likely be castigated for saying that, but that is the only way it can ever happen IMO.
There are major problems with this. For starters some of the more retarded things ubuntu has done which drive away many long term (before ubuntu existed) linux users. You would be punishing people who like to run their system their own way for no good reason (although in all likelihood they could get it to run anyway).
Linux as it stands is perfectly capable of doing gaming, I would say the largest problem is simply lack of game developer experience in supporting it as a target.
there should be more driver cross-platform compatibility layers like how NDISwrapper is used.
Could not have used a worse example, closed source windows drivers on linux are a nasty, nasty hack.
Linux users have given up on playing games by now, and those that haven't just aren't used to paying for software at all,
Bullshit, I run linux, I game and I don't pirate. That being said my tastes for games is different from your average frothing at the mouth teenager.
My favourite games while old have ports to linux (quake3, nwn, baldur's gate 2) and most modern games (CoD and other such) I have played I have little to no interest in.
I'd argue legal gaming on linux is good, if you have a specific subset of tastes and are not after the flavour of the month.
absolute frame changes are useless, talk in percentages. a change from 100fps to 50fps is dramatic, but from 1300fps to 1250 is not. You made people click the link to see what your numbers even meant
Also a 10-15% typical hit is to be expected to a small extent when you wrap directx to opengl, native opengl games tend to be a lot closer or even better performance.
Unreal Tournament series' gameplay, mechanics & multiple game modes was always superior to the quake series (not to mention much more fun and prettier). Oh, and the graphics are pretty gorgeous!
It should be noted, that you seem to define 'superior' as 'slower' just because you get fragged every five seconds because you're not used to the pace doesn't mean the game is faulty. The entire reason q3 has so many players these days is because it is so twitch. (oh, and graphically it did age much better than the original UT)
After the Internet, the intent of most users of English is to express themselves with as much ambiguity as possible while still clearly conveying their point.
This defeats the point of language (to convey meaning). And _is_ a degradation because of that.
tolerance is becoming a much more important commodity than it was for our parents.
You can be tolerant without being vague. To quote voltaire.
What is tolerance? It is the consequence of humanity. We are all formed of frailty and error; let us pardon reciprocally each other's folly — that is the first law of nature.
(have you ever *seen* how many sliders their are when you unlock that thing in KDE?).
I just did it now to check, I count two, one that indicates bar minimum length, one maximum. and buttons to click to adjust height.
I've never adjusted any settings in kde, because I have never needed to, just as you have not in gnome.
Just like terrorist. Used to be anyone who used violent acts to create fear.
Now it is 'anyone who doesn't agree with my opinion'.
Your argument seems to be that throwing out any semblance of rules and common things in english is a _good_ idea
"I can haz cheezburger?" is not just amusing, it is also a declaration of how flexible we need English to be as it increasingly takes on the role of the universal human language.
No it is a sign of people having a laugh at those who cannot speak english properly. 'fuck the rules of the language and let everything be valid' does not help to convey meaning.
Everything in language is about correctly conveying meaning to those you wish to, the number of people that understand your meaning increases as they understand the meaning and context of the words you are using.
Changing the meaning and syntax rules of a language only alienates those that speak it and in essence creates a new language.
Rating web content by syntax markers, vocabulary, and key phrases just does not make any sense.
The quality of the writing often reflects the level of effort put into the research as a whole. It is a sign of quality. No matter how good the research is I am not going to sit there and read disjointed english to try and figure out what they are actually meaning to say.
I find it funny that facebook has '34% advanced'
Once it's known that your hash (which granted would be a strong password by itself) is in fact the hash of a weak password, then calculating which weak password generated it would be easy.
And having them find out what your actual password is with only a password makes finding it easy. The whole point is for it to be kept a secret. (in this case what algo you used and that you even hashed it is also a secret).
Having a strong password and then telling them 'it is x characters long and starts with xyz' to get the strong password negates it's value also. There is no difference to what is being done here.
Relying on lack of information about your password to protect it is insecure,
Your password itself is 'lack of information' so essentially you are arguing a password is security through obscurity.
Good hashes should be able to share everything about themselves except the values that generated them. If you use a weak value to generate it, then any security hash is weak.
In this instance the hash is not public, the hash is the secret used as your password. unless you want to argue 60+ character essentially random passwords are less secure than hunter2, your argument is moot.
Think of it as an easy way to remember your ridiculously long password, without writing it down.
you consider something like jkafhnhbhhsgfjkhl02948329075843jknewuwdfm a crappy password?
something tells me you don't understand what I have suggested. and also I think rainbowtables for passwords 60+ characters long will be rather.. not feasible.
Think of it more of an easy way of remembering your ridiculously long random password.