That can be easier said than done. I use the NoScript Firefox plugin when browsing, in order to control what third parties do and don't get to run scripts on my computers. When I first started to do so, on the recommendation of a co-worker, I was shocked at how many seemingly unrelated third parties were trying to execute code whenever I visited a website. This is what it found on just one news site. I have visited other sites in which a list of 30-40 third parties trying to run scripts appears.

image.png​

How many average PC users know that they need to take steps like this in order to prevent Google, Twitter, etc. being able to help themselves to your browsing history, and likely much else besides?

BTW, a news conference is being widely reported (e.g. here) in which the CEO of Delta claimed that the Crowdstrike SNAFU cost the airline half a billion. The costs incurred by Delta's customers who suffered flight disruption likely add at least tens of millions more on to that.

Remember a year or two or so back, when Facebook (don't know if they called the mothership Meta already back then) pulled a leg on their BGP, which caused all Facebook services to vanish from the Internet for a few hours? A lot of non-Facebook related websites wouldn't load properly, because all those social integrations and tracking junk on those sites wouldn't load.

Your modern web developer is one sloppy beast. Resulting in sites that are a hot mess of CSS and Javascript and whatnot frameworks, all downloading from somewhere on the World Wide Web, a lot of them loading themselves from some random CDN. I remember when Fastly, one of those CDNs hosting a lot of this general framework dreck, went down in flames, millions of sites stopped working partly or entirely, among them a few big ones, including some major news outlets...

Right now, they're even being sued by their own shareholders, don't know how they think that's going to help, but yeah...

We'll see how far it will go, I guess it will be settled though. Holding technology companies liable for their SNAFUs will set an interesting precedent. Until now, if e.g. Microsoft messed up with a botched update, that took me multiple days to fix, there is no way Microsoft is going to off-set those costs.

This particular outage affected less than a percent of all computers out there. Imagine what would happen if Microsoft would release a patch with similar consequences that affects e.g. 20 or 30% of all machines globally? When that day happens, I hope I'm somewhere deep in the mountains, with no cellphone coverage...

Sorry for being a pedantic prick. It just reminds me of a preach I got back somewhere in 1999 when I requested my first IP space via RIPE, the European regional Internet Registry. Somewhere in my request I referred to a "Class C" network and as such, my request was promptly DENIED. Why? Since somewhere around 1993, the term "Class A/B/C" network has been deprecated for their Classless "CIDR" counterparts: Your class A is a /8 network now, your class B is a /16 and a class C network will now only be referred to as a /24.

The average IQ of our politicians seems to have dropped below freezing point on practically any temperature scale other than Kelvin over the last couple of decades.
When was the last time you've seen a politician that was only halfway competent in IT stuff? How do you expect the governments we have right now protecting us from those kind of dangers if they can't even agree on the most basic of things?​

Not for nothin' but I have avoided this IPv6 bullshit. Even the routine to properly display the stupid addresses was a pain to write. I haven't yet tried to parse one that someone might enter if anyone bothers. Seems like it would be easy but there are twice as many outlier cases that have to be handled than there are actual print statements. Its this '::' shorthand thing you can only use once. Been looking into it since my OS lacks this apparent necessity.

The whole thing just reminds me of a cow designed by a committee (e.g. a moose). There has to be a similar analogy for this. This got its start with everyone whining about the lack of IPv4 address space. Some people made some poor decisions. That crap has festered and fermented into a standard that no one has anything good to say about. Kind of a parallel to where this society is going.

For most internal stuff, IPv6 is more a nuisance than a solution. The thing is: Governments and as a result also many bigger companies around here are now starting to require that stuff works with both IPv4 and IPv6.

The biggest blunder of IPv6 is that it was designed as a completely separate protocol, alongside IPv4. Also, IPv6 doesn't do anything you couldn't equally achieve with IPv4. So, IPv6 requires you to do everything twice, with zero added gains. The alternative was to just add a few octets to IPv4 and start using those additional octets once we could reasonably assume that everybody must have transitioned.

Essentially, I completely agree with this guy, at least on IPv6.

I was at the IEEE conference in Boston (early 1990s I think, maybe late 80s) where the big thing was what to do with the fact that we were going to run out of IP addresses. It was there that the IPv6 thing was born. Maybe it started earlier but they brought that to the surface and gave it traction. But, I agree, my first impression was that they were going to add 2 octets to the address making it 6 bytes (ergo the 6 in IPv6 vs the 4 in IPv4). But no. Shit got out of control and now the address is 16 bytes or they prefer 8 groups of 16-bits each. It's mapped out in some cryptic complicated way. Technically it got out of control early and no one could challenge the egos involved. The even use the word "simpler" early in the IPv6 RFC. I was fooled. But then again I thought "Affordable Healthcare" meant that medical costs would go down.

I have been characterizing the security threat by literally watching IPv4 traffic at the node of an externally facing device (not behind a router/NAT). The idea was to give the OS the tools to deal with it should anyone ever need. But this clear and ever present threat needs to be addressed at the source and not by taking a defensive posture. It degrades the efficiency of the underlying network. My bet too is that these nefarious actors aren't paying their way and we carry the cost. All in the name of free-speech I guess. Not to mention that most of it is supported by the public's infected hardware mess.

Then I realized that this is NOT the whole picture. The network is not now just IPv4. There is a whole separate (less controlled) network, in effectively a parallel universe, allowing who-knows-what to transpire where (at least) I could not see. It is less controlled since your device can be directly addressed from anywhere in the world. The NAT trick not only allowed a whole household to operate with one external IP address but it created a firewall isolating the devices (computers) on your network from the outside without anyone having to know what a firewall actually was. Magically the first innocuous security solution.

The NAT translation also came out of that Boston conference as an alternative (I think). This saved the day for IPv4. The combination of a couple of additional octets in the IP protocol and NAT would be the answer. But no. One was viewed as a stop-gap work-around and the other became the veritable Pandora's Box in the the anti-K.I.S.S. world of academic types looking to make a name for themselves with too much time on their hands. Competitive efforts.

I would recommend that IPv6 be disabled in any facility. The governments requiring that both be active are maybe those that want direct access to all of your devices (e.g. no firewall). I can't think of any other reason to have that requirement. It is a paranoia they have that you might be using a device that they cannot detect/monitor/control/police/tax.

My gadget (our gadget as you might know what it is) is better off for not supporting IPv6. It could stay that way even if prohibited by certain governments. But I am the curious sort so I started to looking into it (again).

But I rant as usual. As Marcel and a lot of you know, being grumpy, complaining and ranting has no more effect than gas escaping into the Void. Otherwise shows like The Daily Show and Colbert Show could change the world. Instead they prosper behind the comedy/entertainment moniker. Long live Lewis Black! And p.p.k.a John Stewart. Welcome back!

END OF LINE

7164601d18a48604ab0e6b9bc845d88831cb8d69.jpg

Looks like Elon Musk launched the right tool to heat up the bound-to-be-controversial next few months even more. His new AI model includes an image generator that seems to be mostly uncensored. And politics aside, there are a lot of discussions whether or not those kinds of images are legal or not. This clearly being a caricature, I think this is still clearly within the boundaries of free speech. Whether or not it's tasteless or funny, is probably a more personal thing.