Re: RIPE our of IPv4

[Tei]

Thanks

I am lurking on this mail list. Sometimes is hard to decipher whats
goin on. Always interesting. You guys are awesome.

On Mon, 25 Nov 2019 at 16:57, Donald Eastlake  wrote:
>
> I think it is less historic than when IANA ran out of blocks to
> delegate to the regional registries.
> https://en.wikipedia.org/wiki/IPv4_address_exhaustion
>
> Thanks,
> Donald
> ===
>  Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
>  2386 Panoramic Circle, Apopka, FL 32703 USA
>  d3e...@gmail.com
>
> On Mon, Nov 25, 2019 at 10:34 AM Tei  wrote:
> >
> > Nice!
> >
> > Is this what I think it is?a historical moment for the internet
> > for the story books?
> >
> > On Mon, 25 Nov 2019 at 15:59, Dmitry Sherman  wrote:
> > >
> > > Just received a mail that RIPE is out of IPv4:
> > >
> > > Dear colleagues,
> > >
> > > Today, at 15:35 UTC+1 on 25 November 2019, we made our final /22 IPv4 
> > > allocation from the last remaining addresses in our available pool. We 
> > > have now run out of IPv4 addresses.
> > >
> > >
> > > Best regards,
> > > Dmitry Sherman
> > > Interhost Networks
> > > www.interhost.co.il
> > > dmi...@interhost.net
> > > Mob: 054-3181182
> > > Sent from Steve's creature
> >
> >
> >
> > --
> > --
> > ℱin del ℳensaje.



-- 
--
ℱin del ℳensaje.

Re: RIPE our of IPv4

[Tei]

Nice!

Is this what I think it is?a historical moment for the internet
for the story books?

On Mon, 25 Nov 2019 at 15:59, Dmitry Sherman  wrote:
>
> Just received a mail that RIPE is out of IPv4:
>
> Dear colleagues,
>
> Today, at 15:35 UTC+1 on 25 November 2019, we made our final /22 IPv4 
> allocation from the last remaining addresses in our available pool. We have 
> now run out of IPv4 addresses.
>
>
> Best regards,
> Dmitry Sherman
> Interhost Networks
> www.interhost.co.il
> dmi...@interhost.net
> Mob: 054-3181182
> Sent from Steve's creature



-- 
--
ℱin del ℳensaje.

Re: the e-mail of the future is the e-mail oft the past, was Enough port 26 talk...

[Tei]

On Tue, 15 Jan 2019 at 09:21, Bjørn Mork  wrote:
..
> open protocols, just shut off SMTP completely. They'll
> probably "invent" something much better as an excuse... And the masses
> will love them for that, because it finally removed the spam "problem".
>
> And everyone has a gmail account anyway, so why bother with outside
> email?

I think the newsgroups died because was expensive for ISPs and filled
with nasty stuff (warez and porn).
Gopher died because HTML was a improvement in every possible way.
IRC still exist, because it don't need to be hosted by a ISP.
Forums still exist.
Mail list still exist (we are on one)
Homesites where replaced by blogs.

Gmail?
G Suite accounts are expensive.  I believe you have to pay by email
address and get quite pricey.  "Free" alternatives have a place
because can be cheaper than that.

Gmail have not added the "Foo has read your message" or "Foo is
replying to your email". Two things that would be easy for them to do
in Gmail to Gmail communication, and would be must-have features for a
mail user.  So maybe they don't aim to world domination?

Is very hard to replace a open protocol,  wrapping may work if the
protocol is mostly abandoned (IRC) but thats not the case for email.
I don't think email is going to be replaced soon.

-- 
--
ℱin del ℳensaje.

Re: plaintext email?

[Tei]

Email for personal use is turning rare. And people need to use *bold*
in text more than not. So most clients are configured to send html by
default, and people have no reasons to change that.

I think LISTSERV software used to require plain text to send commands
like subscribe, but I think they made their parser accept html mails
and still find the commands.

On 2019, nobody cares if you uses plain text or html in emails.

If somebody write a bot that accept commands through email (like a
GETWEB gateway) is very easy to make it accept html and flat it to
text.

-- 
--
ℱin del ℳensaje.

Re: Proving Gig Speed

[Tei]

On 19 July 2018 at 07:06, Mark Tinka  wrote:
>
>
> On 18/Jul/18 17:20, Julien Goodwin wrote:
>
>> Living in Australia this is an every day experience, especially for
>> content served out of Europe (or for that matter, Africa).
>>
>> TCP & below are rarely the biggest problem these days (at least with
>> TCP-BBR & friends), far too often applications, web services etc. are
>> simply never tested in an environment with any significant latency.
>>
>> While some issues may exist for static content loading for which a CDN
>> can be helpful, that's not helpful for application traffic.
>
> Yip.
>
> Mark.

Sorry about that.

I feel bad has a webmaster.  Most of us on the web we are creating
websites that are not documents to be download and viewed, but
applications that require to work many small parts that are executed
togeter.

Most VRML examples from 1997 are unavailable because host moved,
directories changed name,  whole websites where redone with new
technologies. Only a 1% of that exist in a readable format. But the
current web is much more delicate, and will break more and sooner than
that.

Perhaps something can be done about it.  Chrome already include a
option to test websites emulating "Slow 3G" that webmasters may use
and want to use.

I suggest a header or html meta tag where a documents disable external
js scripts, or limit these to a white list of hosts.

 .

So if you are a Vodafone customer.  And you are reading a political
document. Vodafone can inject a javascript script in the page. But it
will not run because of the presence of  .  Vodafone can still
further alter the html of the page to remove this meta and inject
their script.

Get webmasters into the idea of making websites that are documents.
That require no execution of scripts. So they will still work in 2048.
And will work in poor network conditions, where a website that load 47
different js files may break.

tl:dr:  the web is evolving into a network of applications, instead of
documents.  Documents can't "break" easily. Programs may break
completelly even to tiny changes. Maybe getting webmasters on board of
biasing in favor of documents could do us all a favour.

-- 
--
ℱin del ℳensaje.

Re: Is WHOIS going to go away?

[Tei]

Maybe a good balance for whois is to include organization information
so I know where a website is hosted, but not personal information, so
I can't show in their house and steal their dog.

I feel uneasy about having my phone available to literally everyone on
the internet.


-- 
--
ℱin del ℳensaje.

Re: SHA1 collisions proven possisble

[Tei]

On 23 February 2017 at 20:59, Ca By  wrote:

> On Thu, Feb 23, 2017 at 10:27 AM Grant Ridder 
> wrote:
>
> > Coworker passed this on to me.
> >
> > Looks like SHA1 hash collisions are now achievable in a reasonable time
> > period
> > https://shattered.io/
> >
> > -Grant
>
>
> Good thing we "secure" our routing protocols with MD5
>
> :)
>
>
> >
>


One place that use sha1 seems to be some banking gateways.  They sign the
parameters of some request to authentificate the request has a valid one
doing something like "sha1( MerchantID . secureCode . TerminalID . amount .
exponent . moneyCode )".I have no idea how evil people would exploit
collisions here, but I guest banking will move to the next hash algorithm
(sha256?) and deprecate this one.   This may affect more "Mom and Pa Online
Shop" than bigger services.


-- 
--
ℱin del ℳensaje.

Re: South Carolina attempts to repeal Rule 34

[Tei]

Users are crafty.

One user on a network I had to admin use to mail porn has Microsoft
Word documents to his Gmail account.

So if you want to stop porn, you have to ban file attachments and
monospace fonts.

Good luck with that.

On 20 December 2016 at 09:25, Jippen  wrote:
> So, $20 tax on all computers sold in SC in practice
>
> On Mon, Dec 19, 2016, 11:41 PM Jay Hennigan  wrote:
>
>> Break out the popcorn.
>>
>> http://www.charlotteobserver.com/news/local/article121673402.html
>>
>> --
>> --
>> Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net
>> Impulse Internet Service  -  http://www.impulse.net/
>> Your local telephone and internet company - 805 884-6323 - WB6RDV
>>



-- 
--
ℱin del ℳensaje.

Re: Microsoft blocking mail

[Tei]

On 18 September 2015 at 10:45, Marcin Cieslak <sa...@saper.info> wrote:
> On Fri, 18 Sep 2015, Tei wrote:
>
>> On 18 September 2015 at 04:48, Keith Medcalf <kmedc...@dessus.com> wrote:
>> >
>> > Being blocked is probably a good thing ...
>>
>>
>> CGI forms that do the validation in the serverside are not up to
>> modern expectations*.  You want to do validation clientside.
>
> If you do client-side and no server-side, you have a huge security problem.
>
> ~Marcin

By now is a industry standard.

You have to do the validation serverside and clientside.  This of
course mean duplicated code.

( Excessively clever people have tried to solve the problem by using
the same language/code in both the clientside and serverside.  But
this feels to me like a overreaction and you will be writing code
unrelated to this in a new (?) language  On top the... heurhg...
creative pipelining.. to make the whole façade works.)

Collesterol High Clients + Collesterol High Servers.

Unrelated:

this is a funny article
http://carlos.bueno.org/2014/11/cache.html


-- 
--
ℱin del ℳensaje.

Re: Microsoft blocking mail

[Tei]

On 18 September 2015 at 04:48, Keith Medcalf  wrote:
>
>
> You mean to say that you have to enable blanket remote code execution 
> authority in order to submit a problem report to Microsoft?  What a crock of 
> crap.  Thus I will never recommend to anyone that they use Microsoft products 
> for anything whatsoever, especially not anything in the "Microsoft Cloud" 
> virus distribution system.
>
> Being blocked is probably a good thing ...


CGI forms that do the validation in the serverside are not up to
modern expectations*.  You want to do validation clientside.

Like everything, is a tradeoff.

This is how modern things are build :D

Something something something Gödel, Escher, Bach,  rendering a
document takes N cycles and can be calculate before hand.  Running a
program takes M cycles and can't be calculate before hand, M can be
bigger than 6 times the lifespan of the universe or be infinite ...



* is a social problem of expectations management.

-- 
--
ℱin del ℳensaje.

Re: (network)technologies used by NSA for data collection

[Tei]

This stuff is soo cool :D

I understands less than half of it, but I have found this link that
give some light.
https://robert.sesek.com/2014/9/unraveling_nsa_s_turbulence_programs.html

It seems they had a system to backup 3 days of the internet, all data.
But such system failed because Internet generated too much data. So
Turmoil is a programmable event based filter,  detect events and when
the event is triggered, save data from the stream.  So they generate
as much data they want or can handle.


-- 
--
ℱin del ℳensaje.

Re: symmetric vs. asymmetric [was: Verizon Policy Statement on Net Neutrality]

[Tei]

imho this two staments are true:
- tomorrow a new product or service on the Internet can completely
change the ratio download/upload
- most probably, this will not happen

It may take a few days (hours for early adopters) for a new service to
become popular on the Internet, that make a intensive use of upstream.
This... so much can happens. But I would bet my fortune and my
children's that it will not happen

People do try to create this type of service/product.
(like this one)
http://www.codediesel.com/browser/opera-unite-a-web-server-in-your-browser/


-- 
--
ℱin del ℳensaje.

Re: gamer lag dashboard

[Tei]

shameless plug

If anyone is interested, the Quake engine and variants have created a lot
of documentation and tools.Since Quake represent early phases of the
development of modern gaming systems, they are simple. As simple they can
be.

Many open source games can be studied,   I suggest OpenArena because is
easy available and fun.

Modern games don't work standalone. They connect to a master server to find
other gamers/active games.

Heres a simple one:
https://github.com/kphillisjr/dpmaster
Example of use:
http://dpmaster.deathmask.net/?game=openarena


Another game that is interesting for networking, is SubSpace.

The history with subspace is that was a commercial game that turned open
source. It had already billing server, game server, master server. So is
probably very similar to how many commercial games work.
http://en.wikipedia.org/wiki/SubSpace_%28video_game%29
http://wiki.minegoboom.com/index.php/Main_Page
http://wiki.minegoboom.com/index.php/Category:Protocol
It looks to me like somebody can learn stuff by reading this ones.

/shameless plug

Re: Office 365 Expert - I am not. I have a customer that...

[Tei]

Current developing fads include messaging a server POST messages over http,
receiving JSON data.  Both the request and answer are smallish small.  A
interface update refresh may depend on this data arriving. So the less
latency, the more agile and snappy will feel the application.

This is less trafic than webpages. A typical webpage page update may need
400KB / 700KB +.  HTML can be wasteful in big pages with a lot of data.
The same data coming from in JSON can weight much less, maybe x10 less.

I have not tried O365, so I don't know if it follow the typical modern web
app.


-- 
--
ℱin del ℳensaje.

Re: Linux: concerns over systemd adoption and Debian's decision to switch [OT]

[Tei]

I pled the Linux people to stay inside the unix philosophy to use text files.

Low newbies like me learn from reading config files, and fix thing by
reading log files, tryiing to make some sense of the error messages
there, and using the most suspicious line as the handle to google for
a solution (that is often some stackoverflow article, or some forum
posts).

I dismay after the idea of somebody replacing all that text by a
binary that spouts the service stoped running or that corrupt,
because some buffer was not flush when the kerfukle happened.

Even if going to binary gives a extra 20% speed,  I think speed is
important but not that important. I plead save the discoverability,
learn-bility, debug-ness of text  (even text scripts) over mysterious
binary blobs elfs generating mysterious binary blobs journals.

If they nerf text files, is like they nerf Google for me, and my
ability to maintain and configure systems.

-- 
--
ℱin del ℳensaje.

Re: Why is .gov only for US government agencies?

[Tei]

(very unimportant contribution, please ignore)

any change to this things, must be done in the benefit of future
users, making the internet a less weird place, with less exceptions

everyone else have already learned a .edu domain is probably a USA
university, and some .mil domain is the usa military.


((unfunny joke follow, you can stop reading here))
http://www.usma.edu  =  usma.edu.mil.us



-- 
--
ℱin del ℳensaje.

Re: Scotland ccTLD?

[Tei]

http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Decoding_table

VR, GO, ON, NY, ...these seems to be free :D

Clearly New York must declare independence.

-- 
--
ℱin del ℳensaje.

Re: Verizon Public Policy on Netflix

[Tei]

Software is... herrr configurable.

Maybe Netflix could be convinced so their box had a switch from
complete catalog hosting / caching most used data.  I get from this
discussion thread that small ISP feel having these box download the
whole catalog is more than what their customers  (1000) need.  Moving
this discussion away from net neutrality (that seems what netflix is
doing in public anouncements) to how these boxes handle and operate
would be better for everyone.



-- 
--
ℱin del ℳensaje.

Re: Verizon Public Policy on Netflix

[Tei]

 *puts on trolling hat*

Maybe the solution can be to have the Netflix client support the
torrent protocol, so the upload from netflix is minimal.  Maybe
pre-distribute files encripted, then distribute the de-crypt key once
the medias are distributed enough in different nodes. So netflix would
be doing the first upload, then distribute the keys.



-- 
--
ℱin del ℳensaje.

Re: Anternet

[Tei]

On 5 April 2014 07:44, Larry Sheldon larryshel...@cox.net wrote:
 Offered for your amusement--no followup.

 http://kottke.org/14/04/the-anternet
 --


A forager won't return to the nest until it finds food. If seeds are
plentiful, foragers return faster, and more ants leave the nest to
forage. If, however, ants begin returning empty handed, the search is
slowed, and perhaps called off.


No wonders ants don't govern us. This algorithm is atrocious. So if
food is scarce, most ants will stay at home and play videogames all
day, but if theres a lot of food, all of them will go around and
return with mountains of food they can't store.  Is a algorithm, from
a madman, designed to kill the hive if theres very low food or too
much food.

I propose ants start using food debts/food promises.  Ants will
print food debts to explorer ants, these explorer ants must pay
these debts by finding food. If some ant need a lot of food, that ant
will print more debt. The more food the hive need, more debt is
printed.

-- 
--
ℱin del ℳensaje.

Re: ID10T out of office responders (was Re: Yahoo DMARC breakage)

[Tei]

So

Suppose I configure my email to send a Thanks, we have received your
email, we will reply shortly in office hours.. Whats the Holy Headers
so even poorly configured servers don't cause a AutoReply Storm?
Googling, I found Precedence, X-Auto-Response-Suppress,..? For
something like this, normally I would scan lots of opensource projects
in  www.google.com/codesearch  (so I can learn from the projects with
a large number of hours in production)  , but seems down at the
moment.



-- 
--
ℱin del ℳensaje.

Re: Level 3 blames Internet slowdowns on Technica

[Tei]

On 24 March 2014 10:47, Joe Greco jgr...@ns.sol.net wrote:
 Here in Illinois, we have been paying for the construction of our tollway in 
 perpetuity.  When it was originally built the state promised to remove the 
 tolls as soon as construction costs were recovered.  We are still waiting 
 and will be forever.

 As someone who has worked in the Loop on and off for twenty years, I am
 fully aware of the history and folly of the Illinois trollway.

I heard you guys have been paying taxes for the war against my country
(Spain) since 1898.

http://en.wikipedia.org/wiki/Federal_telephone_excise_tax

So yea. Is much easier to create a new tax, than to remove it.

Re: How to catch a cracker in the US?

[Tei]

On 14 March 2014 05:14, shawn wilson ag4ve...@gmail.com wrote:
 On Mar 13, 2014 7:37 PM, Larry Sheldon larryshel...@cox.net wrote:
..

 Sorry for my note. Didn't mean it to sidetrack the question (I probably
 should've).

 /me o_O

Social perception of hacking affect law-making.
Computing security is controlled by moral panic and security theater.
Maybe someday a young men will enter prision,  for possession of
hacking tools... a  compiler and a debugger.

Fighting paranoia and moral panic is something we should be doing.
Making the distinction hacker vs cracker is like a small effort for
this.

-- 
--
ℱin del ℳensaje.

Re: How to catch a cracker in the US?

[Tei]

On 12 March 2014 14:56, William Herrin b...@herrin.us wrote:
.. Who knows, U.S. authorities may already
 be investigating the same user which would make your job so much
 easier.


lurker mode offAlso, if you just want a deterrent. Having  a cop
visit the home of the cracker just making questions may send the
message we know where you live, so calm the fuck up./lurker mode
on

-- 
--
ℱin del ℳensaje.

Re: About ddos-respo...@nfoservers.com

[Tei]

On 24 January 2014 16:23, Chris Boyd cb...@gizmopartners.com wrote:

 On Jan 24, 2014, at 8:36 AM, Jared Mauch wrote:

 You haven’t been able to get GTT/nLayer/TINet to track the traffic back?

 Details are welcome, either here or in private.  There are plenty of people 
 who will chase and fix this stuff when they’re aware of it.

 When OpenResolver Project was announced, there were about 60 abusable 
 addresses in my corner of the Internet.  I was able to get that number down 
 under 20 by asking politely.  The NFOserver reports have been a pretty good 
 stick to get the number down below 10.


http://dns.measurement-factory.com/surveys/openresolvers/ASN-reports/latest.html

Uh.. Oh.  I see a lot of references to Teléfonica in Latin America.



-- 
--
ℱin del ℳensaje.

Re: How anti-NSA backlash could fracture the Internet along national borders - The Washington Post

[Tei]

Casual comment:

This scheme, have a problem.

USA is friend of country A,and country B.  A is spying on B, and share the
results with USA.  B is spying on A and share the results with USA.
A and B can make a network, but will be all but private.

-- 
--
ℱin del ℳensaje.

Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty

[tei'']

On 7 September 2013 18:09, Dobbins, Roland rdobb...@arbor.net wrote:

 On Sep 8, 2013, at 4:08 AM, Paul Ferguson wrote:

 As a result, these transmissions expose Canadians to potential U.S. 
 surveillance activities – a violation of Canadian network sovereignty.

 Yes, far better to keep those communications within Canada - where CSEC can 
 hand them over to GCHQ, who'll then hand them over to NSA . . .

But I don't think every secret service have installed his own
backdoors in all popular software and protocols.

And the NSA can't share these backdoors/weakness with all his
friends, because if you tell a secret to everyone, it stop being a
secret. The existence and nature of these backdoors will be revealed,
and the affected software will fix them.

So probably the NSA works like  Wall-Mart Secrets.  And they sell
secrets,   100.000$ for a list of human rights activist,   2 millions
for the emails of the leaders of the opposition.


-- 
--
ℱin del ℳensaje.

Re: The US government has betrayed the Internet. We need to take it back

[tei'']

On 6 September 2013 11:37, Eugen Leitl eu...@leitl.org wrote:

 http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying

 The US government has betrayed the Internet. We need to take it back


Its like you have to abandon USA based encryptation systems that are
closed source. But I dunno, maybe open source solutions can have
problems.

http://xkcd.com/221/
http://en.wikinews.org/wiki/Predictable_random_number_generator_discovered_in_the_Debian_version_of_OpenSSL

I think the encryptation world will think about this, and will
recommend a group of products (like PGP) that are almost sure safe.

The NSA can spy on underwater internet cables, but they can't abolish
Math. If you have a encryptation system that is not backdoored and is
cryptographically strong enough the NSA or anyone will have a hard
time to uncover your secrets.




-- 
--
ℱin del ℳensaje.

Re: The US government has betrayed the Internet. We need to take it back

[tei'']

On 6 September 2013 10:52, Sam Moats s...@circlenet.us wrote:
 The problem being is when you do have a provider that appears to be secure
 and out of reach, think lavabit, that provider will not survive for long.
 The CALEA requirements, and Patriot Act provisions will force them into
 compliance.

Only if are on USA territory.


You can also push for distributed services that don't depend on one
fat server farm.



-- 
--
ℱin del ℳensaje.

Re: How big is the Internet?

[tei'']

I know the exact size:

Infinite.

When I was in the university I was downloading many things at the
night,  while the whole internet bandwith was wasted (hehehehe).
Many times my  wget -r -l 32  got stuck on things like CGI's that
point to itself creating a infinite loop. This was in 2002, but
probably still exist many CGI's like this one.

I imagine spider programmers have many fun similar histories, of
websites that seems infinite to the spider.



-- 
--
ℱin del ℳensaje.

Re: Revealed: NSA program collects 'nearly everything a user does on the internet'

[tei'']

On 31 July 2013 16:46, Warren Bailey
wbai...@satelliteintelligencegroup.com wrote:
 Tin foil hat Wednesday, limited supplies.

 Revealed: NSA program collects 'nearly everything a user does on the internet'

 http://gu.com/p/3hy4h


 - Have I read it correctly.  Can then break into a vpn connection,
then leach documents that a german in pakistan is sending to his
office in germany?
 - So excel documents store MAC address?... time to set them to random
numbers :D
 - What is the red dots in the bottom of the map? satellites?  penguin
powered servers on the south pole?
 - The document make it looks like this exist to spy religious
terrorist and industrial espionage. But who know.   Woah, thats a lot
of red dots in europe. Must be to protect the europeans.



-- 
--
ℱin del ℳensaje.

Re: Office 365..? how Microsoft handed the NSA access to encrypted messages

[tei'']

It would be fun to make a encryptation keyboard.  A keyboard that add
the text you write to a buffer, and wen the buffer is full, output it
to the computer encrypted. Maybe with pgp.  Such machine would
probably need a led with the text you are writing.

That way, you coud be using Google Docs or Office 365. And the
computer OS can have a keylogger and a backdoor.  And you will still
be somewhat safe if pgp provide you with strong enough level of
encryptation.

--
--
ℱin del ℳensaje.

Re: Office 365..? how Microsoft handed the NSA access to encrypted messages

[tei'']

Whos doing the spyiing, anyway?,  sounds like a colaboration betwen
Microsoft and the NSA.   Sounds to me like Microsoft, and the NSA,are
doing the spyiing.If some judge declare this actions illegal, a
crime, Microsoft will be co-perpetrators.

Even if no judge declare this a crime,  what about the customer
position?  a) Microsoft lied to you. b) Microsoft conspired with
others to break your privacy.  c) They did more than the law forced
them, to break your privacy.  d) You are the product that Microsoft
sells to the NSA.

Somebody, somewhere on the USA governement, trought that after the
9/11,  normal laws not-apply, including the constitution.  New laws
where made to give free reign, and people like Microsoft happyly
jumped to make some money out of it.   This is wrong.


--
--
ℱin del ℳensaje.

Re: huawei (ZTE too)

[tei'']

I am only a lurker in this list.   I am curious why nobody has
mentioned open source.  Theres no way all these router-thingies would
have all his source code visible? a house made of glass?



--
--
ℱin del ℳensaje.

Re: PRISM: NSA/FBI Internet data mining project

[tei'']

This is one of these Save the forest by burning it situations that
don't have any logic.

To save a forest firefighters often cut a few tree.  Don't cut all the
trees in a forest to save it from a fire.

Exceptions must be made for police forces to violate rights (like
privacy).   Exceptions can't be the norm.  A exception can't be we
have accesss to all emails all the time. Thats cutting all the
forest.

If you give police forces the ability to violate personal rights all
the time (not as exceptions) what this cause is people running away
from the police forces.  And turn the police forces in some type of
criminal, the only difference is better organized and backed by the
law.


--
--
ℱin del ℳensaje.

Re: What hath god wrought?

[tei'']

On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote:
 http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/


More on the same topic.
http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475

Maybe the FBI use this to commit crimes in USA using a foreign company
as proxy so nothing dirty show on the books. That way the FBI can
avoid respecting USA laws.




--
--
ℱin del ℳensaje.

Re: Color vision for network techs

[Tei]

Standards can have bugs, and a standard that is not compatible with
maybe 5% of the population is buggy.

Almost any standard that start this is red and this is green is
flawed this way.  This mean any future standard created as to look
into this type of stuff (and i18n and localization and others) to not
create flawed buggy standards.

Old standards can be updated ... (maybe include lines of the same
color but different contrast), but we all know how hard is to update
standards.

If I where one of these dudes, I would download/create a app for my
iphone that recolorice video to change colours to others I could tell
the difference.



-- 
--
ℱin del ℳensaje.

Re: stanford-biologist-computer-scientist-discover-anternet

[Tei]

On 27 August 2012 02:58, Suresh Ramasubramanian ops.li...@gmail.com wrote:
 On Mon, Aug 27, 2012 at 2:54 AM, Andre Gironda an...@operations.net wrote:
 http://engineering.stanford.edu/news/stanford-biologist-computer-scientist-discover-anternet

 Looks like at least one component of unseen university's Hex is alive
 and kicking.  Good fun.


Ank-Morpock already have his own p2p client

http://antsp2p.sourceforge.net/

-- 
--
ℱin del ℳensaje.

Re: No DNS poisoning at Google (in case of trouble, blame the DNS)

[Tei]

On 27 June 2012 09:50, Stephane Bortzmeyer bortzme...@nic.fr wrote:
(trollspecially for a Web site written in
 PHP/troll)?


We software makers have a problem,  when a customer ask for a
application, often theres a wen project that already do it ( for the
most part is a round peg on a round hole). So a natural solution is to
install this project and customize it to his needs (theme, perhaps
some programming).  The other option is to create a code from scratch
(perhaps using a framework).

If you create the code from scratch, it will be safe.  A tree cant get
a human virus, and a human can't get a tree virus. You are not
unhackable,  bad practices will byte you on the long term, but you
don't see exploits made specifically for this custom made code  daily.
 Too bad, the features the code allow will be few, limited to the
budget to the project.  Programming sucks, and generate code and bugs,
and everybody suffer for it.  This option suck.

If you use these project that already do 99% of what the customer
need, plus a 120% the customer not need (and perhaps don't want). The
code quality will be normally be good, with **horrible** exceptions.
But sooner or later, (weeks) there will be exploits for this codebase,
to hack the site in horrible ways.  If the customer don't pay
maintenance and dont do the maintenance himself  the code will turn
comically outdated. Hacking the site will be easy for childrens age 5
and high. Maintenance suck.  This option suck.

All options suck.

Your browser will call you a idiot if you try to browse with a
outdated version.  But web projects are not this rude on owners. So
you have people browsing forums in Chrome 18, where the forums
software is a version of 2004 (heavily customized, but this will not
save you).  Then a cracker comes, uses a know exploit from 2008, and
download  1.2 million unhashed passwords.  Where 98% of these
passwords are reused on facebook, twitter, linkedin and gmail.




-- 
--
ℱin del ℳensaje.

Re: No DNS poisoning at Google (in case of trouble, blame the DNS)

[Tei]

On 28 June 2012 14:48, Arturo Servin arturo.ser...@gmail.com wrote:
...

        Think about sql injection, they are not only to specific platforms but 
 to general bad programming practices.

If you are already a good programmer, writing code that is safe
against sql inyections is trivial.  So is not a real problem, and
thats why I don't mention it.   A real problem is one that you can't
avoid by just walking one step to the left.
But I support that you champion it, and I fully agree bad code is
possible and some people do write it. We don't really disagree.



-- 
--
ℱin del ℳensaje.

Re: LinkedIn password database compromised

[Tei]

Anonymity on the Internet is a feature, because a lot of the world
netcitizens come from countries where saying this or that is a crime,
and can get you in trouble.
Any asymetric cryptography solution that remove anonymity is a bad
thing. Making censorship easier on the internet is making it worse.

What could do some good, is to discredit some bad practices, and
propose alternate better practices.
This is hard, and part of it is because some people good practices is
other people good practices.   We can't start this yet, because we
don't agree on these good practices.

Theres something weird with passwords length,  on most websites you
are allowed to type a 80 or 120 characters long name.  But if you try
that with your password, you find a problem.  Somehow VARCHAR(120) is
unfeasible for passwords, but ok for first_name,second_name.
Is even more weird wen people are storing hashs.  The length of a md5
don't change if I choose very long passwords, so why are people
limiting password length?

Other weird limitations that must go, is the idea that you can't use
special characters. The expresion special characters is a red flag
itself.  Most passwords sould allow UTF-8, and allow anything that
UTF-8 allow.

Forcing people to mix uppercase and lowercase.. I understand where
this come from. It enhance the password strength. A what price? Making
passwords a random mix of letter and numbers make then hard to
remember and make life miserable for everyone. Practices to make
passwords stronger may be pushing people to write password down, or
reuse passwords.

--
ℱin del ℳensaje.

Re: LinkedIn password database compromised

[Tei]

If anyone have a really good idea how to fix this mess, It will be a
good idea to contact with Jeff Atwood (of  codehorror.com and
stackoverflow.com fame).  He and other people is working on a new
internet approach to discussions.  Think forums 2.0.  If this new pet
rock succeed, could change how the world use, eerrh... forums.  We
could hit two problems with the same rock.



-- 
--
ℱin del ℳensaje.

Re: LinkedIn password database compromised

[Tei]

The problem:
- Modern internet users must have lots of different login/passwords around
the internet.  Most of then in easy-to-break poorly-patched poorly-managed
servers,  like linkedin.

The solution:
-  Reduce the number of authentication.  Allow anonymous posting in more
sites.

Imagine this.   I post something on the blog  yadaydayda. I give my email
and nothing else.   The blog software sends me a email to confirm the post.
I click on it, and the post is published.

The real problem is that nowdays everybody and his dog want a password, and
a password is expensive for the user.  The internet need more anonymous
ways to publish content.


-- 
--
ℱin del ℳensaje.

this NANOG wiki is getting spammed

[Tei]

I don't think this is the official nanog wiki, but anyway probably the
owners are on this mail list.

Spammers is wasting everyone time by filling it with crap.
http://nanog.cluepon.net/index.php/Special:RecentChanges

-- 
--
ℱin del ℳensaje.


.
.
.
.
.
















































postdata:
Blizzard is getting strange slower speeds for some customers (300ms
ping, wen other have a normal of 100ms). I blame this in evil ISP's
doing evil things, or routing problems. Ignore this line.

Re: VoIP vs POTS (was Re: Operation Ghost Click)

[Tei]

Perhaps cell towers can be made to fail sooner, and enter some
emergency mode where only 911 calls get service.



--
--
ℱin del ℳensaje.

Re: Host scanning in IPv6 Networks

[Tei]

On 20 April 2012 17:16, Owen DeLong o...@delong.com wrote:

 exec ?
 exceed ?


 Not a lot of x's in hexidecimal numbers outside of C-style formatting 
 (0x).

 IPv6 addresses are not generally notated in said style and certainly don't 
 include said x in a suitable context for that to be part of a dictionary 
 attack.

 However, he also left out the common use of 7(t), 6/9(g), 1/7(I/L/T), 2(Z), 
 5(S), and 0(O).

 c is also often substituted for k (as in face:b00c).

 Owen


Sorry. I did a quick filter of the openoffice dictionary file. seems
that I made a ugly mistake :-/


postdata:
I have made a [0-9] to [aeioutnshrdlcmwf]  conversor.
http://jsbin.com/ibepup/
This convert a decimal number into a hexadecimal number not using
the [0-9A-F] table, but the [aeioutnshrdlcmwf] table. The
aeioutnshrdlcmwf table may allow a big number of numbers have a
existing word of expression.

postdata2:
Using this conversor, 123442553445523 is the word NaouuScuch.


-- 
--
ℱin del ℳensaje.

Re: Host scanning in IPv6 Networks

[Tei]

It would be a very fast dictionary attack :D

accede
bade
dad
decade
face
axed
babe
deaf
bed
Abe
bee
Decca
exec
fade
bead
bedded
deed
exceed
Abba
deface
efface
feed


On 20 April 2012 09:08, Fernando Gont ferna...@gont.com.ar wrote:
 FYI

  Original Message 
 Subject: IPv6 host scanning in IPv6
 Date: Fri, 20 Apr 2012 03:57:48 -0300
 From: Fernando Gont fg...@si6networks.com
 Organization: SI6 Networks
 To: IPv6 Hackers Mailing List ipv6hack...@lists.si6networks.com

 Folks,

 We've just published an IETF internet-draft about IPv6 host scanning
 attacks.

 The aforementioned document is available at:
 http://www.ietf.org/id/draft-gont-opsec-ipv6-host-scanning-00.txt

 The Abstract of the document is:
  cut here 
   IPv6 offers a much larger address space than that of its IPv4
   counterpart.  The standard /64 IPv6 subnets can (in theory)
   accommodate approximately 1.844 * 10^19 hosts, thus resulting in a
   much lower host density (#hosts/#addresses) than their IPv4
   counterparts.  As a result, it is widely assumed that it would take a
   tremendous effort to perform host scanning attacks against IPv6
   networks, and therefore IPv6 host scanning attacks have long been
   considered unfeasible.  This document analyzes the IPv6 address
   configuration policies implemented in most popular IPv6 stacks, and
   identifies a number of patterns in the resulting addresses lead to a
   tremendous reduction in the host address search space, thus
   dismantling the myth that IPv6 host scanning attacks are unfeasible.
  cut here 

 Any comments will be very welcome (note: this is a drafty initial
 version, with lots of stuff still to be added... but hopefully a good
 starting point, and a nice reading ;-) ).

 Thanks!

 Best regards,




-- 
--
ℱin del ℳensaje.

Re: April fools joke?

[Tei]

On 2 April 2012 06:56, Robert Bonomi bon...@mail.r-bonomi.com wrote:

 Keith Medcalf wrote:
 {prior attributions lost}
   http://www.bbc.co.uk/news/uk-politics-17576745

   It's sad when you just can't tell with things like this..

  I was hoping for something good, like maybe an extension of RFC 1149
  implementing ECN (aka SQUAWK) in avian carriers. I'm disappointed.

 ECN doesn't help if the Hunting Season bit is set.

 That's a situation where you *want* Bugs in the project.

  Wabbit Season!


Joke is on then.

I make all my terrorist talking in Counter-Strike.  Since the game
packets are not logued, nothing is logued.   And we use a special
language so a possible spy would not understand us.

1. OMFG! It's a deagle train! Camp for your life!
2. W00T kill #7 Total deagle-train!
3. Why don't you use that M4 you have?
2. Because I'm deagle-training n00b!

Logging emails:
 - 100% false positives: log data from everyone not evil
 - 100% missed messages: don't log data from evil people

The very definition of useless. Probably another feel good, look
how we combat the evuuul politics.



-- 
--
ℱin del ℳensaje.

Re: April fools joke?

[Tei]

On 2 April 2012 13:40, Tei oscar.vi...@gmail.com wrote:
 On 2 April 2012 06:56, Robert Bonomi bon...@mail.r-bonomi.com wrote:

 Keith Medcalf wrote:
 {prior attributions lost}
   http://www.bbc.co.uk/news/uk-politics-17576745

   It's sad when you just can't tell with things like this..

  I was hoping for something good, like maybe an extension of RFC 1149
  implementing ECN (aka SQUAWK) in avian carriers. I'm disappointed.

 ECN doesn't help if the Hunting Season bit is set.

 That's a situation where you *want* Bugs in the project.

  Wabbit Season!


 Joke is on then.

 I make all my terrorist talking in Counter-Strike.  Since the game
 packets are not logued, nothing is logued.   And we use a special
 language so a possible spy would not understand us.

 1. OMFG! It's a deagle train! Camp for your life!

Oops. sorry, seems will use deep packet inspection for games.

I suppose the trigger for wen the terrorist say we have setup the
bomb will trigger a few hundreds of times per minute. :-/






-- 
--
ℱin del ℳensaje.

Re: $1.5 billion: The cost of cutting London-Tokyo latency by 60ms

[Tei]

On 23 March 2012 13:31, Aled Morris al...@qix.co.uk wrote:
 On 23 March 2012 11:53, Eugen Leitl eu...@leitl.org wrote:

 All three cables are being laid for the same reasons: Redundancy and speed.
 As it stands, it takes roughly 230 milliseconds for a packet to go from
 London to Tokyo; the new cables will reduce this by 30% to 170ms. This
 speed-up will be gained by virtue of a much shorter run:




 If they could armor the cable sufficiently perhaps they could drill the
 straigh line path through the Earth's crust (mantle and outer core) and do
 London-Tokyo in less than 10,000km.

 Aled

I imagine a easier solution.  Use a random number generator in both
sides, with the same seed.  Then use a slower way to send packets
re-sync that will contain the delta from the generated number, to the
real actual number.

I suppose this speeds are needed for some fast speed transaction,
that are leeching money from the background noise on the market.

This is not like the Roman empire, where you could make a lot of money
buying wheat wen theres a dry year in egypt.

note: I could be wrong.






-- 
--
ℱin del ℳensaje.

Re: Programmers with network engineering skills

[Tei]

On 12 March 2012 09:59, Carlos Martinez-Cagnazzo carlosm3...@gmail.com wrote:
 Hey!

 On 3/8/12 8:24 PM, Lamar Owen wrote:
 On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote:
 ...
    (16)  The default gateway's IP address is always 192.168.0.1
    (17) The user portion of E-mail addresses never contain special
 characters like  - +  $   ~  .  ,, [,  ]
 I've just had my ' xx AT cagnazzo.name' email address rejected by a web
 form saying that 'it is not a valid email address'. So I guess point
 (17) can be extended to say that 'no email address shall end in anything
 different that .com, .net or the local ccTLD'

 :=)

 Carlos


Yea, I don't even know how programmers can get that wrong.  The regex
is not even hard or anything.


(?:[a-z0-9!#$%'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%'*+/=?^_`{|}~-]+)*|(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*)@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])




-- 
--
ℱin del ℳensaje.

Re: Programmers with network engineering skills

[Tei]

On 27 February 2012 23:23, Jay Ashworth j...@baylink.com wrote:
 - Original Message -
 From: Owen DeLong o...@delong.com

 I think you're more likely to find a network engineer with (possibly
 limited) programming skills.

 That's certainly where I would categorize myself.

 And you're the first I've seen suggest, or even imply, that going that
 direction instead might be more fruitful; seemed to me that the skills
 necessary to make a decent network engineer would support learning
 programming better than the other way round -- though in fact I personally
 did it the other way.

I agree.  And I am just a programmer.

Part of it, is that our job is to obscure implementation details to
these in higuer levels.  We think hard to build stuff, so other people
don't have to.  If theres a program that create a conexion, and that
conexion can break, we silently repeat the re-conexion part, so these
that use the program ignore these problems and can live happy.   A bad
programmer will show a message Conexion break, please connect again.
 Having the human manually pressing the connect button again. I have
no words for how lame is that.
So we hide implementation details for us, and for others.  Programmers
that write compilers hide implementation details to others.  Designers
of CPU's microcode hide implementation details to mere assembler
programmers.

-- 
--
ℱin del ℳensaje.

Re: DNS Attacks

[Tei]

I am a mere user, so I all this stuff sounds to me like giberish.

The right solution is to capture the request to these DNS servers, and
send to a custom server with a static message  warning.html. Nothing
fancy.   With a phone number to get out of jail, so people can call
to op-out of this thing, so can browse the internet to search for a
solution.

This or do nothing.

http://www.guardian.co.uk/world/2012/jan/18/iran-death-sentence-porn-programmer
Interpol helps Iran capture a programmer for creating porn sites.

Now, if the Interpol want you to block a DNS server, or worse, to spy
on users conecting to a DNS server. Will you help?  doing nothing is
also a good option, methinks.  Start medling, redirecting dns trafic,
spyiing on the user... all these things are dirty and can't end well.

(note, of course, I am a user, so I have a user opinion. )



-- 
--
ℱin del ℳensaje.

Re: Megaupload.com seized

[Tei]

On 23 January 2012 04:05, Jacob Taylor orangewi...@gmail.com wrote:
..

 Tahoe-lafs can be fast. A grid I help out with is often capable of
 600kilobyte/per/second downloads (or faster), and I personally have
 several files stored on there in excess of 500mb. Close enough to your
 700mb movie example.

 I use this storage as a CDN of sorts, as a friend wrote an HTTP
 interface to the Tahoe-lafs grid.


Fast and not centralized seems good traits.  Urls are ugly, but thats
manageable, are not human readable, but humans can copy it around.

 Should you wish to see it in action, the code and download links are
 over here -- http://cryto.net/projects/tahoe.html


I get this:
2012-01-24 10:01:22 ERROR 504: Gateway Time-out.

Googling for 
VVJJOkNISzp3NWo1aWd2M3NmYnlsM21pczZ5enRjN2thbTpmMjdjenBtNW13ZmxkY2Rud2NpM3NxeGVkamRncmt0ZGljYTd4bXFsNWN3bGh0c2x4bWdhOjM6NjozMTM2
finds only this site. (I somehow expected to find other servers
hosting a gateway to the same file).




-- 
--
ℱin del ℳensaje.

Re: Megaupload.com seized

[Tei]

What sould fileshares must do, is to store files in these services in
a encrypted way, and anonimized name. So these services have
absolutelly no way to tell what are hosting.

Fileshares can organize thenselves in sites based on a forum software
that is private by default (open with registration), then share some
information file that include the url to the files hosted, and the
key to unencrypt these files, and some metadata. A special desktop
program* would load that information file, and start the http
download.

This way can combine the best of the old BBS systems to the best of
the current caching and hosting technologies.  These http hosting
services seems to operate well enough. A % of the users go premium to
allow more and better downloads.

*Maybe is time to write such program.


-- 
--
ℱin del ℳensaje.

Re: Megaupload.com seized

[Tei]

On 20 January 2012 12:14, Alec Muffett alec.muff...@gmail.com wrote:

 On 20 Jan 2012, at 11:00, Tei wrote:

 Fileshares can organize thenselves in sites based on a forum software
 that is private by default (open with registration), then share some
 information file that include the url to the files hosted, and the
 key to unencrypt these files, and some metadata. A special desktop
 program* would load that information file, and start the http
 download.


 At the risk of kicking over old ground, there are a bunch of privacy 
 solutions like this; possibly the most complete attempt (in terms of 
 attempted privacy and distribution) is Freenet:

        http://freenetproject.org/whatis.html

 ...but it's slow; then there's Tahoe-LAFS - a decentralised filesystem:

        https://tahoe-lafs.org/trac/tahoe-lafs

 ...but it's slow; then there are connection anonymisation tools like I2P and 
 Tor, but - wonderful as they are - they're slow.

 Can you see a pattern developing that would be relevant to the downloader of 
 700Mb+ AVIs? :-)

 It would be great to speed them through wider adoption, but until then...

        -a


These services are not needed yet.  But is good that are under study,
in case changes in laws or balance of power make it needed.
For now, I think people will continue using HTTP download/stream
movies and tv series.

Perhaps countries where the 3 strikes legislation is aprobed will make
one of these systems necesary. But I think speed is a important
factor, and no slow system will suceed.




-- 
--
ℱin del ℳensaje.

Re: Whacky Weekend: Is Internet Access a Human Right?

[Tei]

On 5 January 2012 16:22, Jay Ashworth j...@baylink.com wrote:
 Vint Cerf says no: http://j.mp/wwL9Ip

 But I wonder to what degree that's dependent on how much our governments make
 Internet access the most practical/only practical way to interact with them.

 Understand: I'm not saying that FiOS should be a human right.  But as a
 society, America's recognized for decades that you gotta have a telephone,
 and subsidized local/lifeline service to that extent; that sort of subsidy
 applies to cellular phones now as well.

 Thoughts?


You don't need a new right.

The human rights include education and access to be able to
participate in your culture.  A human banned from using the internet
would not have access to culture, and will be banned from participate
in it.

Based on this page:
http://en.wikipedia.org/wiki/Human_rights
5.5
5.7
5.7.*

Practical terms:

The ugly conclusion is that you can put a men in jail, but that don't
include ban such men to access the internet.   Say, you put in jail a
cracker.  The judge as to remove him from two rights, the right to
freelly walk anywhere, and the right to post in his favorite
forum/mail list.



-- 
--
ℱin del ℳensaje.

Re: next-best-transport! down with ethernet!

[Tei]

I am php/javascript programmer.

The web used to be request/reply. With the request small (but not
small enough), and the reply long.
But the time for permanent connections is comming.  Links from clients
to server that are permanent.  Or look like that in the application
layer.

On one sense, this is a optimization, no more pooling the server do
you have something for me? every n seconds.  But I imagine mostly
make things like caching and proxies pointless.

At some point, users will start getting unhappy with web pages replies
slower than 100 ms.   ATM my webpages takes longer to start Jquery
that all the server-client interactions. Most obvious optimization is
never reload the page, and run everything trough ajax calls.

I am not dumb,  I know turning webpages into applications make
webpages to fragile. But I am scared of javascripts. Javascript is
just too dawmn usefull now, browsers too broken (mostly IE), and
Javascript is like a superhero that fix all.   The web is going to
change in a few years, from a request reply interchange network,
to something more like a computer bus.I don't know how the
wires will react to this.



On 30 December 2011 10:58, Vitkovsky, Adam avitkov...@emea.att.com wrote:
 Actually an a Cisco presentation on Nexus 7k I asked whether it's possible to 
 transport the FCoE over let's say EoMPLS or VPLS and did not get a straight 
 answer though that was half a year ago
 -but it would be really cool to connect hard-drives directly over continents


 adam

 -Original Message-
 From: Tom Hill [mailto:t...@ninjabadger.net]
 Sent: Thursday, December 29, 2011 8:58 PM
 To: nanog@nanog.org
 Subject: Re: next-best-transport! down with ethernet!

 On Thu, 2011-12-29 at 10:06 -0500, Christopher Morrow wrote:
 yes, let's get something with say fixed sized packets, ability to have
 predictable jitter and also, for fun, no more STP!
 Ethernet is too complex, maybe something simpler? I hear there's this
 new tech 'ATM'? it seems to fit the bill!

 Pfft. Everyone knows that Fibre Channel's going to replace everything...
 The minute we get those 128Gbit/sec transmission characteristics,
 Ethernet's gonna be as good as RS-485.








-- 
--
ℱin del ℳensaje.

Re: Happy xmas folks

[Tei]

 On 12/20/2011 10:08 PM, andrew.wallace wrote:

 I just want to say happy xmas to everyone at NANOG.

 I'm about to sign off for the holidays.


 Andrew

 enjoy your chistmas, and you don't have to come back after the holidays,
 we'll be fine without you.



Has a gamer, I hope ipv6 come sooon.  Singleplayer videogames are a
historic weird thing. Since the begin of humanity most games has ben
cooperative or competitive.  But tryiing to host a videogame (serving
the game) from behind a crappy router, using NAT, is not fun.  It is
even more crappy because hardware manufactures produce these horrible
interfaces in these routers ( my favorte pet-peeve is limit to forward
6 ports).
I suppose nobody in this mail list will have any problem in
configuring one of these things. But for 99.999% of the gamers,  even
the concepts are unknowm.  Now that gaming is mainstream, and more
than 500 millions persons play games daily,  more and more people his
exposed to the crappyness of crappy  NAT configure dialogs on crappy
routers.

Please made the pain stop.

I am looking forward for a day where you would be able to avoid NAT,
and share your ip with your teammates, to have a pain-free experience.
So gamers don't have to study sites like this one:
http://portforward.com/

-- 
--
ℱin del ℳensaje.

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases

[Tei]

*a random php programmer shows*

He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows. I don't want to pay 1000$ a year, or 1$ a year for that. I
just don't want to use cleartext for internet data transfer.  HTTP is like
telnet, and HTTPS is like ssh. But with ssh is just can connect, with
browsers theres this ugly warning and fuck you, self-signed certificate
from the browsers.  Please make the pain stop!.

--Tei

-- 
--
ℱin del ℳensaje.