Re: Malicious SS7 activity and why SMS should never by used for 2FA

2021-04-19 Thread bzs
Can I make an old f*** comment on all this? We didn't design this network to be highly secure. It's general enough that security can be layered on at various places. But when you get down to it it was mostly designed to get information flowing easy, fast, and freely. Not to lock it down or

Re: internet futures

2021-03-26 Thread bzs
The video is pretty good particularly where it's most pessimistic. My prediction: It might take a little more than ten years but I'll predict positive ID or you're not getting anywhere useful. And a lot of people here will loathe that. But you/we had your chance and spent most of your

Re: Perhaps it's time to think about enhancements to the NANOG list...?

2021-03-21 Thread bzs
And some of the lessons of group creation on USENET was: 1. You don't create a sub-topic to try to generate discussion. So for example you don't create talk.baseball.redsox because no one ever posts about the redsox in talk.baseball. It doesn't work. Not really relevant here tho it might become

Re: Re: OVH datacenter SBG2 in Strasbourg on fire 

2021-03-11 Thread bzs
From: George Herbert ...Interesting overview of fire damage. I remember many years ago spec'ing a machine room at BU and coming to loggerheads with the VP of building and grounds. He (well, their rules) wanted low-temp sprinkler triggers, I wanted the high-temp ones (I forget but I think

Re: Famous operational issues

2021-02-23 Thread bzs
Anyone remember when DEC delivered a new VMS version (V5 I think) whose backups didn't work, couldn't be restored? BU did, the hard way, when the engineering dept's faculty and student disk failed. DEC actually paid thousands of dollars for typist services to come and re-enter whatever was on

Re: Famous operational issues

2021-02-22 Thread bzs
At Boston Univ we discovered the hard way that a security guard's walkie-talkie could cause a $5,000 (or $10K for the big machine room) Halon dump. Took a couple of times before we figured out the connection tho once someone made it to the hold button before it actually dumped. Speaking of

Re: Famous operational issues

2021-02-18 Thread bzs
One day I got called into the office supplies area because there was a smell of something burning. Uh-oh. To make a long story short there was a stainless steel bowl which was focusing the sun from a window such that it was igniting a cardboard box. Talk about SMH and random bad luck which

Re: Famous operational issues

2021-02-16 Thread bzs
> On Tue, 16 Feb 2021, John Kristoff wrote: > > > Friends, > > > > I'd like to start a thread about the most famous and widespread Internet > > operational issues, outages or implementation incompatibilities you > > have seen. > > When Boston University joined the internet proper ca

Re: DoD IP Space

2021-02-15 Thread bzs
In my humble but correct opinion one of the things which sabotages these efforts is an aversion to any solution which doesn't feel like it would work quickly and decisively (ask Bezos to offer a discount to anyone using IPv6 to order on Amazon???) I remember back in ~2003 on the Anti-Spam

Re: Retalitory DDoS

2021-02-08 Thread bzs
I notice I often get DDoS'd when I post here, to NANOG, usually w/in 2-3 hours, so owing to this note it'll probably happen again tonight! The typical attack is some mixture of DNS whacking from dozens or hundreds of hosts, plus usually UDP packets being flung at basically round-robin ports

David Tilbrook / QEF - Re: gofundme Medical Expenses - Ed Hew

2021-01-25 Thread bzs
Let me say a few words about David Tilbrook. Unlike the author of that very nice linked article below I knew David quite well. I co-chaired a couple of Usenix conferences with him and even flew to Toronto for his daughter's bat mitzvah (umm, because he invited me), etc. He was very smart, he'd

RE: Nice work Ron

2021-01-21 Thread bzs
On January 21, 2021 at 12:39 nanog@nanog.org (Jean St-Laurent via NANOG) wrote: > > I feel this is a good example that a pen is mightier than a sword. In all honesty have we really given the sword a chance in these cases? -- -Barry Shein Software Tool & Die| b...@theworld.com

Re: USENET peers?!

2021-01-20 Thread bzs
On January 20, 2021 at 16:06 nanog@nanog.org (Grant Taylor via NANOG) wrote: > On 1/20/21 3:50 PM, b...@theworld.com wrote: > > Around 300MB/day. > > Interesting. > > I see 50-70 MB / day for text only newsgroups. > > Perhaps I want to step up to more than text only on some of my

Re: USENET peers?!

2021-01-20 Thread bzs
On January 20, 2021 at 13:41 b...@herrin.us (William Herrin) wrote: > On Wed, Jan 20, 2021 at 12:40 PM wrote: > > 2. Usenet is dead and besides a full feed is 20+TB/day because it's > > dead, but 20TB/day... > > Hi Barry, > > How much is it per day if you skip the groups distributing

USENET peers?!

2021-01-20 Thread bzs
Through a coincidence of hardware failures "out there", which should come back soon, and admittedly some inattentiveness as peers went away, The World finds itself looking for some Usenet peers. Not a full feed, we can talk. 1. OT? Feel free to point me to a better place which anyone is likely

Re: End-user Alert Delivery (was Re: NDAA passed: Internet and Online Streaming Services Emergency Alert Study)

2021-01-13 Thread bzs
On January 14, 2021 at 04:56 j...@baylink.com (Jay R. Ashworth) wrote: > Well, it probably gets way worse: if it's a "permanent" battery, it will be > harder to find, and harder to replace... No, you don't replace the permanent batteries in these 10 year smoke detectors, you toss the whole

End-user Alert Delivery (was Re: NDAA passed: Internet and Online Streaming Services Emergency Alert Study)

2021-01-13 Thread bzs
(Topic at hand was just building an emergency alert system into smoke detectors rather than try to come up with some complex internet-oriented design.) On January 14, 2021 at 03:56 j...@baylink.com (Jay R. Ashworth) wrote: > Last time I looked, consumer residential smoke detectors were still

Re: Parler

2021-01-10 Thread bzs
Sorry for intruding one more time but in my experience, which is absolutely vast, amateurs argue written law, professionals (i.e., lawyers) generally argue precedent; how courts have interpreted the law in cases applicable to the issue at hand. If no useful precedent exists professionals tend

Re: Parler

2021-01-10 Thread bzs
Sometimes it's worth turning the issue around and looking at it right up the...um, whatever. A friend who is rather right-wing (tho mostly sane) said angrily that AWS terminating Parler was "Stalinist" (apparently his metaphor for totalitarian.) I said no, the government _forcing_ AWS to carry

Re: Parler

2021-01-10 Thread bzs
On January 10, 2021 at 08:42 sro...@ronan-online.com (sro...@ronan-online.com) wrote: > While Amazon is absolutely within their rights to suspend anyone they want > for violation of their TOS, it does create an interesting problem. Amazon is > now in the content moderation business, which

Re: NDAA passed: Internet and Online Streaming Services Emergency Alert Study

2021-01-05 Thread bzs
On January 4, 2021 at 21:19 valdis.kletni...@vt.edu (Valdis Klētnieks) wrote: > On Mon, 04 Jan 2021 15:33:10 -0500, b...@theworld.com said: > > Why wouldn't we just build this into 10-year battery smoke alarms, a > > simple radio receiver? > > First, that means your smoke alarm batteries

RE: NDAA passed: Internet and Online Streaming Services Emergency Alert Study

2021-01-04 Thread bzs
Why wouldn't we just build this into 10-year battery smoke alarms, a simple radio receiver? Why does anyone think this must be a feature of the internet when, as people here have described, that entails all sorts of complexities. You just want something that goes BEEP-BEEP-BEEP KISS YOUR ASS

Re: NDAA passed: Internet and Online Streaming Services Emergency Alert Study

2021-01-02 Thread bzs
Let's just go back to air-raid sirens. I'm old enough to remember when they were tested every day at noon, which also told you it was noon (lunch!) We'd say heaven help us if The Enemy attacked at noon. -- -Barry Shein Software Tool & Die| b...@theworld.com |

Re: 10g residential CPE

2020-12-25 Thread bzs
Another way to phrase the question (which was the subject of much dispute 30 years ago) is: Which would you rather have (I'll use modern speeds): 1gb flat rate 10gb metered Where metered 10gb could cost less than 1gb when you don't use it, or about the same at ~1gb, but more if you use >1gb?

Re: "Hacking" these days - purpose?

2020-12-16 Thread bzs
I'm not so sure. If someone got the banks, credit card (fintech), big online shopping, etc (tho not a lot of etc needed) on board, the "head count" for that wouldn't be very large, and others would join (particularly retail) just to not be left out... One can build a quite different network on

Re: "Hacking" these days - purpose?

2020-12-15 Thread bzs
Somedays I wonder if it's some vast, well-funded, Spectre-like organization whose backers just want to see trust in the internet undermined in the public's eyes on behalf of their own non-internet or anti-internet (think: phone companies who'd love to charge you per email and web page access for

Re: The Real AI Threat?

2020-12-11 Thread bzs
Slow Friday... One pressing problem of "AI", and might be a useful analogy, is that we're (everyone w/ the money) deploying it, for some value of "it", into weapons systems. The problem is that decisions made by for example an attack drone might have to be made in milliseconds incorporating

Re: The Real AI Threat?

2020-12-11 Thread bzs
"Don't anthropomorphize computers, it just pisses them off." -- some wag -- -Barry Shein Software Tool & Die| b...@theworld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information

Anyone from instagram reading?

2020-12-02 Thread bzs
Instagram is enabling an harassment attack. They are sending out "change in terms of use" statements, you've probably received it. Apparently they will send them to unconfirmed accounts, en masse. So for example you own example.com and all email for *@example.com goes to you. And there are

Re: IPv4 Broker / Service -

2020-06-11 Thread bzs
Addrex.net I know some of the principles personally and would vouch for them. On June 11, 2020 at 14:27 edwin.malle...@gmail.com (edwin.malle...@gmail.com) wrote: > Hi Nanog, > > > > I have need of a reputable IPv4 broker or service ? personal experience with > said broker would

Re: Don't email clients have a kill file?

2020-05-14 Thread bzs
Looks cool, I'll check it out, thanks! https://www.emacswiki.org/emacs/WanderLust On May 14, 2020 at 14:57 ra...@psg.com (Randy Bush) wrote: > > I tend to read email with EMACS/VM. > > fwiw, i moved from VM to Wanderlust a dozen years ago; if i remember > aright, for better imap

Re: Don't email clients have a kill file?

2020-05-14 Thread bzs
I tend to read email with EMACS/VM. It has a 'k' command which kills (marks deleted) every message with the same subject as the current message being viewed. On May 14, 2020 at 20:36 bj...@mork.no (Bjørn Mork) wrote: > At the risk of starting an off topic discussion here, but am I the only >

Re: RIPE NCC Executive Board election

2020-05-13 Thread bzs
https://www.youtube.com/watch?v=UAeqVGP-GPM -- -Barry Shein Software Tool & Die| b...@theworld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*

Re: Abuse Desks

2020-04-29 Thread bzs
On April 29, 2020 at 07:35 na...@ics-il.net (Mike Hammett) wrote: > "What is it, exactly, that you expect a provider to do with your report of a > few failed SSH login attempts to stop the activity?... disconnect the > customer." > > Yes. What I've done in the past is tell the customer we

Re: Phishing and telemarketing telephone calls

2020-04-27 Thread bzs
The obvious way to id them is to buy whatever it is they are selling. So that reduces the problem to being able to cancel the transaction once id'd, and probably using fraudulent credentials. It might take a little more strategy than what I just described, there are other potential pitfalls.

Re: DHS letters for fuel and facility access

2020-03-17 Thread bzs
I remember an anecdote during 9/11 about a fuel truck being stopped, I think the line was Houston St, someone found an empty fuel truck on the other side and convinced the natl guard or whoever it was to let them transfer the diesel from one truck to the other across the line and get the fuel

Re: COVID-19 vs. our Networks

2020-03-14 Thread bzs
On March 14, 2020 at 14:49 r...@gsp.org (Rich Kulawiec) wrote: > > 2. Find all the phone chargers, laptop chargers, USB sticks, cables, > everything. If you're not already obsessive about keeping things > charged, get that way. You're really expecting power interruptions due to the virus

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-09 Thread bzs
On March 8, 2020 at 16:32 l...@satchell.net (Stephen Satchell) wrote: > On 3/8/20 4:00 PM, b...@theworld.com wrote: > > As I've said before what would likely work is if every time one of us > > (in the US anyhow) got a junk call we immediately called our > > congressional and/or senate

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-08 Thread bzs
I do the same, don't say anything when I pick up an unknown caller id until they say something, they disconnect about half or more of the time tho not always. As I've said before what would likely work is if every time one of us (in the US anyhow) got a junk call we immediately called our

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-08 Thread bzs
Point taken. On March 8, 2020 at 15:06 dam...@google.com (Damian Menscher) wrote: > On Sun, Mar 8, 2020 at 2:18 PM wrote: > > > It's really not analogous to most of the mass attacks on the net > because the entire telco system is built to know who is using it in > great

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-08 Thread bzs
It's really not analogous to most of the mass attacks on the net because the entire telco system is built to know who is using it in great detail. Have you ever made a billable call and *not* been billed for it? If you're getting the same "Hi, this is from card holder services" calls like

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-08 Thread bzs
On March 7, 2020 at 14:54 s...@donelan.com (Sean Donelan) wrote: > > Has encryption ever solved scams/fraud/spam? > > Extended Validation SSL Certificates - Just pay a Certificate Authority > more money > > DKIM signed email - Just pay a mail provider more money to blast email > >

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-08 Thread bzs
On March 7, 2020 at 02:03 morrowc.li...@gmail.com (Christopher Morrow) wrote: > On Fri, Mar 6, 2020 at 11:05 PM Brian J. Murrell > wrote: > > > So, if my telco can bill the callers for those premium calls, they > > surely know who they are, or at least know where they are sending the >

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-06 Thread bzs
On March 6, 2020 at 17:34 s...@donelan.com (Sean Donelan) wrote: > > https://www.fcc.gov/document/chairman-pai-proposes-mandating-stirshaken-combat-robocalls > > Federal Communications Commission Chairman Ajit Pai today proposed a major > step forward to further the FCC’s efforts to

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

2020-02-16 Thread bzs
Ok it's Sunday... The first time I got on the internet was around 1977. A friend dropped by the lab I worked in at Harvard and wondered if I had an MIT ITS account and I said no wasn't even sure what it was other than a time sharing system at MIT. So we had a modem and dumb terminal and

Re: Tell me about AS19111

2020-02-07 Thread bzs
Once again I predict the past! It's amazing! Thanks John. On February 7, 2020 at 14:48 jcur...@arin.net (John Curran) wrote: > Barry - > > > FYI – In addition to a regular financial audit, ARIN periodically has a > third-party operational audit conducted of the registry,

Re: Tell me about AS19111

2020-02-06 Thread bzs
It could measure the extent of the problem and would be within what I suggested. For example if there were only one AS being abused that would make it a different priority than 1,000 or 10,000 (some seem to be implying a number like that) being abused. Do we have that number? And tracking the

Re: Tell me about AS19111

2020-02-06 Thread bzs
Given events including the IPv4 runout etc perhaps it's long overdue that the RIRs should hire a professional big-name (we used to call them Big 5) accounting firm to audit or at least review IP address, ASN, etc. allocation. I am not talking about money, I am talking about resource allocation.

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

2020-01-27 Thread bzs
On January 27, 2020 at 09:26 james.v...@gmail.com (james jones) wrote: > Does AOL count? If my first real internet connection was dial up 3600 baud > through compuserv. When I finally upgraded to 56K I thought it was light > speed.  I remember going from 300b to 1200b and thinking wow, this

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

2020-01-27 Thread bzs
On January 27, 2020 at 22:57 ma...@isc.org (Mark Andrews) wrote: > The hardware support was 2B+D but you could definitely just use a single B. > 56k vs 64k depended on where you where is the world and which style of ISDN > the telco offered. FWIW bulk dial-up lines were often brought in

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

2020-01-26 Thread bzs
On January 26, 2020 at 15:59 ka...@biplane.com.au (Karl Auer) wrote: > On Sat, 2020-01-25 at 22:29 -0600, Aaron Gould wrote: > > From: Ben Cannon [mailto:b...@6by7.net]  > > I started what became 6x7 with a 64k ISDN line.   And 9600 baud > > modems…    > > Pah! Luxury! > > When *I*

Re: akamai yesterday - what in the world was that

2020-01-24 Thread bzs
On January 24, 2020 at 16:59 list-nan...@dragon.net (Paul Ebersman) wrote: > bzs> When we, The World, first began allowing the general public onto > bzs> the internet in October 1989 we actually had a (mildly shared*) T1 > bzs> (1.544mbps) UUNET link. So not so bad for

RE: akamai yesterday - what in the world was that

2020-01-24 Thread bzs
On January 24, 2020 at 08:55 aar...@gvtc.com (Aaron Gould) wrote: > Thanks Jared, When I reminisce with my boss he reminds me that this > telco/ISP here initially started with a 56kbps internet uplink , lol Point of History: When we, The World, first began allowing the general public onto

Re: akamai yesterday - what in the world was that

2020-01-23 Thread bzs
On January 23, 2020 at 19:52 p...@nashnetworks.ca (Paul Nash) wrote: > > While it makes me feel old, it’s also something that I marvel about > > periodically. > > A bit of perspective on bandwidth and feeling old. The first non-academic > connection from Africa (Usenet and Email,

Re: FCC proposes $10 Million fine for spoofed robocalls

2019-12-20 Thread bzs
On December 20, 2019 at 08:00 na...@ics-il.net (Mike Hammett) wrote: > I can't imagine many telcos are making a lot of money from voice anymore. They may not be making a huge amount anymore which may be why they're now allowing (i.e., not fighting/lobbying) these folks to be thrown under the

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread bzs
If you want to end robocalls then every time you get one call your local congress person's or senator's main phone number and say "I just got another robocall (perhaps characterizing it like 'for auto warranties' or 'for IRS fraud')". Everyone. Every time. -- -Barry Shein Software

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread bzs
They should be fining the telcos, they're making a lot of money on these calls. And if you believe otherwise (e.g., that it's like email spam) you've been duped by telco PR. Unlike spam when was the last time a telco failed to bill you for a billable phone call? Never. They know exactly who

Re: Gmail email blocking is off the rails (again)

2019-12-04 Thread bzs
25 years or so from now when the internet is basically a big CATV-like service someone will write a book about how "SPAM Ate The Internet". And a few other things, among them: Phase II: Ham Eats The Internet. Now that every marcom, billing, etc dept and their pet dog has figured out they can

Re: RIPE our of IPv4

2019-12-01 Thread bzs
This is that reasoning that because this particular shiny bauble is laying right here on the table then that's the whole picture. More likely if some of them decided to sell that IPv4 block they'd catch up on the rent or cut deductibles on the health care plan or or get rid of some of that

Re: We've lost another innovator

2019-11-27 Thread bzs
I knew Brian Kantor from the old Usenix days, we've sat around the bar together at conferences etc. many times. There was even an outstanding minor technical issue from a few weeks ago I wanted to get back to him about...oh well. Sorry to hear this, he was one of those rare people who actually

Re: RIPE our of IPv4

2019-11-26 Thread bzs
If the commitment really was to spread IPv6 far and wide IPv6 blocks would be handed out for free, one per qualified customer (e.g., if you have an IPv4 allocation you get one IPv6 block free), or perhaps some trivial administrative fee like $10 per year. But the RIRs can't live on that. We

Re: 99% of HK internet traffic goes thru uni being fought over?

2019-11-21 Thread bzs
currently > experiencing student protests is ... yeah... Interesting theory. > > I take it you know nothing about Internetworking? Perhaps you should look at https://www.TheWorld.com/~bzs > > Or, again, Zerohedge? Nope, knew nothing off-hand about them but wikipedia seems

Re: 99% of HK internet traffic goes thru uni being fought over?

2019-11-20 Thread bzs
Thanks everyone for the replies. My conclusion is that no one here knows whether HKIX handles 99% of internet traffic for HK or not. It's a number. -- -Barry Shein Software Tool & Die| b...@theworld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1

99% of HK internet traffic goes thru uni being fought over?

2019-11-19 Thread bzs
Is this plausible? https://www.zerohedge.com/geopolitical/heres-real-reason-why-hong-kong-authorities-are-desperate-regain-control-university or http://tinyurl.com/slwchx8 -- -Barry Shein Software Tool & Die| b...@theworld.com | http://www.TheWorld.com

Re: all major US carriers received text messages overnight that appear to have been sent around Valentine's Day 2019

2019-11-09 Thread bzs
This can be a "curse" of highly available servers which stay up for a year or more, some of mine will. A mail delivery process locks messages in the queue for delivery and then the process hangs. Subsequent delivery attempts will honor the lock so they never go out, nor are they even timed

Re: IPv4 and Auctions

2019-10-25 Thread bzs
There's a fairly famous animal behavior experiment where rats are allowed to multiply in a room-sized cage without control, food and water and basic sanitation are provided. When the cage becomes extremely crowded rats are observed gnawing on each other's tails. -- -Barry Shein

Re: worse than IPv6 Pain Experiment

2019-10-10 Thread bzs
On October 9, 2019 at 17:12 b...@herrin.us (William Herrin) wrote: > On Wed, Oct 9, 2019 at 4:30 PM John R. Levine wrote: > > > Can I summarize the current round of objections to my admittedly > > > off-beat proposal (use basically URLs rather than IP addresses in IP > > > packet src/dest)

Re: worse than IPv6 Pain Experiment

2019-10-09 Thread bzs
OK OK OK. Can I summarize the current round of objections to my admittedly off-beat proposal (use basically URLs rather than IP addresses in IP packet src/dest) as: We can't do that! It would require changing something! I've no doubt many here are comfortable with the current architecture.

Re: IPv6 Pain Experiment

2019-10-09 Thread bzs
On October 8, 2019 at 23:51 o...@delong.com (Owen DeLong) wrote: (responding to my P.S.) > P.S. My prediction? > > The world's major telcos et al, having had enough of various problems, > from address exhaustion to non-stop security disasters, and the > chaotic responses,

Re: IPv6 Pain Experiment

2019-10-08 Thread bzs
On October 8, 2019 at 19:12 nwar...@barryelectric.com (Nicholas Warren) wrote: > Sweet deals, would you kindly share your vendor? > > > It's not 1990 any more, a TB of RAM now costs a few thousand dollars > and is dropping rapidly (similar for fancy router RAM), we have > processor chips

Re: IPv6 Pain Experiment

2019-10-08 Thread bzs
On October 8, 2019 at 12:04 b...@herrin.us (William Herrin) wrote: > On Tue, Oct 8, 2019 at 12:01 PM wrote: > > My main point is, as I said, Bits is Bits, whether they're human > readable (for some value of "human") like URLs or long hex strings > which perhaps are less human

Re: IPv6 Pain Experiment

2019-10-08 Thread bzs
On October 7, 2019 at 23:13 o...@delong.com (Owen DeLong) wrote: > > > > On Oct 7, 2019, at 20:16 , b...@theworld.com wrote: > > > > > > Well if you all really want your heads to explode I was invited to > > give a talk a few years ago in Singapore at the local HackerSpace. > > > >

RE: IPv6 Pain Experiment

2019-10-08 Thread bzs
On October 8, 2019 at 03:00 michel...@tsisemi.com (Michel Py) wrote: > > Owen DeLong wrote : > > Well… I don’t run into this very often any more, but I guess if you have a > > poorly run DNS environment, it might be more of an issue. > > About half of my devices, including all the VOIP

Re: IPv6 Pain Experiment

2019-10-07 Thread bzs
Well if you all really want your heads to explode I was invited to give a talk a few years ago in Singapore at the local HackerSpace. It called for something creative and different, not really an IETF sort of crowd. So I proposed we dump numeric addresses entirely and use basically URLs in IP

Re: IPv6 Pain Experiment

2019-10-07 Thread bzs
I think we're basically on the same page. But what I described wouldn't use port numbers to fake extended addressing, just a flag and some extra IP header for the extended addr bits. On October 6, 2019 at 21:12 li...@packetflux.com (Forrest Christian (List Account)) wrote: > I've been

Re: IPv6 Pain Experiment

2019-10-07 Thread bzs
I didn't quite say nothing would need to be changed, only that the changes would be by and large very minimal, some new cases in the existing IPv4 stacks, rather than an entirely new stack. Particularly for hosts, if this bit (flag, whatever) is set be sure to copy the entire IP packet into your

Re: IPv6 Pain Experiment

2019-10-06 Thread bzs
On October 6, 2019 at 16:35 jhellent...@dataix.net (J. Hellenthal) wrote: > And in which part of the header is this to be added ? I assume you mean the additional address. The IHL provides for up to 60 bytes of IP header length. 20 bytes is needed for the usual IPv4 header so an additional 40

Re: IPv6 Pain Experiment

2019-10-06 Thread bzs
On October 6, 2019 at 15:18 mpal...@hezmatt.org (Matt Palmer) wrote: > On Sat, Oct 05, 2019 at 04:36:50PM -0400, b...@theworld.com wrote: > > > > On October 4, 2019 at 15:26 o...@delong.com (Owen DeLong) wrote: > > > > > > OK… Let’s talk about how? > > > > > > How would you have

Re: IPv6 Pain Experiment

2019-10-05 Thread bzs
On October 4, 2019 at 15:26 o...@delong.com (Owen DeLong) wrote: > > OK… Let’s talk about how? > > How would you have made it possible for a host that only understands 32-bit > addresses to exchange traffic with a host that only has a 128-bit address? A bit in the header or similar

Re: FW: This DNS over HTTP thing

2019-10-03 Thread bzs
Whether people make actual monetary profit off child porn is a red herring. Literally billions make postings to social media such as FB, Twitter, (not child porn I mean in general) and very, very few get paid. There are many reasons people might do this -- make child porn available --

Re: This DNS over HTTP thing

2019-10-01 Thread bzs
Everyone's (who's anyone) is looking for free curation of the net! Maybe one more law or regulation will do it. Look at how well it stomped out spam! Put more grimly: For over 100 years Europe, and others, have imagined the path to paradise is paved with new and improved censorship. Results

Re: Weekly Routing Table Report

2019-08-30 Thread bzs
On August 30, 2019 at 15:09 patr...@ianai.net (Patrick W. Gilmore) wrote: > > Stop and think about that for a second. You had a part in literally changing > the world. Some of us had a part in literally creating TheWorld(.com) :-) -- -Barry Shein Software Tool & Die|

Re: Protecting 1Gb Ethernet From Lightning Strikes

2019-08-14 Thread bzs
Are "surge protectors" really of much use against lightning? I suspect not, other than minor inductions tho perhaps some are specially designed for lightning. I wouldn't assume, I'd want to see the word "lightning" in the specs. I once had a lightning strike (at Harvard Chemistry), probably

Re: What can ISPs do better? Removing racism out of internet

2019-08-07 Thread bzs
On August 7, 2019 at 18:43 cov...@ccs.covici.com (John Covici) wrote: > Well, I don't want any net nannies sensoring the news I get, any ideas > the nanny does not like I will never see (?) Then you wouldn't buy it. Netnanny exists now, do you use it? No? Would you use it? No. Then nothing

RE: What can ISPs do better? Removing racism out of internet

2019-08-07 Thread bzs
Netnanny is mostly sold for parents to put on their children's access. You're not thinking this through. Promote third-party curation, those who never want to see content they find disturbing can PURCHASE* that service rather than bugging their congressperson to demand that ISPs provide this

Re: What can ISPs do better? Removing racism out of internet

2019-08-07 Thread bzs
I propose that the RIGHT THING TO DO would be to seek out, promote (to both customers and the public), and support various curation services like netnanny. Promoting the idea that third-party curation is a service one can obtain into the public discussion can only be good. -- -Barry

Re: What can ISPs do better? Removing racism out of internet

2019-08-06 Thread bzs
And now this has happened, in a nutshell France's lower house says remove content which is "obviously hateful" (words used in the article) in 24 hours or face up to a 1.25M euro fine. Granted perhaps it won't become law. But legislators are clearly becoming consumed with this whole internet

Re: What can ISPs do better? Removing racism out of internet

2019-08-06 Thread bzs
On August 5, 2019 at 19:02 valdis.kletni...@vt.edu (Valdis Klētnieks) wrote: > > Hint: The DMCA has the text about data stored on ISP servers because many > ISPs > aren't mere conduits. And this thread got started regarding a CDN, which is > very much > all about storing data on

Re: What can ISPs do better? Removing racism out of internet

2019-08-05 Thread bzs
One tiny bit of sermonizing not aimed at anyone in particular: Interested amateurs tend to study the wording of laws. Lawyers tend to study case law, actual cases and their outcomes. In part that's because, besides the hazards of interpretation, laws often conflict, supercede each other,

Re: What can ISPs do better? Removing racism out of internet

2019-08-05 Thread bzs
My first suggestion would be to include an indemnification clause in your contracts which includes liability for content, if you don't already have it (probably most do.) And a clause which indicates you (need lawyering for this) will seek expenses including but not limited to legal,

Feasibility of using Class E space for public unicast (was re: 44/8)

2019-07-27 Thread bzs
On July 26, 2019 at 21:19 do...@dougbarton.us (Doug Barton) wrote: > All of this, plus what Fred Baker said upthread. > > When I was running the IANA in the early 2000's we discussed this issue with > many different experts, hardware company reps, etc. Not only was there a > software issue

Re: Postmaster@

2019-06-15 Thread bzs
I wonder how much do-not-reply@ and similar is spammed? On June 15, 2019 at 01:47 m...@beckman.org (Mel Beckman) wrote: > Postmaster@ is so widely spammed as to be useless. Standards, and even laws, > can be overcome by reality. Witness the DoNotCall list. > > -mel beckman > > > On

Re: Spamming of NANOG list members

2019-06-01 Thread bzs
WARNING: I AM ABOUT TO PONTIFICATE! Many of the lists etc I'm on get spamt and that's followed by a stream of "we're getting spamt!" (either directly or scraped) agonizing, over and over. I've been involved in the spam problems since before some of you were bornt (ok I'll stop with the stupid

Re: Power cut if temps are too high

2019-05-28 Thread bzs
On May 28, 2019 at 19:56 o...@delong.com (Owen DeLong) wrote: > It’s unlikely to apply to much of anything in a datacenter other than disks. Ok, disks, a mere bagatelle of a concern. Then again obviously disks have gotten much, much better about thermal change since people in, e.g., temperate

Re: Power cut if temps are too high

2019-05-28 Thread bzs
Something to keep in mind is that some equipment, disks in particular, should only be cooled at a certain rate once they're hot, often annoyingly slow by the specs like 2-3 degrees C per hour but there are probably circuits sensitive to this also which could be anywhere. It came up because it

Mostly name and shame...

2019-05-13 Thread bzs
Why has OUTLOOK.COM allowed daily dictionary spammers to operate from their net, FOR YEARS? It can't be that hard to detect and block. 2019-05-13T17:00:18.194103-04:00 pcls6 sendmail[14128]: NOUSER: proctor5 relay=mail-eopbgr740053.outbound.protection.outlook.com [40.107.74.53]

Re: any interesting/useful resources available to IPv6 only?

2019-05-07 Thread bzs
That's it! Put your stuff on IPv6-only and vastly improve your security footprint! -- -Barry Shein Software Tool & Die| b...@theworld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public

Re: Should Netflix and Hulu give you emergency alerts?

2019-03-09 Thread bzs
I'm old. I was online @MIT-AI the night the pentagon (probably DISA?) started broadcasting messages that basically the ARPAnet was going down for "emergency testing" blah blah. I thought it was a prank so just kept working. Another message or two and it all went dead, CONNECTION LOST Couldn't

Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-27 Thread bzs
I have proposed many times to just move domain WHOIS data into a new RRTYPE and let whoever owns the domain put in that whatever they want, including (and perhaps most usefully for many) just a URL for further detail. Obviously registries/registrars/ICANN can require and maintain more specific

Re: A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-26 Thread bzs
On February 26, 2019 at 20:45 jo...@iecc.com (John Levine) wrote: > In article <3fd86d54-7fe4-4e1d-8c8d-a4d79f030...@pch.net> you write: > >That’s the main reason for having a brand TLD at this point, from my point > >of view. It’s the reason I’d get one in a heartbeat, if I could afford

  1   2   3   >