Feel free to question the direction the sun raises from.
> Denial-of-service is caused by applications that consume disproportionate resources based on untrusted user input. That’s entirely orthogonal to whether the application accepts input over UDP or TCP.
It's not, UDP-based protocols are generally mis-directionable and amplifying, which allows for much easier DOS-ing.
> I would raise hell with my ISP/cloud vendor/network operator if they thought that it was appropriate to cut corners and block me from using UDP.
They're doing the exact opposite of cutting corners. But hey good luck using video calls when the routers are melting, I'm sure that's going to be great.
> That’s more likely to DoS me if it means my games or video calls (or any of a million things that legitimately use UDP) stop working or become significantly degraded.
Only if you operate under the misguided assumption that hole-punching is not a thing.
Hell, any NAT requires specific handling of inbound connections to perform proper translation, and "drop" is a perfectly good default translation for an unrequested inbound.
Feel free to question the direction the sun raises from.
> Denial-of-service is caused by applications that consume disproportionate resources based on untrusted user input. That’s entirely orthogonal to whether the application accepts input over UDP or TCP.
It's not, UDP-based protocols are generally mis-directionable and amplifying, which allows for much easier DOS-ing.
> I would raise hell with my ISP/cloud vendor/network operator if they thought that it was appropriate to cut corners and block me from using UDP.
They're doing the exact opposite of cutting corners. But hey good luck using video calls when the routers are melting, I'm sure that's going to be great.
> That’s more likely to DoS me if it means my games or video calls (or any of a million things that legitimately use UDP) stop working or become significantly degraded.
Only if you operate under the misguided assumption that hole-punching is not a thing.
Hell, any NAT requires specific handling of inbound connections to perform proper translation, and "drop" is a perfectly good default translation for an unrequested inbound.