Germany does not mandate that TOR end-node providers are expected to log their users. Saying that not logging someone who went through your end-node is intentionally hindering the police would be like accusing a shopkeeper of intentionally hindering the police because they didn't make of record of every person who entered their storefront.
I think it differs because tor is specifically created to protect against surveillance; both private surveillance and state surveillance (a.k.a. law enforcement).
If a shop was actively helping people avoid surveillance, I would expect them to actively assist law enforcement, too.
I find it perfectly reasonable to consider people who actively help a project which advertises on its website that it is being used to protect against state surveillance / law enforcement to be hindering law enforcement.
>If IPv6 were made today, it would be tunneled inside an HTTP connection. All the new apps would adopt it, the legacy apps would be abandoned or have shims made, and the whole thing would be inefficient and buggy, but adopted. Since poking my head outside of the tech world and into the wider world, it turns out this is how most of the world works.
What you're suggesting here wouldn't work, wrapping all the addressing information inside HTTP which relies on IP for delivery does not work. It would be the equivalent of sealing all the addressing information for a letter you'd like to send inside the envelope.
PLCs are explicitly considered high value targets as they control large swaths of a nation-states critical infrastructure as well as connect to high value end-points in air-gapped networks.
Now perhaps you're not working on anything someone might want to exploit, but PLCs are often found in critical infrastructure as well as high-end manufacturing facilities, which make them attractive targets for malicious actors. Whether because they're attempting to exploit critical infrastructure or infect a poorly secured device that high value end-points (such as engineering laptops) might eventually connect to directly.
I was in a cybersecurity program in college and one of the classes explicitly targeted SCADA systems and how to exploit them. That was 10 years ago and I imagine things have only gotten worse since.
>What IPng team should do, is just take IPv4, extended it to 64bit, call it IPv6 and we are done.
This is literally what they did, except they made it 128 bit rather than 64.
The thing you're missing is that literally every IPv4 protocol breaks the second you change bit count. Before you change the 32-bit header you need to (a) redefine bit for bit every IP protocol so it can be understood by each IP capable device (b) somehow send a full-proof update to every IPv4 device in the world redefining how they ought to interpret IPv4 headers.
I do NOT miss that point. The point is, new protocol should not be very different from previous one, unless its really necessary. After all those years and R&D put into IPv4 to make it better, we ended up with decent protocol. The only flaw is too small address space. With current IPv6, you have to throw up half of the stuff you know about IPv4 for, imo, no valid reason.
And I will tell it again to be clear. Im not fan of some IPv4+ contraption ideas like lets extend IPv4 address space and try to keep it IPv4. Thats DUMB. Make new protocol, improve things that were bad in IPv4 (are they any?) and try to make it one way interop to IPv4 (IPv6 -> IPv4) and we are done.
Remember that you are building protocol for entire planet. It have to be relativly simple and easy to implement. Any extras should be layer up.
The whole IoT crap annoys me a lot. This stuff should NEVER ever be connected directly to internet. It creates huge security mess. There should be IoT GW to handle IP <-> (whatever IoT proto) and provide security.
>I do NOT miss that point. The point is, new protocol should not be very different from previous one, unless its really necessary.
>>The only flaw is too small address space.
>>>With current IPv6, you have to throw up half of the stuff you know about IPv4 for, imo, no valid reason.
ARP, DHCP, NAT, Lack of built in encryption are all huge problems that had to be addressed.
- ARP: incredibly inefficient, prime vector for abuse by malicious actors via arp poisoning
- DHCP: Man in the middle attacks, need I say more?
- NAT: Literally breaks the whole concept of IP addressing, incredibly inefficient as it requires manipulating packets mid-stream, literally designed as a temporary band aid to smooth our transition away from IPv4
- Built in encryption: You say this makes this more complicated but I believe it is the opposite, better security is built into the foundation rather than having to build it into every protocol on top of it. (ssh instead of telnet, SFTP instead of FTP, HTTPs instead of HTTP, ect) The issue I'm having with your argument is that you're saying that "you're fine with a replacement IP protocol which ditches the bad" and then go on to deride IPv6 for doing exactly what you're asking for. (keeping it as close to IPv4 as possible while ditching the biggest sources of technical debt)
>And I will tell it again to be clear. Im not fan of some IPv4+ contraption ideas like lets extend IPv4 address space and try to keep it IPv4. Thats DUMB.
But you literally did suggest exactly this when you said:
>What IPng team should do, is just take IPv4, extended it to 64bit, call it IPv6 and we are done.
Did I somehow misinterpret this?
>Make new protocol, improve things that were bad in IPv4 (are they any?) and try to make it one way interop to IPv4 (IPv6 -> IPv4) and we are done.
>Remember that you are building protocol for entire planet. It have to be relativly simple and easy to implement. Any extras should be layer up.
Again, this really makes me think you don't work in networking. When you abstract security from the underlining protocols you essentially leave a gaping hole in your security. The only surefire way to communicate securely is to bake encryption into the protocol itself. (and even then it is hit or miss)
This is why we moved from HTTPv2 to HTTPv3 This is why we stopped wrapping telnet into IPsec Tunnels and opted for SSH, this is why we stopped wrapping HTTPv2 in TLS tunnels and baked it into HTTPv3, and so on.
I don't want to spend a lot of time on IoT but as a network engineer I can say that they exist whether you like them or not and make up a large portion of traffic so we can't just not consider them when talking about how network protocols ought to be designed.
Yes, ARP had its problem, but they are solved right now. We have knobs in managed switches to handle it. ND just moved problems somewhere else, please read about ND table exhaustion and attacks.
DHCP snooping, need I say more? Also, if you are operating on network that is high security risk, you just layer VPN on top of it. Thats why they got invented in first place..
NAT is not that bad after all imo. I like its feature that my LAN is decoupled from WAN. Im multihomed and I do not need to bother annoucing prefixes to both ISPs.
Yes, you still misinterpret my statement. I mean: take IPv4 and just extend its address space and create new protocol out of it. It will not work with IPv4 itself because its not possible to do. But why take old IPv4 instead creating something from scratch? Simple, IPv4 works very well, why to trash last 30 years of R&D put to it? Sure, if you can came up with something better, go ahead. IPv6 did not deliver the promise.
Security is not that simple like, slap encryption everywhere and we are done, its more complicated matter. Encryption, control, management, endpoints security, router security. Whats the point of encryption of your device can be compromised due to shitty mgmt and traffic MITM again? Or whats the point of encryption if it can be cracked within hour doing MITM again due to protocol got old.
Yeah, HTTPv3.. created yet another problems that needs to be solved now. Why every time something new pops in, it trash past protocol R&D put to it, bringing same on similar problems AGAIN. Thats pathetic.
IoT, thats good example actually. It have E2E encryption (mostly its all HTTPS) and yet its p0wned so easly creating huge DDoS networks. Im starting to wonder if you have any security clue at all.
In short, the problem with using Nazi's as a comparison is the strong emotional reactions people are prone to experience. (Justifiably so to be clear)
When a person invokes the Nazi's while discussing subjects that aren't nearly as heavy (emotionally speaking) the horrors of everything Nazi related, they're leave themselves open to being perceived as hyperbolic. No matter how strongly one might feel about open source, the subject matter is just simply on a different emotional level than all the horror which is Nazi. (and therefore, ought not to used as a comparison)
And again just to be clear, I'm not accusing you of being hyperbolic personally, I just want to elaborate on why some people groan when they see Nazi's beings inserted into topics which they have nothing to do with.
Love where your head is at, but assuming we're talking about the united states, we literally just have enough money and resources to subsidize every kid who wants to attend college if we really wanted to.
There are so many measurable long-term benefits to higher education both for the individual as well as the state that it's truly insane (to me any at least) with how unaccessible we've let it become.
We do have many good schools but unlike most places we also have extremely great schools. So while it's pretty easy to fund a good education for everyone, there's always going to be competition for the best.
From what I've read, the alternative they've come up with is favoring certain ethnic backgrounds over others. But the courts are currently not favoring that approach. So they may have to go back to looking at grades and test scores.
I actually agree with the spirit of what you're saying but I feel compelled to point out that Alexander actually wasn't a king for very long. The median reign for hellenistic rulers was 20-30 years whereas Alexander's only reigned for a short 13 years.
Again while I absolutely agree with your point, he was in fact, not a king for very long.
Perhaps its just me, but I feel like a lot of users are missing the forest for the trees here. Services such as these only pop up when legitimate solutions prove ineffective at addressing the problem.
To me, these services are more indicative of "Big Tech" failing to create effective appeal processes to meet their consumer's demand... While I'm sure there isn't a lot of money in it, it'd be great for Big Tech to examine how they could improve on this front.
It’s just you. The ineffectiveness is the point. This service is a joke, it’s surely illegal. Everyone knows it’s a “failing” system, you can’t scale free customer service forever.
The legitimacy of the need for this service proves the value of these accounts. I predict that tech companies will get in on it, and within a few years will offer paid customer service the way enterprises get today. You can already pay for “verified” accounts, so this is the next step. If companies don’t monetize it, government will regulate it.
> I predict that tech companies will get in on it, and within a few years will offer paid customer service the way enterprises get today.
Good! That would be a fantastic outcome if that's all plsfix accomplishes. Tons of people would be willing to pay for support but it's just not offered.
>It’s just you. The ineffectiveness is the point. This service is a joke, it’s surely illegal. Everyone knows it’s a “failing” system, you can’t scale free customer service forever.
Is the spirit of this service corrupt? Absolutely. Does it undercut Big Tech's checks and balances? %100. Is it morally lacking? Personally I think so. Is it illegal though... ehhhh? It might be shocking but not every term found on a FAANG's term and services agreement is legally binding.
Services like these are inevitable so long as humans are corrupt but typically only pop into public consensus when the institution has failed so spectacularly that the average consumer has completely lost faith in them to adequately address their problem. While I'm not condoning corruption, clearly the Big Tech companies have failed in providing adequate solutions to this problem and I feel our time is better spent examining the negligence of these institutions which caused the problem rather than the malicious service looking to exploit said negligence.
I'm not sure the 'You deleted my YouTube account because I got 3 false copyright claims in 1 hour' to 'I've installed Google(TM) YouTube(R) Antivirus Subscription' pipeline is a strong one.
Before this existed, it's likely that most internal requests are from employees genuinely trying to help people. Sure, it's possible there's some employees already taking money to submit internal forms rather than personally evaluating the applicant's morals, but it's unlikely that it's very widespread. Formalizing the process like this website does makes it much more likely that most submissions to internal forms for unbanning people will be in exchange for money with no moral consideration, due to 1) making a marketplace to match applicants and suitably unscrupulous employees; 2) reducing friction for actually executing the transaction; and 3) by being explicitly money-oriented attracting employees who are very much not in it to help unfairly banned applicants. Those factors make this seem far more ethically repugnant than existing processes
Self reply to start a new thread of conversation, the lack of consideration of these factors is incredibly stereotypical of "Valley techbros" and the mismatch in values between people who'd make this kind of site and people who'd find this kind of site awful is why many people outside of Silicon Valley aren't as enthused about tech companies as the tech companies themselves are
>the mismatch in values between people who'd make this kind of site and people who'd find this kind of site awful
enemy of my enemy is a friend. If I cared enough to properly appeal a bad ban, I care less about the ethics of how I get unbanned and more about just getting unbanned.
You're already convinced the company that banned you is unfair and uncaring. Why would you care about exploiting the weaknesses?
I think the majority of HN is aware of Big Tech's failure to create effective appeal processes. It's not exactly a secret. This service is still naked corruption, though.
>Dishonest or fraudulent conduct by those in power, typically involving bribery.
Don't see much dishonest. And honestly, it may fall under a bribe, but bribe implies the person in power was the one who affected you. Which clearly isn't the case here.
In my eyes, this is just making a public service of something we 100% know people who make tech companies profitable already have access to.
It's only slightly lower in my eyes than an influencer getting sanctioned, private access to someone in power in exchange for continuing to kinda be an employee (but not actually). I mostly want to emphasize that the "official" ways to do this was already razor thin.
>History is written by the winners. 100% of that "he led the flank himself and commanded while the other men just watched" is suspect.
History is written by the literate. (i.e. the rich for most of human history)
In this case, most information about Alexander the Great comes from four distinct sources, the most famous being Arrian of Nicomedia who famously used Ptolemy I Soter as their primary source.
Ptolemy at the time he wrote his testimony was already a king and only had benefit of grandizing his own contributions not his old King. His account was famed for how straightforward it was and seemed only to confirm Alexander's exceptional leadership in battle.
Microwaves use the 2.4ghz spectrum but typically not with any real precision which means that while in use they just tank the 2.4ghz spectrum.
*As an aside, one of my favorite things I get to do at work is when onboarding new Jr. Net Engineers is getting them take our spectrum analyzer into our office kitchen and instructing them to watch the spectrum turn bright red while I make a bag of popcorn.
Anyhow to get to your question, the best answer would be to get some distance between your microwave and set-up you're using with the headset. Otherwise if that isn't possible, then you'll want some headphones that does use 2.4ghz. Replacing the microwave will likely not fix the problem since they all use 2.4ghz band for cooking and at least I've never seen one shielded well enough that it didn't impact others while in use.
