PoE-ing a RIPE Atlas Probe
• 1 min read
Read below how I added PoE-capability to RIPE Atlas v3 probes - cheap and easy!
Articles
Likes on articles
• 1 min read
Read below how I added PoE-capability to RIPE Atlas v3 probes - cheap and easy!
• 3 min read
The Dutch Institute for Applied Scientific Research (TNO) and a number of Dutch security companies have recently published a report on IPv6 security test methodologies.
Showing 2 article(s)
Thank you for your analysis. I do have a few points to make though. IPv6 was originally defined to solve address space issues with IPv4. So, on the Internet, we would add IPv6, run dual-stack, and when everybody has IPv6 access, we could stop providing services via IPv4. When we're talking about IPv6 deployment, that should be the goal, and how are we faring? One way to look at this is mobile access, that is access via smartphones. Many, many people have smartphones and for many it is the primary or even the only network access device. Looking at this, the situation is much less favorable. Mobile devices that have wifi access - if the wifi provides IPv6, then many (but not all) devices will use it. In some case IPv4 is preferred, in some cases IPv6 is. Providing and analyzing the guest network of a youth organisation is interesting in this regard. But the real problem is that IPv6 is almost never made available over mobile (4G / 5G) networks. I am not able to buy a mobile subscription that provides IPv6 in the Netherlands, and I think this applies to many EU countries (would be interesting to investigate!) From what I have been told (and please correct me!), providing IPv6 connectivity incurs an additional chargeable connection slot at the mobile network infrastructure, incurring additional cost. If that is true (again, I don't know!) then providing IPv6 makes no business sense since the operator is doubling his connection cost w/o clear benefit. There would be a clear benefit if all providers do this (forced to do this) because in this case all providers incur the same cost and hence the cost would be "zero", at least from an intra-provider competition point of view. This would be of great benefit for one's national economy because we could start working on the next phase, plan to phase-out IPv4. So, I asked. When the auction process for 5G spectrum space was done in the Netherlands, I suggested that the 5G service would be dual-stack as part of the bidding process. This suggestion was denied; the regulator commented that the service should be "technology-neutral" and hence didn't feel like supporting IPv6 as part of the 5G service. I think this would be interesting successive work. One, find out if, where and how IPv6 connectivity is made available in mobile networks (I'm only aware of Slovenia doing this). And two, as long as regulators don't see the advantage of doing IPv6 as a solution to the problems of address space scarcity on one's national infrastructure, I think there is some work here. Perhaps an organisation like ISOC could consider this work, sort of as a next phase of the IPv6 deployment initiative. It is possible (though some providers find it surprisingly difficult) to make one's consumer home-network dual-stack. But without involvement of mobile access IPv6 remains a "server only" thing. And that's not what we had in mind when the IPv6 thing started.
Has RIPE NCC ever tried to contact the manufacturers of the USB sticks we are harping? There could be reasons why the USB sticks behave this way, and I think it just to ask the other side of the story. For instance, a USB stick consists of a flash storage array, and a controller that maps the storage pages to disk sectors to allow wear levelling. An encrypted filesystem may play havoc with the controller. Anybody ever tried endurance of an encrypted filesystem, versus a non-encrypted filesystem containing encrypted files?
Actually, there was a ticket system before the hostmaster one mentioned in the article - I remember having used 'req' (remember that one? ) at least in 1993. But that was for technical matters, not for hostmaster matters - they had more complex requirements. It is too bad that we keep accepting service from non IPv6-capable suppliers. Like security, it simply should be a must-have in the selection process...
Showing 3 comment(s)