posted Sep 29, 2015, 9:46 AM by Sami Lehtinen
updated Oct 2, 2015, 8:31 PM
- ARIN (North America) is now finally and officially out of IPv4 addresses. Now it would be really good time to get your IPv6 stuff together if you haven't yet done it. Also many big players like BT are now really starting to push IPv6 forward.
- One more reason to avoid US based hosting? CISA - You'll get betrayed by US technology companies.
- OVH announced building 12 more data centers? - I wonder if OVH couldn't provide customer satisfaction with mega data centers? Is the latency so important for many customers? GRA and BHS data centers are potentially absolutely huge? But does that make customers unhappy due to potentially high latency to distant mega data center? I guess that's the reason why they're planning to build 12 more (obviously smaller) data centers.
- Read: Karma Police - Surprised? Nope. It's just as expected. Very good article reminding us how we're all being monitored. Had to read it all even if it's very long. Good stuff.
- TCP Cubic bug fix by Google. Slow start broken on persistent connections when using Cubic? Ok, I thought slow start would be used if connection has been 'idle' for a certain time. But it seems that wasn't the case in this particular case.
- Had some discussion about traceroute bad.horse and similar traceroutes where the route contains tons of funny names or story or what ever. I would personally prefer faking it using Python script, instead of using two routers as one old example solution did. When I said that, I was asked if I would write such a script. My answer was:"
I'm busy with other projects, so I won't do it. But that's trivial. It would be a good practical learning opportunity if you're trying to learn about IP protocol and packet handling. Just use raw sockets on Linux, get data, and generate responses from a different IP based.
Alternatively you could use multiple IP addresses on same host, then you don't need to fake packets and can traditionally listen on ping on every IP. But that takes it to bit higher level and it isn't so fun anymore.
Or you can set your computer to listen in on routed traffic, if you got router which will route subnet to your 'software' router. There are multiple ways to do it.
Of course using two hardware routers is also ok, if you want to learn about configuring those. Different goal, different means.
All of these means still require you to be able to control that subnet and set required reverse DNS information.
Also the latency between first hop of the story and last hop of the story tells about the system having very limited capacity. In case of the faking Script, delay difference between hops would be 0 ms. Now the numbers directly tell that there's plenty of latency and packet handling is taking a long time. -> Guaranteed to have a poor throughput & load characteristics."
- Fixed monitoring script, now it's possible per service to select if service will be monitoredusing IPv4 or IPv6 using round-robin, either IPv4 alone, IPv6 alone, or both in parallel. Nice! All information is logged nicely in database and can be analyzed later. I guess I'll be saving some of those logs too, so I can produce nice graphs when C-Lion (Sea Lion?) by Cinia gets connected between Finland and Germany.
- Galaxkey - More hardware 2FA / Key management solutions. Afaik, nothing new in this case. It's not American, but it's British company. Which means that it can't be trusted anymore than American companies. Also their own secure solution with invites, email, etc. Isn't what I'm looking for. If I want authentication solution I want it to be as independent as possible. If it requires 3rd party trust, it's not secure in a way I'm looking for. Many of these solutions also leave gaping hole for a back door entry. So basically systems are secure if they work as designed, but because many parts of the system are from single vendor, it's trivial for them to break the security whenever they want / need to. I've seen many software pieces to work differently depending what the customer / license holder is. So software is secure, unless user being targeted is using it. Even then the security can be broken in a very subtle way so there's no way for the user to actually know that they've lost security & privacy.
- OpenBazaar will allow selling of 'electronic goods' - Anything can be sold, purchased and naturally delivered online. Music business has been leading this trend and everything which can be sold will follow that. But there hasn't been great ways to sell electronic items online for individuals. OpenBazaar will allow that to be done easily for anyone and anywhere. As well as using cyber lockers for efficient delivery & pickup without hosting expensive delivery systems and content delivery networks (CDN). But I'll be posting more about that later.
- I'm just wondering why phones with AMOLED displays (without back light) would need a status led? Wouldn't it be trivial to just blink very shortly group of LEDs on the screen itself showing symbol or figure? Just enough that it'll get your attention. Tens of milliseconds should be enough so you can recognize that 'something happened'. Power required for that should be absolutely minimal. 20 ms flash every minute or so, lighting up just a group of pixes forming like email symbol or phone symbol on screen or so. Yep, if you got already LED display, what would you need a status led for? I just don't get it why they're not doing that already.
- I guess you've already noticed that my Blog posts lag behind. I'm not
posting daily and even weekly posts could have been stored as drafts for
months before getting posted.