>In other news, New Zealand is having national elections this weekend.
>New Zealand is usually ranked in the top 10 best election administrations
>worldwide. NZ expects to have the majority of ballots counted within 2
>hours of their polls closing on Saturday evening.
I thought the HGIC (Head Gh
And do not use an Intel CPU.
Intel only has 4x PCIe lanes that are shared out into whatever configuration
they claim to have and are totally unsuitable for use in a computer that
actually has to be able to do high-speed I/O.
--
Be decisive. Make a decision, right or wrong. The road of life
Outlook is a client. Microsoft e-mail servers run Sex-Change and the
outlook.com domain refers to the servers, not the clients. The Outlook client
can "connect" to just about any server ever written but has nothing to do with
Microsoft Sex-Change servers.
--
Be decisive. Make a decision, r
Simply get rid of the gigabytes of JavaScript and stupidly designed crap
and hire someone who knows what they are doing and a bandwidth DOWNGRADE
will be in order. The root cause is incompetence and it can be fixed by
getting rid of all the children and hiring someone who knows what they
are doi
On Tuesday, 22 December, 2020 22:42, Wayne Bouchard wrote:
>On Wed, Dec 23, 2020 at 02:58:32PM +1000, Robert Brockway wrote:
>> On Thu, 17 Dec 2020, Tom Beecher wrote:
>> If the last 50 years has shown us anything it is that humans and
>> computers working together can achieve far more than either
>If the operator wants to keep bufferbloat low you will not be able to
>utilise your 1 Gbps to that speed when downloading from distant servers.
>But with the same bufferbloat measured in milliseconds you will still
>have a 10x bigger buffer and thus 10x bigger bandwidth delay product.
>That transl
On: Sunday, 27 December, 2020 03:26, Mark Tinka wrote:
>In the end, and for various reasons, I settled on renewables.
Me too. On top of that, diesel and gasoline are pretty reliable. Though some
people may argue about "renewables" the fact is that it is all a matter of
time-frame. Solar po
On Monday, 28 December, 2020 10:48. Darin Steffl wrote:
>The "Free" service doesn't cover your cost of support which is much
>higher for residential than any business customer. Our residential
>customers call at least 15x more often compared to business customers
>compared on a 1:1 ratio.
Are y
>I think the challenge here is that there's a category of people
>who don't have cell phones, who don't have cable TV, but
>receive content over their internet connection. I happen to
>live with someone like that, so I know it's a non-zero portion
>of the population.
I pay for my Internet connect
That all only matters if you (the oppressor) believes that your victim
(the oppressed) has the means to "bring peace to their enemy" either by
wielding devices of War and Destruction or through the Legal System.
This is the case with all "habitual criminals" such as AWS, Twitter,
Facebook, Google
>It's amazing how far the world has stumbled that "fomenting violent
>insurrection and calling for the murder of elected officials" now
>falls under standard T&Cs against abusive behaviour where this used
>to be perfectly fine a year ago.
The world is now a different place with the election of t
Laszko
>Sent: Sunday, 10 January, 2021 15:07
>To: Keith Medcalf
>Subject: RE: Parler
>
>Which ones are the Nazi’s?
>
>
>
>
>
>James
>
>
>
>From: NANOG On Behalf
Of
>Keith Medcalf
>Sent: Sunday, January 10, 2021 1:59 PM
>To: nanog@nanog.org
>Cc: n
>The first amendment deals with the government passing laws restricting
>freedom of speech. It has nothing to do with to whom AWS chooses to sell
>their services. It is also not absolute (fire, crowded theater, etc.)
You are correct and incorrect. The First Amendment prohibits the Government
fro
ssage-
>From: Rod Beck
>Sent: Monday, 11 January, 2021 05:13
>To: Keith Medcalf
>Subject: Re: Parler
>
>Hi,
>
>
>Your distinction sounds specious. The Courts have consistently that the
>1st amendment protects free speech from government retaliation in many
>i
I thought y'all yankee doodles had this thing called the Communication Decency
Act section 230 that prevented a "service provider" from being responsible for
the content of third-party's -- whether or not they were acting as a publisher;
and, also the principle of law that an agreement to viol
On Thursday, 14 January, 2021 04:53, adamv0...@netconsultings.com wrote:
>https://aws.amazon.com/agreement/
>7.2 Termination.
>(a) Termination for Convenience. You may terminate this Agreement for any
>reason by providing us notice and closing your account for all Services
>for which we provide
On Thursday, 14 January, 2021 10:02, Mel Beckman wrote:
>I, however, do know that this is the contract that was in force. Because
>I read the lawsuit, and the contract, which I’ve verified is identical to
>the one posted online, is included as an exhibit (although the courts
>managed to get the
>Is nested virtualization really a thing?
Real Computers have been running VMs inside VMs for about 50 years. Bringing
this technology to "bitty boxes" is a recent thing.
--
Be decisive. Make a decision, right or wrong. The road of life is paved with
flat squirrels who could not make a dec
Net to mention, of course, that the Low Orbit constellation would need to be
"parked" over China (or where-ever you want to access it). I am quite sure
that "shooting down" such low orbit stationary vehicles would not be too
difficult. And if they are owned by an adversary who has no permiss
Does nothing. Does it require permitting the unfettered execution of arbitrary
untrusted and untrustworthy code perchance?
--
Be decisive. Make a decision, right or wrong. The road of life is paved with
flat squirrels who could not make a decision.
>-Original Message-
>From: NANOG
>On Wednesday, 30 June, 2021 13:53, Michael Thomas wrote:
>From an automated standpoint, I really don't care about whether a phone
>number is authentic, I care about the domain that onramped it so I can
>theoretically punish it. It's the people who are allowing the spoofing
>that is the real pr
>On Friday, 9 July, 2021 16:32, K. Scott Helms wrote:
>Robocalls really aren't a product of the legacy PSTN. Today almost none
>of them originate from anywhere but VOIP. Now, you can certainly say
>that if SS7 had robust authentication mechanisms that we could then trust
>caller ID (more) but
On NANOG list , Dan Hollis
wrote:
>https://www.theregister.co.uk/2020/01/07/icann_verisign_fees/
Operator of the dot-com registry, Verisign, has decided to pay DNS
overseer ICANN $4m a year for the next five years in order to “educate
the wider ICANN community about security threats.”
>98% of
On Wednesday, 8 January, 2020 14:35. Octolus Development
wrote:
>Sony are currently "looking into it" but they do not seem to care much. I
>am a customer of Sony, I own PlayStation consoles and I am not able to
>access their service. They tell me to change my IP instead of solving the
>actual
On Thursday, 20 February, 2020 08:31, Ca By wrote:
>On Thu, Feb 20, 2020 at 8:34 AM Tom Beecher wrote:
> I only wish I were insane; but from where I'm sitting, QUIC
>has broken
> my internet, and the resolution is blocking QUIC.
>
> The QUIC protocol itself i
Warzone is a 83-101GB download for new, free-to-play users*.
And I remember the days when that would have taken 10 and a half years to
download and consumed 56,000 floppy diskettes.
My, how times have changed!
--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lo
I don't know but we just issued travel restrictions to the United States
as it is now a Hot Spot for the unrestricted spread of the coronavirus
which causes COVID-19.
--
The fact that there's a Highway to Hell but only a Stairway to Heaven
says a lot about anticipated traffic volume.
>-Orig
On Thursday, 12 March, 2020 20:37, Valdis Kletnieks
wrote:
>On Thu, 12 Mar 2020 18:08:05 -0600, "Keith Medcalf" said:
>> I don't know but we just issued travel restrictions to the United
>> States as it is now a Hot Spot for the unrestricted spread of the
>&g
If it is "critical" you need a dedicated circuit. If it is "meh, who gives a
shit", then you can go though the Internet.
The root of the issue is that some idiot did a bad Risk Assessment. Hope it
got fired or killed so it won't do this again in the future.
Hope you also learned something a
On Tuesday, 17 March, 2020 03:31, Mark Tinka wrote:
>On 16/Mar/20 21:08, Owen DeLong wrote:
>> For up to date local information, check with the local public health
>> authority in your jurisdiction. In the US, that will usually
>> be your county public health agency. In some cases, individual
On Tuesday, 17 March, 2020 11:04, Mike Bolitho wrote:
>>The answer is don't shove application traffic that has tight service
>>level requirements onto the public internet at large and expect the same
>>performance as private circuits or other SLA protected services.
>I keep seeing this over an
On Tuesday, 17 March, 2020 15:48, Rich Kulawiec wrote:
>On Tue, Mar 17, 2020 at 11:35:59AM -0700, Owen DeLong wrote:
>> Anything in the healthcare vertical that is outside of the medical
>> providers control/ownership is a result of the medical provider
>> buying into that model on some level. S
On Wednesday, 18 March, 2020 05:24, Rich Kulawiec wrote:
>On Wed, Mar 18, 2020 at 03:43:37AM -0600, Keith Medcalf wrote:
>> So you failed because you did not require the person making the
>> decision to take responsibility for their decision. That is, your
>> organi
On Thursday, 19 March, 2020 10:07, Matt Hoppes
wrote:
>Agreed... 720 or 1080 Netflix will work just as fine as 4K for the next
>month or two.
As long as NetFlix lowers their prices proportionately with their reduced level
of service. For example, if NetFlix decides they will only provide
"
On Friday, 20 March, 2020 07:52, Mike Hammett wrote:
>Some of the pipes Netflix goes through is also used by other services
>that aren't as adaptable.
Can you explain why you think that is Netflix problem?
I should think that it is a problem being experienced by persons who
deliberately chos
On Friday, 20 March, 2020 20:43, Mark Tinka wrote:
>If we go down this path, who's to say which service provider will or
>won't be "targeted" next at the whim of some command & control policy
>maker? Is it a rabbit hole whose top-soil we want to uncover?
Perhaps the "advertizing" and "JavaScri
On Monday, 23 March, 2020 04:19, Alexandre Petrescu
wrote:
> ... like 'remote surgery' needs to transmit haptic feedback effect across
> long distances.
Personally, if I were asked to give consent for surgery and it contained a risk
"the communications uses the Internet for transport and t
On Monday, 23 March, 2020 14:21, Peter Beckman wrote:
>Software-based TOTP offer more security than no one-time passwords, but
>admittedly less than the physical tokens. Google Authenticator, Authy,
>1Password, LastPass all support TOTP.
Hardware tokens are nothing more than dedicated hardware
Inc.
>P: 610-429-8300
>
>
> On Mar 23, 2020, at 5:23 PM, Mark Tinka <mailto:mark.ti...@seacom.mu> > wrote:
>
>
>
> On 23/Mar/20 22:39, Keith Medcalf wrote:
>
>
>
> Hardware tokens are nothing more than dedicated hardware TOTP
On Monday, 30 March, 2020 11:19, Michael Thomas wrote:
>On 3/30/20 5:52 AM, Rich Kulawiec wrote:
>> On Mon, Mar 30, 2020 at 06:30:16AM -0500, Joe Greco wrote:
>>> Actual text traffic has been slowly dying off for years as webforums
>>> have matured and become a better choice of technology for
Build a nuclear power plant of course.
--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic volume.
>-Original Message-
>From: NANOG On Behalf Of Eric Tykwinski
>Sent: Friday, 1 May, 2020 12:14
>To: Aaron Gould
>Cc: John Levine
On Saturday, 30 May, 2020 13:18, Joe Greco wrote:
>The Internet didn't evolve in the way its designers expected. Early
>mistakes and errors required terrible remediation. As an example, look
>at the difficulty involved in running a service like e-mail or DNS.
>E-mail requires all sorts of thing
On Sunday, 7 June, 2020 21:49, William Herrin wropte:
> ...
> Keepalive requirements are a property of whether or not you employ stateful
> firewalls.
> ...
Keepalive's are not designed for stateful firewalls, they are designed to
permit the endpoints to know whether the communication channe
On Monday, 21 September, 2020 16:16, Randy Bush wrote:
>> I'm not sure what you're saying here, I never said MPLS VPNs are
>> secure, only private. I hope others recognise that they are
>> different concepts.
>yes, privacy is one aspect of security. and, as mpls vns are not
>private sans encry
On Sunday, 10 October, 2021 14:21, Mark Tinka wrote:
>They are looking at the aggregate Gbps or Tbps of traffic that
>BigContent is seeking to deliver across their network, for "no $$".
This is blatantly incorrect. The bits were payed for by the requestor.
BigContent does not "send bits" to n
>With AT&T and perhaps others, you can forward the message to 7726
>(spells SPAM on the keypad) and they'll reply asking for the originating
>phone number or email address.
This is, of course, the root of the problem. The recipient of the spam does
not know either the originating phone number
Does anyone have contact information (or address for service of legal
documents) for ICANN? There web site does not appear to contain contact
information.
ICANN apparently promulgates a policy which requires clickage on spam
links in e-mail. I intend to sue them for trillions of dollars for th
On Friday, 8 July, 2022 19:02, Karl Auerbach said:
>Spammers are a scourge and I hope you get that $trilliion. But ICANN
>will fairly easily deflect most legal efforts based on a claim that
>ICANN bears responsibility. Years ago I proposed a solution from King
>Croesus as described by Herodotus
>I can't either, but the reality right now seems to be that 911 calls are
>failing for anyone on a Rogers cellphone.
This is par for the course. These people chose to deal with Rogers despite
knowing the consequences. It is like if you bought a Rogers Snowblower and it
did not work. That wo
>https://www.akamai.com/us/en/clientrep-lookup/?language=en_US
Well, isn't that just jammed up with malicious third-party javascript ...
---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic volume.
It is not possible for web pages to load faster over IPv6 than over IPv4. All
other factors being equal, IPv6 has higher overhead than IPv4 for the same
payload throughput. This means that it is physically impossible for IPv6 to be
move payload bytes "faster" than IPv4 can move the same payl
It would depend on whether FB is being paid to provide a service or not.
However, if "your friend" is not paying FB to provide a service to them then
there is really nought that you can do about it. Otherwise, the course of
action to be taken will be specified in the contract which was signe
On Thursday, 11 April, 2019 08:08, Patrick McEvilly
wrote:
>I'm working with Level3 on a similar problem. They filter both UDP
>and TCP port 1900 on our peer to them. This is blocking all
>connections that randomly use ephemeral tcp port 1900.
>They are refusing to remove the tcp port 1900
On Wednesday, 1 May, 2019 15:36, Harlan Stenn wrote:
>So I gotta ask, just as a reality check:
>- Why do folks want to have one or more NTP server masters that have
>at least 1 refclock on them in a data center, instead of having their
>data center NTP server masters that only get time over th
>If your network is air gapped from the Internet then sure. If it's
>not, you can run NTP against a reasonably reliable set of time
>sources (not random picks from Pool) and be able to say, "my log
>timestamps are accurate to +/- 10 milliseconds so it must be you who
>is farked up." While my mill
Clearly false, since it is 2019-05-04 02:46:31.342994 now and nothing
whatsoever happened to my Firefox browser, and all the extensions are still
working just fine.
---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic volume.
>-O
ay to Heaven says a
lot about anticipated traffic volume.
>-Original Message-
>From: NANOG [mailto:nanog-bounces+kmedcalf=dessus@nanog.org] On
>Behalf Of Keith Medcalf
>Sent: Friday, 3 May, 2019 20:48
>To: NANOG list
>Subject: RE: Widespread Firefox issues
>
>
>
HTTPS: has nothing to do with the website being "secure". https: means that
transport layer security (encryption) is in effect. https: is a PRIVACY
measure, not a SECURITY measure.
---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic
ou can turn on the Studies option under Privacy & Security for a
>little
>while, then check about:studies and you should see one or two in
>there
>regarding the xpi verification/signing. Once you have those two
>studies, you can disable Studies again.
>
>Likely we'll se
og@nanog.org
>Subject: Re: Widespread Firefox issues
>
>
>On Sat, May 4, 2019 at 8:02 AM Royce Williams
> wrote:
>
>
> On Sat, May 4, 2019 at 7:40 AM Royce Williams
> wrote:
>
>
> On Sat, May 4, 2019 at 7:32 AM Keith Medcalf
> wrote:
>
>
>
&g
Having an inbound:outbound ration of 10:1 is known as a leech ...
---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic volume.
>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Prasun Dey
>Sent: Wedn
Why would you think that "Heavy Inbound" signifies a greater inbound:oubound
ratio compared to "Mostly Inbound"?
To me "Heavy Inbound" means that there is more inbound than outbound and
"Mostly Inbound" means exactly that -- mostly/usually/exclusively inbound with
the occasional outbound byte
On Friday, 21 June, 2019 18:14, Ronald F. Guilmette
wrote:
>https://twitter.com/GreyNoiseIO/status/1129017971135995904
>https://twitter.com/JayTHL/status/1128718224965685248
Sorry, don't twitter ... Too much malicious JavaScript there.
>Friday Questionaire:
>Is there anybody on this
Using Orifice 342 will hurt you.
Packet loss (the more the better) will only help you.
--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic volume.
>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of
On Monday, 8 July, 2019 18:08, Michael Thomas wrote:
>when we did DKIM back in the day, almost nobody was requiring SMTP
>auth which meant the providers could say "blame me" via the DKIM
>signature, >but couldn't really take much action since they didn't
>know who has doing it.
This is because
about anticipated traffic volume.
>-Original Message-
>From: Michael Thomas [mailto:m...@fresheez.com] On Behalf Of Michael
>Thomas
>Sent: Monday, 8 July, 2019 18:58
>To: Keith Medcalf; nanog@nanog.org
>Subject: Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC
>
&g
eez.com] On Behalf Of Michael
>Thomas
>Sent: Monday, 8 July, 2019 19:12
>To: Keith Medcalf; nanog@nanog.org
>Subject: Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC
>
>Jon Callas, Eric Allman, the IETF security geek contingent and even
>me
>disagree with you. rfc 4871 d
t;Sent: Monday, 8 July, 2019 19:24
>To: Valdis Klētnieks
>Cc: Keith Medcalf; nanog@nanog.org
>Subject: Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC
>
>
>On 7/8/19 6:11 PM, Valdis Klētnieks wrote:
>> On Mon, 08 Jul 2019 17:58:17 -0700, Michael Thomas said:
>>> On
On Monday, 8 July, 2019 19:28, Michael Thomas wrote:
>On 7/8/19 6:24 PM, Keith Medcalf wrote:
>> You are the only person who has mentioned reverse DNS lookups.
>I'm only trying to guess what enlightens your misinformed world.
You claimed that the "root problem&qu
Their lawyers probably explained to them that they can "block" the call "after"
accepting it and thus can get the best of both world -- the revenue from
terminating the call while still preventing it from bothering their customers
...
--
The fact that there's a Highway to Hell but only a Stai
On Thursday, 11 July, 2019 11:18, Christopher Morrow
wrote:
>On Thu, Jul 11, 2019 at 12:00 PM Paul Timmins wrote:
>> Chris it would be trivial for this to be fixed, nearly overnight,
>> by creating some liability on the part of carriers for illicit use of
>> caller ID data on behalf of their
--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic volume.
>
>On Thu, Jul 11, 2019, 2:33 PM Keith Medcalf
>wrote:
>
>
>
> On Thursday, 11 July, 2019 11:18, Christopher Morrow
> wrote:
>
&g
nly a Stairway to Heaven says a
lot about anticipated traffic volume.
>-Original Message-
>From: Ross Tajvar [mailto:r...@tajvar.io]
>Sent: Thursday, 11 July, 2019 12:54
>To: Keith Medcalf
>Cc: Christopher Morrow; North American Network Operators' Group
>Subject: Re:
--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic volume.
On Thursday, 11 July, 2019 13:03, Peter Beckman wrote:
>On Thu, 11 Jul 2019, Keith Medcalf wrote:
>> On Thursday, 11 July, 2019 12:38, Ross Tajvar
>w
On Sunday, 4 August, 2019 12:20, Mehmet Akcin wrote:
>I understand and share your frustration about forcing account
>registration. We had no other way but to implement this as constantly
>we had sources trying to download our data by examining our code. By
>having access controls we were able t
On Sunday, 4 August, 2019 21:41, Mehmet Akcin wrote:
>Most of us who operate internet services believe in not being the
>moderator of internet. We provide a service and that’s it. Obviously
>there are some established laws around protecting copyrights, and
>other things which force us to legall
On Monday, 5 August, 2019 09:16, Mel Beckman wrote:
>“Now, enough of this off-topic stuff and back to our regularly
>scheduled programming.”
>Keith, what could be more on-topic than an ISP’s status as a common
>carrier? Seems pretty operational to me.
I think that is closing the barn door aft
On Monday, 5 August, 2019 10:25, Bryan Fields wrote:
>I'd be more concerned with the lack of notice given to their
>customer. This was 24 hours notice, and I'd expect at least
>30 days under any hosting contract. This scares the shit
>out of me as a customer; could cloudflare decide to give m
>Hey, I got my Network+ too. dafuq is a "BGP"?
That's what the British get after too much Beer-o-clock. A Bloody-Good-Puking
...
--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a
lot about anticipated traffic volume.
On Tuesday, 6 August, 2019 12:17, Anne P. Mitchell, Esq.
wrote:
...
>John Deaux is from London, and a citizen of the UK. John is working
>in the U.S., at a tech company in Palo Alto, California. John has a
>Gmail account, and uses Dropbox to store his photos. A law
>enforcement agency in the
On Tuesday, 6 August, 2019 13:21, Valdis Kletnieks
wrote:
>On Tue, 06 Aug 2019 12:54:55 -0600, "Keith Medcalf" said:
>> I realize that the purpose of the terms "serve a demand" if legal
>> globedey-glook phrased to pompously instill in the reader some
>&
On Wednesday, 7 August, 2019 13:38, b...@theworld.com wrote:
>I propose that the RIGHT THING TO DO would be to seek out, promote
>(to >both customers and the public), and support various curation
>services like netnanny.
IANAP (I Am Not A Psychiatrist) however, persons who, when reading or hear
Cannot access your website. Just has a spinning colostomy bag. Too much
malicious javascript and malicious trackers.
If you expect people to visit the website, perhaps you should make it more
useable, because at the moment, it is completely and utterly useless!
And there is no way I am goin
On Thursday, 8 August, 2019 13:43, J. Hellenthal wrote:
>Just as well as the proper signature divider in an email is actually
>“dash dash space”
>\o/
>Site works just fine. Doubt javascript here is of any concern to
>anyone whatsoever.
>Just sayin
qualtics.com loads a blacklisted malicious
For efficiency of censorship. If you want to stop some domain name from
resolving you have to get everyone on the planet to block that DNS resolution
in their recursive resolver. However, if everyone uses the same single DNS
server operated by a single entity, then you only have to coerce th
Fascinating. What is the security threat I wonder, that there is no JavaScript?
>-Original Message-
>From: NANOG On Behalf Of Scott Weeks
>Sent: Monday, 23 September, 2019 13:06
>To: nanog@nanog.org
>Subject: Re: Colombia Network Operators Group
>
>
>
>--- meh...@akcin.net wrote:
>From
RIR Delegations data is public.
https://www.apnic.net/about-apnic/corporate-documents/documents/resource-guidelines/rir-statistics-exchange-format/
The various RIR delegation statistics can be gotten from:
https://ftp.afrinic.net/pub/stats/afrinic/delegated-afrinic-latest
https://ftp.apnic.net/
On Tuesday, 1 October, 2019 01:39, Stephane Bortzmeyer
wrote:
>On Mon, Sep 30, 2019 at 11:56:33PM -0400, Brandon Martin
wrote
>> It's use-application-dns.net. NXDOMAIN it, and Mozilla (at least)
>> will go back to using your local DNS server list as per usual.
> Unless, I hope, the user exp
On Tuesday, 1 October, 2019 22:15, David Conrad wrote:
>DoH (and DoT) encrypt (and authenticate) the application <-> recursive
>resolver channel (NOT the DNS data) which I gather some view as an attack
>vector.
Actually no. DoH and DoT encrypt the application <-> recursive resolver
applicati
On Wednesday, 2 October, 2019 03:55, Tom Ivar Helbekkmo
wrote:
>However: because the browser cannot know for sure that the DNS traffic
>is being routed over a secure channel, and browsers are being used for
>all sorts of sensitive communication, it could check, and try to assist
>the user.
Se
On Wednesday, 2 October, 2019 10:55, Sabri Berisha
wrote:
>> Firefox and Chrome now reportedly use it unless you tell them not to.
>Just imagine how this list would explode if BGP implementations would all
>of a sudden have their default behavior changed to include auto-
>negotiated MD5 passwor
On Wednesday, 2 October, 2019 14:52, John Levine wrote:
>I think in the outside world you'll find very little support for an
>argument that filtering DNS is fundamentally broken.
Well, it is certainly trivial to bypass. Therefore it is a fantastic tools for
tyrants and other fuckwads -- just
On Wednesday, 2 October, 2019 15:21, Jay R. Ashworth wrote:
>>>HTTP/451
>>
>> Completely different protocol than what the rest of this thread is
>> about, much more invasive wrt possibility of logging, and requires
>> a lot more infrastructure and actual lying in DNS to make work.
>
>Closed capti
Masataka Ohta wrote:
>
>Livingood, Jason wrote:
>
>> The challenge of course is that in the absence of a silver bullet
>> solution, that people working to combat all forms of childsorship
>> exploitation are simultaneously trying several things, ranging from
>> going to the source as you suggest
On Thursday, 3 October, 2019 11:50, Fred Baker wrote:
> A security geek would be all over me - "too many clues!".
Anyone who says something like that is not a "security geek". They are a
"security poser", interested primarily in "security by obscurity" and "security
theatre", and have no
On Friday, 4 October, 2019 16:05, William Herrin wrote:
>On Thu, Oct 3, 2019 at 2:28 PM Keith Medcalf wrote:
>> On Thursday, 3 October, 2019 11:50, Fred Baker
>> wrote:
>>> A security geek would be all over me - "too many clues!".
>> Anyone who say
On Monday, 7 October, 2019 08:55, Rich Kulawiec wrote:
>On Mon, Oct 07, 2019 at 04:42:11PM +0200, Stephane Bortzmeyer wrote:
>> Otherwise, an impressive amount of WTF. My favorite: "while
>> communication by servers ___on the ground___ might take hundreds of
>> milliseconds, in the cloud the s
>Not everyone attacking your systems is going to have the skills or
>knowledge to get in though - simple tricks (like hiding what web server
>you use) can prevent casual attacks from script kiddies and others who
>aren't committed to targeting you, freeing your security teams to focus
>on the serio
On Tuesday, 8 October, 2019 11:03, William Herrin wrote:
>Limiting the server banner so it doesn't tell an adversary the exact OS-
>specific binary you're using has a near-zero cost and forces an adversary
>to expend more effort searching for a vulnerability. It doesn't magically
>protect you f
od (2) instead.
--
The fact that there's a Highway to Hell but only a Stairway to Heaven
says a lot about anticipated traffic volume.
>-Original Message-
>From: Mark Collins
>Sent: Tuesday, 8 October, 2019 12:17
>To: Keith Medcalf ; nanog@nanog.org
>Subject: Re: Update
1 - 100 of 321 matches
Mail list logo
