HackerTrans
TopNewTrendsCommentsPastAskShowJobs

profmonocle

no profile record

comments

profmonocle
·vor 14 Tagen·discuss
Replace "climb the social ladder and have power and influence" with "be able to afford a home, have kids, and go on vacation occasionally."

It's become very difficult to have even a middle class lifestyle without a college degree. Obviously a huge percentage of people there don't want to be.
profmonocle
·vor 2 Monaten·discuss
Even if example.com is unsigned, the delegation from .com to example.com will still be signed (including an attestation that example.com is unsigned). So lack of DNSSEC adoption by users of the TLD wouldn't save them here.
profmonocle
·vor 2 Monaten·discuss
It's not like the long-haul fiber not owned by FAANG is a public utility, at least not in most places.

Traffic that goes over "the Internet" traverses some mix of your ISP's fiber, fiber belonging to some other ISP they have a deal with, then fiber belong to some ISP they have a deal with, etc.

All those ISPs are being paid to provide service, they can invest in their own networks.
profmonocle
·vor 2 Jahren·discuss
I worked with someone who was a Blizzard GM around when they rolled this out. Recovering stolen accounts was some absurdly large % of their customer service tickets. People would use the same email & password on WoW as on various shady / insecure sites. Bots would try any stolen credentials en masse in WoW. When they succeeded, not only would customer service need to restore a user's access, they would need to roll back their character to restore lost items and gold.

According to my coworker, adding 2FA was primarily about reducing this customer service workload. Eventually they encouraged it by adding in-game benefits, like additional bag space for your character. Not sure they ever went as far as mandating it.
profmonocle
·vor 5 Jahren·discuss
Being the copyright owner of a piece of OSS doesn't give you control over every location where that software is hosted. For example, the developers of Python can't update the Python package in Debian's apt repo, Debian decides when to pull in new versions. (And if they want to add custom patches.) This doesn't mean Debian is declaring ownership of Python, they're simply distributing it in accordance with the license.

Just because NPM allows developers to self-publish doesn't mean that's a guaranteed perpetual right, and it doesn't mean MIT-licensed packages can't be published on NPM against the developer's wishes.

Licensing code under the MIT license (or any common FOSS license really) is the wrong move if you want to control where your software is distributed, and by who.
profmonocle
·vor 5 Jahren·discuss
Microsoft isn't asserting any sort of ownership - colors.js is licensed under MIT. Microsoft is free to make whatever changes they like and redistribute said changes. (But as was already mentioned, they merely dropped the broken versions and set the last working version as "latest".)
profmonocle
·vor 5 Jahren·discuss
Depends. Anecdotal evidence: Most "normal user" software handles it fine. (Chrome and Apple Mail on my Mac, Android apps, etc.)

With terminal apps I use as a developer, it's more of a crapshoot. curl and SSH work fine. I've seen others that don't.

Notably, Node.js's socket libraries can't fall back to IPv4 at all, even after the v6 connection times out. Node's DNS library actually overrides the default system behavior to prefer v4 over v6, probably for this reason. (This can be changed globally within a particular program, or on a per-lookup basis, but preferring v6 will allegedly become the default in an upcoming release.)

I've unfortunately had much experience with this due to major bugs in Comcast's modems.
profmonocle
·vor 5 Jahren·discuss
> it's not happening.

It's absolutely glacial, but IPv6 adoption has been steadily rising over the last 8 or so years. Unfortunately the increase has been linear rather than exponential.

That is, according to Google's stats of clients accessing their properties. Not a perfect snapshot of worldwide Internet users, but a pretty decent one. https://www.google.com/intl/en/ipv6/statistics.html
profmonocle
·vor 5 Jahren·discuss
> Is there a private organization in need of 16 million addresses?

Plenty of mobile phone networks have well over 16 million subscribers, and they typically don't have enough public IPv4 addresses for everyone. This has led to really hacky stuff, like using DOD IP ranges as psuedo-private space, or re-using private IP addresses in different regions (which can't be fun to maintain.)

Some networks have fixed the problem by using NAT64 - forgoing IPv4 altogether internally, and translating to public v4 at the edge. (Works surprisingly well, T-Mobile US has been doing it for the better part of a decade.)
profmonocle
·vor 5 Jahren·discuss
Nah, if you sort by date here you can see how quickly IANA was doling out /8's to the RIRs up until they ran out: https://www.iana.org/assignments/ipv4-address-space/ipv4-add...

Even if we hadn't wasted /8s on huge allocations to single companies, and things like 240.0.0.0/4, we'd still be basically where we are today, with v4 address space being scarce and traded as a commodity.