[This comment has been deleted by an automated system]
Giver of skulls
[This comment has been deleted by an automated system]
While that works pretty well, I find it strange how little people use the ability to tap an NFC tag to instantly connect. Getting the camera pointed at a code only takes a second but tapping a sticker is even quicker.
I guess most people don’t know about that feature.
I’ve never worked for a company with the shitty HR people complain about online. Must be a regional thing.
I don’t have the expectation that HR will always be there to protect you (though one company I’ve worked for had HR that actively fought upper management for things like raises and pension stuff). HR is there so the company, and by extension everyone in the company, can do their work properly. If you have a conflict at work, they’re not obligated to be on your side.
The standards bodies used to recommend /48 as a default and have scaled down to /56. Anything smaller makes sense for stuff like servers but there’s no good reason to do it. I guess penny-pinching is a reason, but it’s not the norm.
If all else fails, hurricane electric will hand out /48s for free, you just can’t use them to watch things like Netflix.
Depends on where you live, I suppose. Here they sure can.
You can always check https://ifconfig.co if you want to be sure.
They assign a prefix. For IPv4 this is usually a /32, or 1 single address, though it’s possible to assign larger ranges. I’ve seen businesses with a /28 on IPv4 for example.
The end device picks what IP addresses within the prefix are used for what. For instance, the server rack may use three IP addresses, the office one, and maybe the IoT network also gets one.
With IPv6 you should be getting a /56 or a /48. In other words, they pick the first 48 to 56 bits of your IP addresses, basically leaving 80 to 72 bytes for the end device to distribute amongst itself. You could give the first device address one and start counting up if you wanted to, but that’d come with the annoying edge case of needing to track what numbers are already in use. If you like a false sense of control, DHCPv6 is what manages this.
SLAAC (the “everything works by default” approach) requires a /64 (64 bits of local address space), so if you want to do routing (say, attach a wireless access point or a second router) and you don’t want to do IPv4 hacks that hide IP addresses from each other, you need a few networks. That’s why you get 8 to 16 bits of network space, so you can assign 256 to 65536 networks yourself in case you have weird requirements.
If your ISP assigns you 2003:123:def:abc::/48, then you can pick whether you want to assign 2003:123:def:abc::beef:cafe or any random address that starts with the ISP prefix. You have enough space to give every connection of every device on every WiFi network its own IP address every second of the day, but usually addresses are rotated only once per day.
The ISP picking the address range does come with a huge downside, and that’s that you can’t really use internal IP addresses anymore. To fix that, you can set up a so-called ULA. That’s basically a service anywhere on the network that shouts “hey, if you can’t, you can pick any address from fdef:abc:abc:abc::/96”. By default, devices will pick two addresses (one based on the MAC address and a temporary one), and you can use the one based on the MAC address to plug into your local DNS server.
That way, even if you switch ISPs to one that only does IPv4, you can still use a Pi-Hole at fdef:abc:abc:abc::123:456:789 as your DNS server. These ULAs are completely local, so they can’t be reached from the internet.
Though, just to be sure, you should generate a random ULA prefix (there’s an algorithm in the standard, but there are sites to do it for you) just in case you have bad luck and connect to someone else’s wifi who also thought it’d be funny to use fdef:cafe:babe:b00b::/96 as the local prefix. Completely optional, but best practice.
If organisations track your IP back, they can get your ISP to give them your contact details. CGNAT doesn’t protect you from carriers and legal means.
If you’ve never thought about it, there’s a good chance your actually using it. ISPs around the world have been turning on IPv6 for their customers. About half the internet is using IPv6 these days, so there’s a 50/50 chance you’re part of that.
If your devices are that fragile, they shouldn’t be hooked up to the internet in the first place. What are you doing hooking NETBIOS token ring networks up to the web?
If you want to talk about risking breaking things, imagine the glorious lie that NAT introduced. Thanks to these old devices, your router at home/small business parses every FTP connection, every SIP message, every H.363 call, modifies its contents, and opens one or more ports in the firewall just to keep old stuff from breaking.
If your crap survived NAT, it’ll survive IPv6. And if it can’t use IPv6, that means you don’t need to worry about it and you can just keep using IPv4 on these things like you always have!
Also don’t forget that if you’re stuck on an old network, as long as your router replies to pings you can get a tunnel for a /48 and a bunch of /64s for free. That’s 65536 networks of 2^64 IP addresses to play around with. Make your own traceroute puns! Experiment with routers in virtual machines using real addresses! Make your IP address end in dead:beef:cafe!
And if you complete the quiz, they’ll send you a free t-shirt. That’s pretty cool.
With modern IPv6 (say, Windows 7 or later?) IPv6 privacy extensions solve this problem. Basically, you get a whole bunch of addresses. One based on your MAC address so you can port forward/allow incoming connections in the firewall, and then a bunch of rotating random addresses used for outgoing connections. People that know your prefix and MAC address can find your listening PC, but websites won’t get your MAC address.
As for fingerprinting, thanks to NAT slipstreaming you can choose between “video calling software breaks” and “every malicious ad can access any port on your device” or in some extreme cases “every malicious ad can access any device in your network”. Some websites have also been caught scanning IPv4 networks to figure out where your router lives using standard Javascript, so your IPv4 network isn’t any better protected. At least with IPv6 a website can’t take ten seconds to scan 255 addresses and figure out how many devices are on your network!
That proposal was made when every computer hooked straight into the internet without a firewall. Every device already had a unique IP address that was globally routable and you needed to race to a firewall download page before a scanner would infect your computer (you had about five minutes, much less if you had the network cable plugged in during setup).
The routing table size reduction has always been stupid. The protocol should not be adjusted to help the penny pinchers save on RAM. And the same problem happened to IPv4 a few years ago, because nobody learned their lesson.
But privacy addresses aren’t incremented numbers. And it doesn’t really matter if you can connect the dots, every /64 is the same as a single IPv4 address anyway. Especially for something like Lemmy where the browser will maintain a QUIC connection for ages if you want to track sessions. Besides, you have the session cookies to associate the other end even if they turn off WiFi and move to mobile data.
It fixes must about every gripe I have with IPv4. It closes the hidden security holes NAT introduces. It pretty much configures itself. It allows you to use multiple Xboxes or Playstations within the same network and play online without faffing about! You can also disable the firewall entirely and basically never get scanned because scanning 2^64 addresses to find one computer is infeasible for bots (though you shouldn’t).
The addresses are longer, that’s for sure. But you shouldn’t be remembering those anyway. That’s why DNS exists! If you don’t have a local DNS server for some reason, just use mDNS, every device supports it out of the box. yourcomputersname.local will work in place of an IP address in just about everything since Windows Vista.
IPv6 was severely underdeveloped when the Necromancy Address Translation kept IPv4 usable twenty years ago, but we’re beyond that now. We have been for a while, actually.
Unfortunately, a lot of network people are the type that learned how networks worked in school forty years ago and decided that this is the way things are and they should never change again. That’s how you get things like “TLS 1.3 pretends to be a TLS 1.2 session resumption or half the internet will break” and “only port 80 and 443 are usable on the internet”. They even brought DHCP back when IPv6 works perfectly fine without it! At least Google did the right thing and refused to play ball with that malarkey in Android.
The whole address reserve argument never helped much. Super expensive cloud providers are now charging extra for IPv4 addresses but if you’re using Amazon AWS you’re used to paying through the nose anyway. CGNAT is a much worse problem, with thousands or hundreds of thousands of people sharing the same IPv4 address and basically being forced to solve CAPTCHAs all day because one of their IP coinhabitors has a virus.
As the comments here show, plenty of people can’t be bothered. That’s fine, legacy websites and devices can just use IPv4, that’s the beauty of it.
To be fair, DOCSIS 4 uses tk be called something stupid like “DOCSIS 3.1 full duplex” so a lot of areas reporting 3.1 may actually be running 4.
I personally would get a modem with DOCSIS 4 if I had to buy a new one. Replacing WiFi is quite cheap and if access points get flaky there’s always ethernet, but I would get the most up to date stuff on the upstream side just in case the ISP decides to upgrade their network.
DOCSIS 3.0 is a 2006 spec that provides less than a tenth of the bandwidth of DOCSIS 4.0. With the way channels are redistributed, you may not even get more than 100mbps/10mbps if you plug in your DOCSIS 3.0 modem, no matter what your subscription may be, depending on how your ISP deals with old hardware.
The cable frequency spectrum is shared with everyone else, and your ISP isn’t slowing everyone down to make your hardware work, so you’re pushed into thin channels with limited bandwidth that others can use to pull 10gbps down and 6gbps up while your modem will struggle to get any decent speeds.
In theory your ISP could be tolerant to old modems and redistribute their channels such that you’re getting the full speed, but that does mean your entire area gets a lower combined total network speed when people do buy newer hardware. Older modems waste network bandwidth so in congested areas the other side may allocate fewer channels to them.
The latency did improve significantly between 3.0 and 4.0 (ten years of development will do that) but it probably won’t be your biggest problem.
As for the WiFi, I’m still on 802.11ac and I don’t really care that it can only do 520mbps down on my devices. There are some latency advantages to newer WiFi as well but they’re pretty inconsequential if you don’t replace your old modem.
As with so many things, you can give it a go and see if it works. If your performance is not sufficient (or your ISP doesn’t even let your modem connect) you may need to invest in a newer modem.
Newer DOCSIS standards allow for using more frequencies for both upload and download as well as newer techniques. If some frequencies on a network are reserved for 3.1, the frequency space for 3.0 will go down and so will your performance. The frequency space that used to provide 125mbps can now provide someone else with several hundreds of megabits, so you get kicked down to 75mbps for everyone else’s benefit.
DOCSIS 3.0 came out in 2006 and 3.1 in 2013, and 3.1 has already been succeeded by 4.0 in 2017.
No manager is willing to sign off on the risk of jail time for something like this.
They’re probably a bunch of dumb teenagers trying to make a splash. Professionals would’ve sold the data without informing anyone.