OpenBSD Journal

Do we need a new Internet? Or just new users?

Contributed by jason on from the the-trucks-and-pipes-need-more-seat-belts dept.

David Akin counters the notion by NY Times writer John Markoff that a new Internet would solve our security problems (ed: registration req'd). Markoff explains that researchers at Stanford are working on tools to create a next generation Internet that would offer increased security in exchange for a lack of anonymity. Curiously, he provides few details (beyond IPv6) as to what solutions are proposed.

Akin's blog provides a number of common-sense counterpoints to Markoff's article. In particular he reinforces the simple fact that users are commonly the weakest link. He closes with an anecdote about a former employer that used Microsoft Server and desktop products throughout their network. A virus brought down their network for a few weeks, which leads him to ask:

If you're running a server, why wouldn't you run OpenBSD? That, my friends, is what the Pentagon uses for its mission-critical, ultra-sensitive servers. The price for that server product: Nuthin'. It's open source.

Both articles are light on technical content but serve as reminders that a) the Internet is valued for its anonymity, not in spite of it, and b) Security is a process, not a product.

(Comments are closed)


Comments
  1. By Anonymous Coward (75.21.84.44) on

    Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?

    Comments
    1. By Anonymous Coward (66.130.232.164) on

      > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?

      hope so

    2. By jason (jason) on http://www.dixongroup.net/

      > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?

      I think it's safe to say yes. To what degree is anyone's guess.

    3. By Edward F. Ahlsen-Girard (68.1.69.60) girarde@alum.rpi.edu on

      > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?

      I don't know about OpenBSD. There is a lot of Linux; NSA wouldn't have done SELinux otherwise. I *do* know that OpenSSH is used extensively.

      Comments
      1. By David (130.243.96.154) on

        > > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?
        >
        > I don't know about OpenBSD. There is a lot of Linux; NSA wouldn't have done SELinux otherwise. I *do* know that OpenSSH is used extensively.


        Hers a "news link" about the DARPA fundings that got semi-cancelled (dont have the inside information).
        http://archives.neohapsis.com/archives/isn/2003-q2/0029.html

        Comments
        1. By Anonymous Coward (213.221.123.174) on

          > > > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?
          > >
          > > I don't know about OpenBSD. There is a lot of Linux; NSA wouldn't have done SELinux otherwise. I *do* know that OpenSSH is used extensively.
          >
          >
          > Hers a "news link" about the DARPA fundings that got semi-cancelled (dont have the inside information).
          > http://archives.neohapsis.com/archives/isn/2003-q2/0029.html

          Wasn't the reasons that Theo disliked th Iraq-War....

          Comments
          1. By Anonymous Coward (204.49.40.232) on

            > > > > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?
            > > >
            > > > I don't know about OpenBSD. There is a lot of Linux; NSA wouldn't have done SELinux otherwise. I *do* know that OpenSSH is used extensively.
            > >
            > >
            > > Hers a "news link" about the DARPA fundings that got semi-cancelled (dont have the inside information).
            > > http://archives.neohapsis.com/archives/isn/2003-q2/0029.html
            >
            > Wasn't the reasons that Theo disliked th Iraq-War....

            The mid-level weenies got chicken.

            Bush, Cheney, and Rumsfeld, as well as anyone who ever got to talk to them, would not have cared at all what Theo thought. They would not even have heard about without someone briefing them.

            But down there in DARPA there were some GS-13s or so who got scared that they would look bad to their GS or GM 15 bosses for hiring a guy who didn't like something the US government was doing that had nothing to do the project.

        2. By Anonymous Coward (66.220.124.75) on


          > Hers a "news link" about the DARPA fundings that got semi-cancelled (dont have the inside information).
          > http://archives.neohapsis.com/archives/isn/2003-q2/0029.html

          The "inside information" is that most of the money got spent before the project was canceled so it benefited the project and brought us a bit of the crypto acceleration work among other things. It wasn't just the US government that paid for it, it was the entire world as all you dumb fuckers tie your currency to the US dollar. And when we run out, we just print more. Go war machine!!

    4. By Damien Miller (djm) on http://www.mindrot.org/~djm/

      > Does the Pentagon actually run OpenBSD? And in what role
      > (e.g. server, firewall, etc)?

      It is used in their atomic bombs to be dropped on Australia. Also for their baby-mulching machines.

      -d

    5. By Anonymous Coward (82.113.106.19) on

      > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?

      I'd guess they use like most government facilities around the world propriatary (however it's spelled) operating systems that come from their suppliers.

      Comments
      1. By jkm (217.28.34.132) joakim@aronius.com on

        > > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?
        >
        > I'd guess they use like most government facilities around the world propriatary (however it's spelled) operating systems that come from their suppliers.

        Yeah right! That would imply that 'most governments around the world' are stupid. Hmm..

    6. By Anonymous Coward (194.94.16.133) on

      > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?

      if we tell you, we'd have to kill you ;)

      (hehe, I always wanted to say that)

    7. By Anonymous Coward (203.20.79.230) on

      > Does the Pentagon actually run OpenBSD? And in what role (e.g. server, firewall, etc)?

      I wondered about those stories I'd heard about the Pentagon using OpenBSD too, never really finding anything of substance behind it and not expecting to even if it were true.

      However a few years ago (would have been '03 or so) I sent an email to the sparc mailing list at around Christmas time and got an out of office reply from someone at a Pentagon Computing department!

      This is just anecdotal of course and I could be telling porky pies! But it made me wonder even more.

      Comments
      1. By Anonymous Coward (66.220.124.75) on


        > However a few years ago (would have been '03 or so) I sent an email to the sparc mailing list at around Christmas time and got an out of office reply from someone at a Pentagon Computing department!
        >
        > This is just anecdotal of course and I could be telling porky pies! But it made me wonder even more.
        >

        Wonder about what? The dumb fuck whose software replies to an entire mailing list?? And you are in awe of these people??!?!

        Comments
        1. By Anonymous Coward (203.20.79.196) on

          >
          > > However a few years ago (would have been '03 or so) I sent an email to the sparc mailing list at around Christmas time and got an out of office reply from someone at a Pentagon Computing department!
          > >
          > > This is just anecdotal of course and I could be telling porky pies! But it made me wonder even more.
          > >
          >
          > Wonder about what? The dumb fuck whose software replies to an entire mailing list?? And you are in awe of these people??!?!

          It didn't reply to the mailing list, it replied to me, since from the automatron's point of view, I was the sender.

          I never said I was in awe of them. Public enemy #1 has not been caught, yet thousands more innocent lives have been taken due to weapons of mass distraction.

          Comments
          1. By Anonymous Coward (122.49.161.102) on

            Surely public enemy number one is the person in charge of your economic policies.

            Comments
            1. By Anonymous Coward (203.20.79.196) on

              > Surely public enemy number one is the person in charge of your economic policies.

              Surely you are making assumptions as to what nation I belong to.

  2. By ErikTheRed (68.107.78.192) on

    Ooooh... I'm going to be hated for this, but...

    If you're going to manage a gaggle of Windows Desktops, you should do it through Windows Server, at least until there's a FOSS replacement that can handle Group Policies. Yes, I know you can hack together some NT4-level stuff with Samba, been there / done that, and it sucks ass. I still run Samba on my personal networks, but in a large corporate environment it's madness (unless it's a member server of an AD domain).

    Yes, Windows Server is still buggier than a bait store and has more holes than a screen door, but the biggest problem with Windows networks isn't Windows Server; It's Windows Server Administrators. Most of these mouth-breathers can barely point-and-click their way through the candy-coated interface to the point where the network appears to function ("Function correcty?" "Whaddaya mean?"). This is because most of them were trained ... errr... test-prepped for weeks at TechSkillz before getting their MCSEs (actually stands for Must Consult Somebody Else) and sent off into the world. In the days of NT4 this actually worked reasonably well. These days, Windows Server is so complex that to actually run it properly takes far more skill and knowledge than UNIX or Linux. This is because its massive subsystems are hopelessly interconnected and dependent on each other with the boundaries not always well-defined, as opposed to the UNIX / Linux philosophy of using small, highly functional tools that can be cleanly combined to perform complex tasks. Don't get me started on the insane number of functions that are internally multiplexed through the Grand Remote Procedure Call TCP port. Manage SQL server and start / stop services through the same mechanism used for File Sharing? What could possibly go wrong? You can actually build a reasonably secure network around it if you know what you're doing. It just takes much more work to do so than if you used UNIX or Linux, and I could probably count the number of competent Windows Server Admins in my city without running out of fingers (I live in a large city and have the standard number of fingers).

    The biggest problem with Internet security isn't Windows; it's that there aren't enough IT Admins who know their ass from a hole in the ground.

    Comments
    1. By Anonymous Coward (84.166.122.142) on

      > You can actually build a reasonably secure network around it if you know what you're doing. It just takes much more work to do so than if you used UNIX or Linux, and I could probably count the number of competent Windows Server Admins in my city without running out of fingers (I live in a large city and have the standard number of fingers).

      With ten fingers you know up to 1024 competent windows admins... sorry... cnr. ;-)

      Comments
      1. By ErikTheRed (68.107.78.192) on

        > > You can actually build a reasonably secure network around it if you know what you're doing. It just takes much more work to do so than if you used UNIX or Linux, and I could probably count the number of competent Windows Server Admins in my city without running out of fingers (I live in a large city and have the standard number of fingers).
        >
        > With ten fingers you know up to 1024 competent windows admins... sorry... cnr. ;-)

        The problem is that whenever I try binary they all wind up as number 132...

    2. By Anonymous Coward (67.69.227.99) on

      > Ooooh... I'm going to be hated for this, but...
      >
      > If you're going to manage a gaggle of Windows Desktops, you should do it through Windows Server, at least until there's a FOSS replacement that can handle Group Policies. Yes, I know you can hack together some NT4-level stuff with Samba, been there / done that, and it sucks ass. I still run Samba on my personal networks, but in a large corporate environment it's madness (unless it's a member server of an AD domain).
      >
      > Yes, Windows Server is still buggier than a bait store and has more holes than a screen door, but the biggest problem with Windows networks isn't Windows Server; It's Windows Server Administrators. Most of these mouth-breathers can barely point-and-click their way through the candy-coated interface to the point where the network appears to function ("Function correcty?" "Whaddaya mean?"). This is because most of them were trained ... errr... test-prepped for weeks at TechSkillz before getting their MCSEs (actually stands for Must Consult Somebody Else) and sent off into the world. In the days of NT4 this actually worked reasonably well. These days, Windows Server is so complex that to actually run it properly takes far more skill and knowledge than UNIX or Linux. This is because its massive subsystems are hopelessly interconnected and dependent on each other with the boundaries not always well-defined, as opposed to the UNIX / Linux philosophy of using small, highly functional tools that can be cleanly combined to perform complex tasks. Don't get me started on the insane number of functions that are internally multiplexed through the Grand Remote Procedure Call TCP port. Manage SQL server and start / stop services through the same mechanism used for File Sharing? What could possibly go wrong?
      >
      > You can actually build a reasonably secure network around it if you know what you're doing. It just takes much more work to do so than if you used UNIX or Linux, and I could probably count the number of competent Windows Server Admins in my city without running out of fingers (I live in a large city and have the standard number of fingers).
      >
      > The biggest problem with Internet security isn't Windows; it's that there aren't enough IT Admins who know their ass from a hole in the ground.

      I completely agree with you. Well said too!

      Comments
      1. By Anonymous Coward (216.167.201.130) on

        > > Ooooh... I'm going to be hated for this, but...
        > >
        > > If you're going to manage a gaggle of Windows Desktops, you should do it through Windows Server, at least until there's a FOSS replacement that can handle Group Policies. Yes, I know you can hack together some NT4-level stuff with Samba, been there / done that, and it sucks ass. I still run Samba on my personal networks, but in a large corporate environment it's madness (unless it's a member server of an AD domain).
        > >
        > > Yes, Windows Server is still buggier than a bait store and has more holes than a screen door, but the biggest problem with Windows networks isn't Windows Server; It's Windows Server Administrators. Most of these mouth-breathers can barely point-and-click their way through the candy-coated interface to the point where the network appears to function ("Function correcty?" "Whaddaya mean?"). This is because most of them were trained ... errr... test-prepped for weeks at TechSkillz before getting their MCSEs (actually stands for Must Consult Somebody Else) and sent off into the world. In the days of NT4 this actually worked reasonably well. These days, Windows Server is so complex that to actually run it properly takes far more skill and knowledge than UNIX or Linux. This is because its massive subsystems are hopelessly interconnected and dependent on each other with the boundaries not always well-defined, as opposed to the UNIX / Linux philosophy of using small, highly functional tools that can be cleanly combined to perform complex tasks. Don't get me started on the insane number of functions that are internally multiplexed through the Grand Remote Procedure Call TCP port. Manage SQL server and start / stop services through the same mechanism used for File Sharing? What could possibly go wrong?
        > >
        > > You can actually build a reasonably secure network around it if you know what you're doing. It just takes much more work to do so than if you used UNIX or Linux, and I could probably count the number of competent Windows Server Admins in my city without running out of fingers (I live in a large city and have the standard number of fingers).
        > >
        > > The biggest problem with Internet security isn't Windows; it's that there aren't enough IT Admins who know their ass from a hole in the ground.
        >
        > I completely agree with you. Well said too!

        I agree, too. Security on Windows servers is not as shoddy as most administrator's security habits themselves. Of course, administration would be made (even) easier if Windows itself was more secure out of the box.

        Comments
        1. By Anonymous Coward (66.31.225.181) on

          > > I completely agree with you. Well said too!
          >
          > I agree, too. Security on Windows servers is not as shoddy as most administrator's security habits themselves. Of course, administration would be made (even) easier if Windows itself was more secure out of the box.
          >

          Are you all forgetting that the #1 most effective step towards some essence of security is * s i m p l i c i t y * for this very reason, security doesn't exist in windows.

    3. By Anonymous Coward (88.75.231.68) on

      > Ooooh... I'm going to be hated for this, but...
      .
      .
      .
      .
      .
      > The biggest problem with Internet security isn't Windows; it's that there aren't enough IT Admins who know their ass from a hole in the ground.

      Great Post, made my day.

      Running a hacked up Linux/samba/OpenLDAP/PAM/nsswitch/... environment to replace a functionality MS obsoleted about 10 years ago really is madness in a corporate environment running all Windows on the desktop.

      And it's probably even more insecure than an AD environment designed and run by competent admins. Sadly, there are just too few of those around...

    4. By Anonymous Coward (diw) on

      > Ooooh... I'm going to be hated for this, but...

      Nope. I also agree with you.

      > Don't get me started on the insane number of functions that are internally multiplexed through the Grand Remote Procedure Call TCP port.

      Eek. RPC. One of the few services you can't turn off.
      Bill: "We need to make things easier. Remove some of the choices."
      Programmer: "We could enforce RPC ..."
      Bill: "Approved. Now on to the big ticket item ... more menu animation ..."

      > You can actually build a reasonably secure network around it if you know what you're doing. It just takes much more work to do so than if you used UNIX or Linux, and I could probably count the number of competent Windows Server Admins in my city without running out of fingers (I live in a large city and have the standard number of fingers).

      I could count the number of admins I've ever met that have any knowledge of what Services are. Eek.

      > The biggest problem with Internet security isn't Windows; it's that there aren't enough IT Admins who know their ass from a hole in the ground.

      Haha. Haha.

      Best wishes.

    5. By Anonymous Coward (170.252.54.132) on

      > Ooooh... I'm going to be hated for this, but...
      >
      > If you're going to manage a gaggle of Windows Desktops, you should do it through Windows Server, at least until there's a FOSS replacement that can handle Group Policies. Yes, I know you can hack together some NT4-level stuff with Samba, been there / done that, and it sucks ass. I still run Samba on my personal networks, but in a large corporate environment it's madness (unless it's a member server of an AD domain).
      >
      > Yes, Windows Server is still buggier than a bait store and has more holes than a screen door, but the biggest problem with Windows networks isn't Windows Server; It's Windows Server Administrators. Most of these mouth-breathers can barely point-and-click their way through the candy-coated interface to the point where the network appears to function ("Function correcty?" "Whaddaya mean?"). This is because most of them were trained ... errr... test-prepped for weeks at TechSkillz before getting their MCSEs (actually stands for Must Consult Somebody Else) and sent off into the world. In the days of NT4 this actually worked reasonably well. These days, Windows Server is so complex that to actually run it properly takes far more skill and knowledge than UNIX or Linux. This is because its massive subsystems are hopelessly interconnected and dependent on each other with the boundaries not always well-defined, as opposed to the UNIX / Linux philosophy of using small, highly functional tools that can be cleanly combined to perform complex tasks. Don't get me started on the insane number of functions that are internally multiplexed through the Grand Remote Procedure Call TCP port. Manage SQL server and start / stop services through the same mechanism used for File Sharing? What could possibly go wrong?
      >
      > You can actually build a reasonably secure network around it if you know what you're doing. It just takes much more work to do so than if you used UNIX or Linux, and I could probably count the number of competent Windows Server Admins in my city without running out of fingers (I live in a large city and have the standard number of fingers).
      >
      > The biggest problem with Internet security isn't Windows; it's that >there aren't enough IT Admins who know their ass from a hole in the
      > ground.

      Exacerbating this problem is that many employers are unwilling to pay for employees to get training so they can tell their rear ends from a hole in the ground.

    6. By Anonymous Coward (66.63.44.71) on

      > test-prepped for weeks at TechSkillz before getting their MCSEs
      > (actually stands for Must Consult Somebody Else)

      Hmmm...

      I thought it was Master Clicker Screen Editor.

    7. By goodb0fh@gmail.com (170.22.76.10) on

      >Most of these mouth-breathers can barely point-and-click their way through the candy-coated interface to the point where the network appears to function ("Function correcty?" "Whaddaya mean?"). This is because most of them were trained ... errr... test-prepped for weeks at TechSkillz before getting their MCSEs (actually stands for Must Consult Somebody Else) and sent off into the world.

      Actually, it gets even better. TechSkillzRUs has an intern program. You pay that $10k or whatever, and you get to take as many classes as necessary to get your MCSE. Once you get certified, well, you have no experience, so who's going to hire you?

      Well, guess what, TechSkillzRUs to the rescue again! They have an *unpaid* internship program. If you were an alumnus of their training program, and would like to participate in the unpaid internship, then, you get to teach MCSE classes for the next 6 months, so that you can put that on your resume.

      Isn't that nice. Isn't that special?

      And of course, everyone has heard of that person who took the test 7 times, and the moment they passed, they were put to teaching that exact class? One person I used to work with, worked with a VB "trainer" that did just that. 7 tries to get a pass.

  3. By Rich (195.212.199.56) on

    I'm sure I'm not the only one who's also thought this. The internet (or more specifically, the techniques and protocols it is built on) are now getting very old and in many cases, if the system was being designed today, it simply wouldn't be done this way. SMTP is, of course, an obvious weak link and ripe for replacement, and I would fully support a move to some other secure, spam-free, alternative.

    I'm not completely convinced that anonymity is a huge issue either. Nobody worries too much when they make a phone call (and it's usually obvious to the person you're calling who you are, what with caller id, or simply recognising your voice!). And the telephone exchange certainly knows who you are. It's just not that big a deal to most people.

    Anonymity is not the same as security though. You can have the latter without the former, and I think pretty much everyone would welcome the latter, which is also sadly lacking in much of the internet we use today.

    Of course, there are some huge stumbling blocks to this grand plan. There's an awful lot of software out there that would become obsolete, requiring millions of hours of rework to get it working in the new regime. And things would break, possibly for extended periods. To many people, it's just not logistically possible, and I can see the arguments on both sides.

    The other big problem I could see is that as soon as any real possibility of this happening took hold, you would get swamped with the MSs, Ciscos, IBMs and HPs of this world that would want to try and embed some of their proprietary "technology" into the system (I hate it when a piece of software is referred to as a "technology" - the concept of software IS a "technology". But doing something is a particular way is a technique, not a technology. But I digress...). Of course, the current protocols we have are largely free of such interference from the corporates (with the notable exception of MS messing about with any standard it can find just for the hell of it, of course, but even this is largely transparent to non-MS users). It would have to be co-ordinated by a body that absolutely would not be interfered with my the corporates, and history has shown that such guts is sadly lacking (ISO and MS's stupid document format being the latest high-profile example).

    Of course, the BSDs and Linux's (and other) projects of this world could get their heads together and come up with something independently of any 'official' standards body, and as it gained wider acceptance, it would become the de-facto standard. But I seriously doubt anything would actually come of this other than a war of words between the various projects and intractable differences on how to move forward. Which is a shame, but there you go.

    It's a tantalising idea though. I'll just not hold my breath for it :-)

    Comments
    1. By Anonymous Hero (24.114.234.2) on

      You lost me on "anonymity is not a huge issue either". Anonymity is everything. Governments and corporations already steal gather far more information on me then is right, the last thing we need is a non-anonymous internet as well. Go ahead and post your street adress, phone number and full name if you don't care for being anonymous.

      > I'm sure I'm not the only one who's also thought this. The internet (or more specifically, the techniques and protocols it is built on) are now getting very old and in many cases, if the system was being designed today, it simply wouldn't be done this way. SMTP is, of course, an obvious weak link and ripe for replacement, and I would fully support a move to some other secure, spam-free, alternative.
      >
      > I'm not completely convinced that anonymity is a huge issue either. Nobody worries too much when they make a phone call (and it's usually obvious to the person you're calling who you are, what with caller id, or simply recognising your voice!). And the telephone exchange certainly knows who you are. It's just not that big a deal to most people.
      >
      > Anonymity is not the same as security though. You can have the latter without the former, and I think pretty much everyone would welcome the latter, which is also sadly lacking in much of the internet we use today.
      >
      > Of course, there are some huge stumbling blocks to this grand plan. There's an awful lot of software out there that would become obsolete, requiring millions of hours of rework to get it working in the new regime. And things would break, possibly for extended periods. To many people, it's just not logistically possible, and I can see the arguments on both sides.
      >
      > The other big problem I could see is that as soon as any real possibility of this happening took hold, you would get swamped with the MSs, Ciscos, IBMs and HPs of this world that would want to try and embed some of their proprietary "technology" into the system (I hate it when a piece of software is referred to as a "technology" - the concept of software IS a "technology". But doing something is a particular way is a technique, not a technology. But I digress...). Of course, the current protocols we have are largely free of such interference from the corporates (with the notable exception of MS messing about with any standard it can find just for the hell of it, of course, but even this is largely transparent to non-MS users). It would have to be co-ordinated by a body that absolutely would not be interfered with my the corporates, and history has shown that such guts is sadly lacking (ISO and MS's stupid document format being the latest high-profile example).
      >
      > Of course, the BSDs and Linux's (and other) projects of this world could get their heads together and come up with something independently of any 'official' standards body, and as it gained wider acceptance, it would become the de-facto standard. But I seriously doubt anything would actually come of this other than a war of words between the various projects and intractable differences on how to move forward. Which is a shame, but there you go.
      >
      > It's a tantalising idea though. I'll just not hold my breath for it :-)
      >

      Comments
      1. By Rich (195.212.199.56) on

        > You lost me on "anonymity is not a huge issue either". Anonymity is everything.

        Ok, sorry. Let me qualify that statement. I would NOT like the idea of (say) every time I access a web site, by postal address gets logged by the web server. No, that would be unacceptable.

        But if you draw the analysis with the telephone network then the phone company knows who you are. As does your ISP (unless you're on some public WiFi connection or something). Ok - I'm destroying my own argument here :-) What I describe here is pretty much the current state of play. And I suppose if that is "anonymous enough" for most people then fine. I have no desire to make it less "anonymous".

        I think the problem with anonymity though is the classic examples of nailing down outright crooks and kiddie porn peddlers on the net. That is the issue that really does need addressing. If you can address this, without upsetting the "anonymity" apple cart then I think the overall benefit would be immense - SPAM would be massively reduced, botnet originators could be traced, crooks grabbing credit card numbers could be traced, etc etc. The overall effect would be positive.

    2. By Anonymous Coward (208.124.37.81) on

      Old does not mean bad. Morons doing moronic things with moronic OS' is what is bad. Windows + flash is easily the 95% of all malicious activity.

      Comments
      1. By Rich (195.212.199.56) on

        > Old does not mean bad. Morons doing moronic things with moronic OS' is what is bad. Windows + flash is easily the 95% of all malicious activity.

        Generally, I would agree, old does not equal bad. Unfortunately, in this case, it DOES often mean bad. Take SMTP or example. It's not a "bad" protocol. It's pretty reliable if implemented correctly. It works. It does have some gaping omissions though; issues that are simply not addressed. Which is half the reason we have so much SPAM whizzing about the internet. DNS has had its fair share of woes over the years. It's not a "bad" protocol. It's just not really robust enough for the modern age. IP6 was invented specifically because of IP4's failings.

        The internet has been alive and kicking for many years now. By now, we should all have video phones running as standard on our PCs, with uber-whizzy exciting stuff available at the touch of a button. ...but we don't have these things. I'm not saying it's all the fault of the internet and the protocols it uses, but they have played their part. I despair at how little software has actually developed over the last 20-30 years - it's pretty pathetic really considering the billions of man-hours that's been poured into it - the PC I'm sitting at now isn't any more space-age than the one I used 15 years ago! Faster? Yes. A bit. But that's all, really.

        Comments
        1. By Anonymous Coward (63.127.234.188) on

          IPv6 is a total catastrophuck. Don't blame the protocols or the intertubes for poorly written software. Currently the interwebs are being developed to accommodate videos of people falling face first. All the relevant technology is there to move past the college crowd but perception has it that worthless trash like twater, facialbook, boobtube, etc etc is where the money is. The internet will not be able to grow up as long adware is pushing development.

          Comments
          1. By Rich (195.212.199.56) on

            > IPv6 is a total catastrophuck....

            I totally agree, and isn't this where we came in? As I said in my first post "nice idea ...but I'm not holding my breath". There's too much baggage about to change things now. Ok, never say never, but still...

  4. By Anonymous Coward (diw) davidianwalker@gmail.com on

    >The price for that server product: Nuthin'. It's open source.

    Not that those two things are dependant.

    Best wishes.

  5. By Peter J. Philipp (2001:a60:f074::2) on http://solarscale.de

    An IPv6 Internet giving everyone a /64 subnet would be nice. We don't need new users but rather a new culture around Internet use.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]