I don't think that would work. The IPv6 Notation is only the human representation. Inside the package it is a 128 bit integer. IPv4 addresses can already be put there. The problem is that everyone still needs to support a package with 128 bit addresses instead of 32 bit. There is simply no space in the IPv4 package format for the 128 bit addresses. Or anything bigger than 32 bit.
Well there is the options... But that means again every single router and host would need to support it on the path for it to be any use. So new protocol is much simpler and allows fixing other things as well.
In terms of time spent, that amounts to about one minute per week for me right now. Sometimes less.
The user experience is streamlined, and adding rules involves responding to a dialog that automatically pops up when a connection is attempted. UX is key here and this would be a very different story if you had to go into a separate rule management interface every time.
Regarding paranoia, I don’t see it that way. Supply chain attacks are alive and well, and if you’re running other people’s code on a regular basis, this is a low cost precautionary measure. I totally recognize that not everyone has the same risk profile or tolerance.
Generally I don't get many prompts day to day, if I do it's because something has changed or I'm using a new application and I find it comforting to know what's going on.
You can make rules based on host, process arguments, etc so it's pretty flexible for allowing stuff you consider safe and staying out the way.
Long ago I used zonealarm on windows and it's a pretty similar ux to that.
I still use firejail or docker for anything that might be sketchy, but it's been super interesting seeing what trusted applications are doing. For example I was a bit shocked that the gnome calculator app was making network requests but it turned out it was for currency exchange rates.
I have found it makes me less paranoid, which is good.
In using it for a while, I have only found a few pieces of software trying to access places I don't expect and don't approve of (quite a few more that I do expect, but don't approve of). And none of them seemed to be actively malicious, just misbehaved or poorly configured.
I wouldn't mind the delays that much if we had more direct connections between cities. But the reality is that you book a connection to another city, and that connection was never possible in the first place because of some construction work or bad rails or something else. They know they can't make that connection but they never update their schedule to reflect that. And then you are on the first leg of the journey and everything goes to hell. You have to find a replacement train, your reservations are void, you have to wait hours.
And the worst is that you have no recourse. You get 25% of your ticket after ONE HOUR! It makes me so angry.
> And the worst is that you have no recourse. You get 25% of your ticket after ONE HOUR! It makes me so angry.
Unfortunately, it's not as if airlines were any better. Less than 3h of delay and you get nothing.
At least, with DB you can get the money for your reservation back if they cancelled your original connection. Still sucks to be in an overcrowded train without a reservation, though.
Direct connections are definitely better, as you say.
I think all is about consent. And I don't even think that people would be so upset if the whole AI traing wasn't abot profit. But they way it is, companies are training their models on other people's work and try to make money with the models.
IF you don't know: the ministry of truth is a fictional entity from the book 1984 from Geoerge Orwell. It's purpose is to change any evidence that would disprove the "thruths" declared by the government.
Another thing: have you considered how your content moderation works? ActivityPub based software makes it work mostly through their distributed nature and established commercial social media has armies of moderators and ML tools. And not having content moderation is not really an option. People will post things that are illigal to even store on the server.
Lambda is still under development, the current version is more all for public feedback and testing if it can make a MVP. I would be seeing into all of that content moderation thing. Just that it will take time... or well a lot to be more precise, mainly because I am the only one working on it. Which is hard... really hard, especially if you use Typescript with Nextjs, or maybe again I just have skill issues.
Basically everything is "one reason" for the TPM requirement. The real main reason is that they want all Windows 11 machines to have a chain of trust. With TPM 2.0 in the minimum requirements, this is something they can now actually count on. That means not only can they enable every preexisting security feature that relies on the TPM, they can also ship things that have a hard dependency on it, without making users worry about whether their computer supports it.
Filtering is always a two edged sword. On the one hand it might keep bad actors at bay on the other it can keep innocent people away. It is putting power in the hands of a machine.
Another thing is that bad actors are usually more determined to subvert blocking than good actors are to correct false negatives.
It might help some people to have some automatic filtering in place but it also might not.
reply