Doing this brings you close to OSI, which famously failed by being overcomplicated. The current design was implementable by zillions of cheap humans running cheap hardware.
I always wonder if the internet is thesurvivor of the networking cambrian explosion, with a slight roll of the dice making another candidate the winner.
As someone who was there at the time, OSI certainly didn't fail by being "overcomplicated". It failed because a) they charged money to read the standards documents and b) TCP/IP already had so much deployment momentum that nothing was going to supplant it (we see proof of this in the fact that IPv6 also didn't achieve that). Edit: also c) there was no requirement (unlike RFCs) to have an interoperable reference implementation available. So the implementations that were created mostly didn't interoperate.
This IPv8 document is not a serious proposal. The entire family of documents was published by a single person without collaboration from anyone else at IETF, and there has not been any work to integrate feedback from other IERF contributors (last I was aware of).
Anyone can publish an IETF draft document, it doesn't mean it's a serious proposal under consideration or will ever actually be implemented.
> In your opinion, do you think Internet Protocol Version 8 (IPv8) [1] stands a chance to fix the mistakes of IPv6 after more than 20 years now?
IPv8 solves precisely zero of the problems that is causing a 'slow' roll out of IPv6 / replacement of IPv4:
"""
So it's a matter of mathematical and physical fact that to expand the address size, you must change the protocol, and that means two things immediately:
You have to change the version number.
You have to add new code to handle the new version.
Furthermore, you don't want to split the Internet in two, so you must design a method of interworking between the old version and the new version. Annoyingly, you need to do that in a way that can be done completely in machines that know about the new version, because other machines don't know anything at all about the new version, by definition. So,
You need a coexistence technique so that updated systems, with the new protocol, can connect to old systems that know nothing of the new protocol.
Two minutes of thought show that this third requirement has only two solutions:
(3A) Dual stack, in which the new machines speak both the old (IPv4) and new (IPng) protocol.
(3B) Translation, in which something translates addresses between the old and new protocols.
[…]
Incidentally, "IPv8" proponents often ask why IPv6 didn't simply stick some extra bits on the front of IPv4 addresses, instead of inventing a whole new format. Actually, we tried that: the "IPv4-Compatible IPv6 address" format was defined in [RFC3513] but deprecated by [RFC4291] because it turned out to be of no practical use for coexistence or transition. The related "IPv4-Mapped IPv6 address" format is still valid and has a role in the POSIX socket API. Mappings of this kind also figured in the moderately successful coexistence technologies known as 6to4 [RFC3056, RFC3068] and Teredo [RFC4380], which have now been overtaken by events.
I'm always fascinated by how many people think IPv6 adoption would have gone lightning-fast if we just used This One Weird Trick, where said trick has actually been tried and didn't help. They usually refuse to back down even after you tell them so.
6to4 or NAT64 isn't the same thing as what all those IPv4+/5/7/8 people want, if that's what you were referring to. You don't actually own the IPv4-mapped-V6 address, as in packets don't get routed to you, they go to a relay that was notoriously flaky.
> You don't actually own the IPv4-mapped-V6 address, as in packets don't get routed to you, they go to a relay that was notoriously flaky.
6to4 is exactly ownership:
> For any 32-bit global IPv4 address that is assigned to a host, a 48-bit 6to4 IPv6 prefix can be constructed for use by that host (and if applicable the network behind it) by appending the IPv4 address to 2002::/16.
> For example, the global IPv4 address 192.0.2.4 has the corresponding 6to4 prefix 2002:c000:0204::/48. This gives a prefix length of 48 bits, which leaves room for a 16-bit subnet field and 64 bit host addresses within the subnets.
> There's no way around it: a non-IPng-having node will have to go through a translation box of some kind.
Yes. Note that it doesn't need to be someone else's relay; anyone with IPv4 connectivity could easily route 2002::/16 into IPv4-land (without having to announce it in BGP for others to use). You could even announce 2002:aabb:ccdd::/48 as a more-specific in BGP if you wanted, although this was more exotic.
If I have 1.2.3.4 in ipv4 world, I want 1.2.3.4 in ipv6 world instead of a random new address. I want another ipv6 host to be able to send dst=1.2.3.4 and have it go directly to my ipv6 host. 6to4 isn't comparable to that, it's for translation to/from v4 like you said.
By having 1.2.3.4 you also got 2002:1.2.3.4::/48 'for free' (per 6to4). So if you want to send things to 1.2.3.4 / ::ffff:1.2.3.4, you tell your router that it's available via 2002:1.2.3.4::/48.
Any idea that you think is clever and to 'just' do X and/or Y for IPng, and would work, has probably already been thought of and attempted in the last 20-30.
Having 1.2.3.4 in v4 doesn't make ::ffff:1.2.3.4 or 2002:1.2.3.4 route to me in v6. It would route to a relay that translates/resends to v4 1.2.3.4, then it reaches my router over v4. Nobody can use that address over pure v6.
There's no one clever trick to make the transition easy, the idea is to preserve the v4 address blocks in v6. That cascades down to a bunch of different decisions, some of which include keeping NAT around. They've most likely thought of that too, and turned it down because they wanted to start with a clean slate and maybe also had some other vision of pure P2P apps.
> Having 1.2.3.4 in v4 doesn't make ::ffff:1.2.3.4 or 2002:1.2.3.4 route to me in v6. It would route to a relay that translates/resends to v4 1.2.3.4, then it reaches my router over v4. Nobody can use that address over pure v6.*
Sure they could: if your ISP owns 1.2.0.0/16, it could advertise 2002:1.2::/24 via BGP. So if someone on the other side of the planet wants to send something to 2002:1.2.3.4::/48 they would know where to send it.
And just like how something sent to 1.2.0.0/16 globally is then handled internally via IS-IS/OSPF/etc so your ISP knows how to send something for 1.2.3.4 to your CPE, your ISP would know how to handle 2002:1.2.3.4::/48 to get it to your CPE.
Routers are told to map traffic for (::ffff:)a.b.c.d to 2002:a.b.c.d::/48. If you're sending from w.x.y.z, you can put the source address as from something in 2002:w.x.y.z::/48.
It has nothing to do with "clean slate" or not. There are two immovable facts:
"""
IPv4 implementations, in 1994 and still today, have the 32-bit address format built into their code. Whether you expand the address size to 33, 64 or 128 bits, all IPv4 implementations will discard the packets. So it's a matter of mathematical and physical fact that to expand the address size, you must change the protocol, and that means two things immediately:
1. You have to change the version number.
2. You have to add new code to handle the new version.
And this also includes 'accessory protocols': DNS A records are fixed at 32-bits, so if you want to use hostname with IPng you needed to upgrade the DNS infrastructure, including APIs to say "give me A and Ang", and then you perhaps need fallback mechanisms, in which case you're at:
Any IPng protocol, including 'just' adding bits, regardless of how you want to hand wave it as being 'just' an extension of IPv4 will be in same situation because you can't fit >32-bits in the 32-bits of the original code. You're rolling out new code in a rolling fashion, just like had to be done with IPv6.
Well yeah if you made your router use 2002:1.2.3.4, your ISP advertised 2002:1.2:: on BGP, and the other ISPs agreed your ISP owns that, that would work. They didn't do that, and the spec didn't say to. They did 6to4 instead.
I understand the limitation that you can never put a 128-bit address in a 32-bit field, and one way or another two hosts and everything in between have to understand the new packet format. That didn't force them to make ipv6 its whole separate network from v4 where almost no state is shared with v4. Having separate DHCP6 vs DHCP4 was a choice, likewise with DNS, NAT, and even the routing tables. It makes the difference for service operators who would be fine adopting ipv6 but don't want it to be a big project.
> The current design was implementable by zillions of cheap humans running cheap hardware.
Yes and no. The current internet arguably does not work without a browser and a TLS stack anyway, neither of which is easily implementable (e.g. number of practically usable rendering engines is in the single digits). I mean, I can piece together an IP packet, too, but there's not that many usable services reachable that way.
> Doing this brings you close to OSI, which famously failed by being overcomplicated.
We're slowly reinventing OSI, one step at a time: OSI had multiple sessions per transport connection (QUIC), 20 byte addresses (IPv6) and a directory system with public-key infrastructure (DANE, vCard, SSHFP, etc).
It might be more of a weakened immune system thing. Everyone gets small lightning strikes all the times, but our defences stop it before it gets too bad. So when defences are failing, you see a long string of random unlucky stuff happening .
Same for computer services going down regularly, or sequences of small industrial accidents, or even humans being non-stop unlucky.
As an EUian,I've never given one care about my credit rating. I don't even know if I have one.
They can cause a long drawn out court battle, and abuse your data. Noyb is the real-world example here. Most companies depend on not being sued, and will fold if a regulater sends them notice.
There was a time where Hawking's A brief history of time gave a decent overview of the universe to beginners. Does anyone know how well it holds up today and if anything better exists?
Have not read it yet, but recently researched this question and came to this book as a readable overview of the latest thinking in cosmology, Battle of the Big Bang: The New Tales of Our Cosmic Origins by Afshordi and Halper [1].
The book assumes a basic knowledge of physics and cosmology so it does not spend half the book reviewing basics like many pop physics books do.
I'll give a shoutout to Feynman's QED. It's approachable for anyone with high school understanding, and gives a reasonable insight into all sorts of phenomena.
Look up introductory college courses, e.g.., in astronomy. Their syllabi have your answers. Maybe it is more extensive than you want, but one or two book might be what you seek.
The very useful Open Syllabus Project collects syllabi and lists the most popular books, etc.: https://www.opensyllabus.org/
A professor's course materials may suit your need.
I went to a public lecture by Martin Rees at uni. He asked everyone who read it to put up their hand, then put it down if they understood it. He pointed to the professor of astrophysics who had invited the lecture and said "ok, you! The rest of you, no chance!"
There was never a time when a book gave the public an overview of the universe. ABHOT was so popular for being a book no one actually read, theres even an index named after Hawking due to it: https://en.wikipedia.org/wiki/Hawking_Index
Did _you_ read that book?
There however definitely was a piece of media that captured public minds and educated them about the cosmos. And that was the show Cosmos. The original of course. Not the NDT drivel.
I am pretty certain this "hawking index" meme must be a new-ish thing. I read the book as teenager and know also others who did. It is a fairly easily readable book imo, so I don't think this characterisation is warranted by the qualities of the book itself.
I suspect that a popsci book becoming a bestseller creates a larger-than-the-usual-nerds audience, a big part of which lacks the motivation to actually finish it. I expect that in places like this you will find higher frequency of people who have actually read it.
Moreover, when i read the book i did not have easy access to pop-sci sources as a (practically pre-internet) teenager in a small town of a small country, like i would have had today. I got upon a booklet of a small publishing house with the titles of translated pop-sci books and would order them from a local bookstore. Maybe if I was already familiar enough with the topic through youtube videos etc I would not have finished either.
> this "hawking index" meme must be a new-ish thing
TBF the methodology and hypotheses that it's based on aren't that bad. I'm sure Amazon has better data, but for a "publicly accessible" data (at that time) I can see it. The problem is that while lots of people might abandon the book, that doesn't mean that still loads of people don't read it fully. They are, after all, extremely popular books. Obviously some people will have received / impulse bought / FOMO / new year resolution / etc the books, but from the sales numbers that's still a lot of people that did enjoy them. Marketing aside, the book is pretty approachable, like were Sagan's books and so on.
Interesting. I've been gifted that book at just the right time in my life as a teenager. It captured me. I read it the to end many times. Not understanding everything or course. But it created a spark which laid the groundwork for my entire career.
From that list I've read three books: "A Brief History of Time", "Thinking, Fast and Slow", and "Capital in XXI Century". First two I've read from start to end. The last I didn't read to the end, I think I've read ~50% of it. My numbers correlate with that list, the least "readable" book in the list is the book I didn't read through.
However I still doubt the methodology. It is not obvious for me that if a book was read in full, then highlights from it would be distributed uniformly all over the book.
I did read it and I'm sure a whole generation of people also did, it is a very clear and readable book. Don't underestimate or minimize the impact of Hawking's book when it was released.
As an early teen I begged my parents for both A Brief History of Time and The Grand Design. Read both several times. ~15 years later, my parents are still holding on to them and my Dad has read them a couple of times too. It was great reading and played a significant role in my choice of research as a career.
Never heard of the "people don't actually read it" meme.
I read it in high school in 82. I still have the book.
Fun fact: The very first book ever sold on Amazon was "Fluid Concepts And Creative Analogies: Computer Models Of The Fundamental Mechanisms Of Thought" also by Douglas Hofstadter
One part of this is how hard it is to translate the impact to now-scientists.
E.g. 2 degrees temperature raise did not sound bad to me, untill someone explained to me this is from ground to space, and the actual raise is double or triple that. Then we looked on a map and found current day Morocco seems close to what my Belgium is expected to become in that scenario. I still am not capable of deciding how realistic this is.
So you made me surf to amocscenarios.org, and even if this thing is reliable, it still is hard to interprete. My winter goes from -5 every decade to -18. I've never had either in my life. What does this even mean? Can my ww2 rebuilt house deal with -5, as it supposedly already did? What to do forcdealing with -18?
And that's the opinion of someone knowing a little bit. Now go to someone who has to managed 10 of life's disasters over his lifetime and explain how bad this really is.
In my corner of the world, credit cards were for buying stuff on the internet and travelling outside the EU. Now the net has evelved enough to accept our normal means of payment. I always feel insecure when using a credit card.
As a US-ian I feel exactly that way when using a debit card.
A credit card, if misused, can run up your balance and then you dispute, and don't pay anything until it's resolved. A debit card, if misused, can drain your account and leave you penniless until it's resolved.
I always find it funny that americans think the button to oppose a payement doesn't exists on my banking app because I have a debit card and not a credit card.
> the lag time between hitting the button and getting your money back can be weeks.
Nope, it's as soon as the bank is aware. In your rush to correct me, you failed to understand that there are simply better customers protection here which make a product such as a credit card mostly useless.
Pretty sure that debit chargebacks lead to an instant credit (by regulation).
I'm almost tempted to test it right now but I am pretty sure I did this once and it took under 1 day
Ok now I asked a chatbot for how this is regulated. The answer was wrong as expected but it happened to mention the applicable regulation which can be looked up at gesezte-im-internet.de
It's mostly about who possesses the money. With debit, the money is transferred. With credit, the money is scheduled for transfer, subject to my approval.
This has basically nothing to do with it. A bank deposit is a liability of the bank, and possession is not a useful lens here.
What matters are the legal and contractual rights and obligations you have against the card issuer. In the US, these are historically different for credit cards (Fed Regulation Z) and debit cards (Regulation E), but since it's now effectively the same two schemes running it all and imposing their additional liability protections (largely motivated by considerations of brand perception, which would suffer if the same logo sometimes confers weaker protections).
The main practical difference nowadays is that in the case of debit cards, you're out your own money for a few days, while with credit cards, the only thing that temporarily suffers is your open-to-buy/line of credit.
> The main practical difference nowadays is that in the case of debit cards, you're out your own money for a few days, while with credit cards, the only thing that temporarily suffers is your open-to-buy/line of credit
Right, and this is GGP's main point
The risk to a debit card user in the US is higher because the money you need to pay your rent or mortgage may temporarily disappear due to fraud, and may take longer to resolve than your deadline with your landlord. When using a credit card, that risk is not on you.
The risk isn't bank transfers to your bank for your mortgage. The risk is card skimmers at a gas station or whatever. The theft isn't when you pay your rent, the theft is something preventing you from paying your rent, due to some totally unrelated prior transaction.
I think the risk is higher in the US compared to Europe because Europe was way faster to roll out chip stuff, whereas in the US it's still somewhat common to have to use the mag stripe.
Ah, I see. This is about the prevailing consumer protections. In the US, debit is not treated with nearly as much privilege as the EU. While credit signals debt in the EU, debit signals poor financial situation in the US, since credit enjoys protections debit does not.
The fraud detection of the card processors is effective and they will disable a debit card before that happens. I've always had the money returned automatically the few times I've had one compromised.
Same fraud systems monitor credit cards except in the American case you get at worst 1% cash back so 1% off the purchase price of everything and if something does happen, and regardless of protections fraud still occurs, it’s the bank’s money that is gone and not yours.
Separately the EU is a large collection of states and each one has its varying levels of participation and sophistication with payment processing. Apple and Google Pay are both widely used and that won’t change, and by and large there’s no good reason for Europeans to not accept American credit cards so they’ll continue to do so.
Anyone telling you differently either doesn’t have the slightest idea what they’re talking about or they’re just caught up in a pointless anti-American fervor. Even in countries such as France American Express is accepted in more places.
Accepting cards from US-controlled schemes is not an issue at all. The geopolitical issue is not having any alternative, and these US schemes being the only way to pay even in domestic transactions.
Almost nobody considered this a problem until a few years ago, but the relevant EU stakeholders got pretty rattled recently [1], and my prediction is that this particular bell can't be un-rung.
They are aware of it, but there is so much US dependency that its very difficult to reverse course let along unto what has been done. The EU's age verification app will only work on Google or Apple controlled phones. A lot of payments are done on phones. A lot of other things depend on phones too - my local bus company (in the UK) requires its mobile app for some types of tickets. I have had to use phone based ID verification already.
Well it doesn’t matter whether it’s un-rung. Europe can develop payments tech, folks visiting continue to operate like they normally do. The US is increasingly accepting payment mechanisms and cards from other providers too. Continued competition is good here all else being close to equal.
Each nation or economic block or alliance or whatever will have to decide which kinds of products and services they’ll want to protect or build in-house. While the EU lambasted the United States when it began taking measures to do what the EU is doing now, it’s encouraging to see the EU change course and start to protect its industries, though who knows how effective that will be. China is looming large over the EU, Germany in particular.
That's interesting argument. Here it is usual to have a daily limit on debit cards. You can not spend more money than that, so a thief can not drain your account. Also many banks give you multiple accounts (you can transfer between them instantly). The debit card is connected to only one of them, so if you keep part of your money on the other account, that couldn't be touched even if the card payment limit has technical issues.
Multiple accounts (both debit and credit) are normal in the US as well, but I have never heard of a debit account here that has a daily spending limit.
Sounds like the US and Euro systems work fine within their own borders. Solutions designed for one make less sense in the context of the other.
It gets interesting when the two system interacts. Friends visiting the US told me that at the POS terminal they had to choose credit card despite paying with a Visa/Mastercard debit card issued by an European bank.
By the way, here banks even have daily bank / wire transfer limit that can be changed only by a personal visit to a branch, so even if your online banking credentials are stolen, the attacker can not empty your account.
And that doesn’t always work. For example, at a Chevron petrol station in California in the middle of nowhere we tried several European credit and debit cards, and nothing worked. At the end, the guy working there helped us with some prepaid option at the counter. He didn’t believe us until he tried himself that really none of our cards worked.
But the situation is way better than 5+ years ago. Back then, almost every second purchase of ours had some problem with our cards in the US. Now, we had like one or two in more than a week.
But of course, some car rental companies still pretend that they are generous that they allow debit cards. Not just in the US.
> Friends visiting the US told me that at the POS terminal they had to choose credit card despite paying with a Visa/Mastercard debit card issued by an European bank.
The "credit" button in the US really means "use the Visa/Mastercard network and don't ask me for a PIN", as opposed to "feel free to ask me for my PIN and route the transaction over one of a dozen or so US domestic debit networks". The question doesn't even make sense for non-US debit cards.
Cards and accounts often allow the owner to set those limits for e.g. withdrawals or transfers etc. There's often a separate limit for home country and abroad. They're there to limit damage that might be caused by user error or stolen cards or something like that. (Or just to provide peace of mind.)
Wells Fargo for the longest time had a daily spending limit on its Check Cards and a daily withdrawal limit. If you had a Debit (not check card) your “spending limit” was your withdrawal limit.
If you tried to make a purchase above the spending limit it was a hassle. I am old tho.
Yep, that's why I always used CC and pay in full(until it become much more logical to pay the minimum and accumulate interest that is lower than the inflation).
It's much better to be indebted when buying something simply because if something goes wrong its much easier to convince someone to take their thing back when you haven't paid yet than trying to convince someone to send your money back and accept a return.
I've never seen a CC with an APR below 20%, which inflation has never hit in the US. But the logic is sound as long as your income is tracking inflation.
In US, maybe. In Turkey before the general election in 2023 the rates were kept so ridiculously low that you could have taken cash out of your CC and put the money in the savings account in the same bank and make money out of the arbitrage. Everyone did it, having good credit meant license to print free money, IIRC it was %2-%3 per month tax free net profit on the credit you took on your CC limit.
Visa isn't a party to your contract with your card issuing bank. Your bank is responsible for filing a dispute, representing it properly, and (according to applicable law and/or as a good business practice for somebody that wants to retain your business) potentially reimbursing you out of pocket if a given transaction has issuing bank fraud liability.
Sure, but the fees I pay for go to Visa for, among others, combatting fraud and credit card cloning. I filled up my bank’s paperwork, I don’t know the inner details of their relationship with Visa.
Unfortunately, the reality is that rather than your card being directly misused by a "shady" company, it's more likely that most companies you transact with do not have perfect security and will suffer a data breach that may expose your payment information.
Pretty much all of the EU had Visa- and Mastercard-branded debit cards since the turn of the millennium, so one has been able to buy stuff from the net and travel abroad without use of a credit card for decades now.
There is a midterm comming up in the USA. If you're living there and you're now not going to vote,I'm sorry but you're complicit. They might make it inconvenient, but you all still got some power left over there.
Afaik, either a few traditional red states turn blue and make it clear there is a limit to what's politically possible, or you're a dictatorship.
I always wonder if the internet is thesurvivor of the networking cambrian explosion, with a slight roll of the dice making another candidate the winner.
reply