A friend gave out an email gmail@hisname.com (he owns the domain). He says it's incredible how many people "corrected" him, and how persistent some of them were. :-)
> But for the past two months our agents have been working on an even more ambitious project: rebuilding the WordPress open source project from the ground up.
> no WordPress code was used to create EmDash
Hm. Do you think those agents were trained on WP code?
I'm not confused about the NAT / firewall distinction, but it might be nice if my ISP didn't have a constant, precise idea of exactly how many connected devices I owned. Can that be _inferred_ with IPv4? Yes, but it's fuzzier.
Okay but why does this matter? They're your ISP they also have your address, credit card number and a technician has been in your home and also supplied the router in the common case.
The theoretical vague problem here is being used to defend a status quo which has led to complete centralization of Internet traffic because of the difficulty of P2P connectivity due to NAT.
The ISP still doesn't know how many devices are connected, because a lot of those devices are using randomized and rotating IPs for their outbound connections.
On Linux, I think the defaults are left up to the distros so there is a chance of a privacy footgun there. Hopefully most distros follow the example set by Apple and Microsoft (a sentence I never thought I would write...)
All desktop/mobile OSes today use "Stable privacy addresses" for inbound traffic (only if you are hosting something long-term) and "Temporary addresses" for outbound traffic and P2P (video/voice calls, muliplayer games...) that change quickly (old ones are still assigned to not break long-lived connections but are not used for new ones).
There are genuine improvements in IPv6 aside from the abundance of addresses. The two that immediately come to my mind are:
1. SLAAC means routers no longer need to keep a record of each client on the network. With DHCP, the router had to maintain a table of which addresses had been assigned and getting an address involved 2-way communication. With SLAAC the router just periodically broadcasts the prefix to the network and any device that wants an address can just listen to that broadcast and assign themselves an address within that prefix without having to inform the router and without the router needing to maintain a table of assigned addresses. (2-way communication is still possible since devices can solicit a broadcast but it is not necessary)
2. With IPv6, middleboxes are no longer allowed to fragment packets. The only device that can fragment a packet is the original sender. If any segment along the path has a lower MTU than the size of the packet, the original sender is notified and then they can fragment the packet.
This. Sure there are still some applications that might be difficult to v6 enable, so either patch it or use one of the myriad of options to give it a v6 front end.
Well that's a bit misleading answer. Some apps refuse to work if G services are disabled, so they clearly communicate with them. It would be nice to know what exactly G learned about the phone through those "sandboxed" apps.
It's an Android service. But unlike on regular Android where Google play services have hard-coded special permissions, on Graphene it is an ordinary android service with all the same strict rules applying to it, as to any other service you could write.
So an application of course can use other android services if it declared that, that's why it can see whether it's running or not. But you are in full control whether google play services is installed, and what it can use.
Of course this may break certain apps (Google maps location sharing will probably not work with the location permission denied for play services), which may or may not degrade gracefully.
reply