shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

246
active users

#cgnat

3 posts2 participants0 posts today
Replied in thread

@destiny yes, but that deoends on your ISP, Internet Setup, Firewall and how shoved your NAT table is.

I was able to max oit the wifi at my university for downloads in the past...

Replied in thread

@Jarek @landley that assumes #IPv6 addresses are static (Providers in #Germany do "pseudostatic" alike #IPv4 and unless one's a business customer, will forcibly disconnect once each 24 hours and reassign a new IP) and that applications ain't configured to prefer IPv4 over IPv6 just to avoid timeouts and having to check if IPv6 exists since the only "#IPv6only" #ISP I know is #Starlink (and even they do #CGNAT due to customer complaints…)

Replied in thread

@landley @jschauma @ryanc @0xabad1dea yeah, the exhaustion problem would've been shoved back with a #64bit or sufficiently delayed by a 40bit number.

Unless we also hate #NAT and expect every device to have a unique static #IP (which is a #privacy nightmare at best that "#PrivacyExtensions" barely fixed.)

  • I mean they could've also gone the #DECnet approach and use the #EUI48 / #MAC-Address (or #EUI64) as static addressing system, but that would've made #vendors and not #ISPs the powerful forces of allocation. (Similar to how technically the #ICCID dictates #GSM / #4G / #5G access and not the #IMEI unless places like Australia ban imported devices.

I guess using a #128bit address space was inspired by #ZFS doing the same before, as the folks who designed both wanted to design a solution that clearly will outlive them (way harder than COBOL has outlived Grace Hopper)...

If I was @BNetzA I would've mandated #DualStack and banned #CGNAT (or at least the use of CGNAT in #RFC1918 address spaces) as well as #DualStackLite!

Continued thread

@torproject same with #obfs4 bridges: there is no option to say like ports=80,443 or similar, which makes it cumbersome to get said bridges.

And trying to get places to #DontBlockTor that criminalize the use of #Tor is foolish at best.

Continued thread

Issues aside it's now 15 years since I started using #Tor / @torproject & @guardianproject / #Orbot on #Android full-time.

Because in #EDGEland they yeet users to 64kBit/s if not even lower to 16kBit/s past paid bandwith and instead of properly renegotiating the bandwith, they trottle connections by reducing the packet rate / dropping packets, making it as #laggy as a #GSO-based #SATCOM connection!

  • On top of that, almost all #MNO|s & #MVNO|s illegally use RFC1918 Address space, *espechally 10.0.0.0/8 for #CGNAT, thus bricking #VPN|s and sadly @BNetzA doesn't really give a damn!
#mno#mvno#cgnat
Replied in thread

@kubikpixel @malwaretech @tomscott or to put it into perspective:

I worked at a telco, and whilst clients were above-average in terns of bahaviour, one does get a high single digit or low double-digit amount of LEA requests per day per x million customers.

Now imagine the average #VPN has similar utilization as a #CGNAT, so easily they'll have #LawfulInterception going on 24/7 because logless VPNs are a lie and besides circumventing #Geoblocking they don't do anything else...

  • In fact I'd argue it'll be more privacy friendly to self-host a VPN on-demand with flexible hoster or just having a fixed IP at home, simply because those usually have a higher bar for getting surveillance approved.

TLDR: Just get @torproject @tails_live @tails / #Tails and good.

Twitterthaddeus e. grugq on Twitter“I’m gonna tell you a secret about “logless VPNs” — they don’t exist. Noone is going to risk jail for your $5/mo https://t.co/Q2aOQJkG4g”
Replied in thread

@tschaefer fängt damit an dass bis heute nicht alle #IPv6 haben oder bekommen können...

  • Bspw.: Verweigert mein #ISP die Bereitstellung von echtem #DualStack. (Deshalb kann ich diesen Post auch nicht direkt aufrufen!)

Umgekehrt sind bis heute nicht alle #Diensteanbieter & Services von #IPv4 auf #IPv6 migriert worden.

Sorgt zwar für Henne-Ei-Problem, wäre aber durch die @BNetzA lösbar indem diese zwangsweise je IPv4 mindestens ein /64 an IPv6 vorschreibt und Bullshit wie #CGNAT [insbesondere mit #RFC1918-Addressraum] verbietet!

  • Besonders Bullshit wie #DualStackLite ist murks: Entweder korrekt Dual-Stack oder lasst es sein!!!
ipv6.socialThomas Schäfer (@tschaefer@ipv6.social)@kkarhan@infosec.space Du hast die Behauptung aufgestellt, dass IPv6 only vieles bricken würde. Also was?

"These days with CGNAT, the spammer doesn't just have one IP at a time, he has the whole pool to spam from, funnelled through a single IP that is shared with a lot of innocent victims of their ISP's policy." 

👉 Internet service providers - learn more about the problems with Carrier-Grade Network Address Translation (CGNAT) and what you can do to protect users:

spamhaus.org/resource-hub/netw