@spritely @cwebber speaking of context collapse...
-
@spritely @cwebber speaking of context collapse... have you read...
"we must avoid the two opposite social deaths of a global monoculture and a set of isolated cults, and how the fractal patterns found in nature seem to present themselves as a good compromise." https://www.w3.org/DesignIssues/Fractal.html
-
@spritely @cwebber @lotte I'm afraid it means that NAT translation is healthy.
In nature, groups are made of people and people are made of organs and organs are made of cells; there are boundaries at each layer.
We shouldn't expect every device in the world to be connected to every other device without boundaries.
-
@[email protected] @[email protected] @[email protected] to be clear I have nothing against firewalls. believe me I've had my share of cyber security issues that make me thankful that we have firewalls-by-default on routers and such.
NATs however, are not necessary for security purposes - they're simply a solution to the limited number of IPv4 addresses available. and that's fair enough, but they're no longer necessary with IPv6. -
@dckc @lotte @cwebber @spritely I think you're missing something...no NAT, no NAT traversal, no having to figure out what your "real" address is, because, the endpoint knows the right information. It's not exactly theoretical: Comcast gives me IPv6 GUAs by default, and so do virtually all mobile phone networks I can think of.
-
Christine Lemmer-Webberreplied to Dan Connolly last edited by
@dckc @fdr @lotte @spritely It's dangerous probably to directly expose machines over ipv6, but is there any reason it should be if our software stacks better designed, if we had a more capability-oriented worldview?
I think often of Marc Stiegler's "perimeter security is eggshell security" which critiques many things, including a firewall-oriented perspective http://www.skyhunter.com/marcs/ewalnut.html#SEC44
See the "eggshell defense" subsection
-
Dan Connollyreplied to Christine Lemmer-Webber last edited by
