Starting from home.cisco.com, I went to the Linksys support page, searched for ipv6, and got three mundane hits.

Support is minimal, but there is something as indicated here:

http://homecommunity.cisco.com/t5/Cable-and-DSL/IPv6-mentioned-in-AG310-release-notes-but-can-t-find-it/m-p/258373?comm_cc=HSus&comm_lang=en#M7927

Re: IPv6 mentioned in AG310 release notes, but can't find it?

05-07-2009 11:03 PM

I found the setting in the end. It wasn't on the security tab at all, it was on the setup tab under basic setup.

If anyone else is interested in getting 6to4 going on their router, this is what you do:

1. Go to Setup -> Basic Setup
2. Scroll down to IPv6 tunnel, near the bottom just before the time/NTP stuff
3. Set Tunnel Mode to "to relay server"
4. Into Remote/Server address, type 192.88.99.1 (for the local anycast 6to4 gateway, if you have a specific one you want to use, enter that instead)
5. Tick "enable now"
6. Save and wait for the modem to reboot

After rebooting, the modem assigned me an IPv6 address. For some reason I can't ping or traceroute IPv6 hosts, but I can access them in my browser (eg. ipv6.google.com).

It's interesting there is no *direct* IPv6 support, but you can run IPv6 on the internal network and the router will tunnel it for you.

In an age where it's difficult to be sure if you have committed a crime or not, why wouldn't you prefer to keep your personal music, photo, software, art, and inspired revolutionary poetry collection private?

Remember we're talking about a country that has convicted someone as a terrorist for the act of writing poetry.

Are you sure *your* hard drive doesn't contain any incriminating poetry or other writings?

What about your dodgy downloads of TV programs? What about those get-iplayer downloads that you aren't officially allowed to have? That VM image with Windows or MacOSX installed in it? The police probably don't care, but do you feel 100% confident that those copyright infringments will be ignored?

Personally I have no idea if the 1.3 million files in my home directory contain anything incriminating.
It's beyond my ability to remember what all of them are.

I'd rather not encourage the police to sift through them looking for something if they had a vendetta.

I'd happily give up my passphrase if I thought it would actually help them solve a murder or something (or for that matter to get me off the hook for one - then I'm confident they wouldn't care about the lesser things),
but that is quite different from them snooping around "looking for child porn".

After all, I have no idea what constitutes illegal porn in the eyes of the police.

Especially a 19 year old needs to be aware that people can be convicted and put on the sex offenders register - with severe long-term social and career consequences - if they have pictures of themselves, and pictures with their consenting partner of similar age. He may not remember if he does or not.

Heck, even intimate *text* emails / IMs could potentially be construed as pornographic or "grooming" if he's been chatting with someone similar to his own age.

Chance are nothing would come up (assuming he doesn't have anything meeting the police's threshold of concern), but I think it's understandable if he does not have confidence in the system.

No, it makes you a criminal if you use foo.bin as your key to encrypt your data and then refuse to produce foo.bin on demand.

If you just scrambled your disk contents with random bits, that wouldn't be a crime, but, as with all non-crimes, if the court doesn't believe you beyond reasonable doubt, then you'll be wrongly found guilty.

The crucial thing in that case will be if the court has reason to believe your disk isn't full of random bits, beyond reasonable doubt.

If your machine boots up and asks for your passphrase to decrypt /dev/mapper/encrypted-home, when you claim that partition is genuinely just random bits, your aren't likely to be believed - even if it's true.

So don't do that. If you really are write random bits to a partition that triggers a passphrase prompt when booting, at least disable the prompt first or do whatever else is needed to stop it looking like an encrypted partition.

Filling a partition with random bits is good practice before using it as an encrypted store, and good practice if you are about to dispose of the hardware, so this isn't a completely fallacious situation.

If you're an IT professional, then by all means learn about and understand IPv6.

But it's a net loss investing in the routers and firewalls to make your servers have externally visible IPv6 ports and so on, if *everyone* you connect to does not use IPv6. That is just adding potential security holes, because unused entry points are easily forgotten when other people are auditing/managing firewalls.

Personally I can have IPv6 connectivty any time I want. Both on my personal machines, and the internet-facing servers that I manage.

I have configured IPv6 at times. But then decided to take all of the IPv6 interfaces back down again.

They were administrative overhead, gaining me nothing but a little satisfaction, and to be honest
they weren't entirely easy to look after - at the server locations, they added substantially to firewall and policy-routing table maintenance.

Why maintain them? Nobody I connect to or do business with uses IPv6 *at all*.

I've never yet seen IPv6 used except to play with it. Not even on 3G - my fairly up to date smartphone (a Nokia N900) shows me the mobile interface is IPv4 only - and that was true for all the phones before it.

When even just *one* person I deal with asks me if I can do IPv6, or offers a service that I need on IPv6, then I'll bring them back up quickly and accept the administrative needs. So far, it hasn't happened.

There are a *lot* of old router models out there. Many people are using 5-10 year old equipment at home, because there's no reason to replace it - old home routers are faster than the cable/ADSL still, and 802.11B is still good enough wi-fi if you're only using it to browse web sites.

Even if it was made law, vendors couldn't possibly provide software updates to all of those routers - free or paid.

In many cases the people who worked on the router don't work at the company any more, the schematics are lost, the source code is lost, and the chances of finding the source code and known-good toolchains even just to replicate the last shipped firmware are slim. It's totally impractical.

On the other hand, adding IPv6 support for all *new* routers is quite reasonable, and could have been mandated - or agreed within the industry - any time in the last 10 years to get us ready. But it wasn't.

You don't know how many people suffered and died as a side-effect of the identity theft and messages purporting to be from friends, and neither does anyone else - it is practically impossible to evaluate. But in such large numbers of people affected, there will surely be some effect. So the comparison is meaningless.

Nor do you know the economic damages caused by reactions to the spam. It certainly does cause lost time and money - lots of it.
Shouldn't the cost it causes be reflected in the fine?

If I travelled the world and stole just $1 from every individual, but nobody died, do you think I should be fined only a small amount, because it wasn't as nasty as medical experimentation? Even though I stole more than $6bn altogether?

Slashdot and Facebook cause lost time and money too (in some ways; there are also difficult to measure economic benefits). We don't fine everything that sucks people's time - only when there is an associated criminal act - which there was in this particular spamming case.

If the accounting is sane, any tax break should just cancel out whatever tax they would have to pay on it.
I.e. no overall benefit to Facebook.
But who knows, the accounting might not be sane :-)

I wrote an OS kernel in assembly in 1989. I couldn't afford a C compiler, and didn't have an internet connection so hadn't heard of GNU and things like that.

Actually most of the commercial home computer kernels in the 1980s were written in assembly. Think AmigaOS and CP/M.

You missed the point.

Using the GP's scheme, you can produce any data you want, by supplying a "key" which happens to be the same size as your drive and is the XOR of your drive's encrypted image, and the data you wish to make it apparently reveal.

I agree that you probably won't have access to the encrypted image and probably won't have a backup of it (with the exact same encryption).

At first that appears to make the GP's principle of preparing the "reveal kittens" fake key in advance make sense.

But to do that, you have to continuously update your fake key in it's secret location each time you write to your encrypted disk, which is no less effort than simply copying all writes elsewhere - except it gives a slight hint of plausible deniability in that there are two different things, and each serves as a "reveal kittens" fake key for the other.

XOR is too simple of course, but there will be other schemes which bear greater resemblance to real encryption and have the same properties.

It's not convincing, because you can generate that fake key with any kind of encrypted storage after the police have imaged your encrypted drive.

After they ask for a key, you fetch kitten pictures from the internet, and xor that with the drive image they have copied, and give them the result. They apply it using your suggested decryption algorithm - xor - and kitten pictures appear.

But it's too easy: anyone can do that, no matter what encryption scheme they've been using prior to the police raid, provided the person still has a copy of their encrypted drive.

So the police won't be convinced.

Actually sham acupuncture is used by some conventional Western-style doctors.... They can train in it over a single weekend, and some of them do remove the woo-factor.

Those who dispense with the Chinese theories say the needles block pain carrying nerves or stimulate release of hormones... but they don't really know any better than the Chinese what's going on. It's just a more acceptable explanation.

It's blindingly obvious you didn't read the links to controlled clinical studies showing efficacy in my other reply on this thread, here.

what it means for a treatment to "work"

No, I am not confused. I simply disagree with you. In the extreme, a mere placebo can save a life. I name that working; you do not. There is no point arguing further.

Another commenter put it very well: Real honesty would involve telling patients not only which treatments are more effective than placebo, but how effective they are absolutely.

But that's a side point, because there are controlled, clinical studies showing acupuncture to be more effective than placebo for some things. Feel free to disagree, or to argue that the studies are of poor quality, or not what they say they are, but don't make yourself look ignorant by denying that they exist at all.

actually effect the course of a disease or are better at relieving symptoms. In other words, using the scientific method to separate the real from the imaginary

I'm quite familiar with the scientific method, thank you. I will readily agree with any proposition that the methodology used to study this area is often of low quality and difficult to take seriously.

An interesting result from placebo investigations is that some placebo effect is found, in some scenarios, even when you don't lie to the patient.

In other words, while knowing it's a placebo reduces the effect, it doesn't always completely eliminate it, leaving room for ethical application and optimisation of what's left.

Not getting a reply can be as simple as the author didn't have time to reply. They may be too busy with life to respond to every email.

When a project is not active, the author probably only works on it once every few months for just a few hours on a rainy weekend, if they've looked at it at all in the last year.

Also, something like 'chntpw', I wouldn't be surprised if that gets far too many mails from annoying users, and also the author may have worried about legal liability if they sell it, as it can be construed as a hacking tool. It's not a great reason for no reply, but it's a possible reason for never quite getting around to it.

If you're serious about a proposal, write again, several times over the course of weeks.

It's difficult because you don't want to be paying silly money, but I would imagine you're more likely to get a result by offering a concrete amount which is large enough to make the author think it's worth their effort when you ask them to do something for you. It's hard to judge what that is though.

Remember that most of the 'open source bounty' sites had bounties so small that they weren't worth the time reading the proposals, let alone doing them... they were mostly token amounts. I would guess there's a bit of perception among FOSS hobby coders who don't sell their software commercially that what someone's offering is a token amount, so if it's an unpalatable request, don't bother.

If I were the author of that program, and I'd kept it closed source, I'd have stopped to think about your offer, but then I'd probably have decided I was spending too much time worrying about a tiny amount and/or legal uncertainties. If I were feeling like your mail was the 100th that day, it'd probably get forgotten or deleted.

On the other hand, if you stated up front that you'd be willing to pay $1000 for me to open source the app, I'd take it seriously, as that's enough for me to take a day off work and make time just for you.

I'm guessing it's a bit different for freelancers who are used to juggling their time around for people, so can take on smaller units of work and respond that bit more quickly and professionally. But I guess most hobby coders don't have that ability. Full time job + family + friends = not much time or flexibility. Make it worth the hassle.

[LIsp] is the only language I know of where you can use its macro facility (reader macros, to be specific) to fully implement another language with arbitrary complex syntax. In other words, a program written in any textual language can be a Common Lisp program if you insert a corresponding CL reader macro definition at the beginning of the code.

Perl can do it too.