Fellow /. readers: Am I the only one that is having problems parsing this?

I realize this thread is about New Zealand, not the USA, but in the USA, religion, or more accurately, the right to practice a religion as one saw fit as long as it didn't infringe on others' rights, long-predated equal rights based on skin color ("race"), national origin, gender, or sexuality. Freedom of religion was enshrined into our Constitution almost from the beginning, right alongside freedom of speech, freedom of the press, freedom of assembly, and some other basic rights (it's in the Bill of Rights, which was added on very shortly after the Constitution was written).

Discrimination because of race and national origin was nominally outlawed by changes to the constitution in the mid-/late-19th-century after our country's Civil War. Those same amendments played roles in courts ruling that other minority groups were entitled to "equal protection under the laws" in the nearly 150 years since then, including the recent Supreme Court ruling regarding same-sex marriage.

The US Constitution still does not provide an explicit ban on gender discrimination (the "equal rights amendment" was proposed in the 1970s but the proposal's built-in clock expired before it was adopted). However, given Supreme Court decisions over the last few decades, it's probably safe to say that, at least with respect to the behavior of governments and of companies and institutions that do business with the public, discrimination based on gender is likely to get you hauled into court and you are likely to lose unless you have a very good reason (a female sex offender suing a drug company conducting a study on the effects of testosterone-blocking agents on only male sex offenders, for example, would likely have her case tossed as being frivolous).

Well, except Louisiana - its legal code is based on Napoleonic law. That's a whole 'nuther ball of wax.

I assume you mean "as distinct from common law" as opposed to the more commonly-used (pardon the pun) "as distinct from criminal law".

Start a no-comments-allowed blog called "TWRYX's blog" (or whatever the five-character name is) and make it very boring so it doesn't generate much traffic. Have your hosting provider block traffic for the rest of the day if it exceeds more than a pre-set limit so you don't get billed for any overages.

Bonus points if you can make it a backronym to something connected to something about you but which doesn't compromise your personal security (e.g. "Tennessee's Wacky Railroad's Yellow Xings" if you lived in Tennessee and thought the yellow railroad-crossing-ahead signs were whacky when you were a kid).

If I were fired, I would want my former employee to give me the courtesy of not talking about the situation without clearing it with me first.

Unless I've been arrested, am under indictment, or being sued by my former employer and the suit is not under seal, the reasons for my departure should be private until I say otherwise. Even then, nothing should be said other than what is already in the public record.

The only thing they should say without me giving them permission to talk is if I am eligible for rehire, and then only if am applying for work or a position of responsibility somewhere else and that employer or entity routinely checks past work history.

Other than that, yeah, Reddit probably should have handled things better.

Prediction: The movie industry will strong-arm Netflix etc. to require every user whose actual residency isn't known through billing or other records to state, under penalty of perjury, what country they are in every time they sign in (or at least at regular intervals, say, weekly). For those whose billing addresses are known, I would expect the movie industry to insist that Netflix etc. make it a condition of the contract tha the person would not knowingly deceive Netflix into thinking the person was outside of his home country when he was physically inside his home country.

They will also require Netflix, etc. to look for suspicious behavior, such as "globe-trotting" by someone whose viewing patterns suggest a stable time zone, and either investigate this behavior themselves or (except where privacy laws prohibit it), give Netflix, etc. the option to provide the information to the content provider so they can do an investigation.

Since the customer swore under oath, if they are found to be lying, they can face not only having their Netflix access terminated and being sued by affected parties, they can theoretically face criminal charges.

I also expect content providers to lobby governments to make it easier for content providers to identify and stop people from lying about the country of origin for the purposes of financial fraud (which is, of course, what the content providers will paint it as).

Having said that, there are several good reasons besides intentionally trying to get a movie you "aren't allowed to have in your country" that you may appear to be "abroad." Three obvious ones are 1) you are using a corporate network whose firewall is in another country, 2) you are abroad and are using a VPN that is in your country of origin (or, more specifically, your personal VPN in your own home), and 3) you are near a border and are connected to a neighboring-country's cell tower.

For what it's worth, I won't like it if this comes to pass, but I predict it will.

**fake gripe mode engaged**

Oh great, now I have to have at least one machine on my network with an older web browser so I can manage those older network devices that still use SSL3- or other-broken-security-protocol-based web-management.

Now maybe my company's bean-counters will understand when I say "it's time to replace that 5-year-old photocopier/scanner/printer since we can't simultaneously run the monthly usage reports and keep our computers as secure as we would like."

**end fake gripe mode** ...but seriously...

This (removing support for broken protocols) is a good thing, in that it will make sure that all the computers in my business that do NOT need to run those billing reports are up-to-date with respect to security. I can keep my eye on the one machine (which I will likely re-build as a VM) that needs to have a less-than-secure web browser and make sure that nobody uses that web browser for anything except running these reports. There isn't really any need to replace this copier as long as the cost to the business of keeping that one computer with the old web browser up and secure is close enough to zero to be mere "noise" in the budget, which it is, at least for now.

I bet if you did a study on how sleep, hunger, low-level chronic pain, being annoyed (e.g. arriving late at work after being stuck in traffic), or just about anything else affected moral thinking, I bet you would find most things that affect emotions also affect moral decision-making. I know from a lifetime of empirical study on myself that sleep, hunger, etc. do affect my emotions and general decision-making. I have not studied my moral decision-making in light of these factors enough to draw a firm conclusion. Since the sample size (n=1) is small and there was no control group, I hesitate to extrapolate even the results that I do have to the general population. More study is required.

The fact that there are still network service providers working on IPv6 roll-outs means "more time" is exactly what we need at this point.

More time and some incentives to the ISPs to hurry along and finish the job. Given that this should have been completed years ago, methinks it's time to take away the carrot and use the stick: Regulatory agencies should consider limiting ISPs' abilities to take on new customers until such time as they are providing IPv6 to an ever-increasing percentage of their customer base until all of their customers have IPv6 connectivity and have an easy, no-cost-to-them (other than perhaps replacing their non-IPv6-compliant equipment) method of getting all of their machines up on public-facing IPv6 addresses if they so choose.

Are you saying that you use addresses that are assigned by ARIN or a similar authority to NCR, but as far as the Internet is concerned, the address are in a range that not in use ("no route to host")?

You are one mis-configured BGP announcement away from that statement becoming false. I hope you are practicing "defense in depth."

Using private addressing is like living in a building with only one entrance and hoping the bad guys won't get through that entrance.

Having a firewalled public address is like living in a building with only one (or more - all under your control) entrance and hoping nobody accidentally creates a second entrance that you are unaware of/don't control.

The comment about "security in depth" is well-taken.

A hybrid method - which might actually be in IPv6 (I haven't read all of the relevant standards documents) would be to specifically declare certain IPv6 addresses or ranges as "private," and routers not specifically configured to handle those addresses would be required to drop those packets. In other words, if IPv9 had such a standard (it does not) and I owned 9.0.0.0/8 and I declared all addresses other than those ending in .1 to be private, and I didn't configure any non-9.0.0.0/8 routers to specifically handle 9.0.0.0/8 traffic, any traffic not routed through a 9.0.0.0/8 firewall ending in .1 (and having its "public" IP masqueraded into an address ending in .1 in the process) would be dropped by the first standards-compliant non-9.0.0.0 router that it encountered. This way, if an employee intentionally or accidentally connected a machine to both a 9.0.0.0/8 network and another network at the same time and the machine started routing traffic (which shouldn't happen if my internal network isn't broken in some other fashion), the first upstream router of the external network would say "woah boy, I can't handle that traffic, *DROP*. Defense in depth.

Granted, this would not stop a rogue employee who knew what he was doing from setting up a firewall that did its own address translation. This scheme provides some security, it is not intended to protect against all adversaries. It also has most of the other weaknesses of NAT, including client-based vulnerabilities where an internal machine is p0wned and has relatively-free run of the network (well, as free as if the network were entirely publicly-addressable/publicly-accessible).

A list of companies still holding an entire /8 block, culled from the Wikipedia article List of assigned /8 IPv4 address blocks and verified against https://www.arin.net/ and https://apps.db.ripe.net/searc... on 7/2/2015:

3 - General Electric
4 - Level 3*
8 - Level 3*
9 - IBM (partially *)
12 - AT&T Services*
15 - Hewlett-Packard
16 - Hewlett-Packard (inherited from Digital Equipment Corporation via Compaq)
17 - Apple
18 - MIT**
19 - Ford
20 - Computer Sciences Corporation
32 - AT&T*
34 - Halliburton
38 - PSINet*
44 - Amateur Radio Digital Communications***
48 - Prudential Securities
53 - Daimler AG (via RIPE)

This list does not include military, postal, or other government entities.

* Network service provider

** Educational institution

** Special-use, mostly unreachable, see Wikipedia's article on AMPRNet for details

If the FTC made a ruling that advertising "Internet access" was deceptive advertising if full IPv6 support was not part of the package, it would probably push change in the right direction.

The way it MIGHT work is that ARIN would take the 3 block and in a controlled manner that won't break anything convert it into a bunch of /9 through /16 or even smaller blocks based on what GE is currently using. It would give GE a short period of time - maybe 30-90 days - to justify why it should be able to keep the blocks it is not currently using. If they give a good reason, they keep them. If they give no reason ("we have plans to use them in the next year, we'll show them to you if you sign an NDA" would be a good reason), they lose them. If they give a lame reason then it goes to some dispute resolution, effectively allowing GE to keep them for the duration of the dispute process.

Frankly, I'm surprised that ARIN didn't foresee this ages ago and ORDER anyone with a block bigger than, say, /12, to attempt to split up their address range, consolidate if practical, and return any unused blocks that were /16 or bigger. If this had been done, say, 10 years ago the process could have been be repeated 5 years ago but with the order applying to anyone with a range bigger than /16 to split, consolidate, and return any /25 or larger unused block. A year ago the same order could go out to everyone with a block bigger than /24 with an order for them to return all unused /24 blocks. I don't know if it's feasible for blocks smaller than a /24 to be handled by ARIN, but if it is, then they should start requesting those ultra-small blocks as well.

Oh well.

I've got plenty of unused numbers in my 10.x.x.x range.