He already pardons people and has no clue who they are or what crimes they committed. https://www.bbc.com/news/artic...

He only knows what his handlers tell him.

Now talk about Greenland.

Another Vietnam situation, lovely.

What does Tim Apple have to do with this?

Obama won the Nobel prize literally for not being George Bush.

Something something Obama. Something something DEI. Something something immigrants.

Dude give it up this ass kissing is pathetic.

It probably corroded shut and sealed itself.

I still can't get over BMW making an alternator bracket that's part of the oil system for cooling the alternator. Of course the seals go bad and your alternator bracket of all things is leaking oil.

More accurately, v6 needs to be ubiquitous because it's actually designed to be used for a global production network, and legacy ip needs to be relegated into a niche for retro enthusiasts.

It is legacy ip which is far more dangerous in the hands of someone who doesn't know what they're doing.

Speaking of the XSRF, here's a PoC:

This works on the default router provided by the ISP here, telnet.cgi accepts an arbitrary command and executes it as root so you can easily do something more sinister than reboot the router, the isp has many thousands of customers and most of them will be using the default supplied router, and this router vendor sells to other providers as well with only cosmetic branding changes to the firmware.
I see this exact model of router all over the place in small businesses.

This attack works because the internal address is easily predictable, and that's directly caused by nat - this attack is not practical against v6 because the address is not predictable and the range of addresses it could have is too large to brute force.

No, v6 needs to be ubiquitous. Having it only in the hands of those who understand enough to want it means that it won't be widely enabled, and thus becomes useless - eg if you travel somewhere you will constantly find yourself stuck on legacy links and thus will still be stuck with the cost/headaches of having to make your own systems reachable from such legacy networks.

Again all the more reason for more widespread use, so the bugs get discovered and pressure is applied to have them fixed.

Only thats already the case.
A lot of mobile networks have fully open v6, i can name several i have personal experience with and this has not resulted in compromised devices.
I'm aware of several ISPs that ship routers which are fully open by default, and 99% of users won't ever change those settings or even know how. This has not resulted in an increase of infected machines as modern client devices are set up to handle this, and random embedded devices are not practical to discover in the vast address space v6 provides.

I've seen many devices exploited via XSRF (see previous post), but this depends on a predictable address which nat provides, and is not practical with globally routable addressing.

That's not to say things couldn't be improved, but a default blanket "deny all inbound, allow all outbound" is stupid. This breaks p2p and is useless against today's threat profiles.
We need ISPs following the standards for v6 implementation (ie delegating a /56 prefix to users), and consumer equipment which creates separate isolated networks for different purposes.
For instance if i receive 2001:db8:100:100::/56 i would set up:

2001:db8:100:101::/64 - personal devices like laptops and phones
2001:db8:100:102::/64 - work from home (the IT dept has access to my work laptop, so i need to keep it separate from my personal things)
2001:db8:100:103::/64 - guests who visit my home (cell service sucks where i live so people are cut off if i dont give them guest wifi)
2001:db8:100:104::/64 - untrusted iot devices where both inbound and outbound is tightly controlled and restricted to specific addresses
2001:db8:100:105::/64 - kids, etc
2001:db8:100:106::/64 - voip phones where traffic is only allowed to/from the external voip provider (sip doesnt play well with nat, and a given provider can have a single v6 block vs fragmented legacy blocks so the acl is much cleaner)
2001:db8:100:107::/64 - games consoles (the xbox does p2p over v6 for certain multiplayer games)
2001:db8:100:108::/64 - cctv (i use poe cameras, so there is a risk of a physical threat actor disconnecting the cable from an external camera and trying to connect to it, so this needs to be isolated in its own vlan)

That way if anything suspicious happens and gets reported, i know immediately which vlan/ssid it came from, if you're stuck with nat then any external report is going to have the nat gateway address and while the capability for multiple ssids/vlans is realistic and already supported by some consumer hardware, the ability to log nat traffic and trace a specific activity that happened a few days earlier back to its internal address is simply not practicel with consumer equipment and would cost a significant amount to implement as you'd need to add storage to hold the logs.

In fact aside from v6, the ability to have multiple vlans/ssids is important for other reasons, such as having to operate weaker wifi security for legacy devices - eg various devices don't support wpa3 yet, and nintendo kept wep alive for many years because some of their handheld consoles didn't support anything else. What's needed is for consumer routers to support and encourage this, and make it easy to assign different access policies to different networks with a set of default profiles available - eg allow all, allow nothing, only allow one-way access from one of the other networks.

Many of them have a "dmz ip" feature which automatically forwards all ports to a specific host, its very easy to flip this on without understanding what it does.
There are also thing like UPNP that can result in arbitrary ports being opened.
Don't forget slipstream attacks either (google this).

If you're not aware if this then you've almost certainly never used v6 or managed an environment with it active, so your knowledge on the subject is extremely questionable. This in itself is dangerous because v6 is enabled by default on most things but a lack of awareness will lead to security risks.

The bar really has been lowered for fucking up.

That doesn't mean you expect to have every individual connection logged, or that the university would want to cover the cost of collecting and storing those logs.

Once you do have such logs (eg legislation in several countries requires operators to keep such logs if they're using CGNAT) then there's a commercial incentive to try and recoup some of those costs by data mining the logs and selling the data.

The rules also tend to be relaxed somewhat for residence halls - as people live there and don't generally study 24/7. Maybe porn or warez would still be frowned upon, but personal communication, gaming, legal streaming etc would generally be allowed in the residence halls outside of study hours even if not on the main campus.