this post was submitted on 25 Aug 2023
21 points (100.0% liked)

Programming

13376 readers
1 users here now

All things programming and coding related. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 1 year ago
MODERATORS
 

Read the doc, what are your thoughts?

you are viewing a single comment's thread
view the rest of the comments
[–] ptz@dubvee.org 13 points 1 year ago* (last edited 1 year ago) (1 children)

It's an interesting premise, but I don't think we need to dump TCP/IP, at least not for the Layer 4 TOR-like approach the article is suggesting.

There are lots of reasons to block an IP (or range) that have nothing to do with censorship. I audit my logs regularly to find IPs or IP ranges that are doing nothing but hacking attempts and block them in the firewall. I also have automated tools taking care of that in many cases (yay, Fail2Ban). I'm not censoring anyone in doing so, merely protecting my assets.

At the application-level, sure, I'm on board with what the article is suggesting. Many tools already exist for that and run on top of IP just fine. In those cases, they're no more or less susceptible to ISP/jurisdictional blocking than the solution proposed in the article, so no need to throw the baby out with the bath water.

Long story short, I do not ever want to run services, exposed to the world, where I cannot defend them from bad actors by denying them access at the network level.

[–] Darth_vader__ 2 points 1 year ago (1 children)

what if someone is using Tor to hack your services? Then you will be blocking Tor exit IP,therebty also censoring Tor users.

Overlay networks like Tor has another problem too, you will have to trust the network nodes, and someone can just run a lot of nodes to control a big portion of the network, or can just deny acces to the network.

[–] ptz@dubvee.org 6 points 1 year ago* (last edited 1 year ago) (1 children)

what if someone is using Tor to hack your services? Then you will be blocking Tor exit IP,therebty also censoring Tor users.

I'm fine with that, and that's not censorship as far as I'm concerned. :shrug:

Overlay networks like Tor has another problem too, you will have to trust the network nodes, and someone can just run a lot of nodes to control a big portion of the network, or can just deny acces to the network.

I was referring more to I2P "eep" sites and TOR hidden services (and similar). Basically an overlay internet that operates separately. I'm not saying TOR / I2P /etc aren't without their problems, but they've got a huge head start in addressing them versus something brand new.

But the big issue in replacing TCP/IP, the core protocol of the internet, is that IPv6 was introduced in 1995, has been supported by routers/OS's not long after, was ratified as a standard in 2017, and is still not deployed as widely as it should be. Replacing IP entirely is just not going to happen since it will require replacing or at least firmware updating millions/billions of routing devices to support a new protocol. Anything that supplants TCP/IP is likely to be an evolution rather than a re-imagination.

[–] Darth_vader__ 1 points 1 year ago

I'm fine with that, and that's not censorship as far as I'm concerned

I believe that is a form of censorship, hlocking a whole exit node only because it's used for hacking... it's like blocking a country because most of the users from the country are haters