fernando at lozano.eti.br
Fri Jul 12 14:41:41 UTC 2013
>>> If manufacturers and software programmers don't pull their fingers
>>> out, we'll be faced with even more ISPs subjecting their clients to
> Fernando Lozano:
>> Would this be so bad? Most people at work have been working using NAT
>> for years. NAT increases security. Most internet users don't need to
>> run servers.
> Yes it would. NAT doesn't really increase security. It gives the
> illusion of doing so, because it usually breaks networking, but not
> always (just one reason why you shouldn't pretend it's a firewall).
IMHO globaly-addressable client devices increase security risks. NAT
make some things more complicated, but I'd rather improve NAT
technologies and application protocols to work with then. Many experts
argue in favor of NAT even for IPv6 networks, see for example:
> Users do things that act like servers, and require connections to get
> through to them.
IMHO they shouldn't. End users will never know enough to implement
proper network security. Cloud services would provide better
alternatives to most "server-like" things users would want to do, with
cheap and free options.
> Just a few things that become nightmarish with NAT:
> Using some FTP servers.
It's a protocol broken by design, with connection call-back connections.
I'd eliminate FTP altogether.
> Sending files through instant messenger clients.
Put Dropbox, Google Drive or the like suppport in IM clients. Push for a
standard REST API for this kind of services, so IM developers don't have
to write code for a myriad different services.
> Voice over IP.
Improve VoIP protocols. Most VoIP users will anyway depend on
centralized servers for realiability (like Skype supernodes), presence,
authentication, or interoperability with POTS and cell services.
> Using any type of peer-to-peer software.
IMHO peer-to-peer in general is a boken concept. It's nice for
experimentation, good for politics (you won't depend on a big
corporation) but increases network security risk. There are technical
alternatives to peer-to-peer designs that IMHO lend to better security
and QoS. On the political side, standards and ONGs should prevent
dominance by big corporations.
Cloud VPN services would allow end-users to get connections to their
home machines if they want, at the same without exposing them to scans
and attacks from the whole Internet. I'd focus on improving those offering.
s, Fernando Lozano
More information about the users