The notification happen when the fix was shipped. That people would prefer to been spoon fed only serious security issues is understandable, but not realistic.
A large percentage of kernel fixes have the potential to be similarly bad. For some the potential isn't even realized until after the fix has shipped.
Ever stable release GregKH says you must upgrade now, because there is something security relevant in there. This happens at least once a week.
As for shared hosting providers it is my sense that there is always at least one local privilege escalation available to miscreants. Making shared hosting only safe if there is a certain amount of trust.
I remember bugs that were similarly bad from my university days 30+ years ago. Has anything substantially changed?
It describes in detail what a home router needs to be doing to make all of this work seamlessly.
Things work so well that half the world has working IPv6 already.
Openwrt pretty much implements all of this out of the box.
If you are struggling with IPv6 I recommend reading up on where it is at today and figuring out how whatever makes your network special can be done using IPv6 with no fuss.
Personally I have moved several times changing ISPs in the process and my IPv6 setup involving multiple LANs on my home network has just continued to work. IPv6 renumbering events just work seamlessly and completely automatically.
Historically the only practical hold up to IPv6 adoption has been the ISPs not rolling it out to their customers.
And I know the homenet WG has concluded but I found RFC 7368 IPv6 Home Networking Architecture Principles[1] interesting as well, including its discussion of reachability and RFC 6092 Recommended Simple Security Capabilities in Customer Premises Equipment (CPE) for Providing Residential IPv6 Internet Service.[2] IPv6 still occasionally seem more flaky than IPv4 with some set ups though.
> If you are struggling with IPv6 I recommend reading up on where it is at today and figuring out how whatever makes your network special can be done using IPv6 with no fuss.
> ...
> Historically the only practical hold up to IPv6 adoption has been the ISPs not rolling it out to their customers.
Yep, that's where I am. Frontier FTTH, IPv4 only. Because....I have no idea why. Because Frontier sucks, basically? They have at least started their rollout:
I don't have a program that uses it, so it's not my place to watch mailing lists for it getting deprecated. Basic searching of Github however (what I'd have expected them to do before removing it) reveals 20k files that contain IPPROTO_UDPLITE, and many projects that use it directly. Probably the most renowned is FFmpeg (!!!).
When Wirth talks about modules and abstraction I believe he was talking about what was known as the software crisis. In particular the observation that as programs size increases the number of possible interactions of program components grows quadratically.
Modules in particular and good abstractions in general make the number of interactions between components tractible.
The N^2 component interaction problem is real and it continues to cause problems.
Even with our best solutions there is room for improvement.
Last I paid attention there was a culture that had developed around the administration of CISCO routers because things that should be unrelated affecting each other is a real world problem for the administrators of those routers.
Any time something changes in siftware and something unrelated is affected this general problem is making it's appearance.
There is also a long term tension between abstractions and entire system simplicity. The wrong abstract or an abstraction poorly implemented can make things worse.
Wirth was talking about "modular programming", a term that isn't as well-known today as it once was. It's where Modula got its name, and there were entire conferences and journals that arose in response to the term's coinage. Ultimately the label "object-oriented" got a lot more mindshare, even to describe concepts that can be accurately described as modular programming and aren't terribly accurately described as object-oriented (generally lacking one or more of the necessary message-passing and "extreme late-binding" criteria required for O-O).
My EV is absolutely terrible range wise at cold weather. It is EPA rated at 220miles of range. I only see that when the temperature is at or above 80F.
Most of the winter it tells me I can only do between 100 and 120 miles. It is definitely half the EPA range with climate controls disabled at 0F. (Ask me how I know).
I love driving it in the winter.
I don't have a pressing need to go long distances, so that is not a current concern. Not having to stand outside in the bitter cold to fuel up in absolutely awesome.
There are EVs on the market that do much, much better than mine in cool weather and I now know what to look for.
To really penetrate the midwest it will take a car that can realistically do a road trip to Florida from say Duluth, MN or Michigan's UP in the winter.
Because not only do folks in the midwest drive long distances without a second thought, they sometimes do it in the cold of winter so they can get a break from the snow.
So yes still getting 90% of the range at -40C does sound attractive.
That right there is a big problem to begin with. The headline EPA number only reflects reality if you have a mix of city and highway driving. The problem is that people only care about range when driving 75mph. I think the headline EPA number should reflect that reality.
Having moved between states and taken a lot of drivers tests. I can say the exact rules are something that vary between states and over time. Including how it was taught.
My first drivers test was yield to the right. Later it was fifo order of who made it to the stop.
My running interpretation is fifo order with yielding to the right in case of ambiguity.
A large percentage of kernel fixes have the potential to be similarly bad. For some the potential isn't even realized until after the fix has shipped.
Ever stable release GregKH says you must upgrade now, because there is something security relevant in there. This happens at least once a week.
As for shared hosting providers it is my sense that there is always at least one local privilege escalation available to miscreants. Making shared hosting only safe if there is a certain amount of trust.
I remember bugs that were similarly bad from my university days 30+ years ago. Has anything substantially changed?
reply