[AusNOG] IPv4 Exhaustion, APNIC EC, and James is a nice bloke ; -)

Bevan Slattery Bevan.Slattery at staff.pipenetworks.com
Sun Jul 20 19:18:12 EST 2008


Hi,

> I'd like to see accessible devices all throughout the home, 
> so that they _can_ be managed. Not necessarily by the 
> end-user, but by the appliance manufacturer, or a third 
> party, or hell, a fancy Web-2.0 site that talks to all your 
> devices for you through one easy central portal. <-- (If 
> anyone makes a wad on that one, I want in.)

Whilst I agree on a 'wish list' perspective I think that's a nightmare
waiting to happen.  Apart from the IPv4 exhaustion the other argument
for providing so much address space in IPv6 land is that everything will
be connected.  Yes everything.  When router manufacturers (Billion,
Dlink, Netgear etc..) have a disgraceful failure rate for MANUAL
firmware upgrades, what chance do you think my internet fridge, internet
TV and my internet toilet is going to fair?

> Even worse, is if you don't, and assume because they're 
> behind a NAT box they'll stay safe. Yeah, until the user runs 
> a flash applet that exploits his box, or your recipes display 
> on your fridge goes does the same thing, and proceeds to take 
> over the entire home network, or one of the thousand other 
> ways it could happen.

It's more safer than having the internet fridge sitting on public
address space and having the hacker launch that flash applet remotely,
that's for sure.  I agree with your position that this is the ideal
situation and I want to get there too.  But take a walk to your
help-desk and ask your guys "How much fun is it to take a clueless
customer through a manual firmware upgrade on their D-Link modem?".
Then ask, would you like D-Link to do that remotely and without user
interaction.  Now ask them "Would you like to get help desk calls from
users also ringing because their fridge/TV/PVR/Wii/whatever isn't
working and it must be an ISP problem".  All because (without their
knowledge) sometime in the middle of the night the manufacturer put out
a firmware update which had a 90% success rate.  Think about how many of
these devices will also be plugged in with users not changing user:pass.
Given them a unique user:pass you say?  Isn't going to happen.  I pity
the tech support people if this happens.

I am not saying this can't happen, but a simple reality check in
acknowledging the entire internet industry has taken 10+ years to work
towards even looking to *really* implementing IPv6 despite the asteroid
hurtling towards earth, and one that doesn't even have the confidence to
allow Cisco/Foundry/Juniper to auto-upgrading the firmware on our
nx$100k routers what level of commitment towards supporting
auto-updating firmware should we honestly expect from the manufacturer
of an $100 IP enabled kettle with an OS that's about the same size as
that of your Commodore-64...

Cheers

[b]



More information about the AusNOG mailing list