From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 8CE44138010 for ; Sat, 30 Mar 2013 15:10:55 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B69F5E0963; Sat, 30 Mar 2013 15:10:41 +0000 (UTC) Received: from nm14.bullet.mail.ird.yahoo.com (nm14.bullet.mail.ird.yahoo.com [77.238.189.67]) by pigeon.gentoo.org (Postfix) with SMTP id EDA56E095A for ; Sat, 30 Mar 2013 15:10:39 +0000 (UTC) Received: from [77.238.189.48] by nm14.bullet.mail.ird.yahoo.com with NNFMP; 30 Mar 2013 15:10:39 -0000 Received: from [46.228.39.84] by tm1.bullet.mail.ird.yahoo.com with NNFMP; 30 Mar 2013 15:10:39 -0000 Received: from [127.0.0.1] by smtp121.mail.ir2.yahoo.com with NNFMP; 30 Mar 2013 15:10:39 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s1024; t=1364656239; bh=9vWVCbwZQ59Jh7hvV5YcZOqtuyGgYnbUvNcu/F2drss=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:X-Rocket-Received:Date:From:To:Subject:Message-ID:In-Reply-To:References:Mime-Version:Content-Type:Content-Transfer-Encoding; b=m59Kv+qM0baOvK8M1N7MUfsG81dYAwtYozDRD6/TDPpCTZV3LbcRSHs0yagwAwe0j2cTbMkdK7Bagbw0dGxaeD6MwYmDVuGQyosssYCU0kSCGju60XGYjFcM3ajIEndQvQ5AYqt7A51lA1DstL/61HorFRAK8YZAOhL6xUydJBI= X-Yahoo-Newman-Id: 114139.67718.bm@smtp121.mail.ir2.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: bxk8E7UVM1n1DHqiuvmaPM_XJM7pxCeAO2gM2HlbtFihNDt WN15BStd7Tfd2JVLk_8dbncxnNPKJdLzSAwWkByUZvPXw78O8Hc.uLjEuJRt WLCd3hiRvhojPMNhJLT3JRrYM6SG11HOlBeHYU6CYmoopXpIipo35KYDZ9Au _iK6imZD9ZyOlKAq6qE3tsJCmMyBJl6UQxwDnWE0M60DUjq5v_WwtHkm4Z7B i9VjRhTsIq3hWScGKipOyMoj1.IoArXz7w5IJkEREllkxhwm6fYAjddkPx6U ruTKwH9ZfHsEJLXBlt9kW_gt7yJ8HwpPVkIsJeVDxL9Gwr8LVO2CHfUrCotZ ll1Vzb1CVu_QKsN_PcvGDUNT4hbOmqblRu7TKAoKDsQFHqPOx3kcL6EoFs1n vQdPlP7oJQLmb5q9TakcGZO7vRyLZyEcs4PcxORPM9Od.8yMa X-Yahoo-SMTP: UxXxlhuswBC4wbdewolpwSmT1iJVzQ-- X-Rocket-Received: from kc-sys.chadwicks.me.uk (ma1l1ists@92.27.156.6 with login) by smtp121.mail.ir2.yahoo.com with SMTP; 30 Mar 2013 15:10:38 +0000 UTC Date: Sat, 30 Mar 2013 15:11:17 +0000 From: Kevin Chadwick To: gentoo-user@lists.gentoo.org Subject: Re: [Bulk] Re: [gentoo-user] How to prevent a dns amplification attack Message-ID: <20130330151117.542b249b@kc-sys.chadwicks.me.uk> In-Reply-To: <9E829B28-D041-488B-BD22-3E25E6E51A35@smash-net.org> References: <51540497.5020008@smash-net.org> <5154A1BE.7010308@gmail.com> <201303290049.23399.peter@humphrey.ukfsn.org> <9E829B28-D041-488B-BD22-3E25E6E51A35@smash-net.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 6cb14962-61ab-48e7-90df-06e21b2a1c19 X-Archives-Hash: a322b9dffdc2db7b4818a0585a985329 On Sat, 30 Mar 2013 13:06:16 +0100 Norman Rie=C3=9F wrote: > As we all know everything works better and cheaper when things are > privatized Actually No it's not so simple at all. You get incompetence in private and public and you may be more likely to get away with it for longer in a public service than in a market with competition but there are many examples where things simply get worse. In the UK, water companies were privatisied and fat cats made lots of money letting the pipes deteriorate for future generations. British Telecom, well that's a mixed bag but it is certainly a tiny shadow of it's original self. We know ideals and theory hardly ever work but theoretically public should be much better when well managed. I wonder if ISPS wouldn't be handling things like TalkTalks Homesafe in such a stupid manner (across the board is where it is stupid, even for non users of the service) where they redirect all the http traffic through an undoubtedly insecure layer 7 handling huawei device with less commercial pressures or analysing bandwidth at layer 7 when they should be doing so more safely and completely at layers 3 and 4 leading me to believe they are not just thinking about bandwidth usage. Why does it matter if you download 1000Gb via torrents or http. ACKs can be managed in any case. I'm glad open source is beginning to make strides into public services as it should help put an end to expensive interoperability issues (if we stay away from non posix things like systemd, though even then shouldn't be too bad ;-)).