I don’t really care about Apple itself, but rather how they can screw over everyone with shitty practices and people will still defend them.

Headphone jacks are just a very glaring example of that ;)

Thanks for proving my point.

You are literally suggesting how you have fixed (or rather, worked around) the issue… by suggesting another much more expensive solution. Pretty much just like the other comments I mentioned before, except that they were suggesting wireless headphones, or buying dongles, or any of that jazz.

I just want to charge my phone while I’m wearing my headphones, without having to buy any external dongles or gasp external DACs.

Apple set a terrible precedent for other phone manufacturers by removing the headphone jacks, they showed how they can screw over customers and people will still sing praises for them, it’s baffling because it’s a blatant attempt by Apple to promote their own wireless headphones!

Although it’s been better now in the Android world, but there was once when those companies touted “lack of 3.5mm” as a feature.

I feel like there’s already a significant downgrade in content quality since the blackout.

The subs I frequent seem… dead. Posts would regularly get 200+ karma before the blackout, but now even the top ones get only 100+, the rest hover around single digits. Mostly shallow discussions / simple topics that I simply don’t have the urge to engage in.

And those subs that don’t seem “dead”, are being filled by bots (obvious to see because they are very, very enthusiastic about everything lol)…

Ah, I misunderstood your original comment, oops! But yes, IPv6 packets are routed just like IPv4 ones, just without the NAT’ing process i.e. the packet remains untouched the entire trip.

Really? Back on Reddit, every time I said something about Apple, I get at least 5 comments saying how “that isn’t a problem”, “lol you have no idea” and things like that.

Especially the head. phone. jacks. Oh my, the mental gymnastics were unforgettable.

IPv6 has both NAT66 and NPTv6. (Note that NPTv6 was once called NAT66 too, but I am referring to the “stateful, one-to-many” NAT66 here. Yeah, it’s confusing.) NAT66 is more like the traditional stateful NAT that all of us know and understand.

Right. Packets still have to go through your router, assuming that your router has firewall turned on, it goes like this:

1. Your router receives a packet.

2. It checks whether the packet is “expected” (a “related” packet) - by using connection tracking.

   For example, if ComputerA had sent something to ServerX before, and now the packet received by router says “from ServerX to ComputerA”, then the packet is let through - surely, this packet is just a reply to ComputerA’s previous requests.

3. If step 2 fails - we know this is a new incoming packet. Possibly it comes from an attacker, which we don’t want. And so the router checks whether there is a rule that allows such a packet to go through (the assumption is that since you are explicitly allowing it, you know how to secure yourself.)

   If I have setup a firewall rule that says “allow packets if their destination is ComputerB, TCP port 25565”, and the received packet matches this description, the router lets it through.

4. Finally, the packets that the router accepts from the previous steps are forwarded to the relevant LAN hosts.

IP addressing is just a way to give a globally unique number to each device. It’s just a number.

And there wasn’t a real public/private distinction when the Internet was still in its infancy. Printers were indeed given “public” addresses because people needed a number for it.

If you don’t want your printer to be reachable by the public Internet, use a firewall to block outside connections. If you can use NAT, you certainly can use a firewall. Heck, they are almost the same thing if you have been using the Linux kernel (iptables/nftables handle firewalling and masquerading with the same tool!)

Routability is not the same as reachability. With NAT transversal you can reach my “private” hosts all the same, although you can’t route to me because I don’t have a public address.

Port forwarding is exclusively a NAT phenomenon.

In IPv6 every device should in theory have a public address - just like how every computer had a public IPv4 address back in the 1980s ~ 1990s.

However, most sensible routers will have a firewall setup by default that blocks all incoming connections for security reasons. You still need to add firewall rules.

Setup mDNS and you don’t have to remember IP addresses anymore.

ssh [email protected] is thousand times better to memorise.

Living in the APNIC region, we are kinda notorious for being the first region to run out of IPv4 addresses.

The top 3 mobile ISPs in my country here have been doing CGNAT since at least 2014. Cable ISPs are limiting public IPv4 according to plans since at least 2017, i.e. if the download speed of your plan is below 200Mbps , you get CGNATed.

We are severely out of IPv4 addresses.

It’s not necessary to firewall every device. Just like how your router can handle NAT, it should be able to handle stateful firewall too.

Mine blocks all incoming connections by default. I can add (IP, port range) entries to the whitelist if I need to host a service, it’s not really different to NAT port forwarding rules.

Right, everything is on SLAAC. My ISP only delegates /48 ~ /56 to business customers (according to their customer service).

Thankfully, RFC 7217 made SLAAC-only networks sufferable - you don’t to expose your MAC address to the entire world for stable addressing.

My ISP delegated me only one /64.

IPv4 version: Think of your public IP:Port as the office building, your internal IP:Port as the floor number, and reverse proxy as the reception on that floor.

(Your public IP:Port is routed to your internal IP:Port by the NAT on your router. The router knows which public port relates to which internal IP:Port due to the port forwarding rules you setup.)

IPv6 version: Think of your public IP:Port as the office, and the reverse proxy as the reception.

The following will be common to both IP protocols.

The port is usually 80 or 443, because reverse proxy is used for HTTP(S) connections, and by default those connections use the aforementioned ports.

When someone connects to your IP:Port, they ask the reverse proxy “hey, can you bring me to Mr. https://my-awesome-plex.xyz ?” and the reverse proxy will act as a middleman between that someone and the actual server that is serving that domain name.

The reverse proxy, as a middleman, forwards your requests to the server, and the server’s response is forwarded back to you by the reverse proxy too.

And just to make things complete… Why do we use reverse proxies?

1. To hide the identity of the actual server. This is easy to understand - you are only ever talking to the proxy, never the actual server. It’s just that your messages are continually forwarded to the actual server.

2. To save IP addresses. (One public address can serve multiple websites, if the actual servers are given only private IP addresses.)

3. To load balance. The reverse proxy can direct one to another server if the first server is overloaded. This requires a website to be served by more than one server though, and selfhosters like us never really need it.

4. To prevent attacks. If the reverse proxy realises that someone has been making too many connections to https://my-awesome-nas.com, the reverse proxy can reject subsequent connections. This is how Cloudflare works.

5. Caching. If the middleman remembers that the server responded “what is the answer to everything” with “42”, then the next time someone asks the same question again, the middleman will simply reply with the same response. This takes off the workload on the server.

I think the SMS app on iPhone marks messages sent from an iPhone as blue, and the rest are marked as green.

OP is saying that their iPhone-using friends judge people by the colour of messages. Which is idiotic and completely unheard of over here in my country.

It’s so exclusive to the US that I didn’t even understand what OP was saying before reading the comment section for clues.

Blue bubbles, green bubbles? Wtf is that and how is it related to Android/iOS.

For reference, I live in South East Asia and use Android, but I have never heard my friends using iOS complain about some kinda bubble colour.

I still have firewall (that blocks almost all incoming connections) and sshguard setup. I also check the firewall logs daily, blocking IPs that I find to be suspicious.

I could probably do better, but with so few scanners connecting to my home server, I have managed to sleep way better than back when I setup a server on IPv4!

Also, even if my home server gets attacked, at least I know that my other devices aren’t sharing the same IP with them… NAT-less is a godsend.

Being put on CGNAT without IPv6 is terrifying.

Lol, I have heard some ISP horror stories from the Down Under.

I am fortunate enough that my country’s government has been forcing ISPs to implement IPv6 in their backbone infrastructure, so nowadays all I have to really do is to flick a switch on the router (unfortunately many routers still turn off IPv6 by default) to get an IPv6 connection.

I only expose services on IPv6, for now that seems to work pretty well - very few scanners (I encounter only 1 or 2 per week, and they seem to connect to port 80/443 only).