Giver of skulls

Verified icon

  • 0 Posts
  • 8 Comments
Joined 102 years ago
cake
Cake day: June 6th, 1923

help-circle




  • A factor in favour of jet fuel is that as the plane burns fuel if becomes lighter, thus consuming less fuel. Batteries stay the same weight. The difference between a full plane and an empty plane can be 18 metric tonnes. Super cheap operators tend to carry only a small extra margin of fuel over the amount technically necessary to make a trip, because it makes a real difference.

    That means the energy density you need in this comparison isn’t really linear. If you’re doing Taylor Swift flights to the couch and back, you can save a lot of weight by having a minimal amount of fuel in the tank, but with an electric plane you’ll always have to have the full battery in case you need to go somewhere further away.


  • In the instance of UDP handshakes yes, you need local software to initiate the connection on one of your devices somewhere (I highly doubt that your home router verifies the origin of those packets, so a hacked printer or IoT crap can open ports to your desktop no problem). Other problems are harder to solve.

    NAT is great at what it does, but it does not guarantee security. It blocks straightforward attacks, but brings in tons of edge cases and complexity that sophisticated attacks can abuse. At the same time, the same security can be achieved using IPv6 and a firewall without all the complexity.

    It’s a neat workaround that means you don’t need to mess with subnetting and routing tables when you do stuff like run virtual machines and when your ISP doesn’t offer IPv6. It was designed so larger businesses with 10 machines could access the internet without spending a lot of money on a /30, not to replace firewalls, and it still works well for what it’s designed to do.


  • Not really, though. It was never designed as a security boundary. You can “open” a UDP port by sending UDP packets to another host, and then that host can send UDP packets to you, for instance. Usually the IP addresses of the two hosts are exchanged through a third party, and that’s how STUN/TURN works in essence. Without this, you’d need to port forward every UDP connection manually, both incoming and outgoing.

    NAT only protects you when you have hosts that only communicate along preset routes, but then a normal firewall will also work fine. It’s not like having a public IP means any traffic will actually go through, every modern consumer router has a standard deny all firewall. At best, it sort of hides what devices are sending the traffic.

    Meanwhile, NAT has flaws breaking traffic (causing NAT slipstreaming risks, like I linked elsewhere). It also has companies like Nintendo instruct you to forward every single port to their device if you have connectivity issues. If that forward is not towards a MAC address, and your PC gets the IP your Nintendo Switch used to have, you’ve just disabled your firewall to play Animal Crossing.

    If you want to, you can do NAT on IPv6. Every operating system supports it, even if it’s a stupid idea.