> And, if I had bothered configuring IPv6 firewall rules, those would have had to be reconfigured manually with the new prefix. I understand this is mostly fixed in pfSense recently, but this was the case for many, many years.
Why would you have to reconfigure your firewall rules when you're getting a new IPv6 prefix?
My consumer router uses iptables under the hood, so it accepts a mask in the firewall rule (so e.g. I can do ::0123:4567:89ab:cdef/::ff:ffff:ffff:ffff:ffff as a target, and when my /56 changes, the rules Just Work™)
But I think it further strengthens my case, software support for IPv6 has been quite spotty over the years, which combined with the less-than ideal deployments out there has made things frustrating for many users over the past couple of decades.
Yeah, it's always the same with IPv6 discussions. The main points being:
1. IPv6 addresses are too long to remember
2. IPv6 doesn't need NAT and people are uncomfortable with their devices having a public address as they see NAT as an additional layer of security
If someone is still using the “remembering IP addresses” argument in 2026 (or at any point in the 21st century), I question their technical competence in configuring a network correctly.
It also seems to be a learning curve thing because IPv6 addresses have their own versions of memorable mnemonics. If you are in a LAN space manually configuring LAN addresses, you just need to remember one of the local address (ULA) prefixes like fc00 and then start numbering your devices as ::1 and incrementing (fc::1, fc::2, fc::3, etc). But also in LAN spaces you could just rely on mDNS (devicename.local), it's gotten quite good in most OSes today.
If you need to remember random WAN IPv6 addresses without being able to use DNS or at least a hosts file you've probably got a bunch of other more pressing problems.
There's literally no other way to combat rampant botting, child abuse, and nation-state originating disinformation campaigns and the intentional creation of public discord.
That's a false dichotomy. There are other possible approaches to address these issues that don't include ID verification. It also isn't the golden solution, verified accounts could still be stolen or bought.
You're a fool if you believe this. Nation states will still have utter impunity. That's why they build, buy or bully backdoors to secure design. The Epstein class will still get away with murder. All the little poeple will cower in fear of reprisal for speaking their minds.
That's how it was for me - one exam per course at the end of each semester. To qualify for the exam you had to do take-home assignments. Didn't pass? Try again next semester. Was it easy? Hell no, but I learned a lot.
The vast majority of all of those casualties throughout the years is the poorest rural population not being able to afford wood for heating, so they try to get some from the forests in their areas that nobody lays a claim on. You can explain pretty much every uptick by looking at how well the country's economy is doing.
Another common reason for some of the upticks are natural disasters (most frequently floods or landslides) hitting known minefields, which then makes the position more difficult to assess.
There's also a very particular type of mine that doesn't explode on the spot, but shoots ~1m into the air before exploding and sending shrapnel in a large radius which is by far the most deadly (https://en.wikipedia.org/wiki/PROM-1). The reason I'm mentioning it is that there was one particular incident with 5 casualties at a scrapyard that year. That same mine is also responsible for the only casualty last year, when a 19-yo goat herder tried to get his goats back on the road.
It adds enough of a barrier to be worth it. In the way I have implemented it, you can only have one account per ID (for example passport). Yes, you can buy fake passports, but it's prohibitively expensive. Read my blog post for more info.
This is not a technical issue - it's a societal one. Do we want online ID verification? Are the trade-offs worth it? Do we want to make the internet a place that requires an ID everywhere for age verification or to prove that you're human? What would the implications be?
Regarding your implementation: Most people don't have a passport, so it's a non-starter - but again, this topic is not a technical issue.
I think that it is a technical issue to a certain extent. Governments could make it very easy to prove humanity (and age) in a secure manner that doesn't leak your personal details to the third party that wants to perform the verification.
I don't see that as "requiring ID".
I think the real question is how much do we care that our online spaces are composed of not just AI bots, but also sock puppet accounts controlled by various people (from governments, rich people, all the way to harassers that use alt accounts) wanting to trick us.
You're still arguing from a technical perspective while not addressing the societal issues that online ID verification leads to. Do we as society really want an internet that resembles a gated community where you can only enter with an ID? What about the people we exclude? Should we abandon the free internet just because of bots and sock puppet accounts? What about other ways to address the issue?
I mean, reddit accounts are valued based on the identity they have built. Its not farfetched to imagine uninterested users making and selling a single account each.
I think that not doing partial-identity checks invite bot noise into conversations. We could have id checks that only check exactly what needs to be checked. Are you human? Are you an adult? And then nothing else is known.
Identity checks do not prevent bot noise. They just increase the difficulty for bot operators a bit (steal / buy identities or verified accounts). Added bonus for them: Their bot comments now appear more authentic.
With the upcoming MCS charging standard you won't need battery swaps for trucks or busses. Even today you have trucks that can charge with up to 400 kW, which is good enough for charging during mandatory pauses or downtimes.
Why would you have to reconfigure your firewall rules when you're getting a new IPv6 prefix?
reply