Casually rotating 18,446,744,073,709,551,616 IP addresses to bypass rate limits.
I am not in IT security, but find it fascinating what clever tricks people use to break (into) stuff.
In a better world, we might use this energy for advancing humanity instead of looking how we can hurt each other. (Not saying the author is doing that, just lamenting that ITS is necessary due to hostile actors in this world. )
I would say so, in my opinion the US has an education problem when it comes to fire arms. People are rightfully scared of what they don’t know, but culturally, the people who don’t know that much about them are adamant against learning about them. This coupled with the lack of respect given to them by people who do know how to handle them leads to the position we find ourselves in today.
This doesn’t really work in real life since IPv6 rate limiting is done per /64 block, not per individual IP address. This is because /64 is the smallest subnet allowed by the IPv6 spec, especially if you want to use features like SLAAC and privacy extensions (which most home users would be using)
SLAAC means that devices on the network can assign their own IPv6. It’s like DHCP but is stateless and doesn’t need a server.
Privacy extensions means that the IPv6 address is periodically changed to avoid any individual device from being tracked. All devices on an IPv6 network usually have their own public IP, which fixes some things (NAT and port forwarding aren’t needed any more) but has potential privacy issues if one device has the same IP for a long time.
Those are IPv6 addresses that work a bit differently than IPv4. Most customers only get assigned a single IPv4 address, and even a lot of big data centers only have one or two blocks of 256 addresses. The smallest allocation of IPv6 for a single residential customer is typically a contiguous block of the 18,446,744,073,709,551,616 addresses mentioned.
If Google’s security team is even marginally competent, they will recognize those contiguous blocks and treat them as they would a single IPv4 address. Every address in that block has the same prefix, and it’s actually easier to track on those prefixes than on the entire address.
Casually rotating 18,446,744,073,709,551,616 IP addresses to bypass rate limits.
I am not in IT security, but find it fascinating what clever tricks people use to break (into) stuff.
In a better world, we might use this energy for advancing humanity instead of looking how we can hurt each other. (Not saying the author is doing that, just lamenting that ITS is necessary due to hostile actors in this world. )
If you know how to hurt others, you can learn how to prevent that way of hurting others.
is that how guns work ?
theoretically speaking, if ur a govt, and you get everyone else to stop using guns, and you don’t, then people wont get hurt from guns
I would say so, in my opinion the US has an education problem when it comes to fire arms. People are rightfully scared of what they don’t know, but culturally, the people who don’t know that much about them are adamant against learning about them. This coupled with the lack of respect given to them by people who do know how to handle them leads to the position we find ourselves in today.
This doesn’t really work in real life since IPv6 rate limiting is done per /64 block, not per individual IP address. This is because /64 is the smallest subnet allowed by the IPv6 spec, especially if you want to use features like SLAAC and privacy extensions (which most home users would be using)
SLAAC means that devices on the network can assign their own IPv6. It’s like DHCP but is stateless and doesn’t need a server.
Privacy extensions means that the IPv6 address is periodically changed to avoid any individual device from being tracked. All devices on an IPv6 network usually have their own public IP, which fixes some things (NAT and port forwarding aren’t needed any more) but has potential privacy issues if one device has the same IP for a long time.
Those are IPv6 addresses that work a bit differently than IPv4. Most customers only get assigned a single IPv4 address, and even a lot of big data centers only have one or two blocks of 256 addresses. The smallest allocation of IPv6 for a single residential customer is typically a contiguous block of the 18,446,744,073,709,551,616 addresses mentioned.
If Google’s security team is even marginally competent, they will recognize those contiguous blocks and treat them as they would a single IPv4 address. Every address in that block has the same prefix, and it’s actually easier to track on those prefixes than on the entire address.