Akamai releases numbers on IPv6 usage in Q3/13

January 30th, 2014 by admin | Permalink

Akamai recently released the latest numbers on traffic they see coming from IPv6 networks.

Romania and Switzerland are leading the board, which is pretty impressive.


Source: State of the Internet – Akamai

Why you want to support IPv6 now!

November 17th, 2013 by admin | Permalink

I recently change ISP and surprise I now have a native IPv6 network ending up at my router instead of an IPv4 internet address.

My new ISP uses something called DualStack Lite, which means I can still reach IPv4 (old internet), but I get routed (nat) thru one of their IPs. In fact I am sharing an IPv4 with hundreds of other customers. In the usual case this is not an issue as people do not need fixed IPv4 addresses at their home network.

I switched from 50Mbit/s to 100Mbit/s. The second I reach a website that supports IPv6 I see the content extremely fast, connections are brilliant and everything. The second I access IPv4, I get a feeling that everything feels more slowly.
This is happening because of the DualStack-Lite, as lots and lots of other users have to be re-routed thru my ISPs system.

Beside the fact that there are just no IPv4 addresses left, the user experience using IPv6 is way better now.

If you are in the internet industry, get your stuff finally ready for IPv6. It is shocking how many companies are still only supporting IPv4 out of laziness.

In case you are not sure if your website/service support IPv6 yet, check it at IPv6 Test

What’s the state of IPv6?

October 16th, 2013 by admin | Permalink

I am switching to another ISP in a couple of days. My new ISP will give me an IPv6 address instead of an IPv4 one. In the usual case I should get at least a IPv4 and in addition an IPv6, something called Dual-Stack. My new ISP will run something called DS-Lite, which is an IPv6 and routes IPv4 stuff thru NAT’ting.

So what I can’t do is accessing my home network using IPv4 e.g. from my mobile. For most users that’s not really important and to be honest I am happy to get IPv6.
Why? Because it’s f*cking time to start with it. IPv4 networks are rare and limited. Of course there would be a short-time solution, like taking some of the network ranges from some companies, but at the end this is just limited.

Everyone knew that IPv4 is not there to stay since at least a decade and IPv6 is upcoming. So I am happy that my provider decided to switch, because it is the only natural way to go!

So I thought, lets check who provides IPv6 addresses for DNS queries already and I am shocked.

For the record, what I did is:

user# dig aaaa domain.com

Here is a list that I just made (October 2013):

google.com yes
facebook.com yes
youtube.com yes
yahoo.com no
baidu.com no
wikipedia.org yes
linkedin.com no
live.com no
twitter.com no
amazon.com no
blogspot.com yes
yandex.ru no
bing.com no
ebay.com no
tumblr.com no
pinterest.com no
msn.com no
mail.ru no
microsoft.com no
apple.com no
instagram.com no
blogger.com yes
imdb.com no
craigslist.com no
bbc.co.uk no
cnn.com no
imgur.com no
alibaba.com no
espn.go.com no
huffingtonpost.com no
aol.com no
akamai.com yes
limelight.com yes
wordpress.com no
reddit.com no
netflix.com no
vimeo.com no
nytimes.com no
dropbox.com no
booking.com no
weather.com no
yelp.com no
etsy.com no
github.com no
bitbucket.org no
shopping.com no
expedia.com no

8 out of 48 big internet companies and start ups support IPv6. At least three of them are owned by Google. Microsoft or Apple? Not at all!

Shouldn’t be these technology companies the first ones to start with innovation and always be up to date with technology?

How to redirect all traffic thru Tor by default on Mac OS X

October 2nd, 2013 by admin | Permalink

As in my previous post, sometimes it is necessary to have “full” internet access instead of limited access. Even that Tor is initially done to anonymize you, it also does a great job in such occasions.

To redirect all traffic on Mac OS X thru Tor, follow these steps.

Step 1 – Choose “System Preferences” from the Apple  menu.
Step 2 – Choose “Network” from the menu.
Step 3 – Choose “Edit Locations” from the Location menu.
Step 4 – Click the “+” icon to add an additional location.
Step 5 – Type in a new name for your location (I used Tor), then click “Done”.
Step 6 – Select “Airport” from the list on the left side.
Step 7 – Click “Advanced”
Step 8 – Click on “Proxies” in the list.
Step 9 – Activate “SOCKS Proxy” by ticking the checkbox
Step 10 – In the SOCKS Proxy Server box, type localhost and 9050.
Step 11 – Click “OK” and then click “Apply”.

Now you can easily switch the environments in the upper center menu of the system preferences.

SSH and other protocols via Tor on Mac OS X

October 1st, 2013 by admin | Permalink

I travel a lot and sometimes I end up in hotels that claim to have internet, but after a couple of minutes I realize they mean HTTP and HTTPS, maybe Skype.

I am not sure why some hotels are super paranoid about outgoing protocols, but the second you want to upload something (e.g. GIT over SSH) or administrate your server you need a lot more ports than a usual user.

My way of “tricking” the hotel firewall is using Tor for such things.

Step 1 – Install Tor on the Mac
I am using the Command Line tools for Tor and load them using MacPorts (you will need to download and install MacPorts).

Step 2 – Install the tor components
$ sudo port install tor torsocks

Step 3 – Run tor (could take a couple of seconds)
$ tor &

Step 4 – Connect using torify
$ torify ssh user@spamcollect.com

This will not anonymize your traffic, this is just a way around firewalls etc..

Why Apple is not working on a smart watch!

September 17th, 2013 by admin | Permalink

When the rumor came up that Apple is working on a smart watch, a lot of people got pretty excited. More interesting, a lot of big hardware vendors started working on smart watches, which some just got announced. E.g. Sony and Samsung.

The main question still is, how could a smart watch change your life? I doubt there is a big benefit in having your phone hooked to your watch constantly. Especially as your phone is just 30 centimeters away.

But more important, a watch is something very special to most man (sorry ladies, but I think they are the main audience for a smart watch) wearing one. It is the only peace of jewelry a man is wearing in the usual case. And in addition to that, it is usually a pretty expensive, but classical watch like a Rolex, Patek Philippe or Panerai.

Can you imagine business man running around with a display on there hands just to see the latest Tweet or Facebook update from his mates?

Brings me to the conclusion that such a thing would just be a niche product.
If Apple is really hopping on this wagon they are really lost and out of ideas!

3rd party cookies in Firefox…

June 10th, 2013 by admin | Permalink

… seem so small since we know about Prism.

How about UNSUBSCRIBE-June?

June 1st, 2013 by admin | Permalink

How about cleaning up your inbox by unsubscribing to useless newsletters you are getting every day?
I am actually doing this once a year and this year I am calling it UNSUBSCRIBE-June.

It is really interesting how many companies put you on their mailing list and spam you weekly, daily or even more.
I am even getting newsletters in languages I don’t even speak, just because I once used the free wi-fi at an airport or anything like that.

Join me – unsubscribe!

Why disabling 3rd party cookies in Firefox 22 is a big mistake!

April 15th, 2013 by admin | Permalink

Before I start, let me quickly outline two things. I am working in the online advertising industry + this is representing my personal opinion.
I have built several ad serving solutions and tracking engines within the last years and the chance of you having a cookie on your harddisk that comes from one of these solutions is quite likely.

Mozilla recently announced that with the release of Firefox 22 they will, per default, disable 3rd party cookies.
This in the first place looks like a big advantage to users. People fear to be tracked and analyzed across their whole internet behavior. I will come to data privacy a little later in detail.

I believe that data privacy is extremely important, I am just not happy the way Mozilla or to be specific the Firefox developers are handling this.
The idea is simply to avoid 3rd party cookies to be granted as long as the user hasn’t visited the 3rd party and the cookie became a 1st party cookie.

Or in other words, I am an ad network and as long as you haven’t ever clicked on one of my ads, I am not able to know identify the browser, how often you have been exposed to a specific ad and so on. Good? Sounds quite fair.

But the second you are putting this into a different context, the whole thing becomes a little awkward.

What is the default page that a Firefox shows you when you install it? Right that’s a customized Google search page. You just got a 1st party pixel by Google.
What’s the main income stream for Google? Right advertising!

Ever asked yourself how Mozilla is financing their servers, employees etc.? Right donations!


Let me quote Wikipedia on this:

“The Mozilla Foundation is funded by donations and “search royalties”. Since 2005, the vast majority of funds have come from Google Inc. […]
In 2006, the Mozilla Foundation received US$66.8 million in revenues, of which US$61.5 million is attributed to “search royalties” from Google.[9]
The foundation has an ongoing deal with Google to make Google search the default in the Firefox browser search bar and hence send it search referrals; a Firefox themed Google search site has also been made the default home page of Firefox. […] On 20 December 2011 Mozilla announced that the contract was once again renewed for at least three years to November 2014, at three times the amount previously paid, or nearly US$300 million annually.[11][12] Approximately 85% of Mozilla’s revenue for 2006 was derived from this contract.”

Same also counts for Facebook. You are scared by advertising? Facebook knows already a lot about you, but with making the Like Button available across the web, they know your actual browsing behavior. They know what you like and now they also know what you have been exposed to on the web! And as they are everywhere, like Google Analytics, they have the full picture. This is actually not happening for any other advertising network as the market is fragmented across a lot of companies.

Let’s talk a little bit about data privacy. I am working for a pan-european advertising company and we are investing a lot of time and money into data privacy compliance. We are TrustE certified, we have regular audits with lawyers across Europe, we are participating in the Do-Not-Track initiative, we are on the global IAB opt-out page, we don’t store any IP addresses and we have a dedicated page to explain how we handle data privacy. The industry is 100% aware of the situation and we are adopting to all rules and are extremely pro-active in what we are doing.

If you ever thought cookies are the only thing that enables companies to track you, you are absolutely wrong.
Beside standard cookies there is technologies like LSO, LocalStorage, e-tags and lots and lots more. To be more direct on this, every browser plugin brings its own technology. A good collection of these can be found at the Evercookie of Samy Kamkar.

The online industry committed within the last years to not use LSO, also known as Flash cookies, anymore. The most obvious reason is that a plugin cookie like Flash LSO is not being removed when removing cookies. In addition a LSO can be read out across browsers. Means your behavior on Firefox could be read out when you are using Internet Explorer or Safari!
Needless to mention that the Firefox approach is technically not stopping this.
From a data privacy perspective this is a nightmare and that’s exactly why the industry stopped this.

A lot of people are annoyed by commercials and there is a simple trick to stop seeing these ads, but please for one moment think about using an ad blocker.

Internet infrastructure, a team of editors, creators, writers, system administrators and developers are not cheap.
The reason why the majority of the internet is still free is the fact that advertising is paying for this! So instead of having an internet where you need to pay for every article, blog post or video that you are seeing, they show you commercials. So whenever you are talking about net neutrality, keep this in mind!
Or otherwise the internet will look like this in a couple of years.
Btw. same is happening when you are watching TV or buying a magazine. Part of it is paid by advertisement!

Dear Firefox developers, please think again about your approach. The industry has done a lot of things to comply with current law. It would be a shame if this would have been for nothing!
And the bad guys use another technology anyway!

How to check if a SSL certificate is valid using command line

January 18th, 2013 by admin | Permalink

Quite easy:

openssl s_client -connect www.google.com:443

%d bloggers like this: