> A lot of the big ad networks right now instead rely heavily on geo-data

How does this work in today's age where ISPs normally will have at least one level of NATing with ipv4. And given ipv6 with prefix delegation is still far away this should continue to be very imprecise?

> ISPs normally will have at least one level of NATing with ipv4.

I don't think that's generally true for home DSL/cable/fiber service. I've only seen it on mobile internet.

Not sure about US, but Indian ISPs are doing this already to conserve IP space given huge userbase. In theory it would work similar to how a NAT gateway works for outbound communication. Skan + geo would be hard nut to crack in India.

Some USA ISPs do CGNAT, some don't. I'm not surprised to hear either way here.

In UK I'm now on FTTP but even on ADSL the house would have an IP address that normally stayed constant until a router reboot. This seems to be pretty common in the UK. Probably on cable internet (and on mobile ofc) you get NAT-ed but I've never had that.

In Australia most ISPs use CGNAT by default and you have to specifically request a dedicated IP if you want to host a Minecraft server or something.

It still works because those CGNAT shared IPs still vaguely correspond to a certain geography. It won't be accurate enough to target a specific home, but still accurate enough to target a specific neighborhood, for instance.

Assuming an ext-IP (60k ports) can easily represent 100 household if we statically assign ports. Given CGNAT with dynamic port allocation this can easily go up to 5x? That's wildly inaccurate given the core problem is to "target" a small set of users which is based on this geo info. Not sure how well this elephant sits in a room full of engineers solving this specific targeting problem.

I’ve never had an unroutable IP in the US

CGNAT does not means unroutable IP, it just means you would only have assigned a small range of ports on a routable IP with others.

If you have CGNAT, the IP on your router's external interface is unroutable.

Just like how when you do NAT for your home network, your devices get assigned non-routable private use only address space.

Unroutable meaning not publicly routable. Of course you can route traffic through your own LAN to your Internet gateway.

Reminds of the old days, when reverse engineering game binaries were a thing. Finding hex strings, no-op'ing if conditions, adding jmp instructions. Many heroes forgotten with time as more and more of software onboarded the cloud offerings. I wonder how much of it is still relevant and in what fields?

I cannot tell if this is a serious comment.

It isn't, but it's not that far from being a serious comment.

The old man has an ancient PC choking on dust under his desk that runs a QWS3270 terminal that updates the mainframe directly. If it's a big bank, the bank owns the mainframe. If it's a small bank, a vendor (probably Fiserv) does.

Source: I've consulted for a lot of banks.

I misread this for some reason and I am now interested to know if DNS can be made to work dynamically this way instead of being just preconfigured static records?

This is excellent, kudos to the author. I wonder if pg exposes enough control to develop a tool along with this information which help analyze locks and their effect on queries on a live server.

But then, how will you separate salt from microplastics?

Heat them up to their very distant melting points.

Cynical but sadly true.

Moderna vaccine also seems to have similar storage requirements with a high price tag. BioNTech otoh has impractical storage requirements for the third world. AstraZenca's price and storage combiation may open possibilities for distributing this globally.

Isnt' SNI based on the 'Host' header?! This is a news for me that SNI is not encrypted in TLS. Its a problem with the protocol not the ISPs then.

To determine which certificate to use the web server needs the client to send it the domain.

To send the domain securely the client needs to know the public key of the certificate the server is using.

This chicken and egg problem has gone unresolved for a long time, and only now are there efforts to fix it (see the work on esni).

Encrypted SNI has been in talks for a long time now. It was meant to be out now but it was shot down at the last minute. And yes, its the last thing that allows a MitM to work out which site you are on if its hosted on a shared hosting platform. Likely this is the reason its hard to get approved.

Not being any sort of competent in any sort of field related to this:

From my understanding, most of what's inside our bodies isn't part of our genetics. For example there's lots and lots of bacteria, microbes, whatever that constitutes the fauna of the digestive system, it's not produced by the body but is essential to its functioning.

Once again, I don't really know what I'm talking about

> Scientists already have a precise knowledge of what the human body is made of

We don’t even know the mechanism of action of many commonly prescribed drugs with certainty. We can’t cure rheumatoid arthritis or many other autoimmune diseases. Humanity is far indeed from from a universal vaccine.

Lots of science fiction has that. Some are even plausible. However our current technology isn't that advanced. Maybe we will get there someday maybe not.

2 problems:

Scientists don't have that precise knowledge of what the human body is made of. There is a whole microbriome of non human organisms that are vital to our health.

2) Even if we did, it would still be a major accomplishment to find something that kills everything else but not us. We are happy when we find a treatment that kills 1 bad thing without killing us.

3) The only mechanism we have for artificial immunity is vaccines. These do not kill anything; they just train our immune system. Given how our immune system works, this limits us to a blacklist approach, of training it to attack specific proteins.