• 0 Posts
  • 58 Comments
Joined 2 years ago
cake
Cake day: June 17th, 2023

help-circle
  • Usually I sympathize with sentiments like this (“people use X because of uncontrolled circumstances”), but browsers are not one of them.

    If you have a website that requires the use of Chrome, then just use Chrome for that website! It’s not an either-or thing – you can install both browsers and use Firefox as the primary one.

    And some people will want to stay on Chrome.

    And that’s what makes this statement so problematic. You don’t earn anything by staying exclusively on Chrome, when both it and Firefox can work alongside each other.








  • I use IPv6 exclusively for my homelab. The pros:

    • No more holepunching kludge with solutions like ZeroTier or Tailscale, just open a port and you are pretty much good to go.

    • The CGNAT gateway of my ISP tends to be overloaded during the holiday seasons, so using IPv6 eliminates an unstability factor for my lab.

    • You have a metric sh*t ton of addressing space. I have assigned my SSH server its own IPv6 address, my web server another, my Plex server yet another, … You get the idea. The nice thing here is that even if someone knows about the address to my SSH server, they can’t discover my other servers through port scanning, as was typical in IPv4 days.

    • Also, because of the sheer size of the addressing space, people simply can’t scan your network.




  • This also explains why VPN is a possible workaround to this issue.

    Your VPN will encapsulate any packets that your phone will send out inside a new packet (its contents encrypted), and this new packet is the one actually being sent out to the internet. What TTL does this new packet have? You guessed it, 64. From the ISP’s perspective, this packet is no different than any other packets sent directly from your phone.

    BUT, not all phones will pass tethered packets to the VPN client – they directly send those out to the internet. Mine does this! In this case, TTL-based tracking will still work. And some phones seem to have other methods to inform the ISP that the data is tethered, in which case the VPN workaround may possibly fail.


  • Not sure if it’s still the case today, but back then cellular ISPs could tell you are tethering by looking at the TTL (time to live) value of your packets.

    Basically, a packet starts with a TTL of 64 usually. After each hop (e.g. from your phone to the ISP’s devices) the TTL is decremented, becoming 63, then 62, and so on. The main purpose of TTL is to prevent packets from lingering in the network forever, by dropping the packet if its TTL reaches zero. Most packets reach their destinations within 20 hops anyway, so a TTL of 64 is plenty enough.

    Back to the topic. What happens when the ISP receives a packet with a TTL value less than expected, like 61 instead of 62? It realizes that your packet must have gone through an additional hop, for example when it hopped from your laptop onto your phone, hence the data must be tethered.