I've got experience with the LIDL cloud aka STACKIT and work for a STACKIT partner. Just drop me a message if you are interested. Two fun solutions implemented (fully automated via Terraform):
Site-to-Site VPN between STACKIT and Azure using a LibreSwan VM and an Azure VPN Gateway
FortiGate HA cluster in STACKIT - not a single ICMP packet got lost during failover
That tracks, that's all Azure is there to do in the end. If it was easy to manage it myself, I'd do it, and I'd still need to pay them for a VM to host it on, along with traffic costs. But bastion isn't cheap, so something to consider for sure.
That's at most 1/10th the cost of the average Samsung phone.
That's cheap. If you think that a safe first-party replacement battery will sell for less than the 79€ that the whole replacement effort takes, then you're fooling yourself.
I strongly suspect that there's also not good language for blocking against third-party batteries (and the phone manufacturers would have good reason to do so because it might result in overheating or worse with really bad third-party batteries).
> And, if I had bothered configuring IPv6 firewall rules, those would have had to be reconfigured manually with the new prefix. I understand this is mostly fixed in pfSense recently, but this was the case for many, many years.
Why would you have to reconfigure your firewall rules when you're getting a new IPv6 prefix?
My consumer router uses iptables under the hood, so it accepts a mask in the firewall rule (so e.g. I can do ::0123:4567:89ab:cdef/::ff:ffff:ffff:ffff:ffff as a target, and when my /56 changes, the rules Just Work™)
But I think it further strengthens my case, software support for IPv6 has been quite spotty over the years, which combined with the less-than ideal deployments out there has made things frustrating for many users over the past couple of decades.
Yeah, it's always the same with IPv6 discussions. The main points being:
1. IPv6 addresses are too long to remember
2. IPv6 doesn't need NAT and people are uncomfortable with their devices having a public address as they see NAT as an additional layer of security
If someone is still using the “remembering IP addresses” argument in 2026 (or at any point in the 21st century), I question their technical competence in configuring a network correctly.
It also seems to be a learning curve thing because IPv6 addresses have their own versions of memorable mnemonics. If you are in a LAN space manually configuring LAN addresses, you just need to remember one of the local address (ULA) prefixes like fc00 and then start numbering your devices as ::1 and incrementing (fc::1, fc::2, fc::3, etc). But also in LAN spaces you could just rely on mDNS (devicename.local), it's gotten quite good in most OSes today.
If you need to remember random WAN IPv6 addresses without being able to use DNS or at least a hosts file you've probably got a bunch of other more pressing problems.
There's literally no other way to combat rampant botting, child abuse, and nation-state originating disinformation campaigns and the intentional creation of public discord.
That's a false dichotomy. There are other possible approaches to address these issues that don't include ID verification. It also isn't the golden solution, verified accounts could still be stolen or bought.
You're a fool if you believe this. Nation states will still have utter impunity. That's why they build, buy or bully backdoors to secure design. The Epstein class will still get away with murder. All the little poeple will cower in fear of reprisal for speaking their minds.
That's how it was for me - one exam per course at the end of each semester. To qualify for the exam you had to do take-home assignments. Didn't pass? Try again next semester. Was it easy? Hell no, but I learned a lot.
Site-to-Site VPN between STACKIT and Azure using a LibreSwan VM and an Azure VPN Gateway
FortiGate HA cluster in STACKIT - not a single ICMP packet got lost during failover
reply