nco is an exec office name, specifically the Office of Science and Technology Policy.

RE: https://mastodon.social/@botgov/116573597974685846

nco is an exec office name, specifically the Office of Science and Technology Policy. Unsure what nco stands for, no content on a web page as of now.

Every so often ideas come along that are sufficiently deserving of ridicule and derision, this is one of those times:

Donate to Help Build IPv8 — The Next Generation of the Internet, organized by Jamie Thain

IPv8 is an open-source initiative focused on reimagining the future … Jamie Thain needs your support for Help Build IPv8 — The Next Generation of the Internet

gofundme.com (www.gofundme.com)

Instructure paid

@dbelson Sorry to hear this. If it is any consolation, I was a very big fan of all the blog posts I saw with your name on it and of course any and all the underlying radar data and tools you had a part in.

Weekend Reads

* Rolling the DNS root key
https://www.potaroo.net/ispcol/2026-05/kskroll.html
* Measuring Internet censorship
https://ooni.org/post/2026-measuring-internet-censorship-trends-challenges-impact/
* How an HTTP header caused time.gov skew
https://alexsci.com/blog/how-time-gov-works/
* Password manager infrastructure in-the-wild
https://censys.com/blog/password-manager-infrastructure/
* Investigating NRS outreach to AFRINIC members
https://circleid.com/posts/registry-under-siege-investigating-nrs-outreach-to-afrinic-members

#DNS #DNSSEC #Censorship #NTP #PasswordManagers #AFRINIC

@briankrebs Reports in the last hour that logins were working again.

You were too slow. Registered 2026-05-02:

kamikazedolphins.com

@ricmac This reminds me of "generic logos". Once you know them, you see them regularly used by lots of (mostly small) orgs. Probably someone paid a "designer" for that generic , custom logo. Few examples here:

Generic, overused logos and how to avoid them | The Halo Media Group

Avoid generic and overused logo designs. They cheapen your brand and ultimately will damage your brand equity. Read more … 

The Halo Media Group (www.halo-media.com)

@nygren Wouldn't an nxdomain do that? But I'm not sure I would want to make any change like that. Surprised to see them pointing to a loopback, that is very unusual and seems like the wrong approach to me.

@fbarton It is amazing to me now how bad DOS really was in hindsight. We knew it then, but it seems so much worse to me now. Had to use 4dos just to get basic stuff like cli history and file name completion, ha!

@fbarton Favorite DOS editor? Mine was SLED.COM - I don't know why everything was caps, such B1FFs

If you can conjure fond memories of Commander Keen, .arj files, nc (one of my favorite utils), shareware like SCAN108.ZIP (yea, probably in caps)... you probably spent a fair bit of time at the C:\> prompt when you weren't dialed into your favorite BBS. And like me, you're getting old

#ThrowbackThursday

RE: https://mastodon.social/@botgov/116466014134838527

I had to check. And relieved to learn mma.gov is only the Marine Minerals Administration (dept of interior) which you may not like much but at least it's not that other thing.

RE: https://hachyderm.io/@kernellogger/116464202767045311

Old networking people will undoubtedly have some nostalgia for 3c509. It is hard to overstate how popular and prevalent these NICs were.

@Azvede There are two things you might "turn on". One is validating the answers, if signed, to queries you or your systems make.

Two is signing your names so that others may validate. I assume you mean this.

The first is pretty easy, maybe already being done by default, and comes with few drawbacks.

The second may also be done by default, or easy to do depending on who or what serves (is authoritative for) your names. This is usually easier and simpler if a DNS service provider (registrar that you manage your names through) does it for you.

"Cracked"? Probably not in the easy to uncover the private key sense I'm guessing. Maybe what you're referring is known as "zone enumeration", or the ability to discover all the records in your zone by brute force? Most don't care about this or would suggest the DNS was never designed to protect against that.

Why or why not turn it on? There are many vocal advocates for either position. The pro side tends to say things like, this is the mechanism we got, it works well enough it's worth it. The con usually complains about it adding more brittleness for little gain. Long debates ensue from here.

My advice, if you don't have to manage the servers and key rollovers yourself, and the provider has a good reputation, enable it. Otherwise, get really good at operating your existing DNS yourself first, then you'll know whether you want it or not.

@marzlberger I'd suggest it is deserves only ridicule, derision, or to be ignored. This explains why more thoroughly: https://github.com/becarpenter/misc/blob/main/why6why.md

noc.social appears to be having some "issues" right now (login/access), admin contacted in and out-of-band. Hopefully a minor issue easily remedied.

@SIDNlabs Looks like it is OK now, the site just wasn't reachable for awhile from my vantage points for ~24 hours. *shrug*

@SystemsAppr I'm probably more aligned with Bruce by the sound of it.

I used to explain to students that even their Windows laptops do IP routing, and they have routing tables! But cautioned, I wouldn't call them routers, even though they might have a really elaborate set of routes from their VPN.

All hosts make forwarding decisions by examining the destination address and at least decide to deliver 1) locally, 2) to a directly attached host, or 3) a gateway.

But deprecating the TTL/hop-limit is a basic requirement, as is updating the checksum in v4.

I call a router connecting autonomous systems a "border" router. Even if it is pointing default and not doing BGP.

I think @jeroen is essentially right, the original usage of terms is still fundamentally precise and correct. The evolution of terms in the "market" has just confused things considerably. I often need more context to understand what people are talking about because a router to them is often not what I think of as a router.

@SIDNlabs This service appears to be unavailable, known issue?