APNIC has run out of IPv4 addresses

Well that happened rather more quickly than I’d thought. The Asia-Pacific Regional Internet Registrar (APNIC) is now down to it’s last big block of IPv4 addresses. Its policy, once having reached this point, is to carefully conserve the remaining IP addresses to facilitate service providers’ transition to IPv6. They won’t give out more than about a thousand addresses to each APNIC member – total. Effectively, this means they’ve run out.

In recognition of this interesting fact (if you are a geek), slightlyodd.com and www.slightlyodd.com now have AAAA records. All set for world IPv6 day, I guess 🙂

Edit: Linode has deployed Native IPv6 🙂 – so I’ve updated all my DNS records accordingly. Progress!

My name and date of birth? But you called me!

This morning, a fellow named Brad from NAB called to see how my banking was going. The call was unsolicited and the caller ID blocked. Brad was friendly and polite as he began asking a few questions about my banking habits. You can imagine though, that I wasn’t terribly inclined to answer any of his questions, considering I didn’t know him from a bar of soap.

I asked him if he could provide me with a piece of information from my account, to assure me that the call was legitimate. In order to give any information, he told me, he would need to first obtain some details from me, and began by asking for my name and date of birth. I wasn’t quite sure he was getting the point, but politely let him know that I didn’t really want to do that. We finally arrived at a compromise – I could phone him back on a number found easily on the NAB website. I did, waited on hold and was eventually transferred back to him – a process that took something like ten minutes. Not quite sure why I bothered, really.

There would be a really simple way to solve this. On opening the account (or as part of regular account maintenance), customers could be asked for an “authenticity assurance” word or phrase – a shared secret which could be quoted on an outbound call to provide peace of mind. To me, it seems like this is a total no-brainer security measure and I can’t understand why nobody does it. So I’ve sent them the suggestion, I’m curious to see the response. What am I missing? Why isn’t this done already?