|
|
|
|
|
|
by adrium
1266 days ago
|
|
|
It is irresponsible to use (let alone to hardcode) those addresses in the first place. But in any case, fortunately, software can be patched and it has been done so already in 'tricky' cases: Y2K and X.509 UTCTIME are examples. My company operates big networks and it caught us off guard when 44/8 got used on the public Internet. Internal tooling used the space because it was assumed to be non-routable. Assumptions like this always carry a risk and sooner or later, they need to be fixed. In our case, a workaround could be produced within hours, and it was fixed within weeks. 0/8 support has been added in the Linux kernel as well. Edit: scdown.qq.com resolves to 0.0.0.1 and is possibly related to WeChat. I am not sure, if the address is actually routable in China, though. |
|
|
... which is just another example of the zillions of cases that would have to be dealt with.
Sure, each one is probably quite easy. But the sheer number of them is huge, and many of them will only be uncovered after they fail, setting off a frantic search for the retired guy with the source code.
With Y2K there was a combination of self-interest and hysteria that motivated organizations to tackle it. With this, it's harder to make that case because IPv6 is here already. I'm sure very few of those applications with hardcoded 0.0.0.0/8 are IPv6-ready, but everyone else can move ahead with IPv6 and those old apps will keep working for years to come. Unleashing 172.0.52.7 as someone's residential IP address will result in seemingly random failures that cause headaches for the ISP, application developers, and corporate IT departments. It'll be a very unpopular idea.