Schlafstörungen, nächtliche Recherche und IBM Security

Aufgrund nächtlicher Schlafstörungen recherierte ich ein wenig, denn für ein komplett neues android system image kompilieren, war ich trotzdem viel zu müde.

Dabei fand ich diese netten IBM Security Produkte und noch ein par andere Dinge:

IBM's still alive

IBM Security Trusteer Mobile SDK

Hier gibts so ein trusted mobile device (andoid, iphone, tablet) SDK (Software Development Kit), das Kompromittierungen (root, hacked, jail-breaked, untergeschobene root-CAs um SSL aufzubrechen und evtl. Staatstrojaner und ähnliches erkennt). Jedenfalls sollten Entwickler damit sicherere verteilte Anwendungen für Cloud u.s.w. hochverfügbar implemetieren können:

https://www.ibm.com/products/trusteer-mobile-sdk

Mobile device management (MDM) solutions

Das hier ist auch so eine mobile security Geschichte, die mobile Geräte Sicherheit der Mitarbeiter garantieren will. Also so kein "Nachhause-Telefonieren" durch irgendwelche untergejubelten Drittanbieter Apps, klassische End-2-EndPoint Secuirty, u.s.w.

https://www.ibm.com/security/mobile/mobile-device-management

IBM Security Products (case study fraud detection)

Dann zeigt IBM weiter noch, dass es auch eine standardisierte Fraud detection (wahrscheinlich generisch erweiterbar) kann! Ich schätze diese Fraud Detection Engine geht wahrscheinlich über Insolvenzregister, KSV, Casinosperre, Standardbonitätabfragen und dubiose exotische Prepaid oder sontige WireCreditCards hinaus und lernt kontinuierlich (à la Virenscanner):

https://www.ibm.com/security/products

nomachine.com

Zu guter letzt fand ich noch einen sicheren Terminal-Server (diesmal nicht IBM, den sich auch mal wer ansehen könnte):

https://www.nomachine.com/product&p=NoMachine%20Enterprise%20Terminal%20Server

---

Gehe jetzt wieder ins Bett, gute Nacht / guten Morgen.

No global plan for generic multi-language globalization/localizaion

There is sadley no generic concept for platform and language independent multi language globalization / localization for applications.

Some case studies

Visual Studio WinForms (C#, VB)

Globalization / Localization in Windows Forms is implemented via different resource files (.resx).

ResourceManager and Resource accessors are created semi automatically from Visual Studio.

Resources in .NET

Microsoft and Stockoverflow links about resources and globalization and culture info.

https://docs.microsoft.com/en-us/dotnet/framework/resources/

https://docs.microsoft.com/en-us/dotnet/api/system.globalization.cultureinfo

https://stackoverflow.com/q/32989100/12213151

Android Studio (Java, Kotlin)

Globalization / Localization are realised in Android Studio via different language directories beyond the res folder:

Using the Translation Editor inside Resource Manager to build your translation from Android Studio GUI, see: http://blog.androidrich.com/2016/11/translation-editor-in-android-studio.html

Android supports right to left screen orientation too for arab or farsi languages.

Documentation about globalization / localization in android

https://developer.android.com/guide/topics/resources/localization

https://developer.android.com/training/basics/supporting-devices/languages

https://developer.android.com/guide/topics/resources/providing-resources

https://developer.android.com/guide/topics/resources/multilingual-support

https://stackoverflow.com/questions/59306392/how-to-obtain-strings-xml-files-for-different-languages-from-an-apk-file-androi

Razor MVC and Blazor Web

Webpages, that are build with .NET framework and deployed in IIS on windows or Apache on linux (no matter with mod_mono or something else [1]) use language and country prefix directly after FQDN and before path in url to route to different language subpages, e.g.:
https://docs.microsoft.com/en-us/aspnet/core/blazor/globalization-localization
https://docs.microsoft.com/de-at/aspnet/core/blazor/globalization-localization
https://docs.microsoft.com/fr-fr/aspnet/core/blazor/globalization-localization

Multi-language globalization in reality

In reality in the world wide web and on desktop or other applications, there are many different approaches how multi-language and globalization is implemented. Only few use a auto translation API like google.com/translate.

Prospect / outlook for standardized globalization?

I don't know. Lets use the crowd to answer that question!

Snaps, snapd,, Snap Store, snapcraft.io

Tonight in the early morn, when I tried to write(1) an open os based solution(2) to transform almost any modern personal computer or laptop(3) to a simple generic wifi router(4).

Then I unexpectedly found a  community platform, that was still unknown to me:

snapcraft.io

Snaps are there defined as  app packages for desktop, cloud and IoT that are easy to install, secure, cross‐platform and dependency‐free. Snaps are discoverable and installable from the Snap Store, the app store for Linux with an audience of millions, 

I tried first the search functionality of that platform and let's say clearly: 

The layout design looks excellent, the community is well visited, but some functions could be better. Lets look at these 2 examples: 
Searching common phrase file
Searching 1 char only d  

Search results also could be sorted more meaningful & understandable, e.g. 

1. show all results, where the search phrase  directly corresponds to the package app name /(no matter if sql like (prefix, suffix, substring), sql fulltext match or Levenstein distance.
2. then show all results, where the search phrase is found in the shown package descripton
3. at least show all results, that appear like a magical fog or smoke for the user. I know, that your search function is probably not returning total random or bad fuzzy hit results, but I guess the search algorithm searches in fields, which are not shown in search result view.

Snapcraft web site provides at the moment the snap app package search page, a store, tutorials, documentation, developer blog, forum and IOT special bulletin.

Conclusio: Snapcraft has surly more potential, but additional functionality must be added and especially a more clear vision and road-map needs to be specified, followed and permanently filled with life. (Under my point of view, without any additional improvements, vision and road-map the project and the community won't grow up and then after some time, this will remain as small circle of developer project or even become orphaned.)
So far I see this nevertheless as an good opportunity for developers and community to get seen and to receive good jobs offers.

Simply said: Thou must have very soon an idea, where this should go and what exactly you want with  it. If thou don't want to expand and keep this project as a nice and gentle private hobby, then you can keep everything and don't have to change anything. But if you want to expand, become at least a small player for long time, ...

---

State management in Blazor

There is a sufficient document for state management in Blazor.
Here is a quick & fast work through with all prerequisites, how to get state management in Blazor working.

Example with Blazored.LocalStorage package

Install nuget package for your project

# Find packages providing a "Blazored.LocalStorage" 
Find-Package Blazored.LocalStorage

# install "Blazored.LocalStorage" 
Install-Package Blazored.LocalStorage -Project YourProject# alternatively

Add Blazored.LocalStorage to ConfigureServices at your Startup.cs

using System;
/* ... */
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
/* ... */
using Blazored.LocalStorage;

public class Startup {
  /* ... */  
  public void ConfigureServices(IServiceCollection services)  { 
    /* ... */
    services.AddRazorPages(); 
    services.AddServerSideBlazor();
    /* ... */    
    services.AddBlazoredLocalStorage();
    /* ... */
  }
}

Using LocalStorage inside a razor page / control

@page "/MyPage"
using Blazored.LocalStorage
@inject ILocalStorageService localStorage
@code {
  /* ... */
  Dictionary<string, string> sessionDict;
  /* ... */
  protected override async Task OnAfterRenderAsync(bool firstRender)  { 
    
if (firstRender)    {
      sessionDict = 
        await localStorage.GetItemAsync<Dictionary<string, string>>("SessDict");
      StateHasChanged();
    }    await base.OnAfterRenderAsync(firstRender);
  }
         protected async Task PersistSessionDict(<Dictionary<string, string> persistDict)
  {
    if (persistDict != sessionDict)    {
      await localStorage.SetItemAsync("SessDict", persistDict);
    }
  }
}

Using LocalStorage inside an entity class

using System;
/* ... */
using Blazored.LocalStorage;
 
public class MyEntity
{
  [Inject] 
  public ILocalStorageService LS
  {  
    get => _localStorage;
    set => value;
  }
  private ILocalStorageService _localStorage; 



  interal async Task<Dictionary<string, string>> GetSessionDict() =>  
      await LS.GetItemAsync<Dictionary<string, string>>("SessDict");
  /* ... */
}

Example with ProtectedBrowserStorage package

Install nuget package for your project

# Find packages providing a "ProtectedBrowserStorage" 
Find-Package ProtectedBrowserStorage 

# install "Microsoft.AspNetCore.ProtectedBrowserStorage"
Install-Package Microsoft.AspNetCore.ProtectedBrowserStorage -Project YourProject
# alternatively install "ProtectedBrowserStorage.NETStandard"  
Install-Package ProtectedBrowserStorage.NETStandard -Project YourProject

Add ProtectedBrowserStorage to ConfigureServices at your Startup.cs

using System;
/* ... */
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
/* ... */
using Microsoft.AspNetCore.ProtectedBrowserStorage;


public class Startup
{
  /* ... */
  public void ConfigureServices(IServiceCollection 
services) {  
    /* ... */
    services.AddRazorPages(); 
    services.AddServerSideBlazor();
    /*... */ 
    services.AddProtectedBrowserStorage();
    /* ... */
  }
}

Using ProtectedBrowserStorage inside a razor page / control

@page "/MyPage"

@using Microsoft.AspNetCore.ProtectedBrowserStorage

@inject ProtectedSessionStorage ProtectedSessionStore

@code {
  /* ... */
  Dictionary<string, string> sessionDict;
  /* ... */
  protected override async TaskOnAfterRenderAsync(boolfirstRender)
  { 
    if(firstRender)
    { 
      sessionDict = 
        await ProtectedSessionStore.GetAsync<Dictionary<string, string>>("SessDict");
      StateHasChanged();
    }
    await base.OnAfterRenderAsync(firstRender);
  }
  
  protected async Task PersistSessionDict(Dictionary<string, string> persistDict)
  {
    if (persistDict != sessionDict)    {
      await ProtectedSessionStore.SetAsync("SessDict", persistDict);
    }
  }
}

Sources and links:

State Management in Blazor
https://www.nuget.org/packages/Microsoft.AspNetCore.ProtectedBrowserStorage
https://www.nuget.org/packages/ProtectedBrowserStorage.NETStandard/
https://github.com/MeysamMoghaddam/ProtectedBrowserStorage
https://github.com/Blazored/LocalStorage

Semantic Internet: Trends, Facts, Futures, Verification

[Draft] [Concept] [Prototype]

Semantic Internet (former known as Semantic Web, see also RDF) has the possibility to record different semantic trends occurring at different sources with a certain frequency inside the in principle accessible to the public internet.
Day after day, month after month, semantic contexts are published on the Internet. area23 semantic web filters all semantic statements that occur with a certain frequency from different sources. Furthermore, not all trends and semantically significant events are more relevant for most semantic miners.

With area23 semantic web you can filter by region, topic categories, relevance from different sources and subsequent complexity.

A filter for a region can be set similiar to Google Trends, e.g. for United States or for Germany, etc.

Basic main categories are:

• politics (Brexit, Sinn Féin, Thüringen, ...)
• sports  (soccer, american football events, ...)
• entertainement (music, cinema, tv, ...)
• technology
• business (stock markets, trading, bonds, central bank news, different economic indictors)
• health
• lifestyle (eating, drinking, other events)
• housing (appartments, flat, hotel, camping / caravan sites, vacation rentals, accommodations, e.g.: Airbnb, Wimdu)
• infrastructure (traffic reports, flights & airports occupancy, train connections, ships & ferries connections)
• weather (including unexpected temperatures / weather effects, like ice, heavy rain, storm, dry periods plus enviroment disasters, like hurricanes, floodings, earthquakes, volcanic eruptions)
• and many more

Once you created your filter enviroment, you can start collecting & recording semantic events.

After some time, collected semantic events will appear, e.g.: 'coronavirus'

In that example, 'coronavirus' the most common and reliable semantic logical statements are shown (extracted from different internet sites / ressources), e.g.: number of infections, behavior to stay healty, flights canceled to / from China, stock market risk for China in the next year.

Every statement extracted from the data pool that directly makes a statement or an assumption regarding matters other than the corona virus is now checked with other data sources as to whether the statement actually has a formal fuzzy truth content. So in that (our) example, the flight connections from and to China will be verified immediately as a result. Chinese economic data and the change behavior of futures in Hang Seng, which changed in the period since the outbreak of the coronavirus, will be checked too.

Warning, formally epistemologically an extracted statement is not necessarily true, even if 15 different articles from different countries in different languages in the web claim: "Corona virus has negative effects on the current Chinese fiscal year 2020." and if the outlook for futures in Hang Seng and the economic data have deteriorated in the same period.

---

to be continued...

---

Links about semantic web and similar topics:
https://www.semantic-mediawiki.org/wiki/Semantic_MediaWiki
https://www.opensemanticdata.org/
http://jena.apache.org/
https://www.nngroup.com/articles/user-need-statements/

query tools openID bearer

invoke-webrequest

$url = "https://webapi.area23.at/api/bearertest"
$headers = @{} 
$headers.Add("Accept","application/json")  
$headers.Add("Authorization", "bearer myBearer")

invoke-webrequest -Uri $url -Headers $headers  
invoke-webrequest -Uri $url -Method GET -Headers $headers 

curl

curl -X GET \
    -H "accept: application/json" \
    -H "Authorization: bearer myBearer" \
    "https://webapi.area23.at/api/bearertest"

wget

wget \ 
    --header="Authorization: Bearer myBearer" \ 
    --header="Content-Type: application/json" \ 
    --no-check-certificate \ 
    https://webapi.area23.at/api/bearertest

Postman

AWS CodePipeline for android Github project

A short summary, how to create an amazon code pipeline and build project by using an android java github as source repository. (inspired by j-a.f)

I have choosen my github schnapslet project android subtree for trial.

Login into amazon webservices console

https://console.aws.amazon.com/codesuite/codepipeline/pipelines?region=us-east-1#

Click on "Create pipeline"

Choose pipeline settings

Enter a "Pipeline name" and a service role for your new pipeline here. Click "Next".

Choose source provider

Choose Gitub, authorize with your github credentials or choose a public github project, choose repositoty, choose branch, then click "Next".

Add build stage

Choose AWS CodeBuild and click on "Create project".

Create build project

In section "Project" configuration fill out "Project name" (Description - optional).

In section "Environment", I choosed the simplest way with "Managed image" as environment image, "Ubuntu" as operating system, "Android" as runtime, "aws/codebuild/android-java-8:26.1.1" as runtime version, default new service role.

In subsection "Additional configuration", you can enable a VPC on your virtual Ubuntu build server, e.g. if you want to login with ssh; you can select various performance features here, like "15 GB memory, 8 vCPUs" for your build server, you can set manually environment variables here and so on. We didn't need that here for only a simple proof of concepts.

In section "Buildspec" I choosed "Insert build commands", then switched to source editor and edited the following buildspec.yaml:

version: 0.2
phases:
  #install: #commands: # - command
  #pre_build: #commands: # - command
  build:
    commands
     - sudo chmod 755 $CODEBUILD_SRC_DIR/android/Schnapslet/gradlew
     - $CODEBUILD_SRC_DIR/android/Schnapslet/gradlew init -i
     - $CODEBUILD_SRC_DIR/android/Schnapslet/gradlew build -i
     - $CODEBUILD_SRC_DIR/android/Schnapslet/gradlew build --build-file $CODEBUILD_SRC_DIR/android/Schnapslet/app/build.gradle -i
#post_build: #commands: # - command
#artifacts: #files: # - location
#cache: #paths: # - paths

Finally click "Continue to CodePipeline".

Now click "Next", when you are back again on "Add build stage" site.

Add deploy stage

I skipped that option for that proof of concept.

Review

Rewiew "Pipeline settings", "Add source stage", "Add build stage", "Add deploy stage" here and finally click "Create pipeline".

Release change

Finally "Release change".

You can configure your "Build project" seperatly now here: https://console.aws.amazon.com/codesuite/codebuild/projects?region=us-east-1
e.g. if you want to change your buildspec.yaml or view different build logs.

Html-Sql-Injection Detection

Original post can be read here: http://blog.darkstar.work/2012/05/simple-html-injection-detection-for-ms.html

A very simple prototype of html injection detection in MS SQLServer, please notice, that real detection is much more complex...

If Exists(Select Top 1 object_id From tempdb.sys.tables Where name = '##InjWatch')
Delete From ##InjWatch
Else
Create Table ##InjWatch ( ctext nvarchar(Max), tab varchar(768), col varchar(768)
);
GO 

Declare InjectCursor Cursor FAST_FORWARD READ_ONLY For 
  Select 'Cast([' + c.name + '] as nvarchar(max))' as c_cast,
    c.name as c_name, '' + s.name + '.[' +T.name + ']' as sT_name
  From sys.tables T
  Inner Join sys.columns c
    On  c.object_id = T.object_id
    and c.max_length > 16 and c.system_type_id In (Select system_type_id From sys.types Where name In('varchar', 'nvarchar', 'char', 'nchar', 'text', 'ntext'))
  Inner Join sys.schemas s
    On s.schema_id = T.schema_id

Declare @c_cast varchar(1024), @c_name varchar(768), @sT_name varchar(768)
Open InjectCursor
Fetch Next From InjectCursor Into @c_cast, @c_name, @sT_name

While (@@FETCH_STATUS = 0)
Begin
  Declare @execSQL nvarchar(max)
  Set @execSQL = 'insert into ##InjWatch (ctext, tab, col) '+
    'select ' + @c_cast + ' as ctext, ''' + @sT_name + ''' as tab, ''' + @c_name + ''' as col ' +
    ' from ' + @sT_name + ' with (nolock) ' +
    ' where (' + @c_cast + ' like ''%<%'' and ' + @c_cast + ' like ''%>%'') ' +
    ' or ' + @c_cast + ' like ''%script:%'' or ' + @c_cast + ' like ''%://%''' +
    ' or ' + @c_cast + ' like ''%href%'' or ' + @c_cast + ' like ''%return %''' +
    ' or ' + @c_cast + ' like ''%mailto:%'''
  Execute sp_executesql @execSQL;
  Fetch Next From InjectCursor Into @c_cast, @c_name, @sT_name
End
Close InjectCursor
Deallocate InjectCursor

Select Distinct * From ##InjWatch
GO 

Find the script on Github Heinrich Elsigan

Schnapsen in Java and C# .Net

Austrian card game Schnapsen is ported as either

1. asp.net C# WebApp (tested on Windows IIS and apache2 mod_mono)
2. Android App (.apk)
3. Java Applet / Application

Github repository: https://github.com/heinrichelsigan/schnapslet/
Wiki: https://github.com/heinrichelsigan/schnapslet/wiki/

Documentation of Schnapsen a.k.a. 66 (sixty-six) card game can be found at Wikipedia: https://en.wikipedia.org/wiki/Sixty-six_(card_game)

---

Schnapsen (Schnapslet) as C# .Net WebApp

• area23.at/mono/SchnapsNet/ [ Online ]
• darkstar.work/mono/SchnapsNet/SchnapsenNet.aspx [ Online ]
• Schnaps.Net asp.net [ GitHub ]

https://youtu.be/izqcm7XdHYY

---

Schnapslet android sources:

schnapslet/android/

Use Android Studio to rebuild or modify Schnapslet sources

android APK packages

• Release build
• Latest debug build

---

Schnapsen (Schnapslet) as classic java.awt.Applet

Schnapslet as java.awt.Applet (year 2000)

---

YouTube Video: https://youtu.be/7Fw7-R2quvE

Generate WSDL on the fly, with CodeDom instead WSDL:EXE

Generate WSDL on the fly, with CodeDom instead WSDL:EXE

#C#

var wsdlDescription = ServiceDescription.Read(YourWSDLFile);
var wsdlImporter = new ServiceDescriptionImporter();
wsdlImporter.ProtocolName = "Soap12"; //Might differ
wsdlImporter.AddServiceDescription(wsdlDescription, null, null);
wsdlImporter.Style = ServiceDescriptionImportStyle.Server;
wsdlImporter.CodeGenerationOptions = System.Xml.Serialization.CodeGenerationOptions.GenerateProperties;
var codeNamespace = new CodeNamespace();
var codeUnit = new CodeCompileUnit();
codeUnit.Namespaces.Add(codeNamespace);
var importWarning = wsdlImporter.Import(codeNamespace, codeUnit);
if (importWarning == 0) {
var stringBuilder = new StringBuilder();
var stringWriter = new StringWriter(stringBuilder);
var codeProvider = CodeDomProvider.CreateProvider("Vb");
codeProvider.GenerateCodeFromCompileUnit(codeUnit, stringWriter, new CodeGeneratorOptions());
stringWriter.Close();
File.WriteAllText(WhereYouWantYourClass, stringBuilder.ToString(), Encoding.UTF8);

} else {

Console.WriteLine(importWarning);

}


#VB

Dim SoapClient As MSSOAPLib30.SoapClient30
Dim XMLDoc As MSXML2.DOMDocument40
Dim vCol As Collection
Dim abc As Variant

Set SoapClient = New MSSOAPLib30.SoapClient30

Set XMLDoc = New MSXML2.DOMDocument40
SoapClient.ClientProperty("ServerHTTPRequest") = True

Call
SoapClient.MSSoapInit("http://169.242.82.87:8080/apex/CurveWebService.ws dl",
"CurveWebServiceService", "CurveWebService")

SoapClient.ConnectorProperty("Timeout") = 30000
SoapClient.ConnectorProperty("UseSSL") = 0

abc = SoapClient.getCurve("EMGLN", "YC_EUR_LIBOR", "GDAXML")

XMLDoc.validateOnParse = False
XMLDoc.LoadXml abc


https://weblog.west-wind.com/posts/2009/Feb/12/WSDL-Imports-without-WSDLexe

Chrome Browser execs "cmd.exe" on local machine :(

When Chrome browser execs cmd.exe as child process,
which popens McAfee as child,
so that McAfee's parent is cmd.exe
and McAfee's grandparent is Chrome,
I feel so really very strange!

An internet browser could write cookies to your harddisk,
a web browser could write cached data files to your harddrive,
a browser might read/write registry keys ( if proper implemented only to its registry area ) under Microsoft Windows,
but a browser should never ever start processes [ under Posix/unix a.k.a exec/popen/fork ] such as unsandboxed binary programs, (see WinAPI index)
that will running under users privileges with maximum users rights on local machine!

Swisscom Auto Login

/data/misc/wifi/

wpa_supplicant.conf

ctrl_interface=/data/misc/wifi/sockets
driver_param=use_p2p_group_interface=1
update_config=1
device_name=Hol-U19
manufacturer=HUAWEI
model_name=Hol-U19
model_number=Hol-U19
serial_number=******
device_type=10-0050F204-5
os_version=01020300
config_methods=physical_display virtual_push_button
p2p_no_group_iface=1

network={
 ssid="Swisscom_Auto_Login"
 key_mgmt=WPA-EAP IEEE8021X
 eap=SIM
 sim_slot="0"
 imsi="1232072504805647@wlan.mnc007.mcc232.3gppnetwork.org"
}

network={
 ssid="Free_Swisscom_Auto_Login"
 key_mgmt=WPA-EAP IEEE8021X
 eap=SIM
}

network={
 ssid="Swisscom_Auto_Login"
 key_mgmt=WPA-EAP IEEE8021X
 eap=SIM
 sim_slot="0"
 imsi="1232072504805647@wlan.mnc007.mcc232.3gppnetwork.org"
 priority=1
}

network={
 ssid="Free_Swisscom_Auto_Login"
 key_mgmt=WPA-EAP IEEE8021X
 eap=SIM
}

hostapd.conf

interface=ap0
driver=nl80211
ctrl_interface=/data/misc/wifi/hostapd
ssid=Hol-U19_8639
channel=6
ieee80211n=1
hw_mode=g
ignore_broadcast_ssid=0
max_num_sta=5
eap_server=1
wps_state=2
config_methods=display physical_display push_button
device_name=AndroidAP
manufacturer=MediaTek Inc.
model_name=MTK Wireless Model
model_number=66xx
serial_number=1.0
device_type=10-0050F204-5
wpa=2
rsn_pairwise=CCMP
wpa_psk=f8e8dc3c535319f60c1166220c1b843e82aa5f6a4ad0854d65c92a7befd0017e

p2p_supplicant.conf

ctrl_interface=/data/misc/wifi/sockets
driver_param=use_p2p_group_interface=1
update_config=1
device_name=1466568
manufacturer=MediaTek Inc.
model_name=MTK Wireless Model
model_number=1.0
serial_number=******
device_type=10-0050F204-5
os_version=01020300
config_methods=virtual_push_button physical_display keypad
p2p_ssid_postfix=-1466568
persistent_reconnect=1
p2p_no_group_iface=1

avoid arpspoofing and seperate clients not together same unsure pool

We know it all very well:

There is this cheap standard router, where all clients no matter, how they were connected, swim like little gold fishes in one and the same 256 subnet pool. All those connecting clients are often not really seperated from all other clients, the best way for hackers & arpspoofers to do evil monkey biz

This is a new concept, where each connecting client gets a seperate subnet with only 1 free IPaddr