Miscellaneous Tech News

DustinB3403

@scottalanmiller said in Miscellaneous Tech News:

https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

Bunch of dumbass people who are setting up servers without any security in place.

scottalanmiller

@DustinB3403 said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

Bunch of dumbass people who are setting up servers without any security in place.

It's more than that. It's not a lack of security. It's actively publishing the database publicly!

Obsolesce

@scottalanmiller said in Miscellaneous Tech News:

@DustinB3403 said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

Bunch of dumbass people who are setting up servers without any security in place.

It's more than that. It's not a lack of security. It's actively publishing the database publicly!

Exactly, if the DB is running on a server, that server should not be publicly accessible.

jmoore

@scottalanmiller said in Miscellaneous Tech News:

@DustinB3403 said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

Bunch of dumbass people who are setting up servers without any security in place.

It's more than that. It's not a lack of security. It's actively publishing the database publicly!

So they had a database seen by everyone? I don't understand. Hardening servers should be your first plan before it even goes active.

scottalanmiller

@jmoore said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

@DustinB3403 said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

Bunch of dumbass people who are setting up servers without any security in place.

It's more than that. It's not a lack of security. It's actively publishing the database publicly!

So they had a database seen by everyone? I don't understand. Hardening servers should be your first plan before it even goes active.

Shouldn't need to HARDEN something like that. For some reason, people actually disable their firewalls AND install a database AND set the database to listen publicly, be default!

scottalanmiller

@Obsolesce said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

@DustinB3403 said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

Bunch of dumbass people who are setting up servers without any security in place.

It's more than that. It's not a lack of security. It's actively publishing the database publicly!

Exactly, if the DB is running on a server, that server should not be publicly accessible.

Or have no firewall. Or use "bind 0.0.0.0" as the default.

scottalanmiller

@jmoore said in Miscellaneous Tech News:

So they had a database seen by everyone?

Yes. MongoDB presents as a web server. So by default, it's just a web server serving up all your data.

mlnews

Reckful: Twitch and gamers pay tribute after star's death

Tributes have been paid to video games streamer Byron Bernstein, known as Reckful, who died on Thursday.
Mr Bernstein was a well-known and loved e-sports player and had 960,000 followers on streaming site Twitch. His brother Gary Bernstein confirmed that Reckful had taken his own life, aged 31. Twitch said Reckful was a "streaming pioneer" and that it was "devastated" to hear of his death. Mr Bernstein had built his following in part by playing World Of Warcraft. When his death was reported on Thursday evening, fans held virtual memorials inside the game.

jmoore

@scottalanmiller said in Miscellaneous Tech News:

@jmoore said in Miscellaneous Tech News:

So they had a database seen by everyone?

Yes. MongoDB presents as a web server. So by default, it's just a web server serving up all your data.

Got to wonder what people are thinking sometimes.

nadnerB

@jmoore said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

@jmoore said in Miscellaneous Tech News:

So they had a database seen by everyone?

Yes. MongoDB presents as a web server. So by default, it's just a web server serving up all your data.

Got to wonder what people are thinking sometimes.

That’s just it. They’re probably not!

DustinB3403

@nadnerB said in Miscellaneous Tech News:

@jmoore said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

@jmoore said in Miscellaneous Tech News:

So they had a database seen by everyone?

Yes. MongoDB presents as a web server. So by default, it's just a web server serving up all your data.

Got to wonder what people are thinking sometimes.

That’s just it. They’re probably not!

Oh sure they're thinking, "How can I set this up and make it appear I did my job properly?"

travisdh1

You all remember what Scott always says about storage spaces? Don't upgrade to 2004 if you care about data inside a storage space.

https://hothardware.com/news/windows-10-storage-spaces-file-corruption-has-been-resolved

Dashrender

@scottalanmiller said in Miscellaneous Tech News:

@jmoore said in Miscellaneous Tech News:

So they had a database seen by everyone?

Yes. MongoDB presents as a web server. So by default, it's just a web server serving up all your data.

There it is!

scottalanmiller

@travisdh1 said in Miscellaneous Tech News:

You all remember what Scott always says about storage spaces? Don't upgrade to 2004 if you care about data inside a storage space.

https://hothardware.com/news/windows-10-storage-spaces-file-corruption-has-been-resolved

They already didn't care if they are running Storage Spaces This is just Microsoft sending a reminder for those that might have thought that the advice had changed. Spoiler: it hasn't.

scottalanmiller

@jmoore said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

@jmoore said in Miscellaneous Tech News:

So they had a database seen by everyone?

Yes. MongoDB presents as a web server. So by default, it's just a web server serving up all your data.

Got to wonder what people are thinking sometimes.

This is the future of how databases will work. It's incredibly powerful and simple. And doesn't create any new risks. Why people expose their databases publicly, though.

mlnews

Huawei: UK government weighs up ban of Chinese firm's telecoms kit

The government has received a report into Huawei that is likely to change its policy over the Chinese firm's role in the UK's telecoms networks.
Digital Secretary Oliver Dowden said GCHQ's National Cyber Security Centre had delivered its findings. NCSC is believed to have said it can no longer assure the security of Huawei's products because of new US sanctions. "We're now examining it and understanding the implications of it," Mr Dowden told BBC Radio 4's Today. The Department for Digital, Culture, Media and Sport has yet to deliver its conclusions to the prime minister, but Boris Johnson said on Monday afternoon that he did not want the country to be "vulnerable to a high-risk state vendor". Huawei has said it remains "open to discussions".

mlnews

TikTok: Chinese app may be banned in US, says Pompeo

Would you recommend downloading TikTok? Secretary of State Mike Pompeo was asked that question on Monday night on Fox News.
"Only if you want your private information in the hands of the Chinese Communist Party," he replied. Asked if he would ban Chinese apps - including TikTok - he said: "I don't want to get out in front of the president, but it's something we're looking at". That is a very worrying statement for TikTok. The huge Chinese social media company has experienced phenomenal growth in the last three years. It's been downloaded more than two billion times. But around the world, and not just in the US, TikTok is facing a backlash. It's finding out the hard way that being international, a tech company, and Chinese isn't a great combination right now.

scottalanmiller

BBC News - New video format 'halves data use of 4K and 8K TVs'
https://www.bbc.co.uk/news/technology-53322755

JaredBusch

@scottalanmiller said in Miscellaneous Tech News:

BBC News - New video format 'halves data use of 4K and 8K TVs'
https://www.bbc.co.uk/news/technology-53322755

Except a LOT of stuff is still using H.264

Grey

@JaredBusch said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

BBC News - New video format 'halves data use of 4K and 8K TVs'
https://www.bbc.co.uk/news/technology-53322755

Except a LOT of stuff is still using H.264

Neat. 4k movies use a lot of storage and muscle so it'll be good to see this deployed/popular, if it is a good quality.