Miscellaneous Tech News
-
Microsoft Remote Desktop Protocol (RDP) Reflection/Amplification DDoS Attack Mitigation Recommendations - January 2021
... just in case you know of anyone with 3389 exposed. Apologies if someone has already posted this elsewhere
" When enabled on UDP/3389, the Microsoft Windows RDP service may be abused to launch UDP reflection/amplification attacks with an amplification ratio of 85.9:1. The amplified attack traffic consists of non-fragmented UDP packets sourced from UDP/3389 and directed towards the destination IP address(es) and UDP port(s) of the attacker’s choice. In contrast to legitimate RDP session traffic, the amplified attack packets are consistently 1,260 bytes in length, and are padded with long strings of zeroes. Approximately 14,000 abusable Windows RDP servers have been identified, to date. "
from Netscout
-
@warren-stanley only 14,000? Seems low..
-
@DustinB3403 agreed!
-
@DustinB3403 said in Miscellaneous Tech News:
@warren-stanley only 14,000? Seems low..
That's probably 90% of them though lol
-
@Obsolesce haha are you being serious?
-
Don't remember seeing this posted here. Doesn't seem like the licensing changes would affect anyone here.
Changes to Elasticsearch and Kibana licensing - https://www.elastic.co/blog/licensing-change
-
Could Google really leave Australia?
Google has threatened to pull out of the Australian market if a new law governing its relationship with news publishers goes ahead.
The government is introducing a law to address a long-bubbling row over whether tech giants should pay for news that appears in search or is shared on their platforms. The proposed law would mandate that Google has commercial agreements with every news organisation - or enter forced arbitration, something Google says is "unworkable". "If this version of the code were to become law, it would give us no real choice but to stop making Google Search available in Australia," the regional director, Mel Silva, said. Australian Prime Minister Scott Morrison told Google: "We don't respond to threats". -
@mlnews said in Miscellaneous Tech News:
Could Google really leave Australia?
Google has threatened to pull out of the Australian market if a new law governing its relationship with news publishers goes ahead.
The government is introducing a law to address a long-bubbling row over whether tech giants should pay for news that appears in search or is shared on their platforms. The proposed law would mandate that Google has commercial agreements with every news organisation - or enter forced arbitration, something Google says is "unworkable". "If this version of the code were to become law, it would give us no real choice but to stop making Google Search available in Australia," the regional director, Mel Silva, said. Australian Prime Minister Scott Morrison told Google: "We don't respond to threats".Seems realistic. If they are going to make it too expensive to operate there, why not leave?
-
-
@Danp said in Miscellaneous Tech News:
https://www.zdnet.com/article/sonicwall-says-it-was-hacked-using-zero-days-in-its-own-products/
I'm not surprised by this.
-
@mlnews as someone who is subject to the un-qualified whims, continual mis-steps and hamstringing of the Australian Govt on all things IT related, I can only shake my head. I used to use Dogpile back in the day, surely that still works
-
@scottalanmiller said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Could Google really leave Australia?
Google has threatened to pull out of the Australian market if a new law governing its relationship with news publishers goes ahead.
The government is introducing a law to address a long-bubbling row over whether tech giants should pay for news that appears in search or is shared on their platforms. The proposed law would mandate that Google has commercial agreements with every news organisation - or enter forced arbitration, something Google says is "unworkable". "If this version of the code were to become law, it would give us no real choice but to stop making Google Search available in Australia," the regional director, Mel Silva, said. Australian Prime Minister Scott Morrison told Google: "We don't respond to threats".Seems realistic. If they are going to make it too expensive to operate there, why not leave?
Well considering they've been getting it for free, of course it's going to seem unreasonable.
That being said, it's the media moguls vs the Internet... possibly over simplifying it -
@warren-stanley said in Miscellaneous Tech News:
@mlnews as someone who is subject to the un-qualified whims, continual mis-steps and hamstringing of the Australian Govt on all things IT related, I can only shake my head. I used to use Dogpile back in the day, surely that still works
They seem a bit clueless about anything more technical than pen and paper.
IMO it's an ass kissing exercise becuase the governemnt will be targets of smear campaigns by the organisations that stand to benefit from the arrangement... as in it'll hurt their re-election chances. -
@warren-stanley said in Miscellaneous Tech News:
I used to use Dogpile back in the day, surely that still works
I swapped to DuckDuckGo a while ago. So if Google decide to bail on us, my day to day habits are less impacted.
-
@nadnerB said in Miscellaneous Tech News:
@warren-stanley said in Miscellaneous Tech News:
@mlnews as someone who is subject to the un-qualified whims, continual mis-steps and hamstringing of the Australian Govt on all things IT related, I can only shake my head. I used to use Dogpile back in the day, surely that still works
They seem a bit clueless about anything more technical than pen and paper.
IMO it's an ass kissing exercise becuase the governemnt will be targets of smear campaigns by the organisations that stand to benefit from the arrangement... as in it'll hurt their re-election chances.WHOA - slow down there with your "Pen" talk..... that's at least a decade away
-
AWS, as predicted, is forking Elasticsearch
Amazon Web Services, however, isn't the only one who dislikes Elastic's move to relicense Elasticsearch under the non-open-source Server Side Public License.
When Elastic, makers of the open-source search and analytic engine Elasticsearch, went after Amazon Web Services' (AWS) by changing its license from the open-source Apache 2.0-license ALv2) to the non-open-source friendly Server Side Public License (SSPL), I predicted "we'd soon see AWS-sponsored Elasticsearch and Kibana forks." The next day, AWS tweeted it "will launch new forks of both Elasticsearch and Kibana based on the latest Apache 2.0 licensed codebases." Well, that didn't take long!
In a blog post, AWS explained that since Elastic is no longer making its search and analytic engine Elasticsearch and its companion data visualization dashboard Kibana available as open source, AWS is taking action. "In order to ensure open source versions of both packages remain available and well supported, including in our own offerings, we are announcing today that AWS will step up to create and maintain an ALv2-licensed fork of open-source Elasticsearch and Kibana."
-
Fedora's Chromium maintainer suggests switching to Firefox as Google yanks features in favour of Chrome
'They're not closing a security hole, they're just requiring that everyone use Chrome'
Fedora's maintainer for the open-source Chromium browser package is recommending users consider switching to Firefox following Google's decision to remove functionality and make it exclusive to its proprietary Chrome browser.
The comments refer to a low-key statement Google made just before the release of Chrome 88, saying that during an audit it had "discovered that some third-party Chromium-based browsers were able to integrate Google features, such as Chrome sync and Click to Call, that are only intended for Google's use... we are limiting access to our private Chrome APIs starting on March 15, 2021."
-
Twitter pilot to let users flag 'false' content
Twitter is asking its users for help in combating fake news.
It has announced a pilot that allows people to submit notes on tweets that may be false or misleading. The initiative, named 'Birdwatch', is being trialled among a small group in the US initially. The firm acknowledged the new system would have to be "resistant to manipulation attempts". Companies like Twitter are looking at how they can better moderate their platforms. Twitter said on Monday: "We know this might be messy and have problems at times, but we believe this is a model worth trying." Twitter, along with other large social media companies, has struggled to deal with disinformation on its platform. The pilot will allow users to flag tweets they believe to be "misleading or false", provide evidence to the contrary and discuss them with other - on a separate 'Birdwatch' site. Additional notes and flags would then be placed on to content. -
-
Saw a link to this on Ars
https://www.theregister.com/2021/01/26/killing_centos/
A little perspective on the CentOS news from last month.