Are you being tracked when you visit your government's websites?
Probably!
We (@sachindhke@mastodon.social, Faisal Mahmud, Sandra Siby, and I) have a new paper appearing at PETS (the Privacy Enhancing Technologies Symposium) next July that looks at government websites from 61 countries over the last 29 years.
Today, about 50% of government websites in the countries we looked at contain web trackers, most of those third-party (ie. run by organizations other than the website itself). This number has been growing over the last few decades.
While cleaning a storage room, our staff found this tape containing #UNIX v4 from Bell Labs, circa 1973
Apparently no other complete copies are known to exist: https://gunkies.org/wiki/UNIX_Fourth_Edition
We have arranged to deliver it to the Computer History Museum
#retrocomputing
Hey! Let's talk about #SSH and #security!
If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A lot of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing.
The graph attached to this post shows the number of attempted SSH logins per day to one of @cloudlab@discuss.systems s clusters over a four-year period. It peaks at about 3.4 million login attempts per day.
This is part of a study we did on our production system, using logs of more than 640 million login attempts, covering more than 1,500 hosts on our side and observing more than 840 thousand incoming IP addresses.
A paper presenting our analysis and a new, highly effective means to block SSH brute force attacks ("Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them") will be presented next week at #NSDI24 by @sachindhke@mastodon.social . The full paper is at https://www.flux.utah.edu/paper/singh-nsdi24
Let's dive in. ๐งต
Okay, so let me tell you about my doorbell, from a #networking perspective.
When you push the button by the door, it sends a message over the #zigbee wireless mesh network in my house. It probably goes through a few hops, getting relayed along the way by the various Zigbee light switches and "smart outlets" I have.
Once it makes it to my utility closet, it's received by a Zigbee-to-USB dongle, through a USB hub (a simple tree network) plugged into an SFF PC. From there, it gets fed into zigbee2mqtt, which, as the name implies, publishes it to my local #mqtt broker.
The mqtt broker is in the small #kubernetes cluster of #raspberrypi nodes I run in my utility closet. To get in (via a couple of #ethernet switch hops), it goes through #metallb, which is basically a proxy-ARP type service that advertises the IP address for the mqtt endpoint to the rest of my network, then passes the traffic to the appropriate container via a #linux veth device.
I have #HomeAssistant, running in the same Kubernetes cluster, subscribed to these events. Within Kubernetes, the message goes through the CNI plugin that I use, #flannel. If the message has to pass between hosts, Flannel encapsulates it in VXLAN, so that it can be directed to the correct veth on the destination host.
Because I like #NodeRed for automation tasks more than HomeAssistant, your press of the doorbell takes another hop within the Kubernetes cluster (via a REST call) so that NodeRed can decide whether it's within the time of day I want the doorbell to ring, etc. If we're all good, NodeRed publishes an mqtt message (more VXLANs, veths, etc.)
(Oh and it also sends a notification to my phone, which means another trip through the HomeAssistant container, and leaving my home network involves another soup of acronyms including VLANs, PoE, QoS, PPPoE, NAT or IPv6, DoH, and GPON. And maybe it goes over 5G depending on where my phone is.)
Of course something's got to actually make the "ding dong" sound, and that's another Raspberry Pi that sits on top of my grandmother clock. So to get there the message hops through a couple Ethernet switches and my home WiFi, where it gets received by a little custom daemon I wrote that plays the sound via an attached #HiFiBerry board. Oh but wait! We're not quite done with networking, because the sound gets played through PulseAudio, which is done through a UNIX domain socket.
SO ANYWAY, that's why my doorbell rarely works and why you've been standing outside in the snow for five minutes.
New type of data up on https://arewedecentralizedyet.online/ - what does the software ecosystem in the Fediverse look like? This is an area where the Fediverse is more centralized, with Mastodon quite dominant, but there are of course many other suites in use as well!
Launching their new social network, W, a group in the EU posted a map of where other social networks are hosted. It showed nothing in Europe.
But their map is wrong.
Here's what Mastodon actually looks like, and what the Fediverse as a whole actually looks like.
https://arewedecentralizedyet.online/map/?source=fedi
"average person counts โตโ sets a year" factoid actualy just statistical error. average person counts 0 sets per year. Georg Cantor, who lives in cave & counts over โตโ each day, is an outlier adn should not have been counted
Are you being tracked when you visit your government's websites?
Probably!
We (@sachindhke@mastodon.social, Faisal Mahmud, Sandra Siby, and I) have a new paper appearing at PETS (the Privacy Enhancing Technologies Symposium) next July that looks at government websites from 61 countries over the last 29 years.
Today, about 50% of government websites in the countries we looked at contain web trackers, most of those third-party (ie. run by organizations other than the website itself). This number has been growing over the last few decades.
While cleaning a storage room, our staff found this tape containing #UNIX v4 from Bell Labs, circa 1973
Apparently no other complete copies are known to exist: https://gunkies.org/wiki/UNIX_Fourth_Edition
We have arranged to deliver it to the Computer History Museum
#retrocomputing
It's been a while since we've put Kiki in her harness and she's forgotten how it works
Walk update: a few steps at a time, we have made it to the sidewalk
It's been a while since we've put Kiki in her harness and she's forgotten how it works
Don't mind me I'm just ur new cup
My watering hole
It had a much better soundtrack that time though
#Monsterdon
Well, we started with a man screaming instead of a woman, so this is Woke Godzilla
#Monsterdon
Rob Ricci