HackerTrans
TopNewTrendsCommentsPastAskShowJobs

menscher

no profile record

comments

menscher
·2년 전·discuss
Infinite loops between servers can lead to performance degradation or network overload. We describe two cross-service UDP loop incidents affecting Google's QUIC implementation several years ago, and share some general conclusions about how to avoid them.
menscher
·3년 전·discuss
We typically fight our own fires, but if one of us sees something interesting/new we often ask others (after the fire is out) if anyone else saw a similar attack (which could be a new botnet, a new attack method, or whatever). In this case we realized we were all looking at the same thing (which could have huge impact on smaller targets), so collaborated on understanding the problem and coordinated the security response with all webserver vendors.
menscher
·3년 전·discuss
Get a few companies to agree that open proxies are a scourge that needs to be stopped. They each apply some action to open proxies (user-facing messaging, loss of functionality, captcha, or complete block), and the users of those proxies will get the problem fixed.

The hard part (and it truly is hard!) is convincing a few companies to do this. It risks user complaints in the short term, to solve a problem that may not be very acute for the largest companies (who can simply absorb these attacks).
menscher
·3년 전·discuss
Most likely Google has more than one computer.
menscher
·3년 전·discuss
It's mostly not infected computers, but rather poorly configured proxies that are open for anyone to bounce malicious traffic through. Convincing everyone to clean up their open proxies is a long-term, hard problem. But I plan to tackle it soon....
menscher
·3년 전·discuss
We don't need to share a block-list, but yes, blocking all traffic from open proxies (which nearly all the large attacks of the 2020s have used) is definitely part of the long-term plan. Any legitimate users of those proxies will experience some short-term pain, but they'll patch and life will go on.