Weekly Digest – Week 32, 2021
Articles and News
Weaponizing Middleboxes for TCP Reflected Amplification
This post explains how attackers can abuse middleboxes and censorship infrastructure for DoS amplification attacks over TCP.
https://geneva.cs.umd.edu/posts/usenix21-weaponizing-censors/
#security #tcp
HTTP/3 From A To Z: Core Concepts (Part 1)
https://www.smashingmagazine.com/2021/08/http3-core-concepts-part1/
#http/3 #protocol #http
This Is Why Valve Is Switching From Debian to Arch for Steam Deck’s Linux OS
This post explains the rationale behind the decision to switch from Debian to Arch Linux for SteamOS 3.0.
https://www.pcgamer.com/this-is-why-valve-is-switching-from-debian-to-arch-for-steam-decks-linux-os/
#valve #linux #arch #debian #valve-steam-deck #valve-steam-os
Build Your Own NeXT With a Virtual Machine
https://learn.adafruit.com/build-your-own-next-with-a-virtual-machine
#next #computer-history #virtualization
Open-Sourcing a More Precise Time Appliance
This blog post introduces Facebook’s Open Compute Time Appliance, based on the PCIe Time Card.
https://engineering.fb.com/2021/08/11/open-source/time-appliance/
#gnss #ntp #time #facebook #open-source-hardware
Glowworm Attack
Glowworm Attack: recovering sound by analyzing optical emanations from a device’s power indicator LED.
https://www.nassiben.com/glowworm-attack
#led #security
Video: SSH Tunnels
In this video, the speaker gives a practical introduction to SSH tunnels with lots of examples and configuration tips.
https://www.youtube.com/watch?v=uP-9oOCGLHU
#ssh #openssh
EC2 Boot-Time Benchmarking
Colin Percival compares boot times of different operating systems on EC2 with his tool ec2-boot-bench.
https://www.daemonology.net/blog/2021-08-12-EC2-boot-time-benchmarking.html
#amazon-aws #amazon-ec2 #systems-performance
eBPF Foundation
Facebook, Google, Isovalent, Microsoft, and Netflix launch eBPF Foundation as Part of the Linux Foundation.
#eBPF #linux-foundation #ebpf-foundation
Migrating PostgreSQL to Kubernetes
Blog post on migrating on-prem Postgres to a GKE cluster with Percona Operator.
https://www.percona.com/blog/migrating-postgresql-to-kubernetes
#percona #postgresql #google #kubernetes #google-gke
Root Cause of Failure, Root Cause of Success
Blog post on why there is no such thing as a “root cause” in the context of complex systems failure.
https://surfingcomplexity.blog/2021/08/13/root-cause-of-failure-root-cause-of-success/
#complex-systems #root-cause #rce
Projects and Releases
Debian 11
Debian 11 is out, some of the changes: systemd now defaults to using cgroupv2, the systemd journal is now persisted by default. Debian 11 includes over 11294 new packages, and the maintainers updated most of the existing ones. Version numbers of some well-known packages
- PostgreSQL 13
- Samba 4.13
- Vim 8.2
- OpenSSH 8.4p1
- Nginx 1.18
- KDE Plasma 5.20
https://www.debian.org/releases/bullseye/releasenotes
#debian #type:release
Debian Pure Blends
Debian Pure Blends are a solution for groups of people with specific needs.
https://www.debian.org/blends/
#debian
Sustainable Web Design
https://sustainablewebdesign.org/
#sustainability #web-development #web-design
observatory-cli
observatory-cli is the command-line version of Mozilla’s Observatory, »a project designed to help developers, system administrators, and security professionals configure their sites safely and securely.«
https://github.com/mozilla/observatory-cli
#mozilla #mozilla-observatory #ssl #tls
OSADL
OSADL (Open Source Automation Development Lab): Open Source Software for Automation and Other Industries.
#open-source
clip
»clip (the command line illustration processor) is an open-source command line program and software library for creating charts and other data-driven illustrations.«
https://github.com/asmuth/clip
#data-visualization
:wq