Posts by resingm@infosec.exchange
 (DIR) Post #B16LyX4LWJobNCZA3M by resingm@infosec.exchange
       0 likes, 3 repeats
       
       #Telegeography blogged about the expansion of #Starlink and how it conquers markets where conventional cabling fall short.On the one hand, it's great to see increased connectivity in those areas, on the other hand, I am a bit concerned that a single legal entity has so much power about so many nations and their citizens.#Starlink #Oceania #Micronesia #Pacific #Internet #Connectivity #Satellite
       
 (DIR) Post #B16My1rldEN4YN0SK8 by resingm@infosec.exchange
       0 likes, 2 repeats
       
       @rperezrosario - I can imagine that a poll on #mastodon causes a significant #bias. I didn't expect the bias to be that strong, however.
       
 (DIR) Post #B16oLccP8b5PMuWzVA by resingm@infosec.exchange
       0 likes, 1 repeats
       
       Reaching out to anyone who configured their DNS transport protocol. If you intentionally configured your home router's or your devices DNS service, what did you pick, and why?Please retoot for reach.#DNS #Survey #AskMastodon #AskFedi #AskInfosec #DoT #DoH #DoQ #TLS #QUIC #TCP #UDP #HTTPS
       
 (DIR) Post #B16xVIo2YNF0PAfG4G by resingm@infosec.exchange
       0 likes, 2 repeats
       
       @winfried - One thing does not exclude the other. Who knows what ISPs will  be required to do in the future? DoT prevents any snooping on the DNS requests, whether one uses the ISP-provided resolver, or a 3rd party resolver.I highly doubt that the ISP provided resolver supports DoT. Thus, I implied that someone who does not use 3rd party resolvers, also does not care about their DNS queries being send in plain text, and thus, entitle anyone on-path (e.g. your ISP) to snoop on your queries.
       
 (DIR) Post #B16xc700qjYxoVVmJk by resingm@infosec.exchange
       0 likes, 1 repeats
       
       @niallor - I disabled that option. In such a case, I am mostly interested in the setup of your home router/home network. Not interested if the browser e.g. uses DoH, as Chrome & Firefox started to enforce a while back.
       
 (DIR) Post #B16xtAE46dr2kBDQTA by resingm@infosec.exchange
       0 likes, 1 repeats
       
       @Ichinin - That is not really correct. a), you can still enforce DNS over TCP if you want. b), DNS over TCP is enforced when you hit rate-limits. Also many infosec folks run their own stub resolver in their network (so do I). It is trivial to configure it to use DoT for instance.Additionally, some router software certainly supports other means than just Do53. A modern FritzBox also supports DoT out of the box, but is not enabled by default.
       
 (DIR) Post #B1724t7RvxgQyoy1JY by resingm@infosec.exchange
       0 likes, 0 repeats
       
       @M33 - No downside? Increased latency for instance?
       
 (DIR) Post #B18CNitDNv0LSHtAJc by resingm@infosec.exchange
       0 likes, 2 repeats
       
       @M33 - I understand that. My question was, what your experience is. Did you not experience increased latency for instance?
       
 (DIR) Post #B18CTD3aePKGSvMFgu by resingm@infosec.exchange
       0 likes, 1 repeats
       
       @Ichinin - Yes, and I addressed people who intentionally configured their DNS services. As the first sentence in the post says.
       
 (DIR) Post #B18ifQ9wxUPV6vCPzc by resingm@infosec.exchange
       0 likes, 2 repeats
       
       Wow. I just had a popup on #Claude in which it allowed me to iopt-in on storing historical chats for context. I thought, for my enterprise account that cannot hurt. So, I opted in. That very moment, Claude started a new conversation with "Hi Claude, what were some highlights from our recent conversations?", and showed me context from previous conversations.So what was it now? Did I just opt in, and everything before that should have not been stored? Or did my opt-in did not matter at all, because the conversations are store no matter my decision? Man, I am really tired of these dishonest tricks.#LLM #GenAI #GenerativeAI #privacy
       
 (DIR) Post #B1Gu81Qmgoe4u7KiES by resingm@infosec.exchange
       0 likes, 1 repeats
       
       @M33 - I am similarly surprised that DoH is almost as popular as Do53. I can imagine that many simply took Firefox's and Chrome's advancements on enabling DoH in the browser as a chance to increase their DNS resiliency with very little effort.Not too representative for home networks, though. Nevertheless, we mainly have responses from folks in the more tech-savvy spheres.
       
 (DIR) Post #B1KfNo9GGtt52skjFw by resingm@infosec.exchange
       0 likes, 2 repeats
       
       Third tool announced by #Astral. This time it's a type checker and language server: ty. This is it. I will now integrate uv, ruff and ty in my workflow. These folks produce such high quality #software. It's amazing!#Python #ruff #uv #ty #foss #opensource
       
 (DIR) Post #B1KjSB9d4sM5N8GSg4 by resingm@infosec.exchange
       0 likes, 2 repeats
       
       "Kimwolf was so crazy that it really shot the entire Internet."A #DDoS #botnet that launched 1.7 billion DDoS attacks in just 72 hours:Kimwolf Botnet#Infosec #botnet #android #malware #mirai
       
 (DIR) Post #B1KvSE3HVGVhoD5Gs4 by resingm@infosec.exchange
       0 likes, 1 repeats
       
       @beemdvp - Aren't there alternatives to the default #Python interpreter? I am quite sure there are some. I never deep-dived into this rabbit hole myself, though.
       
 (DIR) Post #B1KveRKTxp48SlxCHQ by resingm@infosec.exchange
       0 likes, 2 repeats
       
       May I present to you a lexicographically sortable #UUID alternative? A simple and intuitive design is presented in ULID. It embeds a timestamp in the first 48 bits, followed by a random suffix of 80 bits.#bigdata #databases
       
 (DIR) Post #B1L6R7bd5COr1UpHou by resingm@infosec.exchange
       0 likes, 1 repeats
       
       @censys published a blog post on #NoName057(16) and their rotation through #DDoSia #C2 servers. I am a bit surprised that Censys did not join the party to track DDoSia until mid 2025, but I am glad they started to do so nonetheless. What I am missing is, what of the 3-layered architecture the authors are tracking.#DDoS #malware #threatintel
       
 (DIR) Post #B1L6UHvx8n7HvHqHi4 by resingm@infosec.exchange
       0 likes, 1 repeats
       
       @censys - Grand, the author is on Mastodon, too. @silas - tagging for visibility :)Great article by the way!
       
 (DIR) Post #B1LE7laLWweerHVXfM by resingm@infosec.exchange
       0 likes, 2 repeats
       
       @jtk - It feels like UUIDv7 comes close, but it still not matches all of it. ULID adds a shorter representation too, but that can come for free from UUIDs to, since it's a representation thing.Further, the GitHub repo has changes from 8 years ago, meaning that the modern standard of UUIDv7 meets similar requirements as ULID, however ULID was 7 years faster with their solution.Both are 128-bit identifiers, maybe the compatibility was intended?
       
 (DIR) Post #B1LhpynhfZqePqONPs by resingm@infosec.exchange
       0 likes, 1 repeats
       
       My colleague @jtk and I worked on a small piece on insights by #Netscout on the DNS root server system. Despite all of the nuisance traffic reaching the root servers, our #DDoS telemetry does not yield terribly much. This is not a bad thing though, and can be explained through the ubiquity of #anycast on the 13 root server instances.#DNS #criticalinfrastructure #internet #resiliency
       
 (DIR) Post #B1y2cH59nGNJxoI5IW by resingm@infosec.exchange
       0 likes, 2 repeats
       
       Since so many of you are discussing message limits on #Mattermost, I was curious what else is the state-of-the-art self-hosted open messaging and collaboration platform. There is something called Mostlymatter.#FOSS #OpenSource #Messaging #SelfHosting