today's leftovers

posted by Roy Schestowitz on Oct 26, 2023

• [Repeat] In The Age Of AI-Enabled Attacks, Should Every School Have A CISO?

  … A report (download) from the U.S. Government Accountability Office (GAO) found that school districts lose between $50,000 and $1 million on average from cyberattacks, and recovery takes two to nine months on average. Schools are right up there with the energy, transportation and water sectors as well as hospitals as critical infrastructure but for too long their cybersecurity needs have been neglected and prioritized.

• Wednesday, October 25, 2023

  Yes, UDP is simpler than TCP. Yes, you can get results with just one exchange of packets. But the downside of UDP is that you will be exploited for amplification attacks! I found this out the hard way a few years ago and shut down my UDP QOTD service. Any time you have a UDP-based protocol where a small packet to the server results in a large packet from the server will be exploited with a constant barrage of forged packets. That's one reason for the TCP three-way handshake.

• Refactoring has a price. Not refactoring has a cost. Either way, you pay.

  I recently heard this phrase:

  Good habits have a price. Bad habits have a cost. Either way, you pay.

  That is a great life lesson. But it’s also a great lesson for our team and codebase.

  Refactoring is a good habit.

• On the deck-chairs of HTTP/2

  But now that the bad guys have found it, and weaponized it, what do we do ?

  My advice:

  Unless you have solid numbers to show that H2 is truly improving things for you and your clients, you should just turn it off. Remember to also remove it from the ALPN string in hitch or whatever TLS off-loader you use.

• 15 Best Linux Games You Should Be Playing in 2023

  Video gaming, introduced in the last century with the earliest example being the ‘Cathode Ray Tube Amusement Device‘ developed in 1947 by Thomas T. Goldsmith Jr., has evolved significantly over its lifetime and has become an indispensable part of human life.

  This can be easily inferred by seeing stats of the US Gaming Industry which is profited with 96.68 billion USD in the year 2023. Linux Gaming, which started with the ideology to make Linux a gaming platform started as late as 1994, by Dave D. Taylor who ported the game Doom in his spare time to Linux.

• 24 Best Open Source Text Editors for Linux in 2023

  Text editors can be used for writing code, editing text files such as configuration files, creating user instruction files, and many more.

  In Linux operating systems, text editors are of two kinds that is graphical user interface (GUI) and command-line text editors (console or terminal).