Links for 2019-06-18

  • TCP SACK PANIC – Kernel vulnerabilities – CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479 – Red Hat Customer Portal

    Three related flaws were found in the Linux kernel’s handling of TCP networking.  The most severe vulnerability could allow a remote attacker to trigger a kernel panic in systems running the affected software and, as a result, impact the system’s availability. The issues have been assigned multiple CVEs: CVE-2019-11477 is considered an Important severity, whereas CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity.  The first two are related to the Selective Acknowledgement (SACK) packets combined with Maximum Segment Size (MSS), the third solely with the Maximum Segment Size (MSS). These issues are corrected either through applying mitigations or kernel patches.  Mitigation details and links to RHSA advsories can be found on the RESOLVE tab of this article.

    (tags: tcp sack ip security vulnerabilities kernel bugs)

  • Climate change: I work in the environmental movement. I don’t care if you recycle. – Vox

    While we’re busy testing each other’s purity, we let the government and industries — the authors of said devastation — off the hook completely. This overemphasis on individual action shames people for their everyday activities, things they can barely avoid doing because of the fossil fuel-dependent system they were born into. In fact, fossil fuels supply more than 75 percent of the US energy system. If we want to function in society, we have no choice but to participate in that system. To blame us for that is to shame us for our very existence. […] But that doesn’t mean we do nothing. Climate change is a vast and complicated problem, and that means the answer is complicated too. We need to let go of the idea that it’s all of our individual faults, then take on the collective responsibility of holding the true culprits accountable. In other words, we need to become many Davids against one big, bad Goliath.

    (tags: activism climate environment green climate-change future fossil-fuels society)

  • A free Argo Tunnel for your next project

    Argo Tunnel lets you expose a server to the Internet without opening any ports. The service runs a lightweight process on your server that creates outbound tunnels to the Cloudflare network. Instead of managing DNS, network, and firewall complexity, Argo Tunnel helps administrators serve traffic from their origin through Cloudflare with a single command. [….] Starting today, any user, even those without a Cloudflare account, can try this new method of connecting their server to the Internet. Argo Tunnel can now be used in a free model that will create a new URL, known only to you, that will proxy traffic to your server. We’re excited to make connecting a server to the Internet more accessible for everyone.

    (tags: cloudflare internet tunnel servers ports tunnelling ops free)

  • Download Starburst Distribution of Presto

    Starburst’s free distro of Presto; there are additional enterprise features which require a license key but the basic distro is OSS. Docs at https://docs.starburstdata.com/latest/index.html

    (tags: starburst presto aws ops software)

  • Soonish: The Lost Chapter

    “Ten Emerging Technologies That’ll Improve and/or Ruin Everything” — Advanced Nuclear Power

    (tags: nukes nuclear-power power future soonish smbc tech reactors)

This entry was posted in Uncategorized. Bookmark the permalink. Both comments and trackbacks are currently closed.

One Comment

  1. Nix
    Posted June 21, 2019 at 01:49 | Permalink

    Ah yes, let’s replace “legacy models” of connecting a server to the Internet with a proprietary service that depends on one corporation, that can withdraw it at whim, and which is explicitly using you as a guinea pig for paying customers, and which can only be improved or maintained by that one corporation, unlike the “legacy model” which is improved and maintained by everyone and anyone.

    What a great idea this sounds like to me! (Not.)

    I think I’ll use the “legacy model” known as a TCP/IP server for my next project. Not too sorry you can’t monetize that, Cloudflare.