I had a meeting today in which it was brought home to me that there are senior security people who don't remember the Morris worm because they were like eight years old when it happened.
Ok. I am tired of Infosec.exchange being sluggish. I just submitted a crazy order with Hetzner to upgrade the instance. Hopefully the last time for a while. I ordered a dell AMD Genoa 48 core server with 256 GB of ram to act as a database and redis server, a dell 64 core sapphire rapids server with 256gb of ram to act as the single front end/puma/streaming server, and an amd 7950 with 128gb of ram to run minio (insourcing from Backblaze).
I ordered all with 10g network interfaces to be connected to the same switch.
I continue to see issues with Backblaze performance causing issues with posting.
This will consolidate the environment down from about 13 servers to 4 (I will keep using less expensive servers on 1G networks for Sidekiq if it can’t run on the sapphire rapids server.
I will be putting that behind Fastly for global distribution and ddos mitigation. I don’t know whether I’ll keep serving media via bunny.net or try to do that with Fastly also. Bunny works pretty well and is cost effective for media delivery.
One of the backlog items we all took on during the pandemic was replacing the saying “avoid it like the plague” with something more reflective of modern day views on such things.
My late #caturday entry. Thor fell asleep with his mom on the couch watching some HGTV show.
Which reminds me, there are a growing number of houses around the country (world?) that were remodeled in under a day/week/whatever. I am not sure that’s such a great thing.
I am going to be disabling image uploads and image serving, moving to moderated signups, and instituting some extensive block lists on infosec.pub due to the pervasive problems with CSAM attacks on lemmy instances.
No, it’s not happened to any of our instances yet, but I don’t need that headache. And if anyone does, I promise you that I will make it my life’s mission to see that those responsible are convicted and rotting in prison where they belong. ❤️
Edit: h/t to @infosec_jcp for pointing out the problem to me.
@jerry@infosec_jcp "Rotting in prison" isn't my favorite outcome for anyone, but I agree this needs to be nipped in the bud. As far as tech solutions to social problems, moderation and block-lists I'm entirely behind. (And moderation is honestly a social solution to a social problem, at its core.)
I partially solved an Infosec mystery recently. The mystery is “why do most incidents always happen on a Friday? And especially the Friday before a long weekend?”
Well friends, after a lot of empirical data gathering I can announce that it’s because people who realized something was wrong had been sitting on the knowledge of something being wrong, but didn’t want to let it sit through a weekend, and especially not a long weekend.
So like that last push to production on the way out the door Friday afternoon, people are often submitting incident reports as they take off for the weekend with a clear conscience and a spring in their step.