
Article upvote.
What weak spot of the DNS system are we talking about here? Enquiring minds want to know.
An upgrade to China's Great Firewall is having knock-on effects all over the internet, with seemingly random sites experiencing massive traffic spikes. One site owner in North Carolina, Craig Hockenberry, has written up how, after he looked into why his mail server was down, he found 52Mbps of search traffic piling into his …
What weak spot of the DNS system are we talking about here?
Most DNS lookups are simple UDP packets without even so much as a serial number. So a client asks the question, and accepts the answer with no way to know whether or not the response is trustworthy. Thus a bad actor can send incorrect responses and subvert the DNS system. To make matters worse, it can flood out such responses even before the question is asked...
There are ways to improve on this - but they are very far from widespread.
Vic.
Not sure that is true and I don't think they really want to be completely isolated. If they did they could just pull the plug, end of. Of course this would severely damage the rest of the world's ability to buy stuff from China, which would presumably be seen as a bad thing. Really they want their cake and eat it with an internet that only does things they agree with.
Wired/Wireless internet is to easy for governments to control. Quick someone invent zero width wormhole private networks! ZW-WPN or WPN for short. All the power needed could be siphoned off stars in other solar systems. Data centers could be moved anywhere. Users could connect to any other node/gateway on the internet without fear of censorship or filtering.
Kidding.
Ahh, the venerable MRTG graph. That pattern will look familiar to a lot of readers. Next step was usually to look up the switch port to find out what colo box was converted into a warez site overnight. Or, for the more seasoned among us, what pattern do we need to add to the news server to drop the binaries groups.
I am a bit surprised, because I've been inside the GFW many times, and that was not how I saw them deal with forbidden connections.
Last time I had fun with it, a bit less than one year ago, they did this: when a forbidden domain name appeared inside an HTTP connection to a specific IP address, they would send a reset to *any* connection to that IP address, lasting for a few minutes. The DNS would keep working and resolving to the right IP.
Connecting using HTTPS, by hiding any mention of the domain, would not trigger the resets.
Connecting to the same IP address, but using a different domain name, would not trigger the resets either.
Of course, this was to a personal server, that had both a forbidden DynDns and a fixed domain name, but I don't remember seeing government tinkering with Internet big names using DNS either.
This may be a silly thing to say, but I am struck by the coincidence between a sudden onset of DNS-based problems in the Great Firewall of China, and the emergence of a buffer overflow that can best be exploited via gethostbyname().
Might this problem not actually be anything to do with the GFoC admins or (in)competence thereof, but might it be related to some person or group inside China trying to break the firewall in some way, and succeeding in merely crippling its functionality in strange and annoying ways?
I've finally got round to writing up my experience of the same issue and my methods used to mitigate it.
http://defendagainstddos.wordpress.com/2015/02/06/preventing-a-ddos-from-china-a-great-firewall-of-china-gone-rogue/
For those that cant be bothered reading and need a quick fix, just run this:
sudo iptables -A INPUT -p tcp -m tcp --dport 80 -m string --string "GET /announce.php" --algo bm --to 65535 -j DROP
Though this article is a few weeks old, the issue is still ongoing.
China's government has outlined its vision for digital services, expected behavior standards at China's big tech companies, and how China will put data to work everywhere – with president Xi Jinping putting his imprimatur to some of the policies.
Xi's remarks were made in his role as director of China’s Central Comprehensively Deepening Reforms Commission, which met earlier this week. The subsequent communiqué states that at the meeting Xi called for "financial technology platform enterprises to return to their core business" and "support platform enterprises in playing a bigger role in serving the real economy and smoothing positive interplay between domestic and international economic flows."
The remarks outline an attempt to balance Big Tech's desire to create disruptive financial products that challenge monopolies, against efforts to ensure that only licensed and regulated entities offer financial services.
The Cyberspace Administration of China has announced a policy requiring all comments made to websites to be approved before publication.
Outlined in a document published last Friday and titled "Provisions on the Administration of Internet Thread Commenting Services", the policy is aimed at making China's internet safer, and better represent citizens' interests. The Administration believes this can only happen if comments are reviewed so that only posts that promote socialist values and do not stir dissent make it online.
To stop the nasties being published, the policy outlines requirements for publishers to hire "a review and editing team suitable for the scale of services".
Cloudflare said it this month staved off another record-breaking HTTPS-based distributed denial-of-service attack, this one significantly larger than the previous largest DDoS attack that occurred only two months ago.
In April, the biz said it mitigated an HTTPS DDoS attack that reached a peak of 15.3 million requests-per-second (rps). The flood last week hit a peak of 26 million rps, with the target being the website of a company using Cloudflare's free plan, according to Omer Yoachimik, product manager at Cloudflare.
Like the attack in April, the most recent one not only was unusual because of its size, but also because it involved using junk HTTPS requests to overwhelm a website, preventing it from servicing legit visitors and thus effectively falling off the 'net.
China should seize Taiwan to gain control of TSMC if the United States and its allies impose sanctions against the Middle Kingdom like those now in place against Russia, according to a prominent Chinese economist.
The move follows the suggestion last year out of the US that Taiwan should be prepared to destroy its semiconductor factories if China were to invade.
This latest development comes in a speech by Chen Wenling, chief economist for the China Center for International Economic Exchanges, delivered at the China-US Forum hosted by the Chongyang Institute for Financial Studies at Renmin University of China at the end of May. The text of the speech was posted to the Guancha (Observer) online news site.
A Chinese state-backed startup has hired legendary Japanese chip exec Yukio Sakamoto as part of a strategy to launch a local DRAM industry.
Chinese press last week reported that Sakamoto has joined an outfit named SwaySure, also known as Shenzhen Sheng Weixu Technology Company or Sheng Weixu for brevity.
Sakamoto's last gig was as senior vice president of Chinese company Tsinghua Unigroup, where he was hired to build up a 100-employee team in Japan with the aim of making DRAM products in Chongqing, China. That effort reportedly faced challenges along the way – some related to US sanctions, others from recruitment.
A 33-year-old Illinois man has been sentenced to two years in prison for running websites that paying customers used to launch more than 200,000 distributed denial-of-services (DDoS) attacks.
A US California Central District jury found the Prairie State's Matthew Gatrel guilty of one count each of conspiracy to commit wire fraud, unauthorized impairment of a protected computer and conspiracy to commit unauthorized impairment of a protected computer. He was initially charged in 2018 after the Feds shut down 15 websites offering DDoS for hire.
Gatrel, was convicted of owning and operating two websites – DownThem.org and AmpNode.com – that sold DDoS attacks. The FBI said that DownThem sold subscriptions that allowed the more than 2,000 customers to run the attacks while AmpNode provided customers with the server hosting. AmpNode spoofed servers that could be pre-configured with DDoS attack scripts and attack amplifiers to launch simultaneous attacks on victims.
Updated Intel has said its first discrete Arc desktop GPUs will, as planned, go on sale this month. But only in China.
The x86 giant's foray into discrete graphics processors has been difficult. Intel has baked 2D and 3D acceleration into its chipsets for years but watched as AMD and Nvidia swept the market with more powerful discrete GPU cards.
Intel announced it would offer discrete GPUs of its own in 2018 and promised shipments would start in 2020. But it was not until 2021 that Intel launched the Arc brand for its GPU efforts and promised discrete graphics silicon for desktops and laptops would appear in Q1 2022.
Chinese telecom equipment maker ZTE has announced what it claims is the first "cloud laptop" – an Android-powered device that the consumes just five watts and links to its cloud desktop-as-a-service.
Announced this week at the partially state-owned company's 2022 Cloud Network Ecosystem Summit, the machine – model W600D – measures 325mm × 215mm × 14 mm, weighs 1.1kg and includes a 14-inch HD display, full-size keyboard, HD camera, and Bluetooth and Wi-Fi connectivity. An unspecified eight-core processors drives it, and a 40.42 watt-hour battery is claimed to last for eight hours.
It seems the primary purpose of this thing is to access a cloud-hosted remote desktop in which you do all or most of your work. ZTE claimed its home-grown RAP protocol ensures these remote desktops will be usable even on connections of a mere 128Kbit/sec, or with latency of 300ms and packet loss of six percent. That's quite a brag.
The former director of the University of Arkansas’ High Density Electronics Center, a research facility that specialises in electronic packaging and multichip technology, has been jailed for a year for failing to disclose Chinese patents for his inventions.
Professor Simon Saw-Teong Ang was in 2020 indicted for wire fraud and passport fraud, with the charges arising from what the US Department of Justice described as a failure to disclose “ties to companies and institutions in China” to the University of Arkansas or to the US government agencies for which the High Density Electronics Center conducted research under contract.
At the time of the indictment, then assistant attorney general for national security John C. Demers described Ang’s actions as “a hallmark of the China’s targeting of research and academic collaborations within the United States in order to obtain U.S. technology illegally.” The DoJ statement about the indictment said Ang’s actions had negatively impacted NASA and the US Air Force.
The US arm of Chinese social video app TikTok has revealed that it has changed the default location used to store users' creations to Oracle Cloud's stateside operations – a day after being accused of allowing its Chinese parent company to access American users' personal data.
"Today, 100 percent of US user traffic is being routed to Oracle Cloud Infrastructure," the company stated in a post dated June 18.
"For more than a year, we've been working with Oracle on several measures as part of our commercial relationship to better safeguard our app, systems, and the security of US user data," the post continues. "We still use our US and Singapore datacenters for backup, but as we continue our work we expect to delete US users' private data from our own datacenters and fully pivot to Oracle cloud servers located in the US."
Biting the hand that feeds IT © 1998–2022