Weekend Reads 051724

The FCC lawfully fined U.S. facilities-based wireless carriers nearly $200 million for selling highly intrusive location data about subscribers without their “opt-in” consent.

Geoff Huston explores the performance of the BBR and Cubic flow control algorithms on the Starlink network through comprehensive measurements.

An instruction set is a lingua franca between compilers and microarchitecture. As such, it has a lot in common with compiler intermediate languages, a subject on which Fred Chow has written an excellent overview

A new malware called Cuttlefish is targeting small office and home office (SOHO) routers with the goal of stealthily monitoring all traffic through the devices and gather authentication data from HTTP GET and POST requests.

But one need not know anything about aeronautics to understand that things are not going well for Boeing, and that the company’s approach is clearly broken. That much was made clear in a new Ars Technica piece from Eric Berger, walking readers through the race between Boeing and SpaceX to develop an astronaut capsule for space travel.

“Legal basis” requirements for data processing, justifying data processing activities and transfers, and adhering to data minimization principles began hitting organizations’ radars with the EU General Data Protection Regulation.

Given the fast-paced nature of AI evolution, we decided to circle back and see if there have been developments worth sharing since then. Eight months might seem short, but in the fast-growing world of AI, this period is an eternity.

Ransomware hit an all-time high last year, with more than 60 criminal gangs listing at least 4,500 victims – and these infections don’t show any signs of slowing.

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.

But the insider history of Signal raises questions about the app’s origins and its relationship with government—in particular, with the American intelligence apparatus.

Distributed denial-of-service (DDoS) attacks continue to plague the Internet and pose a risk to the availability of critical digital systems that we increasingly depend on in our daily lives. Thijs van den Hout and his colleagues outline their contributions and lessons learned from 5 years of research on the topic of collaborative DDoS mitigation, as an improvement on the current strategies.

Cogent (CCOI) recently announced that it was offering secured notes for $206M. The unusual part is what it’s using as security: some of its IPv4 addresses and the leases on those IPv4 addresses.