Weekend Reads 070822

We kick off this edition of the weekend reads with a few articles on security. Misconfigured cloud storage buckets and a failure to implement good password practices are, as always, a major source of security issues.

We found that only 15 websites were following best practices. The remaining 105 either leave users at risk for password compromise or frustrated from being unable to use a sufficiently strong password (or both).

A misconfigured Amazon S3 bucket resulted in 3TB of airport data (more than 1.5 million files) being publicly accessible, open, and without an authentication requirement for access, highlighting the dangers of unsecured cloud infrastructure within the travel sector.

An unlucky fat-fingering precipitated the current crisis: The client had accidentally deleted the private key needed to sign new firmware updates.

Another study showing the importance of DNS abuse in spreading malware.

In April, I participated in the panel session ‘Real Life Perspectives on Regional DNS Abuse in APAC’ at the APAC DNS Forum 2022, during which I and my fellow panellists shared examples of DNS incidents that we’ve seen in the Asia Pacific region and how we, as a community, can improve how we mitigate these threats.

Another reminder that you shouldn’t count on companies who depend on advertising revenue to do anything real about user privacy.

TrustPid allows mobile carriers to generate pseudo-anonymous tokens based on a user’s IP address that are administered by a company also named TrustPid.

Some interesting developments in networking technology.

Australian National University (ANU) physicists have developed new tech that controls the direction that light can and cannot travel in using nanoparticles, possibly discovering the path to cheaper, faster and more reliable internet.

But for 5G to achieve its true potential, operators need to assess how they maximize the efficiency of spectrum frequencies.

Open XR Forum, which boasts several service provider members including Verizon, Lumen Technologies, AT&T and Windstream, approved its first specification.

It’s dangerous out there.

A Texas jury last week found that Charter Communications was responsible for the death of an 83-year-old woman murdered in her home by a Spectrum cable technician who is now serving a life sentence.

Lots of thoughts on how the ever-changing global financial situation is impacting (and will impact) tech folks.

Jim Chanos, the infamous short-seller who predicted Enron’s downfall, has said he plans to short datacenter real-estate investment trusts (REIT).

With billions of dollars both public and private on the table, new fiber players are springing up left and right.

For much of the past decade, tech companies have showered their corporate employees with money and lavish perks to attract and retain talent in a hyper-competitive industry.

For the first time in three years, start-up funding is dropping.

And finally … just a fun project for interested folks. I use my Synology NAS for my music library, but this looks cool.

Jellyfin fulfills everything on my media library wishlist, making it the ideal open source alternative to Apple Music and other proprietary software tools.