We kick off this edition of the weekend reads with a few articles on security. Misconfigured cloud storage buckets and a failure to implement good password practices are, as always, a major source of security issues.
We found that only 15 websites were following best practices. The remaining 105 either leave users at risk for password compromise or frustrated from being unable to use a sufficiently strong password (or both).
A misconfigured Amazon S3 bucket resulted in 3TB of airport data (more than 1.5 million files) being publicly accessible, open, and without an authentication requirement for access, highlighting the dangers of unsecured cloud infrastructure within the travel sector.
Another study showing the importance of DNS abuse in spreading malware.
In April, I participated in the panel session ‘Real Life Perspectives on Regional DNS Abuse in APAC’ at the APAC DNS Forum 2022, during which I and my fellow panellists shared examples of DNS incidents that we’ve seen in the Asia Pacific region and how we, as a community, can improve how we mitigate these threats.
Another reminder that you shouldn’t count on companies who depend on advertising revenue to do anything real about user privacy.
Some interesting developments in networking technology.
Australian National University (ANU) physicists have developed new tech that controls the direction that light can and cannot travel in using nanoparticles, possibly discovering the path to cheaper, faster and more reliable internet.
It’s dangerous out there.
Lots of thoughts on how the ever-changing global financial situation is impacting (and will impact) tech folks.
And finally … just a fun project for interested folks. I use my Synology NAS for my music library, but this looks cool.