"After quizzing these companies about data practices, I learned that most are sharing what’s happening in my home with Amazon, too. Our data is the price of entry for devices that want to integrate with Alexa. Amazon’s not only eavesdropping — it’s tracking everything happening in your home."
#GeoffreyAFowler, 'Alexa has been eavesdropping on you this whole time'
It could be but we can't know for sure. It appears that the #WashingtonPost, rather dubiously, blocks the #InternetArchive, so we are not able to read the article to assess it. The W'Post may be only publishing the bare minimum so as to not appear to be suppressing it. They could be whiteWashing, or doing a #limitedHangout.
See how the WashingtonPost treats the InternetArchive, a typical #Akamai-style ban!
Journalist Antoinette Lattouf was sacked by the #ABC "after a coordinated campaign by Jewish lawyers over her work on Gaza.
"Lawyers for Israel coordinated an effort to get Lattouf fired, [saying, eg] 'It is important ABC hears not just from individuals..but specifically lawyers so they feel there is an actual legal threat'."
Lattouf cited Human Rights Watch on Israel “using starvation of civilians as a weapon of war in Gaza”
@DrALJONES
We have difficulty taking the ABC seriously these days.
Our (supposed) #nationalBroadcaster is served by #Akamai, a US-multinational that rose to prominence with its partnership with M'Soft in the late 90s.
Akamai serve #ebay, #esty and a lot of large #departmentStores in Australia, and even some #banks. Alongside CloudFlare and Amazon, there are only two banks not being intercepted at the encryption/decryption level.
@tayledras@noiq As a matter of fact, I did help a fmr. client/employer to move their #Servers and #VMs inhouse again amidst escalating costs...
Turns our it's cheaper to invest 8 digits once to reduce the hosting bills from 6 to 4 digits espechally since they ain't having short-term & highly fluctuating loads that justify the cost.
I mean, I know cases where that does apply and in these cases it's worth paying €€€€ to do #livestreaming on a #CDN like #dacast / #Akamai, but that's an exception.
Whereas #Monero :monero: is one of the most stable #Cryptocurrencies because it's developed by people who actually know the basics of economics and ain't #AnCap#shitposters that think they can change laws by coding stuff like #TheDAO...
@adulau This is from Akamai.
I'm not going to alt-text the image since it's only text and it's twice the size of the alt-text limit.. I will add the text in this message below. So the alt-text just the bit after the hashtags.
I don't have a link to the advisory as it was sent through their portal as this text. #CVE202344487#HTTP2#HTTPSRapidResetAttack#RapidResetAttack #Akamai #InfoSec
--
Advisory Title: Customers using Akamai Security Products are protected from CVE-2023-44487: HTTP2 Rapid Reset attacks.
This attack, while novel, is at the protocol level and would be mitigated by Akamai on behalf of its customers in the same manner as any other Layer 7 DDoS attack using security product capabilities like Rate Controls, Web Application Firewall (WSA) , Bot Man Premier (BMP) or Client Reputation. No additional specific guidance is presently required to mitigate this threat. However, with the emergence of new threats, we encourage customers to work with their Akamai account team and update their security configurations, including rate controls, to ensure they are properly mitigating Layer 7 DDoS attacks.
Even customers without specific security solutions will benefit from built-in protections on the Akamai platform developed to mitigate this threat.
This attack exploits HTTP2 stream multiplexing, attackers immediately reset a stream after initiating a request, resulting in work on the edge server beyond the intended 100 stream limit. This could trigger tens of thousands of simultaneous requests from one connection. Most major HTTP2 stacks behave similarly, and patches or mitigations should be available on 10th October as well.
Akamai has actively participated in the global response to this vulnerability since August, collaborating with other industry stakeholders until its public announcement on October 10th. Over the course of September, we refined our edge delivery software to better detect and manage such attacks, including limiting streams available to abusive HTTP2 clients.
During the industry-wide confidentiality period, Akamai was bound not to disclose details about this vulnerability. However, we remained in close coordination with our partners to ensure customer protection and actively monitored our platform for this abuse.
Additional Customer Mitigation Guidance:
For SOCC and security customer mitigations, this should be treated the same as any other L7 DDoS attack.
Customers with security products in alert mode may observe an increase in attacks when this attack is made public. Customers may want to proactively put their products in deny mode and review or adjust rate controls accordingly.
Customers without rate controls or other security products in deny mode will have clients limited to 100 simultaneous requests per client connection, as per the HTTP2 specification. If an existing Akamai CDN customer needs protection against L7 DDoS attacks, they are encouraged to add AAP or AAP+ASM products to avail the L7 DDoS protections.
Prolexic customers should adopt vendor patches or vendor guidance which will be available on 10th October. If vendor mitigations are unavailable or a customer is under attack, the suggested mitigation is to disable HTTP2 until a patch can be applied.
Customers with origin infrastructure or other services exposed on the internet, not behind Akamai SiteShield or OIPACL should update their vendors software, apply vendor mitigations, or disable HTTP2 until a fix can be applied.
This weekend #Akamai turns 25 years old! We now have over 10,000 employees and hundreds of thousands of servers around the world serving hundreds of Terabits of content. It has been an amazing journey --- when I decided to take "a year or two off from my PhD" and joined we were just over a hundred employees. I've worked with lots of amazing people, many of whom have moved on and have done great things elsewhere. I look forward to all the fun challenges we get to solve in the coming years!
We are a global company with office locations around the world. We are also something like 80+% remote workers. We are consistently ranked a top place to work in the locations where we have offices. We have a strong culture of inclusivity, integrity, and giving back to our communities.
I’ve been there for nearly 20 years, and I still enjoy my job as it has evolved over those years. It’s always a unique challenge. https://akamai.com/careers
@izaya#Akamai, but I'd rather recommend to just use a few chep SSD VPSes from Contabo instead so that your credit card can't get fried by someone DDoS'ing you...
Gonna be continuing the Wild Arms stream this Saturday, around the usual time of 18:00 UTC, for the usual duration of about 2 hours :blobcatController:
alright, I think it's time to translate the #NWB spec language to RDF and start on the first leg of getting this p2p thing off the ground and mirror all the neurophysiology archives. got a big stack of hard drives and bandwidth going to waste
#Akamai and #MongoDB are at odds… I just got this message in the #Linode console, while I was trying to find out why all our S3 Buckets in Frankfurt are gone for over an hour now.
The Linode acquisition by Akamai is a real disappointment for their clients.
So with Akamai swallowing up Linode im left wonderibg how to proceed.
Is Akamai decent? Do they have similar values and approach as Linode? If so shoukd is stick with them? Should i move to another provider? What are some of your favorite options?