gaael @ gaael @lemm.ee

Posts

0

Comments

21

Joined

5 mo. ago

From the Fabulous Systems (ScummVM's sysadmin) blog post linked by Natanox:

About three weeks ago, I started receiving monitoring notifications indicating an increased load on the MariaDB server.

This went on for a couple of days without seriously impacting our server or accessibility–it was a tad slower than usual.

And then the website went down.

Now, it was time to find out what was going on. Hoping that it was just one single IP trying to annoy us, I opened the access log of the day

there were many IPs–around 35.000, to be precise–from residential networks all over the world. At this scale, it makes no sense to even consider blocking individual IPs, subnets, or entire networks. Due to the open nature of the project, geo-blocking isn’t an option either.

The main problem is time. The URLs accessed in the attack are the most expensive ones the wiki offers since they heavily depend on the database and are highly dynamic, requiring some processing time in PHP. This is the worst-case scenario since it throws the server into a death spiral.

First, the database starts to lag or even refuse new connections. This, combined with the steadily increasing server load, leads to slower PHP execution.

At this point, the website dies. Restarting the stack immediately solves the problem for a couple of minutes at best until the server starves again.

Anubis is a program that checks incoming connections, processes them, and only forwards “good” connections to the web application. To do so, Anubis sits between the server or proxy responsible for accepting HTTP/HTTPS and the server that provides the application.

Many bots disguise themselves as standard browsers to circumvent filtering based on the user agent. So, if something claims to be a browser, it should behave like one, right? To verify this, Anubis presents a proof-of-work challenge that the browser needs to solve. If the challenge passes, it forwards the incoming request to the web application protected by Anubis; otherwise, the request is denied.

As a regular user, all you’ll notice is a loading screen when accessing the website. As an attacker with stupid bots, you’ll never get through. As an attacker with clever bots, you’ll end up exhausting your own resources. As an AI company trying to scrape the website, you’ll quickly notice that CPU time can be expensive if used on a large scale.

I didn’t get a single notification afterward. The server load has never been lower. The attack itself is still ongoing at the time of writing this article. To me, Anubis is not only a blocker for AI scrapers. Anubis is a DDoS protection.

Ah right, I momentarily forgot about the ruling class's passion for launching stuff that kills people.
Ty for the reminder, I guess this idea of computers up there makes more sense now.

Because electronics on the ground didn't have a big enough environmental footprint, let's emit co2 and pollutants to have some more in space? All just because checks notes no real useful reason?

I hace no idea how serious a blow this is. Can anyone provide any sense of magnitude for these 264 000 tons of munitions? Like how big a chunk of total ammunition stockpile woukd this be? How big is it compared to current manufacturing rate?

I knew I couldn't be the only one thinking of another HL3 when I saw the image :)

This. I can't afford reliable always-on storage now, but I plan to build for SSDs rather than HDDs because I don't have a separate room to put it into.

True, they don't need men for good sex. If they're after shitty sex and rape, they do need men.
/partially joking, but also partially serious

You know you do. And even more, because it's gonna be a cute kitty!

I'm not getting this one, would you like to explain what it's about?

Remember the first persons to be harassed, assassinated, detained, sent to concentration camps were german citizen.
The first who tried to resist Hitler's power, sabotage infrastructure, retrieve and send confidential informations to the allies were german citizen.
A lot of germans were the good guys in ww2 (and afterwards for that matter).
Whatever the conflict, let's not forget that [country X leadership] is not the same as [country x as a whole].

True. And so am I for letting them get awaywith it.

Our current government is openly pro-israel and anti-palestinian, we're not gonna do squat.
They've been calling any criticism towars bibi and any palestinian support antisemitic for the past 2 years - and most of the billionaires-controlled media has happily done the same.
Even if soldiers are killed, it's gonna be labeled a communication incident or some shit.

I do agree, I'm just not surprised it wasn't done this way at the start and I'm not bothered enough by it to want a change.

Much more so than having a car-centric infrastructure. If you start cherry-picking you'll of course find cases where a car would have been more efficient but public transportation needs to be understood as a whole.

AFAIK, arch never pretended to cater to new linux/cli users, I've always read it as a recommandation for advanced (or at least comfortable with reading docs and using CLI) users.
My first time using arch required me following the arch wiki for install and when I finally got a working system (I'm as bad at following tutorials as I am at following cooking recipes) the pacman commands were not something I struggled with.
But yeah coming from Debian where I had the gloriously intuitive apt syntax, I get your point.

I still believe there are democracies in America but the US of A aren't one of them.

I had never envisioned spacex as a climate change activist company!

Adhd?

TIL about article 5, thanks!
I really hope mimitary action won't happen...

France here, our mainstream media is currently either billionaire-owned and pushing Trump and Musk admiration or publicly owned but influenced by our current government (Macron and co.) which does everything possible to cosy up to billionaires so they haven't yet (and probably never will) called Trump a fascist or Musk a neo-nazi.

You came and died in France during two world wars in the 20th century but I'm afraid France as a nation isn't gonna have your back in this timeline - except if we manage to elect a real-left government next time.

Good luck!