Notices by Neil Craig (tdp_org@mastodon.social)

I've been working on an automated triager for the frequent volumetric DDOS we see against www.bbc.com & www.bbc.co.uk.

The idea is to use our edge access logs (stored in BigQuery) to isolate & describe the attack traffic then recommend any additional mitigations/filters etc. It also gives us a database of DDOS metrics/sources we can reference.

Obviously I had to add the obligatory pew-pew map.

#WebStats #InfosSec #DDOS #BBC

Anyone else think that Netanyahu giving Trump a golden pager is a bit odd given the exploding pager attack in Lebanon last year?

@Gargron Oh nice! There's a good few of us from the BBC going so we'll try to find you and say hello!

@GossiTheDog Thanks for sharing this.
We just checked for our IP ranges (nothing in there) but one of my colleagues grouped the IPs in the repo by AS - funnily enough, a good number of the top few are AS from which we frequently see DDOS traffic against our services. Perhaps suggests a lack of care & maintenance on their part & that the DDOS are likely from/via compromised kit. Not a major surprise.

We're recruiting a Networking-focussed Architect in my team at the BBC.

You'll need to be UK-resident for boring tax/legal reasons but this is (IMO) a cool role - working on both corporate/internal & public/peering networks for BBC media & web content, Cloud connections etc. across multiple sites/DCs and with our vendors.

Happy to try to answer Qs informally.

Please share, esp. if you know good people who might be interested.

https://careers.bbc.co.uk/job/Lead-Architect-%28Network%29/810263002/

#BBC #FediHired #Networking #Architecture

Turns out you can buy Fastly on amazon.com
#CDN #Fastly

@GossiTheDog Jeez. I feel a resilience consultancy startup is in order..."don't have SPoFs. $500k please" 😆

@GossiTheDog Slightly concerning that a single card can knacker so much of the network eh?

@GossiTheDog We were just talking about that - broken (network?) card AIUI 🤦

@GossiTheDog If you go to "Press Releases" (https://media.blueyonder.com/) then "Awards" (https://blueyonder.com/about/awards-recognition), appropriately enough you get a big chonky 404 😆

Looks like www.bbc.co.uk & www.bbc.com are blocked in Turkmenistan (since this time last week).

#Censorship #Turkmenistan #BBC

We monitor traffic to www.bbc.co.uk & www.bbc.com per country & got alerts that daily requests from Angola have dropped off loads recently.

Looking at the Angola traffic split by network AS. AS36907 traffic looks suspicious! Spidey sense triggered...the "before" traffic was *way* too consistent.

Digging in to the logs, looks like they removed their Fortigates on 6th Sept. which'd been sending 343k req/day for www.bbc.co.uk/ , every single day!

Gotta love being on the internet!

#WebStats #BBC

In the UK at least, "trump" is a euphamism/slang for "fart".
Is that a thing in the USA too?

Here's a few of the prep tasks we've done for the UK General Election in/around our team:
- Add extra CDN/peering capacity
- Ensure personal & machine credentials & TLS cert work & won't expire
- Raise service quotas for safety
- Check that deployment pipeline are clean/deployable
- Ask 3rd parties to be extra-vigilant on change requests
- Rehearse failovers to backup systems
- Make sure all logging/metrics are working correctly
Probably mainly/all pretty obvious but maybe useful.
#BBC #GE2024

I'm updating our roadmap for our internal CDN which serves www.bbc.co.uk & www.bbc.com to the UK.

Which protocols/edge features/security controls (not website content/features/security controls) would you like to see us add?

Already on the list:
- IPv6
- QUIC/h3 (already supported outside UK)
- Post-Quantum Crypto (maybe, needs research)

I can't make any promises but suggestions would be great
Boosts would be ace, TiA!

Edit: Also 👀 for security/performance/reliability tech

#BBC #WebDev #CDN

According to Google, the next thing I should listen to after this week's Risky Business Podcast is...

"Minecraft - Bedtime Meditation
Sleep Stories - Mrs. Honeybee"

🤷🏼♂️

I've been watching "The Misadventures of Romesh Ranganathan" series 4 this week.
Aside from being hilarious & genuinely interesting, I am really pleased to see Romesh challenging & calling out what I agree with him are disgusting anti-gay laws in Uganda.
https://www.bbc.co.uk/iplayer/episode/m001zpqt/the-misadventures-of-romesh-ranganathan-series-4-1-uganda

So, do I put the glue in now or...?

On/around 27th May 2024, the traffic from Azerbaijan to www.bbc.com & www.bbc.co.uk reduced by over 80%.
Looking at our data, I can see that the vast majority of traffic in Azerbaijan comes from AS29049 (Delta Telecom) which is their majority ISP according to Wikipedia.
OONI says tests were passing as recently as 28th May from AS29049 but there's definitely something going on...Unsure exactly what.
(the gap in AS29049 is a GeoIP data migration)
#Azerbaijan #Censorship #InfoSec

My pals in BBC World Service have been doing some awesome work on "lite" versions of their news articles (other page types to follow).
They essentially skip the Server-Side React hydration which means you end up with a simpler HTML+CSS page, no JS.
Page sizes drop significantly:
* Transferred: ~600KB -> 30KB
* Total: 1.65MB -> 135KB
Just append `.lite` on a URL e.g. https://www.bbc.com/mundo/articles/crgyyvdz1dro.lite
There's no on/off UX at the moment but they're working on that too.
#WebDev #WebPerf #WebPerformance #BBC