Notices by Neil Craig (tdp_org@mastodon.social)

Feels like we're now firmly in the "desperation" phase for companies who have sunk a ton of cash into AI which nobody asked for. They're frantically trying to justify that spend in via evidence of "user engagement" in any way they can.

I'm sure we're all seeing increasing pushiness and use of dark patterns to force use of AI e.g. WhatsApp searchbar now being "Ask Meta AI or Search"

#AI #GenAI #AIHorseShit

So it's official: TLS certificate lifetimes will reduce from the current max of 398 days to:
* 200 days in March 2026
* 100 days in March 2027
* 47 days in March 2029

For web servers/proxies etc. it's reasonably simple, at least for smaller orgs but for e.g. network kit it might be more of a challenge. Having a timeframe to aim at definitely focusses the mind!

Via @riskybiz / https://risky.biz/risky-bulletin-ca-b-forum-approves-47-day-tls-certs/

#TLS #PKI #InfoSec #WebDev

Manufacturers who sell TVs in the UK & want the TV to run BBC iPlayer (BBC Public Service live/on-demand TV app) have to get their TVs certified by us. There's a large suite of tests & technical requirements - a colleague just pointed out to me that those docs are public:

https://certification.bbctvapps.co.uk/docs/tv-specification/

TVs on UK sale now & marked with the iPlayer logo must support:
* TLS 1.2+
* Mutual TLS (client certs)
* HTTP/2+
* Service Workers
& lots more...those just caught my eye

#BBC #iPlayer #WebDev

Just received an email from one of ours teams who manage a vendor integration/config and it's :chef's kiss: perfect. Headings (in order):

What is happening?
Why is it happening?
When is it happening?
Do I need to do anything?
I have questions…

Every section is worded accurately and concisely.
This is how to communicate a change.
Well played.

Newsnight is not pulling any punches this evening:
"This was a mafia shakedown"
"I think what we saw tonight was America becoming a rogue state"

"Everybody I've spoken to loves the idea of the United States owning that piece of land, developing and creating thousands of jobs"

Yeah, that's what happens when you only interact with people in your bubble, you get a massively warped/blinkered view of reality. It's one reason why diversity & inclusion is so important.

https://news.sky.com/story/trump-shares-ai-video-of-gaza-vision-featuring-golden-statues-bearded-belly-dancers-and-netanyahu-on-a-sunbed-13317241

#gaza #trump

I've been working on an automated triager for the frequent volumetric DDOS we see against www.bbc.com & www.bbc.co.uk.

The idea is to use our edge access logs (stored in BigQuery) to isolate & describe the attack traffic then recommend any additional mitigations/filters etc. It also gives us a database of DDOS metrics/sources we can reference.

Obviously I had to add the obligatory pew-pew map.

#WebStats #InfosSec #DDOS #BBC

Anyone else think that Netanyahu giving Trump a golden pager is a bit odd given the exploding pager attack in Lebanon last year?

@Gargron Oh nice! There's a good few of us from the BBC going so we'll try to find you and say hello!

@GossiTheDog Thanks for sharing this.
We just checked for our IP ranges (nothing in there) but one of my colleagues grouped the IPs in the repo by AS - funnily enough, a good number of the top few are AS from which we frequently see DDOS traffic against our services. Perhaps suggests a lack of care & maintenance on their part & that the DDOS are likely from/via compromised kit. Not a major surprise.

We're recruiting a Networking-focussed Architect in my team at the BBC.

You'll need to be UK-resident for boring tax/legal reasons but this is (IMO) a cool role - working on both corporate/internal & public/peering networks for BBC media & web content, Cloud connections etc. across multiple sites/DCs and with our vendors.

Happy to try to answer Qs informally.

Please share, esp. if you know good people who might be interested.

https://careers.bbc.co.uk/job/Lead-Architect-%28Network%29/810263002/

#BBC #FediHired #Networking #Architecture

Turns out you can buy Fastly on amazon.com
#CDN #Fastly

@GossiTheDog Jeez. I feel a resilience consultancy startup is in order..."don't have SPoFs. $500k please" 😆

@GossiTheDog Slightly concerning that a single card can knacker so much of the network eh?

@GossiTheDog We were just talking about that - broken (network?) card AIUI 🤦

@GossiTheDog If you go to "Press Releases" (https://media.blueyonder.com/) then "Awards" (https://blueyonder.com/about/awards-recognition), appropriately enough you get a big chonky 404 😆

Looks like www.bbc.co.uk & www.bbc.com are blocked in Turkmenistan (since this time last week).

#Censorship #Turkmenistan #BBC

We monitor traffic to www.bbc.co.uk & www.bbc.com per country & got alerts that daily requests from Angola have dropped off loads recently.

Looking at the Angola traffic split by network AS. AS36907 traffic looks suspicious! Spidey sense triggered...the "before" traffic was *way* too consistent.

Digging in to the logs, looks like they removed their Fortigates on 6th Sept. which'd been sending 343k req/day for www.bbc.co.uk/ , every single day!

Gotta love being on the internet!

#WebStats #BBC

In the UK at least, "trump" is a euphamism/slang for "fart".
Is that a thing in the USA too?

Here's a few of the prep tasks we've done for the UK General Election in/around our team:
- Add extra CDN/peering capacity
- Ensure personal & machine credentials & TLS cert work & won't expire
- Raise service quotas for safety
- Check that deployment pipeline are clean/deployable
- Ask 3rd parties to be extra-vigilant on change requests
- Rehearse failovers to backup systems
- Make sure all logging/metrics are working correctly
Probably mainly/all pretty obvious but maybe useful.
#BBC #GE2024