After more than a year as an exclusive invite-only social media platform, Bluesky is now open to the public, so anyone can join without needing a once-coveted invite code.
In a blog, Bluesky said that requiring invite codes helped Bluesky "manage growth" while building features that allow users to control what content they see on the social platform.
When Bluesky debuted, many viewed it as a potential Twitter killer, but limited access to Bluesky may have weakened momentum. As of January 2024, Bluesky has more than 3 million users. That's significantly less than X (formerly Twitter), which estimates suggest currently boasts more than 400 million global users.
On Thursday, Internet pioneer Vint Cerf announced that Dr. David L. Mills, the inventor of Network Time Protocol (NTP), died peacefully at age 85 on January 17, 2024. The announcement came in a post on the Internet Society mailing list after Cerf was informed of David's death by Mills' daughter, Leigh.
"He was such an iconic element of the early Internet," wrote Cerf.
Dr. Mills created the Network Time Protocol (NTP) in 1985 to address a crucial challenge in the online world: the synchronization of time across different computer systems and networks. In a digital environment where computers and servers are located all over the world, each with its own internal clock, there's a significant need for a standardized and accurate timekeeping system.
Orange España, Spain’s second-biggest mobile operator, suffered a major outage on Wednesday after an unknown party obtained a “ridiculously weak” password and used it to access an account for managing the global routing table that controls which networks deliver the company's Internet traffic, researchers said.
The hijacking began around 9:28 Coordinated Universal Time (about 2:28 Pacific time) when the party logged into Orange’s RIPE NCC account using the password “ripeadmin” (minus the quotation marks). The RIPE Network Coordination Center is one of five Regional Internet Registries, which are responsible for managing and allocating IP addresses to Internet service providers, telecommunication organizations, and companies that manage their own network infrastructure. RIPE serves 75 countries in Europe, the Middle East, and Central Asia.
The password came to light after the party, using the moniker Snow, posted an image to social media that showed the orange.es email address associated with the RIPE account. RIPE said it's working on ways to beef up account security.
Roughly 11 million Internet-exposed servers remain susceptible to a recently discovered vulnerability that allows attackers with a foothold inside affected networks. Once they're in, attackers compromise the integrity of SSH sessions that form the lynchpin for admins to securely connect to computers inside the cloud and other sensitive environments.
Terrapin, as the vulnerability has been named, came to light two weeks ago in a research paper published by academic researchers. Tracked as CVE-2023-48795, the attack the researchers devised works when attackers have an adversary-in-the-middle attack (also abbreviated as AitM and known as man-in-the-middle or MitM), such as when they’re positioned on the same local network and can secretly intercept communications and assume the identity of both the recipient and the sender.
In those instances, Terrapin allows attackers to alter or corrupt information transmitted in the SSH data stream during the handshake—the earliest connection stage, when the two parties negotiate the encryption parameters they will use to establish a secure connection. As such, Terrapin represents the first practical cryptographic attack targeting the integrity of the SSH protocol itself. It works by targeting BPP (Binary Packet Protocol), which is designed to ensure AitMs can’t add or drop messages exchanged during the handshake. This prefix truncation attack works when implementations support either the "ChaCha20-Poly1305" or "CBC with Encrypt-then-MAC," cipher modes, which, at the time the paper was published, was found in 77 percent of SSH servers.
Noël n'est plus très loin. Si vous comptez parmi les vôtres des fans de jeux vidéos avides de frissons, le jeu d'horreur se révèle le cadeau indispensable. À cette occasion, Numerama plonge dans les meilleurs jeux d'horreur sur PS5 pour vous aider à choisir. Le catalogue regorge de saisissants survival horror et d'angoissantes intrigues psychologiques.
Avez-vous déjà entendu parler de Warp ?
Alors non, non, non, ce n’est pas un logiciel pour voyager dans le temps (quoi que, ce serait sympa…), mais je parie qu’il va vous faire plaisir !
Warp est un logiciel open-source comme la plupart des softs dont je parle ici, et sa mission est d’envoyer des fichiers en toute sécurité à vos amis, au travers d’Internet ou d’un réseau local, simplement en échangeant un code composé de mots.
Trêve de bla-bla, voici les principales fonctionnalités de Warp :
Ce qui distingue Warp, vous l’aurez compris, c’est son protocole Magic Wormhole. Ce protocole détermine la meilleure méthode de transfert, y compris via le réseau local et vous garantit que vos fichiers sont transférés rapidement et en toute sécurité, quelle que soit la taille des fichiers et l’emplacement des machines.
Warp est dispo sous Windows et Linux (en flatpak), et vous trouverez toutes les infos à son sujet ici.
One of the leading thinkers on how humans track time has a big, if simple, proposal for dealing with leap seconds: Don't worry about them. Do leap minutes instead, maybe one every half-century or so.
"We all need to relax a little bit," said Judah Levine, leader of the Network Synchronization Project in the Time and Frequency Division at the National Institute of Standards and Technology (NIST), to The New York Times. Leap seconds—when coordinated, near-impeccable atomic time is halted for one second to synchronize with the Earth's comparatively erratic movements—are a big headache, especially to computer technology.
The International Bureau of Weights and Measures (IBWM) has already voted to eliminate leap seconds entirely by 2035, or at least how they are currently implemented. Levine plans to submit a paper outlining a "leap minute," timed to the next World Radiocommunications Conference held by the International Telecommunication Union (ITU). Starting November 20 in Dubai, United Arab Emirates, the world's radio and communications policymakers will debate various measures and standards. The Times suggests Levine's paper may be published after the conference, but awareness of it—including the Times story itself—should make it a point of contention.