Jul 292017
 

With the release of kernel-xen version 4.9.40, I have enabled CONFIG_TCP_CONG_BBR. This adds support for using BBR to improve the throughput from your servers (mostly web servers) to your clients.

If you run my kernel-xen package on your Xen guests, you can also take advantage of this new feature.

To enable, ensure you are running kernel-xen version 4.9.40 or above, then create a file called /etc/sysctl.d/enable-bbr.conf containing:
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr

You can activate this by typing: $ sysctl -p

The changes will automatically apply at the next system boot.

To read more about BBR and why it makes such a difference, head on over to acmqueue for a far more in-depth analysis than I could provide.

Jul 122017
 

In a speech in London overnight, Turnbull said companies should not be able to build end-to-end encryption tools that meant nobody – including courts and law enforcement – could access the content of communications.

If you’re in the tech industry, and you know your local Liberal party member, point them to this and tell them to go fuck themselves. Regards, The Internet.

If you don’t know who your local member is, search here:
http://www.aph.gov.au/Senators_and_Members/Members

Mar 192017
 

So every once in a while, you come across something in IT Security that just makes you want to cry.

Usually, these are chained exploits that when executed properly have devastating effects.

Take the latest Pwn2Own competition. One of the successful hacks there was epic. And scary.

In a nutshell, an ‘Edge’ browser exploit to get into the Windows 10 VMWare guest, then a bug in the VMWare guest to own the VMWare host. Yes, hacking the VMWare host – from a web page.

That’s scary.