Spock, Uhura, Chapel, heck even M’Benga don’t make it a prequel, but a lieutenant Kirk does?
Because most people aren’t technical enough to understand there are alternatives, particularly if those alternatives involve removing a scary label telling you not to.
As a guy responsible for a 1,000 employee O365 tenant, I’ve been watching this with concern.
I don’t think I’m a target of state actors. I also don’t have any E5 licenses.
I’m disturbed at the opaqueness of MS’ response. From what they have explained, it sounds like the bad actors could self-sign a valid token to access cloud resources. That’s obviously a huge concern. It also sounds like the bad actors only accessed Exchange Online resources. My understanding is they could have done more, if they had a valid token. I feel like the fact that they didn’t means something’s not yet public.
I’m very disturbed by the fact that it sounds like I’d have no way to know this sort of breach was even occurring.
Compared to decades ago, I have a generally positive view of MS and security. It bothers me that this breach was a month in before the US government notified MS of it. It also bothers me that MS hasn’t been terribly forthcoming about what happened. Likely, there’s no need to mention I’m bothered that I’m so deep into the O365 environment that I can’t pull out.
Nice job. Packet loss will definitely cause these issues. Now, you just need to find the source of the packet loss.
In your situation, I’d first try to figure out if it is ISP/Internet before looking inside either network. I wouldn’t expect it to be internal at these speeds. Though, did you get CPU/RAM readings on the network equipment during these tests? Maxing out either can result in packet loss.
I’d start with two pairs of packet captures when the issue happened: endpoint to endpoint and edge router to edge router. Figure out if the packet loss is only happening in one direction or not. That is, are all the UK packets reaching DE but not all the DE making it back? You should clearly be able to narrow into a TCP conversation with dropped packets. Dropped packets aren’t ones that a system never sent, they’re ones that a system never received. Find some of those and start figuring out where the drop happened.
If the bandwidth numbers you’ve described are accurate, I’d start looking at CPU and RAM usage on the network device. The Fortigates are going to be doing extra work to handle the VPN. I wouldn’t expect an IPSEC VPN on a Fortigate to top out at 10mbps, but if it’s doing a lot of other work, it’s possible. ACL’s on the Cisco devices? You run the potential of CPU/RAM exhaustion on those. Hopefully, you have remote monitoring on all network devices and you can just look at the history when these transfers are happening.
If nothing obvious there, then I’d try packet captures when this is happening, perhaps to start on the system doing the ssh and on one or two others experiencing issues. What are you seeing? Evidence of dropped packets? High latency? If dropped packets, start capturing the same traffic on the network devices it’s flowing through.
I’m the opposite. I had my subreddits curated to ones that supplied good deals discussion for posts and good articles for links. For link posts, I primarily read the linked article and ignored the discussion. Here, I’ve been doing both.
A blacklist, to keep using the email protocol as example, is a tool used sparingly and only when other filtering methods are unsuccessful or when greater damage is prevented that way.
Have you ever run a mail server? If so, have you looked at your logs? The RBL’s on the managed mail gateway for my work turns away 70% of the attempts. This is even before spam scoring kicks in on the 30% initially accepted. A significant percent of that is considered spam. Email has a complex set of automated tools to reject content without even viewing it.
I still think email, even though federated, is a poor analogy to make for Lemmy.
Isn’t the immediate call for censorship/defederation as soon as some views are challenged a bit too entitled?
To some extent, YES, but I think it’s a bit more nuanced and comes down to where you draw that line. Everyone is going to draw it in a different place.
I moderated an academic listserv with membership in 5 digits back before the html protocol even existed. That was huge for the time. And, as you would think, in academia at the time the idea of cronterversy, free speech, and engaging in items you disagreed with was pretty comprehensive. Even so, we still had to moderate, primarily for spam and obvious trolling as well as the occasional personal attacks.
I was an active participant in Usenet in the 90’s. Usenet was federated servers hosting posts and comments from participants on that entire federation. I know a server admin could control what Usenet groups they carried. I have no idea what other levels of moderation were available. Discussions were definitely more freewheeling and challenging than you see today, but they also had a higher content level and a greater respect for intellectual argument, even in trolling. Again, I suspect that was because the bulk of the participants were coming from higher ed institutions.
I was active in Internet forums when SCO sued IBM. There were active attacks on communities and successful attempts to splinter communities based in part on what side of the very question you are asking participants came down on. Again, though, there was a strong respect for intellectual engagement. And, I came down strongly with the same opinion you are expressing back then.
I think that strong respect for engagement exists here in the fediverse, particularly when compared to something like FaceBook or Reddit. As the fediverse grows, I think that will go away.
I don’t have much respect for low content trolling, for active attacks via brigading, for manipulation. I think the ability to upvote is important, but I also think the ability for bot accounts to manipulate that is a very difficult thing to combat, particularly in something as young as Lemmy that is experiencing exponential growth.
I also have a much better awareness of how subtle that manipulation can be in influencing individuals and society, including my own views.
I no longer have the absolutist attitude I once had. I agree with your own concerns about echo chambers, because that leads to its own manipulation of views and the splintering of society. However, I’m also more willing to support the idea of not providing a platform for some of the more odious content than my older self would have supported.
I’m probably in a position to piss off nearly everyone. I disagree with your view that there should be almost no lines drawn, but I disagree with the majority that the lines should be drawn where they want it to be.
@phase_change
@sh.itjust.works