I don't see the relation to BGP anomalies, since this "layer 3 shaping" is basically just "if you send traffic to the IP of an AS router, it probably goes over the link of that IP". None of this would help NSA "shape" arbitrary traffic onto links they are able to tap. (I'm really not sure what exactly the point of this is, the slides talk about exfil a lot, it would seem to me like some random device sending traffic to a router is more suspicious, because normal traffic never targets routers, than hitting an actual server somewhere but idk)
In en-us education "101" is often used to refer to an introductory course in a particular topic. My inference from the fact that this _educational_ slide is called "101" is that this is a basic example of core knowledge that people in this area of work are expected to have. It therefore stands to reason that there exists a "102" or "103" course that expands upon it, as well as material going far beyond "the syllabus".
The NSA and thirteen eyes generally have detailed traffic logging capability at core internet exchanges around the world. It is reasonable to think that a good way of exfiltrating data would be by having something like an ICMP or maybe even TTL based covert channel, such that there is no chance that the sent data is ever received by the recipient. I am just speculating – but that's why I thought this was interesting.
I find having two clipboards at the same time to be super handy and I literally use it all the time. Yes, KDE also has a clipboard manager that allows me to do Meta+V and paste from history, but I use the two clipboards way more frequently and it is easier/faster to, anyway.
(Formally, it makes handwavy sense: Having a clipboard with a history is basically a pushdown automaton, but having two of these in one box is not a PDA any more - it's something categorically more powerful, equivalent to a turing machine iirc).
Okay, nothing is secure against every threat model. The only way to secure against rubber hose cryptanalysis is by hiring a team of bodyguards, and even that won't protect you from LEOs or nation-state actors. Your threat model should be broad enough to provide some safety, but it also needs to be narrow enough that you can do something about it. At a software level, there's only so much you can do to deal with hardware integrity problems. The rest, you delegate to the security team at your data centre.
> "This system is unhackable, if the user doesn't do the thing that hacks it" is not very useful.
It's the best you're gonna get, bud. Nothing's "unhackable"—you just gotta make "the thing that hacks it" hard to do.
I've spent half a year getting nowhere on a discussion involving VPN-ing parts of the company just to have connectivity for specific services where part of the problem was lots and lots of overlapping 10./8 allocations - partially because everyone setting a "VPC" or some local dc network was doing individual 10./8, often "in name of simplicity".
With subnetting needs, possibly dealing with VPNs to other networks that might use 10./8, ISPs that might use 10./8 instead of CGNAT space (100.64./10), even the total incompetence of some contractors was not reducing how IPv4 was a problem.
And that's before you hit the part where Microsoft products have been IPv6 First since ~2008 and there are entire feature sets that are very interesting to bigger companies (like well integrated always-on vpn for laptops) that require working v6
reply