As has been reported by Tom Watson MP, Cory Doctorow, the Open Rights Group, Danny O'Brien at the EFF, and the BBC itself, the BBC has petitioned OFCOM to be allowed to encrypt metadata in over-the-air digital terrestrial broadcasts. The BBC plan to use the encryption key for this data as leverage against manufacturers of decoder devices; if they want to be able to use DVB-T2's automatic tuning, Electronic Programme Guide (EPG), interactive teletext and other features, they can license a copy of the encryption key -- but only if they also promise to implement various optional anti-features into their products.
This is the personal website of David McBride. Find out more about me.
Many online shopping services — Dabs and Amazon.co.uk, to name but two — provide a wishlist facility, where you can store lists of things that you wouldn't mind being bought for you. (See, for example, my Amazon wishlist.)
These lists can be enormously useful for the people who use them, because they can make gift giving for events like birthdays, weddings, or Christmas much more efficient — it makes gift selection much more straightforward, and it stops two or more people from inadvertently giving the recipiant two of the same item. (Plus, online retailers can take care of the packing and delivery of gifts, which in many cases can be most useful.)
Brute-force password-guessing attacks on SSH services are common on the Internet today. They are a threat for two reasons:
- A large number of SSH password-guessing attempts can result in a denial of service — by saturating network connections, consuming large amounts of CPU resources (and therefore power), and/or by filling log partitions with all of the failed attempts.
- An attacker might get lucky and successfully guess a username/password combination.
Both of these scenarios are bad. We can substantially reduce, or even eliminate these threats by rate-limiting incoming SSH connections — not globally, but on a per-source-IP basis. On Linux, we can use the
RECENT match facility available in modern versions of
iptables to achieve this.