We are sharing jndi (log4j) attack logs here:


Might be useful to find variation of attacks and IPs abusing it.

They're called "Meta" because their business is selling your metadata.

You may have noticed some sites that immediately redirect you to another page or site if you have JS disabled, prompting you to enable it

This is done with a <meta> refresh inside <noscript>

This #DarkPattern can be circumvented in uMatrix by turning off "Spoof <noscript> tags"

Do you know the difference between a Registrar, a Registry, a Recursive DNS and an authoritative DNS?


After you are done reading, you will know. 😂

Good article by @tony

Trying to do my part:

$ curl -sD - dcid.me | grep 'permissions-policy'
permissions-policy: interest-cohort=()

Have you blocked FLoC yet? If you are using NOC, you can disable it with 1-click here:


More details on how to do it yourself:


Create an empty 8G file to save you in case your disk gets full:


Not sure I like this technique, but I have to agree that is pretty difficult to troubleshoot a server when the disks gets full.

That little file can save you a lot of hours.

One thing I love about the noc.org DNS is the visibility it provides - including regions and resolvers.

If you want to move away from big tech and give a small provider a chance, you may like it :)

#Tusky has been removed from the PlayStore by Google

The Mastodon account search is back online (and running a lot faster):


Sorry for the downtime and sluggish performance it was having.

Quoting Chris Krebs:

"This is the real deal. If your organization runs an OWA server exposed to the internet, assume compromise between 02/26-03/03. Check for 8 character aspx files in C:\\inetpub\wwwroot\aspnet_client\system_web\. If you get a hit on that search, you’re now in incident response mode."


"The only way to force companies to provide safety and security features for customers and users is with government intervention.

They routinely legislate safety — pollution standards, automobile seat belts, lead-free gasoline, food service regulations.

We need to do the same with cybersecurity: the federal government should set minimum security standards for software and software development."



Before buying a NYT subscription, here's what it will take you to cancel it.


I was expecting them to require a snail mail or a fax, but still a pain to have it cancelled.

Until they fix it, might be better not to subscribe to the NYT.

One of the many reasons why I am looking for Google alternatives:


"The YouTube account of Spinks' game dev company, Re-Logic, was hit with some kind of terms-of-service violation, resulting in Google banning Spinks' *entire Google account*, greatly disrupting his company's ability to do business. ". Including his 15 yo gmail account.

Something I love about #mathematics is it has problems simple enough for a child to understand, but to which nobody knows the solution. I recall having fun setting this problem to students : given four houses at vertices of a square, what is the shortest length of road needed to connect them all? Before spoiling the answer, look at this very simple related problem - no one has been able to identify and prove the optimal answer:


Barcode Scanner app on Google Play infects 10 million users with one update


Do you have this Barcode scanner app on your Android?

In August and September 2020, Verisign quantified that upwards of 45.80% of total DNS traffic to the root servers was, at the time, the result of Chromium intranet redirection detection tests...


After a code change, Chrome was able to reduce this number significantly...

We are still urgently looking for some more volunteers for the hosting task, If you intend to watch a specific talk and the Q&A you can help out!

Show more

Open Source Social Network. Focused on technology, networking, linux, privacy and security, but open to anyone. Civil discourse, polite and open. Managed by the noc.org team.