I do not consent to AI mining my thoughts.
@hakologist
Too late. Someone's already telepathically leeching intelligence from you. The brain worms are leaking from your ears when you sleep.
@lucifargundam these worms use TCP or UDP? Can I block the port?
@hakologist
Depending on the model, the two onboard auxiliary ports located on the north bridge can alternate between udp and tcp according to OS configuration.
In recent years, it's been found that these ports are exploitable through malformed packets when the OS incorrectly validates signatures from aforementioned bad actors. It is highly recommended that updates to security policies be audited and reimplemented accordingly.
Please keep in mind that although some systems may find relative stability through sandboxing in controlled Input/oupiutput environments, this does not alleviate the need to correctly adjust security precautions in order to maintain a fully functional system.
Additionally, there has been security advisories that warn about similar external threats coming from legitimately validated sources, but also provide corrupted packets. The basic steps to mitigate such occurrences is to actively sanitize and audit such traffic on a case by case basis until further notice.
Hope this helps.
@lucifargundam I use aggressive containerization and encrypt outbound traffic. But short of requiring manual airgapped decryption, I can’t guarantee that packets aren’t compromised at the destination. I also can’t promise that all inbound traffic has been encrypted from the source. But the bigger issue is the sheer volume of packets traversing my gateway, to which I have to rely on a single Pi2 running unsupervised ML in order to identify the malicious signals amongst all the noise.
@lucifargundam I think I just described what it’s like to run a snooping Tor exit node (not to mention an everyday VPN/ISP)…or perhaps a full blockchain node that caches/correlates queries from upstream lite nodes (not to mention an everyday Coinbase/centralized exchange)…
