1. 24
  1. 2

    …Correct me if I’m wrong, but don’t nearly all of these attacks also exist in roughly-equivalent form against TCP, where they’re well-known and have been protected against for a very long time? Certainly window manipulation is a known technique to cause TCP connection exhaustion.

    This has shades of SystemD reimplementing Kaminsky’s DNS cache poisoning bug six years after it made headlines and was fixed everywhere else.

    1. 2

      we knew this was going to happen but nobody listened because the performance was too sexy

      1. 1


      2. 2

        Once again, my unwillingness to learn about new things has paid off.