Seenthis
•
 
Identifiants personnels
  • [mot de passe oublié ?]

 
  • #s
  • #st
  • #sto
RSS: #stomp

#stomp

  • #stomp_out_slumlords
  • #stompie_seipei_moketsi
  • @jef_klak
    Jef Klak @jef_klak 3/07/2020
    9
    @unagi
    @monolecte
    @antonin1
    @colporteur
    @sombre
    @7h36
    @02myseenthis01
    @reka
    @rastapopoulos
    9

    « L’arme la plus puissante des locataires est de ne pas payer leur loyer. » Entretiens autour des mobilisations de locataires et de la grève des loyers aux États-Unis (1/3)
    Par Lucile Dumont

    Partout dans le monde, la pandémie de Covid-19 agit comme un puissant révélateur des inégalités sociales. Aux États-Unis, elle s’articule notamment à la crise du logement que connaît le pays depuis de nombreuses années : la spéculation immobilière, la gentrification et la flambée des loyers ont conduit à une explosion du nombre de sans-abris. La crise sanitaire et les pertes d’emploi qu’elle a entraînées ont mis de très nombreux⋅ses locataires dans l’impossibilitéde payer leur loyer. Face à des mesures insuffisantes de la part des pouvoirs publics, les appels à la grève des loyers se sont multipliés, et les mobilisations autour des questions de logement ont nourri la dynamique existante des syndicats de locataires dans plusieurs grandes villes.

    Entretien avec Rob Wohl, qui participe à la campagne Stomp Out Slumlords à Washington, et Julian Francis Park, membre du Tenant and Neighborhood Councils à Oakland, dans la baie de San Francisco.

    ▻https://www.jefklak.org/larme-la-plus-puissante-des-locataires-est-de-ne-pas-payer-leur-loyer

    Jef Klak @jef_klak
    • @antonin1
      Antonin @antonin1 CC BY-NC-SA 3/07/2020

      #loyer #logement #locataire

      Antonin @antonin1 CC BY-NC-SA
    • @colporteur
      colporteur @colporteur CC BY-NC-SA 4/07/2020

      #grève_des_loyers

      colporteur @colporteur CC BY-NC-SA
    • @cdb_77
      CDB_77 @cdb_77 4/07/2020

      #USA #Etats-Unis #résistance #covid-19 #inégalités_sociales #crise_du_logement #spéculation_immobilière #gentrification #foyers #coronavirus #villes #urban_matter #Stomp_Out_Slumlords #Tenant_and_Nighorhood_Councils #Oakland #San_Francisco #Washington

      CDB_77 @cdb_77
    Écrire un commentaire

  • @cdb_77
    CDB_77 @cdb_77 16/04/2018

    Winnie

    Pasionaria en Afrique du Sud de la lutte antiapartheid, « Winnie », ex-épouse controversée de l’icône #Nelson_Mandela, a inextricablement lié son destin à celui de son pays. Un portrait documenté de la figure emblématique des townships, décédée à l’âge de 81 ans, le 2 avril 2018.

    Un beau visage sous un chapeau cloche, #Winnie_Madikizela-Mandela, jeune assistante sociale née dans un village du Transkei, a 25 ans lorsque son mari, Nelson Mandela, est arrêté en 1962 à la suite d’une campagne de sabotage de l’#ANC, puis condamné à perpétuité : « Nous nous connaissions à peine. » Militante au puissant charisme et à la détermination sans faille, la pasionaria va alors mener la lutte antiapartheid en Afrique du Sud et maintenir haut la flamme de la résistance, récoltant des fonds pour les prisonniers et orchestrant sans relâche la mobilisation. Cible du régime, espionnée et maintes fois arrêtée, cette mère de deux petites filles, qui jamais ne désarme, est bientôt accusée d’avoir provoqué la vague de violence qui submerge le pays en 1976. Assignée à résidence à #Brandfort – « un tombeau vivant » –, l’opposante, courtisée par les médias internationaux, assume d’être prête à tuer pour la liberté. Ne craignant rien ni personne, Winnie, qui recrute avec #Chris_Hani et #Oliver_Tambo les soldats d’#Umkhonto_we_Sizwe, la branche militaire du #Congrès_national_africain, joue aussi les courroies de transmission entre le terrain et le prisonnier légendaire dont le monde entier exige la libération. Mais tandis que, dans les années 1980, le pouvoir engage des négociations secrètes avec Mandela en vue de sa libération, le régime s’acharne à discréditer son épouse, figure emblématique des #townships, qui comprend mieux que personne les aspirations de la jeunesse et ne cesse de fustiger le capitalisme.

    Le saint et la pécheresse
    Entrelaçant archives et témoignages précieux, dont le sien et celui de sa fille Zindzi, ce portrait dense et très documenté éclaire le rôle majeur – et souvent sous-estimé – de cette militante engagée en première ligne dans la lutte antiapartheid. Il montre surtout comment le régime sud-africain s’est ingénié à opposer « le saint » Nelson Mandela à la « pécheresse » Winnie, redoutée pour son intransigeance, jusqu’à leur séparation et sa diabolisation. Mais si le film la réhabilite politiquement, il n’occulte pas pour autant les zones d’ombre de cette flamboyante personnalité, accusée d’avoir commandité l’assassinat du jeune #Stompie_Seipei_Moketsi, 14 ans. Au travers du parcours de cette femme insoumise, dont la popularité n’a jamais faibli dans son pays, une subtile réflexion sur l’histoire récente tourmentée de l’Afrique du Sud.

    ▻https://www.arte.tv/fr/videos/060778-000-A/winnie
    #film #documentaire #Afrique_du_Sud #Winnie_Mandela #résistance #femmes #histoire #biographie

    CDB_77 @cdb_77
    • @cdb_77
      CDB_77 @cdb_77 17/04/2018

      #WinnieMandela: Remembering Nomzamo, the girl from Bizana

      So who was Nomzamo Winifred Madikizela, and what shaped her?

      She was born on 26 September 1936, the last in a family of four daughters in a part of South Africa – the Eastern Cape – that had already experienced several waves of subjugation, some more effective than others.

      Forty years earlier the Glen Grey Act had been passed which led to the annexation of the Transkei and Pondolond under the control of the Cape Colony. It was the culmination of several attempts to seize the rich agricultural land of the Eastern Cape over more than 100 years.

      The draconian measures put in place by the colonial state to bring the region under control were not completely successful. The indomitable spirit of resistance forged over centuries of conflict made it impossible to fully subjugate the people of this region.

      By the time the Union of South Africa was established in 1910 it became clear that more controls were needed to smash resistance to land appropriation by white settlers. In 1913 the Union state passed the inhuman Natives Land Act. With this act, the South African state prohibited Africans from owning and renting land in 93% of the country. It laid the groundwork for massive segregation.

      The various waves of subjugation from colonial wars, skirmishes and laws, missionaries, encroachments of settlers and the mass expropriation of land meant that even the lush bountiful valleys of the Transkei were made poor. Men were then forced into migrant labour on the golden reefs of Witwatersrand.

      Madikizela was born into this contested space and into a family of accomplished women who encouraged open questioning about oppression.

      https://image.iol.co.za/image/1/process/620x349?source=https://inm-baobab-prod-eu-west-1.s3.amazonaws.com/public/inm/media/2018/04/16/iol/156/67352042grwinnieSCAN10.jpg&operation=CROP&offset=0x1634&resize=4134x2328#.jpg

      ▻https://www.iol.co.za/news/opinion/winniemandela-remembering-nomzamo-the-girl-from-bizana-14475889

      CDB_77 @cdb_77
    Écrire un commentaire

  • @erratic
    schrödinger @erratic 8/10/2016
    2
    @fil
    @biggrizzly
    2

    More on Mirai, and more than Mirai

    ▻http://www.securityweek.com/mirai-iot-botnet-not-only-contributor-massive-ddos-attack-akamai

    Akamai says Mirai was not alone:

    While Akamai confirmed that the Mirai botnet was part the attack, the company also said that Mirai was only “a major participant in the attack” and that at least one other botnet might have been involved, though they couldn’t confirm that the attacks were coordinated.

    Akamai refers to Mirai as Kaiten and has it documented here:
    ▻https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/kaiten-std-router-ddos-malware-threat-advisory.pdf

    More on the released source code of Mirai which confirms the use of GRE flooding, one of the techniques used on top of DNS Water Torture:

    ▻http://www.securityweek.com/hacker-releases-source-code-iot-malware-mirai

    A copy of the source code files provided to SecurityWeek includes a “read” where the author of Mirai explains his reasons for leaking the code and provides detailed instructions on how to set up a botnet.

    [...]

    Mirai, believed to have made rounds since May 2016, infects IoT devices protected by weak or default credentials. Once it hijacks a device, the threat abuses it to launch various types of DDoS attacks, including less common UDP floods via Generic Routing Encapsulation (GRE) traffic.

    This was proven through reverse-engineering by
    ▻http://cyberx-labs.com/en/blog/cyberx-reveals-gre-evidence-krebs-iot-based-attack-largest-ddos-interne

    It is still GRE is still an uncommon attack vector, but it was already used during the 2016 Rio games
    ▻http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/how-a-massive-540-gbsec-ddos-attack-failed-to-spoil-the-rio-olympics

    For some French, see also here:
    ▻https://seenthis.net/messages/530903

    #Mirai #Kaiten
    #Akamai
    #DDoS
    #Brian_Krebs
    #OVH
    #GRE
    #DNS_Water_Torture

    • #Akamai
    schrödinger @erratic
    • @erratic
      schrödinger @erratic 8/10/2016

      What cameras, IoT and DVR devices are taking part of Mirai ?

      https://krebsonsecurity.com/wp-content/uploads/2016/10/iotbadpass-pdf.png

      from Krebs:

      ▻https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 8/10/2016

      ▻http://www.forbes.com/sites/thomasbrewster/2016/10/07/chinese-firm-xm-blamed-for-epic-ddos-attacks/#5b59fcd33bf5

      But one researcher, Flashpoint’s Zachary Wikholm, today claimed to have found a single Chinese firm, Hangzhou XiongMai Technologies (XM), that shipped flawed code allowing the perpetrators to potentially amass nearly half a million bots for their malicious network.

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 8/10/2016

      Interesting article by F5 which goes in a bit more detail about the two types of GRE flood attacks (Ethernet and IP based)

      ▻https://f5.com/about-us/news/articles/mirai-the-iot-bot-that-took-down-krebs-and-launched-a-tbps-ddos-attack-on-ovh-21

      They also make a reference to the origin of the Mirai name:

      It seems that the bot creator named his creation after a Japanese series “Mirai Nikki (The Future Diary)” and uses the nickname of “Anna-senpai” referring to the “Shimoneta” series.

      https://f5.com/Portals/1/Images/News/blogs/mirai-inspiration.JPG

      schrödinger @erratic
    • @sandburg
      Sandburg @sandburg CC BY-SA 8/10/2016

      Default password for most popular devices.
      www.phenoelit.org/dpl/dpl.html

      admin 123456
      admin password
      Cisco Cisco
      login password
      root password
      …
      Le plus drole :
      Administrator changeme

      Sandburg @sandburg CC BY-SA
    • @erratic
      schrödinger @erratic 8/10/2016

      Here are the 61 passwords that powered the Mirai IoT botnet
      ▻http://www.csoonline.com/article/3126924/security/here-are-the-61-passwords-that-powered-the-mirai-iot-botnet.html

      http://images.techhive.com/images/article/2016/10/mirai_botnet_passwords-100685646-orig.jpg

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 14/10/2016

      Some more information on its spread, operations, and code, by Incapsulate.

      ▻https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html

      One of the most interesting things revealed by the code was a hardcoded list of IPs Mirai bots are programmed to avoid when performing their IP scans.

      This list is interesting, as it offers a glimpse into the psyche of the code’s authors. On the one hand, it exposes concerns of drawing attention to their activities. A concern we find ironic, considering that this malware was eventually used in one of the most high-profile attacks to date.

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 15/10/2016

      US CERT Threat Alert : Heightened DDoS Threat Posed by Mirai and Other Botnets
      ▻https://www.us-cert.gov/ncas/alerts/TA16-288A

      schrödinger @erratic
    • @sandburg
      Sandburg @sandburg CC BY-SA 16/10/2016

      ▻http://www.defaultpassword.com/?action=dpl

      Sandburg @sandburg CC BY-SA
    • @erratic
      schrödinger @erratic 30/10/2016

      ▻http://www.securityweek.com/whats-fix-iot-ddos-attacks

      HTTP GET floods were already pernicious. For years, attackers have been able to disable web sites by sending a flood of HTTP requests for large objects or slow database queries. Typically, these requests flow right through a standard firewall because hey, they look just like normal HTTP requests to most devices with hardware packet processing. The Mirai attack code takes it a step further by fingerprinting cloud-based DDoS scrubbers and then working around some of their HTTP DDoS mitigation techniques (such as redirection).

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 19/11/2016

      Mirai botnet leverages #STOMP Protocol to power DDoS attacks.

      ▻http://securityaffairs.co/wordpress/53544/malware/mirai-botnet-stomp.html

      STOMP is a simple application layer, text-based protocol [an alternative to other open messaging protocols, such as AMQP (Advanced Message Queuing Protocol] that allows clients communicate with other message brokers. It implements a communication method among for applications developed using different programming languages.

      [...]

      Below the steps of the DDoS STOMP attack:

      • A botnet device uses STOMP to open an authenticated TCP handshake with a targeted application.
      • Once authenticated, junk data disguised as a STOMP TCP request is sent to the target.
      • The flood of fake STOMP requests leads to network saturation.
      • If the target is programmed to parse STOMP requests, the attack may also exhaust server resources. Even if the system drops the junk packets, resources are still used to determine if the message is corrupted.

      How Mirai Uses STOMP Protocol to Launch DDoS Attacks

      ▻https://www.incapsula.com/blog/mirai-stomp-protocol-ddos.html

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 29/11/2016

      Mirai botnet with 400.000 devices now for rent

      ▻http://www.ibtimes.co.uk/ddos-hire-service-now-advertising-renting-out-400000-bot-strong-mirai-bot

      A DDoS-for-hire service, run by two hackers going by the pseudonyms Popopret and BestBuy, is now reportedly advertising a Mirai botnet up for rent. The Mirai botnet allegedly comprises of over 400,000 infected bots and may have been sired from the original Mirai source code.

      [...]

      renting the botnet does not come cheap. Customers desiring to rent the botnet must do so for a minimum of two weeks. However, clients can determine the amount of bots, the attack duration and the DDoS cool down (a term which refers to the length of time between consecutive attacks).

      [...]

      Popapret and BestBuy’s Mirai botnet is a more evolved version of the original botnet. The two hackers have added new features, such as brute-force attacks via SSH and support for exploiting zero-day vulnerabilities. According to two security researchers, going by handle 2sec4u and MalwareTech on Twitter, some of the newly created Mirai botnets can now carry out DDoS attacks by spoofing IP addresses and may also be capable of bypassing DDoS mitigation systems.

      Source:
      ▻http://www.bleepingcomputer.com/news/security/you-can-now-rent-a-mirai-botnet-of-400-000-bots

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 21/08/2017

      Understanding the Mirai Botnet

      ▻https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-antonakakis.pdf

      In this paper, we provide a seven-month retrospective analysis
      of Mirai’s growth to a peak of 600k infections and a history of its DDoS victims. By combining a variety of measurement perspectives, we analyse how the botnet emerged, what classes of devices were affected, and how Mirai variants evolved and competed for vulnerable hosts. Our measurements serve as a lens into the fragile ecosystem of IoT devices. We argue that Mirai may represent a sea change in the evolutionary development of bonnets—the simplicity through which devices were infected and its precipitous growth, demonstrate that novice malicious techniques can compromise enough low-end
      devices to threaten even some of the best-defended targets.
      To address this risk, we recommend technical and nontechnical
      interventions, as well as propose future research directions.

      #DDoS

      schrödinger @erratic
    Écrire un commentaire

Thèmes liés

  • #ddos
  • #résistance