I don't think they're advising anyone create both a CNAME and TXT at the same label - but it certainly looks like that from the weird screenshot at step 5 (which doesn't match the text).
I think it's mistakenly a mish-mash of two different guides, one for 'how to use a CNAME to point to a third party DMARC service entirely' and one for 'how to host the DMARC record yourself' (irrespective of where the RUA goes).
I'm not sure, but we're seeing this specifically with _dmarc CNAMEing to '.hosted.dmarc-report.com' together with a TXT record type, also see this discussion users asking for this at deSEC: https://talk.desec.io/t/cannot-create-cname-and-txt-record-f...
My main point was however that it's really not okay that CloudFlare allows setting up other record types (e.g. TXT, but basically any) next to a CNAME.
It's an incredibly complex topic, and I do feel for people who are now seeing a massive disruption to the existing ways to monetise their own work (they should be able to live comfortably).
It's quite ironic that they used an LLM to write or at least entirely re-format their post, when their topic is about the impact these systems have on the ongoing sustainability of the humans behind the work.
I personally don't use LLMs and generative models, I find their output way too untrustworthy and their practice of mining the data of others unsettling. Not that anything on the internet can be inherently trusted anyway.
SendGrid's platform doesn't need to be the sender of these emails at all. It's just classic phishing, the emails can pass SPF, DKIM and DMARC as all of these rely on DNS resource records to be created on the RFC5321.MailFrom and/or RFC5322.From domain. Which is under control of the spammer. It's not pretending to be from sendgrid.com, if it was then these measures would help.
Correct, I think the confusion might arise because of the self replicating nature of this attack when the target domain is an MTA.
I can't pinpoint it exactly, but it might be a combination of the replication cycle of the attack being recursive and very short if the target is an MTA. But it may also be because the fact that sendgrid clients are sendgrid clients is public information.
Kind of how like meta companies are overrepresented in their medium, in a stock exchange banks are overrerpresented, lots of websites about building websites, lots of road ads are about placing road ads.
Yes, as the article says, they seem to be using Sendgrid to phish Sendgrid customers because the UX is "xyz.com delivered by sendgrid.com", hoping that this is seen as legitimacy by the recipient.
None of the examples in the article exhibit the 'via' UX. They were all sent with an aligned RFC5321.MailFrom and RFC5322.From (i.e. domain name used in both of those values is the same), those not matching is the most common reason to have the 'via' displayed [0]. They do have display names which pretend to be SendGrid.
Keeping in mind the consumer space will see minimal trickle down from used datacenter electronics in ~3-5 years from this boom.
The GPUs are generally rack-scale integrated units rather than PCIe. The bulk of the GPU RAM is HBM, so not very scavenge-able for consumer GPU mods. Power consumption of the blackwell GPUs in most solutions like the DGX B200 isn't really viable for home use even if you had the space and hookups for a fraction of the original 10ru system. The hard drives and SSDs will be likely be shredded on site and never re-sold as used. RAM will be registered ECC, only suitable for server-class motherboards.
I'm pretty sure that those racks will be usable for something, even if it's not direct-to-consumer. Startup businesses, academic/research use, smaller-scale HPC etc. will all be creating demand for the stuff long after it stops being useful for cutting-edge AI workloads.
The funny thing about that is it's extremely simple to bypass. On old or new reddit, search 'author:example' to find posts by /u/example. Or to see both comments and posts, on new reddit go to the user profile and do blank search like a single space character.
That's using reddit's own site, of course there are other methods like Google dorks.
I just love it - what's the chance that some internet stranger cites some site (pub intended) of another strange on some random forum, and that site/blog's owner immediately chimes in (as a member of that forum, no less) to take up the discussion, and to answer questions and share some (insider/off-the-beaten-track) insights. It is wonderful to see such positive interactions and knowledge sharing of humanity.
In your interview with MegaLag posted in the video, you say something along the lines that civil courts are probably the most likely place any lawsuits would be held (I forget the exact wording used).
If you had used Honey, would you join a civil or class action suit against them?
I believe in class actions as the most efficient way for large groups (of consumers or small businesses) to resolve disputes. Have to think about the specific claim. Yesterday's write-up covers a scheme harming other affiliates (creators, influencers, reviewers, etc.) and also harming merchants and networks. I don't know if users are direct victims of the stand-down violations and concealment.
I don't know their breakdown for consumer vs enterprise, but the Crucial brand is consumer focussed. Obviously enterprise at this point is incredibly lucrative.
I agree, and I also am familiar with how WP Engine's 'GES' (global edge security) works. obr.uk points to two IP addresses held in the name of WP Engine, but they're actually BYOIP with Cloudflare. Cloudflare act as a caching layer, DDOS mitigation and WAF.
Note that GES works a bit different to traditional Cloudflare implementations, HTML requests are basically passed through to the WP Engine NGINX reverse proxy server that's in front of the WordPress site (as opposed to being heavily cached with Cloudflare). Static assets, like a PDF - would indeed be cached with GES.
I don't think they're advising anyone create both a CNAME and TXT at the same label - but it certainly looks like that from the weird screenshot at step 5 (which doesn't match the text).
I think it's mistakenly a mish-mash of two different guides, one for 'how to use a CNAME to point to a third party DMARC service entirely' and one for 'how to host the DMARC record yourself' (irrespective of where the RUA goes).
reply