home tags events about login

benjojo rss

Hope you never notice the outages I cause. Knows where the RFC2616 bodies are buried. recurse.com SP'2 18 / "The bgp.tools guy"

Follow me using: @benjojo@benjojo.co.uk in your client

benjojo posted 15 May 2026 12:30 +0000

It seems relatively clear at this point that we (the wider industry) now have an extremely good C/C++ linters, with the only downside that they are expensive (relative to previous tools) to run.

Much like the "if your company depends on running other people's x86 code, then Spectre/Meltdown/etc are devastating", I think if your company is/was depending on the user separation boundaries in the OS to work, then you are in a lot of trouble.

[Unauth'd file read/Local Priv Esc]'s have always kind of been low(er) hanging fruit, but they are nowhere near as cool/good at RCEs.

Now that we have machines to find these at reasonable competence and speed, it is probably a good time to look at anything that you run that [processes user supplied data, or speaks over the network] that is written in C/C++ and find memory safe alternatives. It's not those memory safe alternatives are going to be bug free, but they are far less likely to cause you to need to upgrade your kernel every few days to urgently catch up with local LPE's

Even if you are not going to use the new auditing systems for whatever reason, the "enemy" (whether that is your intelligence agencies, ransom gangs, etc) will have no problem trading a few 100$ for what used to cost $10,000's to do.

benjojo posted 14 May 2026 14:19 +0000

The Debian Bookworm -> Trixie upgrade path is by far the [worst/most explosive] I have in recent memory, on the same level of tricky as the sysvinit -> systemd migration

The sysctls location change being the #1 killer, but there are so many paper cuts in that particular upgrade to keep an eye out for

benjojo posted 13 May 2026 16:55 +0000

Despite the common consensus, self hosting your outbound email it's not impossible to do (*)

bgp.tools has been sending it's own outbound email since day one of having the ability to send email, while i have been doing a migration i have discovered that rspamd (for DKIM signing) was keeping it's own logs outside of journalctl, meaning they never got rotated (grrr)

The upside of this log rotation failure is that I can give you this graph: The total email volume sent per month via bgp.tools

I don't think it has been particularly hard (other than hotmail) to run this, and it means that I don't have to give customer emails to another 3rd party.

I think the only struggle for a lot of people is that it's quite difficult to find "clean" or at least "boring" IPs to send out from. i suspect you probably couldn't replicate these results with Hetzner/Digital Ocean/etc without some serious fighting or luck

(*) unless your service depends on sending to hotmail/live/msn emails, because that shit is impossible

A graph that starts in 2022 with ~1000 emails a month and slowly grows to over 20,000 emails a month

benjojo posted 10 May 2026 23:39 +0000

Cracking open a new tube of toothpaste and uh, they shurnkflated the toothpaste 😢

Old tube 125ml, new 75ml

benjojo posted 08 May 2026 12:47 +0000

The Kagi LinkedIn translate is honestly a incredible marketing tool for them.

Throwing the Cloudflare layoff blog post into it and putting it through a few round trips as the "English" translation gets shorter and more frank

Everyone, We’re firing over 1,100 of you because we think AI can do your jobs for free and the shareholders are breathing down our necks. We’re calling this "innovation" and "agility" so we don't have to say "mass layoffs." It’s not that you’re bad at your jobs; it’s just that we’d rather have a higher profit margin than a staff. Matthew and I are going to pretend this is about "integrity" while we sit safely in our offices and watch your Slack access get cut off. Check your email to see if you still have a paycheck. We’re throwing some equity at you to keep you from suing us or making a scene while you figure out how to pay rent. The "scrappy" startup phase is over; now we’re just a cold corporation obsessed with the next earnings call. Cutting you loose is just "fiscal discipline" to make the numbers look better for the investors. To those of you we just screwed over: thanks for the free labor. Good luck out there. We’ll be bragging about our "leaner" team to the analysts later. For the survivors, see you at the meeting where we’ll explain how you now have to do three people's jobs for the same salary.

benjojo posted 07 May 2026 09:18 +0000

Warnings of major disruption as trains across southern England disrupted by radio fault

Did someone/something break the UK's GSM-R stack?

benjojo posted 06 May 2026 14:49 +0000

Mildly interesting, it seems that one of the name servers for the .de DNS zone has all of their Cogent customers going via CNNIC (China Internet Network Information Center) all the way to China

A traceroute from Cogent in Frankfurt:

traceroute to 194.246.96.1 (194.246.96.1), 30 hops max, 60 byte packets
 1  * *
 2  be5200.ccr41.fra05.atlas.cogentco.com (154.54.76.169)  0.603 ms
 3  be7946.ccr42.par01.atlas.cogentco.com (154.54.72.117)  9.937 ms 
 4  be2780.ccr32.mrs02.atlas.cogentco.com (154.54.72.226)  20.813 ms 
 5  be2899.ccr21.hkg02.atlas.cogentco.com (154.54.0.42)  181.371 ms 
 6  154.18.9.165 (154.18.9.165)  185.283 ms 
 7  159.226.254.229 (159.226.254.229)  220.828 ms 
 8  * *
 9  218.241.107.69 (218.241.107.69)  221.520 ms !X *

Probably a mistake rather than anything malicious, but that's still some extra long haul miles for some DNS queries

A bgp.tools propergation graph that shows 194.246.96.0/24 going via CNNIC AS24151 then to Cogent as it's only path that cogent wants to use

benjojo posted 05 May 2026 21:35 +0000

Polymarket market for "next TLD or major domain to break DNSSEC" because it is not "if" but "when"

benjojo posted 05 May 2026 21:18 +0000

Another win for DNSSEC

Unmatched at turning small ops mistakes into country wide ops consequences

benjojo posted 05 May 2026 16:17 +0000

Forgot to post this last month, but there is a abandoned huge 32m satellite dish sitting in the Azores, with nature slowly reclaiming it with weeds and moss (as is everything in the Azores)

You can see a very similar (likely the same model) still being used in Pakistan for PTCL here on google maps

various photos of a very large satellite dish (at least thirty meters in diameter) that is abandoned and is slowly growing a lot of moss and mode as if it has been reclaimed by nature. various photos of a very large satellite dish (at least thirty meters in diameter) that is abandoned and is slowly growing a lot of moss and mode as if it has been reclaimed by nature. various photos of a very large satellite dish (at least thirty meters in diameter) that is abandoned and is slowly growing a lot of moss and mode as if it has been reclaimed by nature. various photos of a very large satellite dish (at least thirty meters in diameter) that is abandoned and is slowly growing a lot of moss and mode as if it has been reclaimed by nature.

benjojo posted 05 May 2026 16:03 +0000

The Spezi people bring you: Bi-Sexual Cola

A can of Paulaner cola with the bisexual flag colour scheme

benjojo posted 05 May 2026 13:05 +0000

DZ: ukpol, elections

DZ: ukpol, elections

Observations from my letter box:

A) The green party sure do send a lot of paper to me

B) Labor seemingly have picked up the tricks of the Americans by sending me increasingly insidious smear letters about the Greens

Like, look at this stuff:

https://electionleaflets.org/leaflets/23707/

https://electionleaflets.org/leaflets/23685/

https://electionleaflets.org/leaflets/23701/

Perhaps my "favourite" (not my scan) is the this bullet point list: https://electionleaflets.org/leaflets/23702/

I uploaded all of my election letters to https://electionleaflets.org ( You should upload yours too! )

benjojo posted 04 May 2026 22:06 +0000

Picked up a AMS-IX mug from a recent conference swag table and I didn't realise it's like 70% of the size of a normal mug. Why! Surely you want your customers to use the mugs you give them, if bgp.tools was to have branded promo mugs it would be like the giant Sports Direct mugs where if you spill it you flood your fucking house

benjojo posted 04 May 2026 08:40 +0000

A yes, a massive "VPN" button wedged between back and forward, thanks firefox

Firefox might be a chrome advertising psyop

A screeshot of the menu bar in firefox, where the back and forward button normally is, there is a big "VPN" button in the middle, it looks extremely out of place

benjojo posted 03 May 2026 18:00 +0000

Please enjoy this absolutely furious goose

A Egyptian goose with both wings out rapidly chasing after something, the background is slightly blurry due to the speed of the goose movement

benjojo posted 02 May 2026 11:37 +0000

When the crunchy bit of grass is just so good

A muskrat / Nutria asking a big blade of grass and looking like they are in heven A muskrat / Nutria asking a big blade of grass and looking like they are in heven

benjojo posted 19 Apr 2026 21:04 +0000

While travelling last week I came across this in my hotel room, this seems like a fantastic way to have your USB C powered device's chassis float to 120V live if you use it wrong enough in the dark

A dual 120V (USA) plug outlet, but in the middle is a USB A and a USB socket, but the USB-C seems almost the same size as the 120V live pins

benjojo posted 19 Apr 2026 21:00 +0000

Birds, the angle you take a photo of them can change the vibe a lot

From a

>:|

to a

:o

A black bird with a almost gasping face impression, the next photo it is looking at me/you and definately looks like it's not amused or frowing A black bird with a almost gasping face impression, the next photo it is looking at me/you and definately looks like it's not amused or frowing

benjojo posted 19 Apr 2026 10:24 +0000

On a ocean facing fence full of love locks full of people's relationship commitments, somebody was just like "well this one's probably more of a combination lock job to be honest"

ocean facing fence with lots of brass key locks, except one red 3 digit combo lock

benjojo posted 09 Apr 2026 16:43 +0000

The asynchronous_metric_log clickhouse table that has no auto expiry and just grows forever is a ploy by big SSD to get you to blindly buy more storage without checking if the cluster is just infinitely growing for no reason

A SQL output screenshot, showing the asynchronous_metric_log table consuming 44 MB a day, and other tables being 20 to 5 MB a day

benjojo posted 08 Apr 2026 09:47 +0000

I was in the Azores a few weeks ago, and it really does feel like a place where if humans suddenly decided to leave all at once, it would not take long for nature to reclaim everything

Great place to go for those who like [Moss, Ferns, Abandoned stuff]

Photos of various nature reclaiming man made things: plants growing inside rusted pipes, moss taking over buildings, large industrial pipes becoming overgrown etc Photos of various nature reclaiming man made things: plants growing inside rusted pipes, moss taking over buildings, large industrial pipes becoming overgrown etc Photos of various nature reclaiming man made things: plants growing inside rusted pipes, moss taking over buildings, large industrial pipes becoming overgrown etc Photos of various nature reclaiming man made things: plants growing inside rusted pipes, moss taking over buildings, large industrial pipes becoming overgrown etc

benjojo posted 07 Apr 2026 14:03 +0000

How many TCP segments is a reasonable number for a TLS Client Hello?

Depending on your network set up, for connecting to bgp.tools until maybe a couple of hours ago the (non reasonable, but real) answer may have been up to 22!

It turns out on IPv4 bgp.tools has been advertising the wrong TCP window scale for quite some time and it's a true testament to TCP's flexibility that any of this was working in the first place.

Regardless, connection setups on bgp.tools should now work a little better on IPv4 now that your machine wont have to send 21 extra packets

A wireshark screenshot showing a TCP segment being reassembled out of incredibly tiny parts into a single TLS hello

benjojo posted 07 Apr 2026 11:05 +0000

inet_aton wins again

Here I was waiting for output on a tcpdump -ni any host 3306... that should have been port 3306, but of course in the world of inet_aton "3306" is a valid IP address of 0.0.12.234!

Thanks inet_aton!

benjojo posted 06 Apr 2026 22:44 +0000

Some other fun things I spotted in the Cogent Q4 2025 investor presentation:

A) Cogent is now averaging at 800 tbit/s of traffic

B) While their office broadband biz is 4%~ of their total traffic, it's 43% of their $ revenue! Not bad!

C) For their off-net IP offering (aka, they use another provider to do the last mile) over half of the cost to the customer is to the last mile loop provider!

Full thing here: https://www.cogentco.com/files/docs/about_cogent/investor_relations/presentation/Cogent_IR_Presentation_4Q25.pdf

I dont think it's possible to make alt-text for this, sorry! I've linked the slides in main post, I've put alt-text here because if I don't then your screenreader will read out a file name instead I dont think it's possible to make alt-text for this, sorry! I've linked the slides in main post, I've put alt-text here because if I don't then your screenreader will read out a file name instead I dont think it's possible to make alt-text for this, sorry! I've linked the slides in main post, I've put alt-text here because if I don't then your screenreader will read out a file name instead

benjojo posted 06 Apr 2026 22:38 +0000

Hah, Cogent CEO seems to recognize that having the ability for customers to make RPKI ROA's on their space (aka, signing a ARIN agreement) made its IPv4 rentable there's a lot more appealing to customers!

Today, we're about 46% of our addresses are leased and approximately 4% of our addresses are allocated to customers at no cost. This is nothing new. It's been part of our strategy to win business since Cogent's inception. But we do still have half of our address space that is sitting fallow. We have greatly improved the marketability of that address space by being able to deploy RPKI or additional security features across those addresses, which have made them more desirable to counterparties.

benjojo posted 04 Apr 2026 18:16 +0000

As a emoji in work presentations connoisseur, it pains me that the best ✨ emoji implementation was the original Twemoji, before in 2017 it went from purple to just boring yellow sparkles.

( I also hate that sparkles has been used to signal AI features :( )

Also, always embed actual PNGs of your emoji into your presentations, to avoid a surprise jankmoji (normally the windows ones) when your stuff gets loaded on to the event presentation laptop

A screenshot of emojipedia, showing a purple sparkles emoji from the old twitter emoji back, the page says Sparkles on Twitter / X Twemoji 1.0

benjojo posted 04 Apr 2026 13:57 +0000

yeah sci-hub bird, I was surprised too

A browser screenshot of a PDF, the scihub crow is there with a text box next to it (like a speech bubble) saying "Wait, There’s Torture in Zootopia?" (a truncated title of the paper)

benjojo posted 03 Apr 2026 09:51 +0000

You know, somehow, a IDE update on April 1st is really unappealing, I'll pass

A VSCode update prompt box that says the new release is from April 1st (april fools day)

benjojo posted 01 Apr 2026 13:07 +0000

Sir, another "Customers should enact their disaster recovery plans" has hit the AWS status page

benjojo posted 31 Mar 2026 17:16 +0000

Damn they really did save that day light last weekend didn't they

benjojo posted 30 Mar 2026 09:26 +0000

Airport adverts are a genre on their own, like how many bong rips was required to come up with all of the HSBC ones in LHR?

HSBC ads in LHR, one ad says "are we shaped by society [picture of a child with a t shirt that says i am the future] or are we shaping society?". the other adverts, "is it a midlife crisis or a midlife opportunity" HSBC ads in LHR, one ad says "are we shaped by society [picture of a child with a t shirt that says i am the future] or are we shaping society?". the other adverts, "is it a midlife crisis or a midlife opportunity"

benjojo posted 25 Mar 2026 13:02 +0000

I can only conclude that PeeringDB is increasingly vibe coded (in the fullest meaning) because they keep releasing busted code that clearly has not been tested. Today they email me and a lot of other networks with a non sensical email that tells me to do something that does... nothing.

https://github.com/peeringdb/peeringdb/issues/1936

I can sometimes understand the desire to use AI tools, but seemingly none of this stuff is actually going through even basic testing in a staging environment, so frustrating for a service that absorbs quite a lot of sponsor money from orgs

benjojo posted 19 Mar 2026 15:36 +0000

Making an account on something today when I came across a novel to me password restriction

A error " Your password must be between 6 and 20 characters long, and must include upper and lower case letters as well as numbers. (Password cannot start with $) ", the the goose chase meme asking why it can't start with the unix crypt hash symbol

benjojo posted 18 Mar 2026 11:26 +0000

why why why the does Thunderbird let you sort by email subject, I have never wanted to do this and I always do it if I "miss" trying to open the newest email, and when you have a 100k+ inbox this little maneuver's is gonna cost you 51 years of CPU time

benjojo posted 16 Mar 2026 12:57 +0000

✅ Muted all RIPE Charging Scheme members-discuss emails

There is basically nothing new to discuss and everyone is just going in the same conversation loop, all at expense of filling my inbox with crap