The Boston Diaries

The ongoing saga of Sean Conner, who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Wednesday, March 18, 2026

More notes on the Brazilian SYN attacks

One thing I forgot to mention yesterday was this observation from the Brazilian cybersecurity researcher who emailed me:

I've stood up a small sensor network, and so far I've captured data on two incidents. Both were observed from a sensor in São Paulo that responds on port 443 with a valid TLS certificate and a domain name. Two other sensors of mine were not hit: one in São Paulo that listens on 443 but has no domain name or valid certificate, and one in London with no server on 443 at all.

That's a tiny sample size and could be coincidence, but it lines up with comments I've seen suggesting that this actor only targets hosts that actually respond on 443. The TLS-certificate angle makes me wonder whether they're pulling target lists from Certificate Transparency logs.

Again, that makes sense given that all the SYN attacks have been directed towards the secure HTTP port. Checking certificate transparency logs is an easy way to find active servers that can be used for a SYN amplification attack.

But another weird thing I noticed—the Brazilian SYN attacks against my server have seemingly stopped. I haven't seen one forged SYN packet for over 24 hours. I don't think my reporting on it would effect that, but perhaps after detecting that I'm blocking the packets they gave up on my server? A potential botnet that was being used got taken down? Very strange indeed … Nope. They're still happening. Sigh.

The coming AI winter can't come fast enough for me

The last of the links I collected during a quiet February, plus a few found in the past day.

All I wanted in the world was to mess around with stuff until it sort of worked. Understanding was for chumps. I didn't want to think about the problem space, or the messy realities of my platform of choice. I wanted the computer to Do Thing. I wanted libraries and languages with a simple face, that would solve problems for me without me having to think them through, because the amount of shit that didn't make sense to me was so overwhelming. I just wanted it to be easy.

If you had given me a magic box that I could ask to write programs for me, that generated code that I didn't understand, that sort of worked but might have weird problems, that I could pester with questions about esoteric technical subjects until it gave me reasonable-sounding-but-maybe-wrong answers that were on my level, I would have been delirious with joy. I would have shaken the devil's hand, weeping with gratitude, and leapt face-first into vibe coding with a ferocity you could scarcely imagine. …

I could have gotten stuck that way. I could have flailed around, not understanding, not wanting to understand, for many more years than I did.

Via Lobsters, On The Need For Understanding

The post rambles, but it does describe the author's journey to understanding that in programming, you need to understand the underlying problem, in addition to knowing how to program, and not just hand off the thinking to some random text generator LLM. I think it can be sumarized by Richard Feynman's quote: “What I cannot build, I cannot understand.”

Somewhat related is this short story, “Warranty Void If Regenerated” (via Hacker News). It's a story (written with some LLM assistance that I did not pick up on, although I did notice the LLM generated art work) about a possible future of software modification in a post-LLM-written-software world. What's interesting is not that it proposes what software development might be like, but in that it describes the issues in programming in general, what with unstated assumptions, breaking updates, and the people who prompt and fix software issues are still called “programmers.”

Then there's this savage indictment of software development with LLMs and their mass copyright violations, “Clean Room as a Service” (via Hacker News). And yes, it's a real service to launder existing code under an inappropriate license (for your use) to code you can use (but possibly not copyright yourself—current law holds that LLM-generated content does not fall under US copyright). There's even a blog post that goes into more detail about the “service.”

And rounding out the links today is a Youtube video “I was a 10x engineer. Now I'm useless.,” where a programmer talks about how he is slowing loosing his ability to code as he hands more and more control off to an LLM.

Obligatory Picture

[Self-portrait with a Christmas Tree] Oh Chrismtas Tree! My Christmas Tree! Rise up and hear the bells!

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

Obligatory AI Disclaimer

No AI was used in the making of this site, unless otherwise noted.

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site: https://boston.conman.org/, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

https://boston.conman.org/2000/08/01

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2026 by Sean Conner. All Rights Reserved.