Next-Generation HTTP/3 Protocol Arrives as a Standard

The Internet Engineering Task Force (IETF) has officially released the third major revision of the Hypertext Transfer Protocol (HTTP) as a standard (https://www.theregister.com/2022/06/07/http3_rfc_9114_published/). RFC 9114 (https://www.rfc-editor.org/info/rfc9114) documents the new HTTP, which proponents say will lead to better "…stream multiplexing, per-stream flow control, and low-latency connection establishment."

The biggest change with the v3 web is the QUIC protocol, which was originally developed by Google but has since been extended and adopted by Microsoft, Apple, and other vendors. Unlike previous versions of the HTTP, which relied on the slow but careful TCP protocol for establishing and verifying connections, the new version uses the faster and more agile QUIC as a transport protocol. QUIC, which stands for "Quick UDP Internet Connections," is based on the connectionless UDP transport.

Some questions remain about the pace of adoption for HTTP/3. Until now, development has been led by major Internet companies such as Google and Microsoft. The Apache project has so far resisted adding support for HTTP/3 to the Apache web server, but adoption of the standard could change that calculation. According to the IETF, the standard is compatible with the previous HTTP/2, which should ease the transition.

The Next Linux Kernel Could Be a Big Deal

Linux will finally have support for StrongARM platforms. After more than 10 years of work, Linus Torvalds (the creator of Linux and the leader of kernel development) stated in a recent update, "One thing of note is how the long-time ARM generic kernel work (aka "multiplatform") is pretty much done after 10+ years. Congrats to everybody involved. The StrongARM platforms remain with their separate kernels and are expected to stay so, but compared to where things were a decade ago, this is a pretty big step."

Beyond that major advancement, the 5.19 kernel will be rather boring for standard users, while also being on the "bigger" side. The majority of the new additions and changes to the 5.19 kernel are hardware-related driver support. Along with the architecture updates (such as NVMe support for Apple Silicon and updates (https://lkml.iu.edu/hypermail/linux/kernel/2206.0/04428.html) for HPE GXP and LoongArch64 architecture), improvements to tooling and documentation, and some minor core kernel updates, kernel 5.19 might be the most "boring" big deal to have come around in some time.

The 5.19 kernel is scheduled to release around July 2022.

Millions of MySQL Servers Exposed

The Shadow Server Foundation recently reported that over 3.6 million MySQL servers are publicly exposed (https://www.shadowserver.org/news/over-3-6m-exposed-mysql-servers-on-ipv4-and-ipv6/). The discovery was made when the research group began scanning for accessible MySQL instances over port 3306. The results of their scan turned up 2.3 million IPv4 addresses and 1.3 million IPv6 addresses that responded to the query. Those accessible servers responded with a Server Greeting.

Although the researchers did not check for the level of possible access or database exposure, this is still an important attack surface that must be closed. The most widely used version of MySQL with the vulnerable attack surface (associated with IPv4 addresses) was found to be 5.7.33-36, whereas the IPv6 addresses showed version 5.5.5-10.5.12 was the most widely accessible.

The most important thing admins can do to avoid potential issues is to disallow external connections from the Internet to your MySQL server.

For anyone wanting to replicate their scans (to see if your MySQL servers can be accessed from the Internet), you can use the nmap command nmap -sV -sC SERVER (where SERVER is the IP address or domain of your MySQL server), (https://nmap.org/nsedoc/scripts/mysql-info.html). It is also advisable that you always keep your MySQL servers up to date.