7

8 comments

[–] smallpond 2 points (+2|-0)

"being probed for expensive endpoints"

Can anyone explain what expensive endpoints are, and why this makes migration so time critical?

If I understand correctly:
Expensive endpoints are actions that cause the most work for the server. So by over-using them they can try to overload the server.
It is important to migrate soon, because once the weak points are mapped, they may be able to easily shut down the current code. The new code would not be vulnerable in the same way, so moving soon could foil the attack, if it is an attack.

[–] smallpond 1 points (+1|-0)

Thanks. Ok, so it makes sense moving to the new code could foil any work done to map weak points of the current code. Of course if they have any stamina, there's nothing to stop these hypothetical attackers from probing weak points of the new code just as they did the old code. Is the new code likely to be any stronger in that sense?

Is the new code likely to be any stronger in that sense?

Probably. The new code should be more efficient and secure. Nothing is 100%, but at the very least the attacker would have to restart their efforts, and it should be more difficult.