• 1 Post
  • 23 Comments
Joined 1 year ago
cake
Cake day: June 23rd, 2023

help-circle
















    • MSF provide health services and are around 80% efficient (20% of your donation goes to overhead). I’m not sure if they make it easy to earmark a donation to Gaza.
    • UNICEF does more infrastructure projects, but have around 30% overhead.

    If you really want to maximize your impact, check if your employer or professional association have donation matching for various large charities.

    There are obviously many more charities - these are two that I believe have the highest chances of actually reaching civilians in Gaza and not being diverted.


  • Also that in order to exploit this it requires an active man in the middle. Which requires any of the following:

    • Reverse proxy hijack/NAT hijack - from a compromised machine near the server
    • BGP hijack - stealing traffic to the real IP
    • DNS hijack - stealing traffic to send to a different IP
    • Malicious/compromised network transit
    • Local network gateway control
    • WAP poisoning - wifi roaming is designed really well so this is actually easier than it sounds.

    Almost all of those have decent mitigations like 801.x and BGP monitoring. The best mitigation is that you can just change your client config to disable those ciphersuites though.