Sewerage explosion imminent.

The Australian government has just emailed the following:

ASD’s ACSC is aware of targeting of multiple vulnerabilities within Australia impacting Cisco ASA 5500-X Series models, that are running Cisco ASA Software or FTD software:

CVE-2025-20333 (Critical) – A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device.

CVE-2025-20363 (Critical) – A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device.

CVE-2025-20362 (Medium) – A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that should otherwise be inaccessible without authentication.

A number of versions of Cisco software releases are affected, including those within the following ranges:

Cisco ASA Software releases 9.12 to 9.23x and; Cisco FTD Software releases 7.0 to 7.7x.

Please see

https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks for specific version details.

Cisco reports active exploitation of these vulnerabilities has been observed globally.

I’m in Australia and there’s a significant proportion of the population that wants to emulate the USA.

Legal Terms and Privacy

By continuing, you agree to our Terms of Service, which include arbitration and a class action waiver, and our Privacy Policy. You agree that we and our third-party vendors may collect and use your information, including through cookies, pixels and similar technologies, for the purposes set forth in our Privacy Policy such as personalizing your experience and ads.

WTF?

They’ll use machine learning to determine based on your behaviour if you’re under 16, then they’ll ask for proof of age.

Thank you for making my point.

In ICT circles, sure, on the nightly news it’s crickets.

We know very little beyond:

1. It will go live on 10 December 2025
2. There will be heavy fines.
3. Government ID is not allowed to be the only method.
4. A self declaration (tick box) is insufficient as a check.

There are to my knowledge no third party providers approved for this legislation. The process to assess actual implementation details started in July 2025, and the results thus far are underwhelming to put it mildly, you might call it a shitshow.

Below is the official sum total of what we know, most of it motherhood statements and “coming soon”.

https://www.esafety.gov.au/about-us/industry-regulation/social-media-age-restrictions

Media commentary wants to “protect the children”, but have no idea how you might do so, let alone consider the implications or implementation details.

Source: I’m an ICT professional with 40+ years experience.

The comments here seem to be missing a salient point.

In order to determine if a user is under 16, you need to determine that for every single user … including you!

This means that your personal data will be harvested in order to determine if you are over 16 or not.

From memory they use Cisco.

In 2023, apparently Optus attempted to blame them for the default values on the hardware (IIRC the size of the routing table), which several people pointed out was blatantly absurd. Apparently Optus also didn’t follow up with a welfare check of each of the failed calls in their network. Apparently they had to physically visit each affected router across the entire network. They were fined. I’m not aware of any other penalties.

Now, in 2025, it appears that Optus didn’t follow their own processes, ignored several early customer reports about emergency calls not working, didn’t inform the communications minister, under reported the impact, didn’t inform customers and didn’t make any announcements until it was fixed.

In 2023 I couldn’t help but wonder if the staff at Optus had ever heard of testing. Today it seems obvious … to me … that they don’t.

Disclaimer: Note that whilst I’m an ICT professional, I don’t have any direct knowledge of the internals of these incidents and I’m relying on memory of reports and commentary and Wikipedia, I have also never played with Cisco routers, so YMMV. I also note that I haven’t been an Optus customer for about a decade, and my own experience with their ICT systems as a customer over fifteen years or so has been … let’s call it “suboptimal”.

To migrate historic email you can use Google Takeout.

Go with your gut.

Go and see mom and have a nice home cooked meal.

Tailscale and ssh.

Just so we’re clear … we’re angry because it’s the second time it’s happened and if anything their response was worse this time around.

https://en.m.wikipedia.org/wiki/2023_Optus_outage

https://en.m.wikipedia.org/wiki/2025_Optus_emergency_calling_outage

Egg Sealant!

Or you could go the dull route and just ask @[email protected] to just ban you outright for no particular reason.

Mind you, that might be exciting for the rest of us, so make sure you give us fair warning before you go that route.

Except that in civil discussion with experts, other ideas are what helps people arrive at a solution suitable for them and their situation.

I’ll also add that I’ve been a Linux user for 25 years and the toxicity you claim in relation to the Linux community is in my experience not evident as a “major reason”, instead I’ve found it to be innovative and flexible with a wide perspective and approach to problem solving.

Are there dickheads in the Linux community? Yes, just like there are everywhere in society.

Police are investigating a forth death possibly linked to the outage.

Edit - Source: https://www.abc.net.au/news/2025-09-21/optus-outage-western-australia-rita-saffioti-optus-timeline/105799254

Edit - It’s not the first time that a firewall upgrade caused the telephone network to go down either: https://en.m.wikipedia.org/wiki/2023_Optus_outage

Not to mention that Optus is a subsidiary of a massive company, SingTel: https://en.m.wikipedia.org/wiki/Singtel

I can’t wait to see their 100 mph unicycle … coming soon no doubt.

Capable of 120 km/h, that looks like a Darwin Awards preselection tool, rather than a means of transport.