For those trying to figure out why 1/2 of everything on the Internet isn’t working its because there have been a couple of massive Distributed Denial of Service (DDOS) attacks. Take it away Gizmodo before someone takes you away:
Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
Update 12:28 PM EST: Dyn says it is investigating yet another attack, causing the same massive outages experienced this morning. Based on emails from Gizmodo readers, this new wave of attacks seems to be affecting the West Coast of the United States and Europe. It’s so far unclear how the two attacks are related, but the outages are very similar.
DDoS Attack Against Dyn Managed DNSIncident Report for Dyn, Inc.
UpdateThis DDoS attack may also be impacting Dyn Managed DNS advanced services with possible delays in monitoring. Our Engineers are continuing to work on mitigating this issue.InvestigatingAs of 15:52 UTC, we have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue.MonitoringServices have been restored to normal as of 13:20 UTC.UpdateThis attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue.InvestigatingStarting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.
Customers with questions or concerns are encouraged to reach out to our Technical Support Team.
dedc79
Adam, posted this in the thread below. Thought you’d appreciate it:
Omnes Omnibus
I guess I don’t live someplace important enough to be attacked. Except verbally.
Mnemosyne
I’m definitely noticing it here at work on the West Coast. Everything is super-slow, and I can’t even connect to stuff like the Metropolitan Opera website.
Imonlylurking
I wonder if that explains some of the issues I’m having at work today. Hmm.
schrodinger's cat
Ruskies involved, you think? Putin has managed what the Soviets couldn’t, install their puppet as a major party nominee.
Greg in PDX
Red State is claiming that this has happened because Obama “gave the Internet” to Russia and China. This from their so-called “computer expert”, the laughably stupid Neil Stevens.
Adam L Silverman
@dedc79: Excellent!
eemom
I’m glad I don’t understand any of this.
Fair Economist
I’m betting this is the cyber-war. Russia is retaliating for cutting off RT’s bank accounts.
Adam L Silverman
@Omnes Omnibus: You get a pity exemption until Scott Walker and cronies leave office.
Keith P.
@dedc79: Dammit! I was hoping for a Married With Children reunion, not this.
Adam L Silverman
@Imonlylurking: Yes, feel free to take your computer with this post loaded on the screen to your supervisor and tell him that its not your fault you can’t get anything done, someone is committing a massive attack on the Internet and since you can’t get anything accomplished you should be paid to go home.
Omnes Omnibus
@dedc79: “I am a free inhabitant!” “No, you are a loony.”
D58826
Job One for Hillary over the next 4 years will be figuring out a way to fortify the Internet. To much is dependent on it today
Joseph Nobles
I wanted to watch the new season of Black Mirror. Instead I have to live it.
dedc79
@Keith P.: Sorry to disappoint. I too would enjoy that reunion – although the last few seasons of that show were painful.
trollhattan
I blame
ObamaThe Nasty Woman. Hillarrrryyyy!!!!! [shakes virtual fist]Yeah, many random things today seem borked. Russia? China? NKorea? ISIS allies? Wal-Mart?
Adam L Silverman
@dedc79: @Omnes Omnibus: Needs more taser and pepper spray. Maybe a bean bag round.
Arclite
Thanks, Adam. A couple of my usual sites were down this morning, and I was wondering why. Was going to wait and read BJ at work, but came here early and was glad to find out what was happening.
Mnemosyne
@dedc79:
I will reiterate here that I have come to think that publicly declaring oneself a “sovereign citizen” should be enough evidence for the authorities to send you to a psych ward for a 72-hour hold and mental health evaluation.
Adam L Silverman
@D58826: I believe she’ll appoint Dr. Kellogg and he’ll explain how to get all those essential vitamins and minerals.
Keith P.
@dedc79: They had me at the Anthrax guest spot (although like all things, it would have been better with John Bush instead of Joey Belladonna)
EDIT: OK, now that I’ve seen the video, it is about as good as a MWC reunion. I’m impressed by the officer’s patience (although I can’t help but wonder how the scene would have differed if the skin color was different…I mean, no taser for this case? Seriously?)
dedc79
@Omnes Omnibus: I like the part where she says she has all the same rights as citizens but is not subject to any of the laws/rules.
dedc79
@Mnemosyne: No argument here
sigaba
WarGames is a great movie but one of its more famous fuckups is it made DefCon 1 the most critical condition and not 5… 1 is peace.
Villago Delenda Est
Vlad is pissed.
“Release the scriptkiddies, Boris!”
D58826
@Adam L Silverman: or Tony the Tiger
Omnes Omnibus
@Adam L Silverman: And there’s the verbal attack.
Another Scott
Akamai’s Real-Time Web Monitor (click the Attacks tab) seems to indicate that South Korea is being hammered too. I wonder if that’s a clue. Hmmm….
Cheers,
Scott.
Omnes Omnibus
@dedc79: Call your superiors.
Adam L Silverman
@sigaba: No, they got it correct.
http://www.northcom.mil/Portals/28/Documents/Supporting%20documents/%28U%29%201962%20NORAD%20CONAD%20History%20Jan-Jun.pdf
http://fas.org/nuke/guide/usa/c3i/defcon.htm
Trentrunner
It’s like London during the Blitz. When do we send the children to the countryside?
Rob in CT
@sigaba:
https://en.wikipedia.org/wiki/DEFCON
germy
Putin is pissed as hell after that third debate. Also the booing drumpf received at the Al Smith dinner.
Feel his wrath!
catclub
@Adam L Silverman: Which level keeps out trolls? It looks ( so far) to be working at defblog1.
Rob in CT
I noticed that when I googled DEFCON to make sure I was right about sigaba being wrong, I got a bunch of hits from nutty blogs talking about the US going to DEFCON3 because Russia.
trollhattan
@dedc79:
Why is Megan Mullally so upset at the CHP?
Omnes Omnibus
@catclub: Only Defcon 1. One needs to dust off and nuke ’em from orbit. It is the only way to be sure.
Trentrunner
What’s the over/under on Trump blaming this on Clinton-Obama? I say before noon.
Speaking of which, when Trump tweeted this:
Hillary retweeted it, with this comment:
I may actually enjoy the final few weeks of this campaign.
Mnemosyne
@Another Scott:
I have read elsewhere that North Korea is actually really good at hacking other countries’ computers. Feeding their own people, not so much.
redshirt
My computer is battle hardened and on alert. Reporting for duty!
Adam L Silverman
@Rob in CT: Some “news” site posted an “article” to that effect a few days ago which was quickly debunked. Snopes even has a debunking post up about it.
? Martin
@Trentrunner:
Already done. Facebook has been up all day.
different-church-lady
maybe just a coincidence, but is anyone else getting frequent certificate error messages out of BJ this morning?
Rob in CT
@Trentrunner:
Hahahahaha.
sigaba
@Adam L Silverman: Really? Why would the good people at the MGM/UA promotional department lie to us? :)
ETA- Someone should tell Larry Lasker and Walter Parkes, they still think they got it wrong as of at least 3-4 years ago…
trollhattan
@Trentrunner:
Oh hell, there’s a mic drop.
Rob in CT
@Adam L Silverman:
Oh, yeah, it was obvious bullshit. It’s just that Bing (not google – I just tried google and yeah the results are much better) returns several hits on that same bullshit story. Google has the snopes debunking near the top.
trollhattan
@? Martin:
To be safe, the kids should all go to My Space until the all-clear.
MJS
@dedc79: Just the last few seasons were painful? Every episode I had the misfortune of seeing was painful.
kindness
How about we just cut Russia off the internet until after the election. I mean completely cut the cable. WTF do I care if they can’t reach their porn sites for a month?
Villago Delenda Est
@Trentrunner: Oh, Hillary organization! Sick burn! I love it!
germy
For all the RBG fans out there:
http://boingboing.net/2016/10/21/ruth-bader-ginsburg-joins-the.html
redshirt
@trollhattan: There’s some deep bunkers on Usenet.
germy
I’m in moderation because the notorious RBG will be appearing in a Washington National Opera production.
Thanks Obama/Clinton.
Villago Delenda Est
@redshirt: “You will never find a more wretched hive of scum and villainy.”
germy
@kindness: The UK has much better porn anyway.
Anoniminous
@redshirt:
Good God … is Uselessnet still around?
Emerald
Looks like it might be worldwide. Just saw an outage chart that included London, Paris, all of Belgium, Mexico City, Rio and many others. I’m thinking this might take awhile.
Hmmm. Not Moscow though.
All well, I guess I will have to do some actual work!
Adam L Silverman
@sigaba: I can’t speak to what anyone at the studio thinks. I can only post the appropriate US military doctrinal links, as well as links to other authoritative sources like the Federation of American Scientists, with the correct information.
WaterGirl
@dedc79: Do we know the rest of the saga? I have to say, it’s kind of shocking and refreshing to see a videotape with a cop these past few years and feel like I’m siding with the cop.
Humboldtblue
@eemom:
No shit. Does my magic google machine that I have on my firefox work? Good. The rest is just noise.
hovercraft
@Adam L Silverman:
Your expertise would be appreciated to answer this question in the previous thread.
dmsilev
@Trentrunner: Funny.
Clinton’s social media team has been pretty good at the whole “jab Trump on Twitter” thing. Attack him where he’s strongest!!
Gin & Tonic
For those who want the straight poop on this attack, which is against a company called Dyn, you can check their status here.
A semi-official comment from one of their people: “I’m not in a position to disclose details about the attack just now (partly because I’m leaving the people doing the mitigation alone so they can focus on that rather than providing detailed attack reports), but this is a significant attack. The communications people at Dyn are actively keeping the status pages accurate, so if you want to know what’s going on the URI above is the place to look.”
Note that all times of updates are listed in UTC.
trollhattan
Trump is at Defcon #smoulderingashheap. Sam Wang:
Been a long while since I’ve seen his EV count drop below 200, and 79% odds of a Dem senate is as bracing as a double espresso. NYT thingie has Nasty Woman at 93/7% today.
And it’s Friday!
dmsilev
@Villago Delenda Est:
Free Republic?
Jim, Foolish Literalist
No twitter! how long will I be deprived of bite-size nuggets of information and snark?
redshirt
@Villago Delenda Est: Never been to 4Chan I take it?
Omnes Omnibus
@Jim, Foolish Literalist: Have you considered the comments section of this blog?
EZSmirkzz
Schneier via /.
Brian Krebs has some interesting stuff up about it too,
To some extent then we may be inclined to blame the end luser, but in reality most manufacturers aren’t all that interested in updating their devices’ software, any more than end users are interested in updating their software if they could.
Complacency kills.
muddy
@WaterGirl: You can watch these sovereign citizens get arrested for hours on youtube. The cops are always really patient with them. It’s ridiculous, but then they are typically white. The best part is that they film themselves acting like fools and breaking the law, and then post it to the internet like they are proud of themselves.
I was thinking if these people want to say that they are not American citizens, then they ought not be allowed to vote.
hovercraft
@Trentrunner:
Chuck Todd: Trump Lost The Al Smith Dinner
When Chucky is mocking you…..
SAD!
Adam L Silverman
@hovercraft: I think he or she is referring to the Esquire article I referred to/recommended to Gin & Tonic last night in the Al Smith thread. I’m going to do a post later today on this stuff – time permitting.
Jim, Foolish Literalist
@Omnes Omnibus: Never heard of it
Anoniminous
@Adam L Silverman:
Commies, the lot of ’em.
Gin & Tonic
Last post on this attack, I promise. But if you want to read some informed speculation as to what and why, here’s Krebs, who knows from DDoS.
dedc79
@WaterGirl: Had the same reaction as you regarding the cop. I did a little looking, but wasn’t able to find out any more about the incident.
Adam L Silverman
@hovercraft: He also announced he was Jewish. I had no idea Chuck Todd was Jewish. I’m sure his twitter feed, once the DDOS attack is dealt with, will be just chock full of the best tweets! And despite what I think about him as a journalist, that will be unfortunate.
Omnes Omnibus
@Jim, Foolish Literalist: You are a lucky man.
Betty Cracker
Per Politico (I know):
Yeah, that’s a great way to gin up sympathy for Assange and WikiLeaks — take away people’s Netflix!
germy
Seeing herr drumpf booed in a room full of catholic priests reminded me of the comedian who said monks broke their vow of silence to heckle him.
Gravenstone
@Fair Economist: Somebody is practicing their chops for the real attack on 11/8. Imagine how the knuckle draggers will respond without being able to access their echo chamber to see Trump “prevail”.
Jim, Foolish Literalist
@Omnes Omnibus: meh, this post
has given me an ear worm of DIck Van Dyke singing. I won’t be buying any lottery tickets
gbear
@kindness:
But I need my dash cam videos!!
Anoniminous
The infrastructure for a DDoS attack is badly secured devices, which is most of the them, capable of accessing the Internet – again, most of them. It is depressing how many passwords can be found on a widely available simple list and suicidally depressing the most common password is still – after 30 years of warnings – “password.”
Miss Bianca
@D58826: Build a wall around it? And make the Russians pay for it!
Hkedi [Kang T. Q.]
The Russians are obviously DDoSing to take down twitter to keep trump from hurting himself further, Duh!! /Joke
Jim, Foolish Literalist
@Anoniminous: Heh, I actually did once use “fuckyou” as a password for a site that was pissing me off as I tried to register for whatever it was
@Betty Cracker: Speaking of Netflix, my Amazon fire TV remote has just up and died, changed the batteries twice, just dead. Anybody had that problem before I attempt to deal with an Amazon FAQ page?
ruemara
Does explain why today, my facility has The Slowest Internet Since Dial-up™. I’m trying to lose myself in podcasts and hosts are failing to resolve.
Hal
Do people really think Clinton dropped some super secret knowledge in her nuclear response time reaction at the debate? I’ve seen a couple of Facebook posts about it and I’m honestly mind boggled that folks think this is a super duper top secret. I’ve also noticed Trump supporters are awfully quiet on Facebook. Reality beginning to set in I guess.
hovercraft
@Adam L Silverman:
He’s talked about if before, I think one time he mentioned it when reporting about the Obama’s Seder.
Miss Bianca
@germy: Oh, man! I wonder if Alain is going to be seeing this production!
o/t, is it a complete coincidence that The Current is playing Janet Jackson’s “Nasty” right now? Hmmm….
Omnes Omnibus
@Anoniminous: I am too clever for that. I use drowssap.
Anoniminous
@Jim, Foolish Literalist:
So have I and the fact it is 28th on the list means Our Numbers are Legion. But I’ve always used it as a one-off, never for something important or long term.
trollhattan
@Hal:
A quiet Trump supporter is in grave danger from some kind of matter-antimatter incident. “For a quiet state lasting more than four hours, contact your doctor.”
Anoniminous
@Omnes Omnibus:
That’s insecure. You need capital letters and non-alphabetical characters to be secure: Drows1Sap will do it.
Omnes Omnibus
@Anoniminous: Don’t you tell me how to internet!
EZSmirkzz
Just a couple of quick thoughts, it wouldn’t be beyond the realm of possibility for our own services to be pulling these sorts of drills, so we don’t know what we don’t know.
What we do know is using DNS look up to get the numerical address of critical sites and creating our own spreadsheet/database to connect to sites when it is the DNS servers under attack. That’s as old as L0phts testimony before Congress.
On the other hand we don’t use the same technology in automobiles as we used in 1969, yet the internet is basically using an ethernet protocol from back then to carry all our deep thoughts and insights to the masses. Maybe we should upgrade that infrastructure too, when we as a society decide to pull our heads out of our asses.
Adam L Silverman
@hovercraft: Since I try not to watch anything that involves him I had never heard it till today.
James E Powell
@D58826:
Based on our experience with the Obama administration, beginning in the early afternoon of January 20, 2017, everything will be Hillary Clinton’s fault and she had better fix it right now!
WaterGirl
@muddy: She was amazing. “We get all the rights of US citizens and none of the responsibilities! Look it up, you moron! I’m right!”
edit: I did have to laugh at the “you cut my bag!” outrage When she insisted on being cuffed with the bag on, i thought to myself, okay I’d do that, then cut the bag off of her.
WaterGirl
@dedc79: That’s too bad, I was hoping to find out more.
trollhattan
@James E Powell:
Mitch McConnell is trying to figure out how to say that since Hillary’s election was rigged, the people have not given the purported president a mandate to nominate SCOTUS justices. So very tempting….
Litlebritdifrnt
I have to admit I am starting to get Twitter withdrawals, I need to know what is happening every 30 seconds goddammnit!
Jim, Foolish Literalist
More popcorn, please
can’t wait for the context of that last one
Soylent Green
If twitter is down, we better give Baby Donny his pacifier and blankie. You know how he gets when he can’t tweet.
Adam L Silverman
@Litlebritdifrnt: If The Guardian’s site hadn’t gone down because of the attacks, I’d be happy to link you to their coverage of the silverback that escaped from his enclosure and drank five bottles of undiluted black current cordial before being returned to his enclosure.
Patricia Kayden
@Jim, Foolish Literalist: The fact that Christie knew about (and probably ordered) the bridge lane closures is no surprise at all to me and probably a lot of other folks who don’t hold him in much esteem. Glad that it’s finally out and he may be facing jail time. This is exactly what he deserves.
What a damn nerve he had to give that RNC speech about jailing Clinton!
Villago Delenda Est
@Betty Cracker: Burn it all down. These children don’t seem to realize that alienating those who might be your allies is counterproductive.
And aligning with Assmunch will cause people to think of ways to hurt you in meat space.
hovercraft
O lookie here:
Bridget Kelly: Christie Knew About GWB Lane Closures A Month Ahead Of Time
Villago Delenda Est
@Jim, Foolish Literalist: My mind reels with the possibilities. “Who do you think I am? Donald Trump?”
Calouste
@Hal: Yeah, I assume that everyone in the business of nuclear weapons knows that anyway, including the Russians and the Chinese, or would say that it is trivial to work out.
Just keep in mind that the Groping Orange Pedophile and his minions, including all the teabaggers in Congress, really know bugger all about anything, and can’t find their own ass with a map and a torchlight. See also the G.O.P. insistence on “surprising” ISIS. Like they can’t work out there is an attack coming. It’s Dunning-Kruger distillate.
Litlebritdifrnt
@Adam L Silverman: Possible worst job in the world, that Gorillas keeper the day after. “Purple Shit! What am I supposed to do here?
hovercraft
@Jim, Foolish Literalist:
Follow the links in the TPM article I just posted at # 111
Adam L Silverman
@Jim, Foolish Literalist: Also a Pennsylvania state official has made a statement that both Christie and Cuomo knew about it.
trollhattan
@hovercraft: Christie reminds me of a very large version of big brother Chet from “Weird Science”–the sociopath bully who simply refuses to grow up. Remind you of anyone else?
NW Phil
@Mnemosyne:
You would think they could do some type of trade with someone else to resolve that problem. Russia has that same problem – plenty of natural resources, but just can’t seem to get their act together long enough to actually get the job done.
Jim, Foolish Literalist
@hovercraft: MSNBC just teased a story. I don’t know if Mrs Christie’s Bully Boy will wind up in jail, but I am loving it so far. I don’t have much faith in voters or the political media, but I doubt he can come back from this. Then, as I type that, I remember that Barnacle’s a regular on Morning Joseph, Brian Willams is held to be a better “serious news” anchor than Maddow, Hayes or O’Donnell, much less Joy Reid, and I believe Rudi Giuliani’s ex-con goon is back on CNN as a national security pundit.
trollhattan
@Soylent Green:
Hmm, you don’t suppose his remaining campaign staff are responsible?
Comrade Colette Collaboratrice
@Mnemosyne: Yup – I work for the City of San Francisco, and our main accounting, HR, and project tracking sites are down. Gremlins are probably busy stealing my personal info right now. Sigh.
different-church-lady
@EZSmirkzz: That’s a lot of words to say, “LET’S PARALYZE THEM BY DEFEATING THEIR ABILITY TO ORDER KUNG PAO CHICKEN BY TALKING TO THEIR CARS!”
Millard Filmore
@D58826:
As a Microsoft hater from way back, I have to wonder how much of this attack is due to crappy security and low quality of the Windows product line. I wonder how many compromised Linux boxes are participating in this. I also wonder if the companies that *could* tell us have some contractual restriction from Microsoft that prohibits the release of that information.
In other words, is my hatred of Microsoft justified?
Jim, Foolish Literalist
@hovercraft: thanks
@Adam L Silverman: I’ve always thought that there is an assumption by journalists in all these stories is that the Port Authority is fantastically corrupt and it’s just a matter of getting one or two people to talk to take down Christie, Cuomo and god knows who else (whom else?) in NY/NJ politics.
Miss Bianca
@dedc79: OK, I’m feeling a little guilty at how hard I laughed over this…thank God for headphones and a door that closes!
redshirt
@trollhattan: You’re stewed Buttwad!
hovercraft
From ABC 7 NYC
different-church-lady
@Villago Delenda Est:
Oh they “understand” it quite fine as long as they believe they’re the allies and Hillary is the one doing the alienating.
Patricia Kayden
@Trentrunner: That’s hilarious! Reputable polls show that Secretary Clinton all three debates. Trump and his fans stay delusional.
Villago Delenda Est
@Millard Filmore: MS is built on the premise that it’s more important to sell shit than to secure shit. Furthermore, the Internet itself was designed to survive physical attacks, but imagined everyone would be smart enough to realize it was in their own best interest not to spam “Make Money Fast!” all over the damn place.
different-church-lady
@Millard Filmore: Hey, considering the number of people who refuse to give up Windows 7 (for good reasons) your theory is not very far fetched.
germy
talking points memo
Miss Bianca
@WaterGirl: Kind of makes me wonder what was in the bag…
different-church-lady
@NW Phil:
First they’d have to be interested in resolving it.
Villago Delenda Est
@NW Phil: This is because a culture of corruption has been in place there since, oh, I don’t know, the time of Peter the Great?
different-church-lady
@hovercraft: But was Hillary over-prepared?
Omnes Omnibus
@Miss Bianca: I am wondering how many infowars-type bumper stickers were on the van.
redshirt
@different-church-lady: They can take Windows 7 from my cold dead keyboard.
trollhattan
@redshirt:
Heh. Kept having Chet flashbacks watching him play lead in “Big Love.” The two would be difficult to mash-up, but perhaps some enterprising film student can give it a go. “Brilliant scamp boy scientists conjure up a series of sister wives in their Sandy, Utah compound.”
Soylent Green
NPR headline:
Omnes Omnibus
@Villago Delenda Est: Pre-Ivan even.
Adam L Silverman
@hovercraft: Now the question becomes, since he’s wounded and is toast – one way or the other, when more claims, and just how many, start to come out about Christie verbally and physically abusing and assaulting his staff, other state personnel, and/or just NJ citizens.
? Martin
@EZSmirkzz:
Well, one of the USA’s better economic exports is online services. To disrupt that would be a little bit like torpedoing your own, completely laden Victory Ships to see what the effect might be. I think it’s extremely unlikely the US is hijacking its own services.
Election-related websites have been going down on and off for months now. Bruce Schneier has been documenting the expanding cyber attack efforts.
Today is exactly in line with what he described a few months ago. Services designed to manage routing (in various ways) are being attacked. Twitter and Reddit are both routing services more than anything else – it’s how we get directed to information we need. The DNS and certificate authorities handle the actual plumbing below that.
The problem isn’t necessarily the low-level infrastructure, but the internet doesn’t cope will with DDOS attacks. Krebs was taken down by an attack so massive that Akamai had to bail out. Akamai is huge, and their business is to replicate data across their own distributed servers so that it’s closer to users and provides redundancy against traffic bottlenecks at the host. They too failed under the load of 650 Gbps of traffic, originating mainly from appliances – routers, IP cameras, cable set-top boxes, possibly TVs, etc.
The bigger failure of the infrastructure is cheap internet connected devices that have weak security either due to mistakes or negligence by manufacturers or by consumers that don’t take security seriously because it is unnecessarily difficult to do so. That’s a regulatory problem as much as it is a technological one.
Peale
@germy: LOL. So what is her “job” otherwise. I can understand complaining that Obama has a job that he needs to be doing and that minding the Presidential store takes precedence over campaign shops if big issues arise. But Michelle? I think the duties of the first lady are whatever she wants them to be.
different-church-lady
@germy: Josh Marshall is an oracle.
Miss Bianca
@Omnes Omnibus: that,too.
germy
(POTUS)
Pest Bog Mummy, Frakensteinbeck
@Patricia Kayden:
Oh, Trump knows he lost all three debates. His increasingly deranged fury proves it. He can never, ever admit it, however.
different-church-lady
@? Martin:
Unintentional knee-slapper of the month!
hovercraft
@Peale:
You don’t see Melania out there making a fuss or anything, she’s at home waiting for her man to come home. Remember he did say that when he gets home and dinner is not on the table he hits the roof. Got that Michelle?
redshirt
@trollhattan: I never not see Chet. I don’t know what that movie stuck in my head so thoroughly, but it did. “How about a nice, greasy pork sandwich served in a dirty ashtray?”
Bill Paxton was the main in the 80’s. Only actor to get killed by a Terminator, a Predator, and an Alien.
Anoniminous
@Millard Filmore:
“As a Microsoft hater from way back, I have to wonder how much of this attack is due to crappy security and low quality of the Windows product line.”
A lot. NecroSloth and Apple still haven’t learned what we learned back in the BBS: open program memory to the outside and you WILL get malicious software on your system.
“I wonder how many compromised Linux boxes are participating in this.”
Some because it too is open to the outside.
“I also wonder if the companies that *could* tell us have some contractual restriction from Microsoft that prohibits the release of that information.”
Not many as they’ve drunk the Kool Aid too, as the Stuxnet proved.
“In other words, is my hatred of Microsoft justified?”
I’ve been hating MicroSoft for their shit software since 1977 so … “yes”
:-)
? Martin
@Millard Filmore:
No. Unsecured Windows machines are a problem but a diminishing one now. They were an attractive target as they represented the largest number of internet-connected devices that could be rooted and run arbitrary code to be turned into a bot. But now there are vastly more other devices to go after that by sheer number can form a much larger bot army than if you could take over every Windows PC. Consider Apple sells more iOS devices than all Windows machines globally – and they only have about 20% marketshare globally. Nearly every TV sold in the last 3 years is internet facing and runs an operating system that can do what you used to need a PC to do. They all run a limited subset of software and are incredibly poorly secured (what’s the password for your TV?) Almost every household has a wireless router that can do the same job, a set top box that can as well, there are hundreds of millions of IP cameras and other appliances. My Roomba has an IP address – in theory it can be turned into a bot. I have a wireless speaker with an IP address, two TiVos, a handful of Raspberry Pis. My next lawn sprinkler will be internet facing, etc. That’s the real problem. Windows is a rapidly diminishing issue.
different-church-lady
@James E Powell:
Retroactive to January 2001, in effect until the next republican president’s third year in office.
D58826
@Jim, Foolish Literalist:
no wonder he and ‘old little hands’ worked so well together.
Omnes Omnibus
@Peale:
Baking cookies?
Dog Dawg Damn
Twitter has been down all day. This is quite an attack. Perhaps the biggest ever on US internet sites.
different-church-lady
@Litlebritdifrnt:
Think of it as an intervention.
Gravenstone
@germy: That’s a pretty tepid “attack”. I think deep down inside the Donch is terrified of Michelle Obama and can’t really bring himself to offer a full throated attack.
Villago Delenda Est
@? Martin: Spam, for example, is not a technical problem, and never has been. It’s a social problem.
Jim, Foolish Literalist
@Gravenstone: yeah, it must be giving him an ulcer holding all that bile inside.
Good
dr. luba
@dedc79: Wonkette has the story for you.
Dog Dawg Damn
@different-church-lady: can you imagine Trunps reaction if Putin took down Twitter during tense negotiations ?
The world would end.
Villago Delenda Est
@different-church-lady: You’re aware that 9/11 and the Invasion of Iraq happened during Bill Clinton’s third term, and Katrina happened on Barack Obama’s pre-term, right? No Rethugs involved at all.
peter
@dedc79: Free Lunch!!!
WaterGirl
@Millard Filmore:
Hatred of Microsoft is always justified.
Anoniminous
@? Martin:
Mistakes and negligence by manufacturers and by consumers. The Internet and World Wide Web are insecure and cannot be made secure with the current design. It takes highly skilled and knowledgeable people to approach hard-securing sites and even they screw it up. Expecting the average Joe ShitforBrains to secure their IoT refrigerator is laughable.
catclub
@Millard Filmore:
Probably not in this case, if it is internet enabled cameras that are the vector for DDoS attacks. And those cameras are more likely to have some linux/bsd variant inside if they need any significant computing power – it is free after all.
hovercraft
David Duke Qualifies For Senate Debate At Historically Black University
Chew on that.
WaterGirl
@Miss Bianca: Me, too!
Captain C
@trollhattan: Cartman from South Park.
different-church-lady
@Anoniminous:
I’m still at a loss as to why my refrigerator needs internet access.
The Warner Brother’s cartoon unit had the Internet of Things nailed to the wall in 1954
different-church-lady
@hovercraft: Am I a fuckin’ genius or what?
redshirt
@different-church-lady: So it can order groceries for you!
I SEE YOU ARE OUT OF MILK BARBARA SO I ORDERED IT FOR YOU
hovercraft
@Gravenstone:
He’s playing footsie with attacking her, he knows that if he goes there it will get ugly.
different-church-lady
@redshirt: ME: Yes, I know I’m out of milk. That’s why I just bought some.
Miss Bianca
@WaterGirl: per the comments on the article, I’m suspecting…”SOVEREIGN CHEMICALS”!
Omnes Omnibus
@Miss Bianca: I wonder if they vote.
? Martin
@Villago Delenda Est: It’s sort of a technical problem. It’s based on the idea that everyone should be a universal receiver – that anything anyone chooses to send me MUST be received. Email has no white/blacklist as part of the protocol. Instead we have a set of heuristic kludges to try and bring the animal under control. There’s at least three layers of filtering on my email at work, and I still get a ton of spam. I also have critical emails that are never received because they’re inadvertently caught in one of the early filters, but I have no way to tell them ‘hey, anything from this address is important’.
Email is worthless now as a reliable communication tool. Every system that has come since has at least some form of traffic filtering from opt-out filtering like Facebook and Twitter where you can block people, to opt-in filtering like Slack where only the people invited can contact you. Increasingly organizations are moving to opt-in filtering for anything valuable. It’s a mess, but it’s at least partially a technical mess. If I needed to give explicit permission to receive your email – even if I could apply a regex filter to auto include anyone from my organization, etc. then spam would effectively die. Previous forms of communication successfully did that through their own limitations – phone calls had transactional costs that were too high to support spam, and in-person/posters/etc was geographically constrained. Once phone calls got automated, then spam arrived. Email started there. It was terribly shortsighted.
hovercraft
@different-church-lady:
I bow down to you, great oracle.
Anoniminous
@different-church-lady:
Because US software manufacturers are in a mature, low growth, product environment, no longer getting the double digit year-to-year sales (and profit) increases they are used to and they are flippity-flopping around looking for new income streams.
Origuy
I run the DownDetector app on my iPhone (to monitor Pokemon Go servers). It displays a couple of dozen of the large sites. There appear to have been two large spikes in activity this morning. The first one might just be North America waking up, but the second is the one that everyone is talking about. It seems to have subsided. Near my office is a group that monitors worldwide Internet attacks; they have four large screens in the hallway showing where the attacks are coming from and where they are going. I forgot to check them earlier, but right now they are showing the usual traffic.
different-church-lady
@Anoniminous: Here’s my way of looking at it: “Everyone complains about auto-correct, but NOBODY ever turns it off.”
Smart appliances will be the same way. They won’t work, they’ll make mistakes, every will bitch about it, there will be unintended consequences, and nobody will ever say, “Hey, maybe we don’t actually need any of this.”
MattF
@different-church-lady: When Twitter returns, I suggest pulling up the InternetOfShit timeline. Many examples of IoT failure.
Gin & Tonic
@Dog Dawg Damn:
This was not an attack on Twitter, which has been up and working just fine for me and for many, many people around the world all day long. This was an attack on a DNS provider. There have been several links to authoritative analyses provided in this very thread, not just by me. Try reading some of them before posting.
Miss Bianca
@different-church-lady: I turn off auto-correct.
hovercraft
Trump’s lawyers to judge: Campaign stuff shouldn’t count
Too funny.
EZSmirkzz
@? Martin: Agreed. You must have missed my first post .
All I’m saying about the drill is it isn’t beyond the realm of possibility, not about probability. Also too, NAT has pretty much made the work around I stated obsolete. My bad.
trollhattan
@dr. luba: Nice find! Oh, those special snowflakes, idling away in the Tennessee pokey. Bog bless Wonkette.
different-church-lady
@Miss Bianca: When it comes to “everybody”, we don’t count.
Miss Bianca
@Omnes Omnibus: Thanks for the lukewarm coffee snort, dude!
? Martin
@different-church-lady: Two reasons:
1) As Redshirt noted, so that services could be built on top of that. That’s been a pretty colossal failure so far. I’m surprised that Amazon hasn’t lobbied for passive RFID chips on their consumable products (about $0.05 each) so that you could say to keep at least 1 gallon of milk on hand. When the milk leaves the refrigerator for more than an hour, another gallon gets ordered. I won’t even try to predict when all the infrastructure is in place to do something like that. It’s technically feasible, but the incentives for everyone to participate are lacking.
2) Your refrigerator is probably the more power hungry thing in your house. If we are to be serious about climate change, monitoring it’s power use to remind you to clean the coils or have it serviced would be very valuable. That would require integrating it with some home hub, a problem being tackled by a number of people (Amazon, Google, Apple) in a way that doesn’t require any real effort by the user. IOW, not useful yet, but probably soon. And your refrigerator wouldn’t participate because the mfg probably didn’t consider power usage as data-facing, and probably couldn’t update your software to provide that feature once a spec was put in place.
The Moar You Know
@Millard Filmore: A decade ago I’d have said yes. Not any more. All the OS breeds have holes, and all of them have severe holes. But that’s not the issue today. The IoT cameras, thermostats, refrigerators, dildos (yep that’s a real thing) devices, etc that are generating most of the traffic in this attack are running Linux, as are most of the home routers they’re going through. It’s not bad OS security but bad application security that’s caused this problem, and a solution for that is not even on the horizon. People like cheap devices. Cheap devices are not secure. Making them so requires far more time and money to build security into the application that they run. People won’t pay for that. I have no solution, but as a working sysadmin I sure like the job security.
Anoniminous
@different-church-lady:
People won’t do anything about it until they come home from a two week vacation and find a microbiological HazMat site in their kitchen because somebody set their ‘fridge and freezer to Defrost.
Of course people don’t need it.
Omnes Omnibus
@Miss Bianca: Happy to oblige.
Another Scott
@? Martin: I blame Scott McNealy, myself. ;-)
(Actually, he was right, but we’ve known from the days of the Morris Worm that you can’t just stick things on a network willy-nilly.)
Cheers,
Scott.
different-church-lady
@? Martin: You know what would save more power? A device that brings cold air from outside INTO your fridge in the winter, and evacuates hot air to the outside in the summer, instead of into your kitchen, where it’s already too hot.
But we will never do this, because it does not involve the consumer playing with a smartphone.
Villago Delenda Est
@Gin & Tonic: When Name Service servers are attacked, it’s an attack on the very core of what makes the World Wide Web work, and why the World Wide Web is so ubiquitous. Individual web sites need not be attacked in isolation to bring them to a screeching halt. Name Service is the single most important service of any ISP, because it’s the foundation on which the human-machine interface is built.
Anoniminous
@different-church-lady:
*zing*
different-church-lady
@Anoniminous: I look forward to the day when I am the only person in America who’s fridge hasn’t been taken over by Russian hackers.
Villago Delenda Est
@? Martin: When I was running a very small ISP 20 years ago, my admins liked to joke that the system would run perfectly well if it wasn’t for the damn users putting loads on it.
MomSense
@different-church-lady:
You could always move your fridge outside.
Omnes Omnibus
@MomSense: Overlooking the cars on blocks?
ETA: How do you do that if you live in a city apartment or condo?
Villago Delenda Est
@? Martin: You’ve read, I’m sure, Stross’ Rule 34? Half way through it, it’s revealed why the murders in the first half of the book took place. I will only allude to this, to avoid spoilers for those who have not read it, but let’s just say I was in the “why is this a problem?” mode when the reveal was made.
redshirt
@Villago Delenda Est: Was the title “Rule 34” in relation to the well known internet law of porn?
Villago Delenda Est
@redshirt: Ayup.
Gin & Tonic
@Villago Delenda Est: Um, I know that (and have the Liu and Albitz book an arm’s length away.) I was responding to a nonsensical post about how Twitter was down all day. It wasn’t.
Alain the site fixer
@Miss Bianca: I hope to! I am seeing her in the spring for the crime in opera presentation she does. I cannot wait.
Mnemosyne
@dr. luba:
So the sovcits’ theory of the Constitition is that it’s been invalid since 1868, i.e. the passage of the 14th and 15th Amendments that declared the recently freed slaves to be US citizens and granted them the right to vote?
Nope, nothing racist there. Just a total co-inkidink in timing, I’m sure.
Villago Delenda Est
@Gin & Tonic: I know you know that…my wording was wrong, I should have addressed that to the non-technically immersed, not directly replied to you as I wound up doing.
Gin & Tonic
@Villago Delenda Est: NBD.
Xecky Gilchrist
Twitter, Spotify and Reddit
No wonder I haven’t noticed anything.
Mj_Oregon
I’m looking at the Akamai attack monitor page and they show that Oregon has the highest number of attacks anywhere in North America in the last 24 hours. Anyone know why that would be?
Miss Bianca
@Alain the site fixer: “Crime in opera presentation”? Man, just when you thought the notorious RBG *couldn’t* get any cooler…
Les Bonnes Femmes
Okay, my Twitter machine is back up. Hopefully Netflix will be, too, when I get home. Black Mirror.
Central Planning
@Millard Filmore: Partially. Long term linux bug is finally getting fixed
But who doesn’t like hating on MS?
Shana
@hovercraft: I think he also gave a post-mortem of sorts at his synagogue her in NoVA after the 2008 election.
tarragon
@Dog Dawg Damn:
Twitter is fine. The DNS server that tells your machine how to talk to twitter is what’s having problems.
Villago Delenda Est
@Mj_Oregon: You and I are in Oregon? They’re out to get us?
Oh, wait…not supposed to go Donald. Need tranq.
Amir Khalid
@Adam L Silverman:
I guess Kumbuka really likes his Ribena.
Original Lee
@schrodinger’s cat: Does Putin have a sister? Because I was thinking about this scene in Dune today.
Somebody’s brother is very very angry.
redshirt
@Original Lee: I loved that movie. Shit got freaky!
Gindy51
Prolly Anonymous being pissy over Assange or some other shit.
Frankensteinbeck
@different-church-lady:
I think we mainly don’t do this because it involves an entirely new ventilation hole in the exterior wall.
The Pale Scot
@dedc79: May I Suggest Using the Nightstick Officer
Central Planning
@tarragon: a better description would be “server that tells your computer where Twitter is”
JR in WV
@Omnes Omnibus:
One of the most patient arresting officers in the history of arrests. If she had shut up and got out of the car, he wasn’t going to arrest her at all. But she wouldn’t shut up at all. So funny!
Our power has been off since a violent electrical storm yesterday afternoon. We have a Generac, which provided lights, heat, refrigerator, stove, etc. But no internet or TV, nor additional well water. It just came on, next door (up hollow) neighbor reported seeing multiple power co trucks at down hollow neighbors as they came home from work.
Lots of OT by the power company. They do a good job, but we’re so far up the tree of power grid lines, we’re always last to get electric back. The last really big storm we were down for 2 weeks! Neighbors spent all night cutting trees down over the road, it was like driving out in a tunnel the next day to get water…
Any news on the snack attack felons of the Loon Reserve take over plot? Speaking of sovereign citizen loons!!
JR in WV
@Gravenstone:
I for one will not need the innertubes to help me cast my votes for the various offices up for this election. Mostly Democratic, as usual. I’m a Yaller Dawg Democrat – I’ll vote for that Yaller Dawg over yonder afore I’ll cast a vote for a Republican! Not really, but kinda, esp this year.
Ruckus
@muddy:
Well….
If they aren’t citizens then they need a visa or a green card, no? And they don’t have one of those because they don’t recognize the department that issues them and they don’t have a passport from another country. But my first question would be if they don’t recognize the power of a deputy sheriff or the laws, then why did they stop in the first place?
I’m getting the impression that sovereign citizens really aren’t very smart. This could be a mistaken impression but all the evidence suggests not.
Ruckus
@Jim, Foolish Literalist:
FuckYou193924times/asshole
Is a much stronger password