Kuro5hin Forced Down By DOS

Yenya writes: "It seems that Kuro5hin is being shut down as a result of the automated "spam" attacks in previous three days. It is a shame that good work of Rusty and other volunteers can be destroyed by some clueless attackers. I hope they will not give up and try to resurrect the site soon." Yenya was one of many who wrote about this - I personally like kuro5hin and I hope they can find a way to get things working again. Hopefully we'll get more news on it today - stayed tuned.

Re:Obvious suggestion

[Ramses0]

It goes deeper than that. Somebody has got it in their head that they want to slam k5. No matter if it's hosted on /., or out of rusty's house, or out of rusty's work, or on www.microsoft.com, the spammers still have the goal of slamming k5, and all the bandwidth in the world won't help.

Why don't you pu$$ys do something about it!!!

[topdogg]

Before I get flamed there is not alot i can do, and i'm sure there are others that really couldn't do much, but i'm a good leader for a paq of mad crackin fooz. ;) Do something about this, let's find these punks and show them what the internet is all aabout,, COME ON it works both ways, it's not like the internet is a one way pipe. dang!

Heh

[pixelix]

Could anyone imagine how crazy that headline would look 10 years ago?

"Kuro5hin forced down by DOS"


--
jambo
system.admin.without.a.clue

See what happens?

[jabber]

/. says "Check out [link]this[/link] site" and the little web server in a match-box goes down for a few hours. Then comes back, and no one cares.

/. says "Of course there's an obligatory 'Slashdot is censoring the story' post on [link]Kuro5hin.org[/link]" and a wanna-be 733t3 haX0r goes on a crusade - effectively censoring K5 - and /. posts a front page article about the event.

Nevermind the slashdot effect - beware it's wake.

hmmmm

Wouldn't it be terribly unfortunate if some feature^H^H^H^H^H^H^H bug were to reveal the IP of the person spamming this thread? I, for one, would fear for that person's continued connectivity. For months.

Re:Not only is the site...

[Paradigm+Lost]

Can anyone point me to some articles that pertain to the psychology of script kiddies and their thinking of WHY they want to attack and destroy other computers with such non-sense?

I think the name "script kiddies" pretty much sums up their thinking. They're immature little undeveloped (probably teenage) computer users that think it's cool/hilarious to piss someone off when the victim can't do anything about it.

Hopefully, they grow out of it eventually, but by then the damage has been done, and (unfortunately) another immature pratt will inevitably rise throught the ranks.

(please note I am not saying all teenagers are immature. Only script kiddies for sure.)

Re:Or...

[Apotsy]

But it seemed like they were keeping up with it. Yes, for a brief period on Monday evening the story queue was full of junk, but it was quickly taken care of, and things (seemingly) got back to normal. My impression was that keeping up the appearance of things being normal was just too overwhelming in the face of all that crap.

Re:Surprise

[dagoalieman]

My friends, never underestimate the power of large groups of stupid^H^H^H^H^H^H nerds

If we had a bit of nerve, we could do this simply. K5 and /. get together on this. Once this little dippie gets back online, post his ip/nameserve/webpage/whatever to BOTH sites at once.

We could run several DOS^H^H^H /. attacks on them. Sure, k5 and /. may get in trouble, but I bet you the little kiddies won't screw with us for a while.

By doing this, it will show that there IS support for k5 and /., because I doubt the trolls will get in on the action. If they do, my respect moves up for them just a little. Overall, a feelgood for everyone involved, and a message to the morons out there.

Re:/. spammage

[DeadSea]

I think he was suggesting a sliding scale. If a post is marked as a 5, you almost always want to read the whole thing, no matter how long it is. But if its a 0, then chances are, that if its long, its spam. Let me just see the very beginning of it.

IMHO this is a very good idea.

Re:/. spammage

[ufdraco]

Well, other than the thing, this already exists. Just use and it will become http://example.com/.

Re:This will never bring you down

[Quietust]

Just like the other 5 replies to your post. And the hundreds of others that have been appearing all over Slashdot. I fear that these goatse.cx kiddies are the ones who will bring Slashdot's demise...

-- Sig, 120 chars --
Your friendly neighborhood mIRC scripter.
if (ismoderator(reader)) hidecomment(this);

Why? I'll tell you why...

[Lion-O]

Before I go on; this whole article consists of some speculation allthough I'm convinced about some parts of the story. And as allways its merely my own opinion...

Many people ask themselves why and iirc some organisations are even spending thousands of dollars on it 'cause they want to know what could motivate a person to do something like this. In this case its a site which isn't as well known as, shall we say, Amazon but IMHO much (maybe most) of the DoS attacks done by 5cr|py lus3r5 are solely for that oh so burning feeling of having control and having power over something. I know; nothing new here.

The only problem with having control and power is the question if you are capable of dealing with it. Those DoS attacks proof to me that the most kiddies doing it aren't capable of handeling anything what so ever. Most are just loosers, nothing more, nothing less. And yes; this is easilly said but gimme a change to explain myself... In most cases starting up a DoS takes nothing more then knowing how to operate a program. Installing the exploit on some servers is in many (maybe even all) cases much easier then people claim it is. There are millions of servers on the net and not all of them are secured in the way they ought to be. If you really want a good amount of servers to attack someone you don't want to spend to much time on breaking into one. Heck; the longer it takes to set up / prepare your "DoS cluster" the higher the risk that your exploit gets discovered, allthough on some servers this risk isn't there alltogether. And once we're done its picking a target and voila.

Is this 3l33t? Nay, but this probably is the best these morons are capable off. If you can't beat 'm make their lives miserable. Dunno how to hack your way into a computer system? Disable it. Sure, it is a felony these d00ds are commiting but IMHO they don't deserve all the blaim. The more you mention them the more 3l33t they feel.

So why focus on the messenger while the real problems lies elsewhere? Everyone with a small piece of understanding knows where the problems lie yet no-one seems to care enough to do something against it. Hosting providers could make a start by checking the systems being put online. If it meets the security approval it can be placed online. When the system is one big security hole; tough luck. I truly believe this is technically possible. Only problem we are facing now is money and competition. If one hosting provider would start by setting up security "seals of approval" you can be sure it'll go bankrupt 'cause the competition won't.

And thats why I feel that those organisations are the real persons responsible. Not only that but they seem narrow minded as well. If they would invest the time and money (the money lost by customers who aren't capable nor willing to secure their box(es)) they would make the Net more secure while still keeping control of the freedom we are having now. If they don't then I'm pretty sure that one day a politician will get a brainwave and will "make" the goverment kick in and enforce all of this. I don't have to tell you that the latter option will probably bring more then just a "safer Internet". The more important the Net is becoming the higher the chances this scenario will unfold IMHO.

Re:Why? I'll tell you why...

[Hizonner]

I used to do security for the products of a major Internet equipment vendor. I spent a lot of time talking to people at other vendors.

The vendors know some ways to make things more secure, but they've learned that their customers don't really want them to do it. Customers (ISPs, businesses, whoever), talk about wanting more security, but when it comes down to a choice between better security and more new features, they always pick the features. If you take the time to make your product more secure, you get killed in the marketplace.

I know of a commercial UNIX workstation vendor that tightened up default security... things like making the user set a root password at login, and not allowing rsh access to every machine on the network by default. The first time they did it, their customers made them undo it, because it was too much work to configure things right, and it was easier to just leave everything open.

It's so bad that one guy who had a job like the one I had, Mark Graff from Sun, has publicly called for government regulation to force people to release secure systems... not because the vendors don't want to release secure systems, but because the competition was making it impossible for them to do so.

There's hope, though. People are starting to really care. Another couple of years of this, and customers may start really demanding security, instead of just giving it lip service. Someday, that hosting company with the "seal of approval" may actually have a competitive advantage, because the guy in the next rack will know that it's less likely the whole data center will get shut down.

Let's hope...

Better Code.

[Mullen]

I dont know what they run (Slashdot, custom), but they add bunch of checks that would prevent such abuses. Post to much; blocked out. Can only submit a X amount of stories. Try to issue too many commands (Automated attacks); blocked from the site. Reload pages to much (Again, a script attack), blocked out. Its just a matter of watching what happens and then adapting.
If they need coders, I think a number of people would be avil to write that. No one likes to see the good guys lose.

Re:Better Code.

[slycer]

The code they use is scoop

It's hard to explain what was happening at kuro5hin to someone that has never seen it. The stories that were submitted there were seen and voted on by all users. If the story was good and got lots of +1 votes, it was posted, otherwise it was not posted. Rusty (the maintainer) did not want to stop anonymous story posting because kuro5hin would lose a lot of good stories. They did ban IP's that these were coming from, but the attacker had many to come from. Blocking subnets was the same deal.

Re:Something needs to be done.

[-brazil-]

that should be your first instinct.

Only if one assumes that all politicinas are malicious. And that it turn says quite a bit about the people who elected them, i.e. you, doesn't it?

Re:Story moderation is best

[java_sucks]

I respectfully disagree. I found the story moderation concept just meant that I read all the stories in the queue and never went back after they were posted. In other words it detracted from the discussion part that makes slashdot so popular.

I also disagree strongly with eliminiating the anonoymous posting. I think there are good reasons for some people to post anonymously and you take away from the discussion if you eliminate those people.

Re:/. spammage

[TheTomcat]

I don't mean to flame here, but:

Do me a favor?

Resize the window where you view the comments (netscape, explorer, etc) so that it's really skinny. What happened? Those comments that used to take up 3 lines now take up 25 lines.

View slashdot at 1024x768. Count the lines in a given post. Now change your screen resolution to 640x480. Find that same post (WAY further down the page), and cound the lines in it now.

There's absolutely NO way of determining how many lines a given post contains. The best you can do is measure number of bytes.

The only other thing you could do is set <br>'s to have a value of 75 bytes or something.

Re:This really pisses me off . . .

[Stephen+Williams]

I would like them to do community service using computers to help people - doing a web site for a senior citizens' group

Using nothing more than COMMAND.COM and DOS Edit. That way, they get to help other people and suffer for their wickedness!

-Stephen

Re:This really pisses me off . . .

[Peter+Dyck]

what punishment would other readers suggest

Put them on probation and hold them on as tight restrictions as Kevin is being held. If they make a mistake, lock'em up!

Re:Sadness indeed...

[nevets]

Actually we did care when Yahoo, CNN.com, etc. was attacked. But we were not emotional about it.

it must take a special kind of asshole to attack a nonprofit site like Kuro5hin. I feel sorry for anyone immature enough to pull a pathetic stunt like this. This is no better than kicking dogs.

That line actually answers your question.

We cared about Yahoo, CNN etc. But those don't seem to be as "human" as Kuro5hin. We can relate to people spending their own time doing something right for the community, and are really annoyed when some ass pulls a stunt like this. But when it happens to corporations, we may be upset, but its a company and not a person. Yes some people are affected by that, but it is more like "part of the job". Volunteers should not have to deal with this crap. (although, no one should)

Steven Rostedt

Browse at a threshold of 1

[Horizon_99]

Filters pretty much of the crap, of course you could call this censorship, but "hot grits" and Portman references I have no time for...

-Ben

Re:Anti-troll / spam filter idea for slashdot!

[Quietust]

And while we're at it, an 'excessive bold' detector might be nice (perhaps limit a post to 30% bold or less; you should never need to emphasise THAT much), which would help get rid of the farm animal fawker and the E-Commerce spammer.

-- Sig, 120 chars --
Your friendly neighborhood mIRC scripter.
if (ismoderator(reader)) hidecomment(this);

Re:And it gets reported immediately on /.

[Steve+B]

Slashdot has been slow to report their own downtimes; in many cases not reporting them at all.

Somebody moderate this up as "Funny" -- reminds me of the story about Marketing wanting Engineering to add a light that would come on if the battery died.
/.

Re:Is this the future?

[ContinuousPark]

To me, we should be talking about this in the same manner we do when someone says or asks "Where's Mozilla?" or "Mozilla sucks". We often answer back, well, if you think you know so much about browsers, stop complaining, you can help, start writing some code or collaborate in some way with the Mozilla project.

Well, instead of talking about what is wrong with script kiddies and moaning about how sad is that the Internet (parts of it) can be brought to his knees so relatively easy, we should be finding ways to protect it against that. I believe this is a job the IETF should pursue, so in the scope of our possibilities, we should be more in contact with this organization, helping them out, proposing new solutions. I don't know much about this but we may need some architectural solutions to deal with these attacks. It turns out that the future of the Internet (as for instance, the future of Mozilla) is potentially in our hands via IETF and organizations like that, isn't it?

Re:/. spammage

[Spudley]

Counting lines wouldn't work as well as bytes: the browser's width and font settings make it hard to do. You could count
tags, but then they'd just post huge long one-line paragraphs.
A possible solution would be to count the bytes, but add a weighting to <BR> tags so they're counted as more than just four bytes.

Re:This will never bring you down

[-brazil-]

If 20 copies of this were posted as reply to each and every regular comment, it would render the site unusable.

Re:Surprise

Lots of people come to get the extra info that only readers can provide. Nothing against Cmdrtaco or Hemos or the rest of the SLASHDOT crew, but there are somethings that they just miss.Readers/posters make up for where the SLASHDOT team can't go any further. It's also nice to see some real world responces to stories. Instead of the story writers just just jamming the news down our throats if we like it or not. Yes you can choose not to read it, but then you wouldn't keep coming back to the site if there are many stories you don't like. Posting has it's own part of being useful.

Add some damping to the loop

[Max+Hyre]

Probably the major problem with weblogs is the instantaneous feedback. Remember the ``flash crowds'' in Niven's teleportation stories (All the Bridges Rusting IIRC)? We have exactly the same phenomenon going on here.

How to fix it? Put some damping in the feedback loop by delaying the appearance of posts, while still assigning karma. The higher your karma, the sooner the post appears. Voila---the trolls and kiddies no longer get the instant gratification they want. What's the fun in working for fifteen minutes to hose a thread when you don't see the results for half an hour?

What??!! I hear you scream, half an HOUR? The discussion's dead meat by then!

Erm, no. Any comments worth reading now will be worth reading in half an hour, or even an hour later. Such a delay would also help damp the rush of mis-informed comments from those who haven't digested (or even read) the story, and thus the reflecto-flames from those offended by such witlessness.

Take any civil or electrical engineering or differential equations class, and learn why damping is good. (Check out the Takoma Narrows Bridge for a short course.) That's part of why you always hear the New York Stock Exchange results are ``delayed fifteen minutes''. (I suspect the other part is so the dealers can get their cut before the unwashed get a shot.)

Bottom line: Slow things down, it can only make them better.

Re:Add some damping to the loop

[jellicle]

That is possibly the most insightful comment I've seen about a discussion forum this year.

--
Michael Sims-michael at slashdot.org

Re:Add some damping to the loop

[look]

I'll second that. It's a fascinating idea.

I'd also like to point out that by extending the period of time between when a post is submitted and when it is displayed could be used not only to dampen the effects of trolls and other HUMAN factors, but as a bandwidth throttling mechanism. If a weblog got hit by 1,000 comments in a row, but there was a delay in posting, those comments could be spread out evenly in that time period to reduce the effects of the /. effect on itself...

Re:Everyone for himself...

[Lion-O]

Is the future of the Internet a place where only the most well-monied companies can afford to defend themselves

If that were the case then sites like yahoo and amazon didn't have to cope with this as well. As long as clueless lusers can hookup a machine on the Net and feeling extremely c00l about it you'll be facing problems like these. Lusers like that who aren't even capable of securing their iMac with one mouseclick (no offence intended at iMac here, just naming it due to its user friendlyness).

What seperates these lusers from the rest? They have the money to afford themselved being on the net 24/7 (T1?) unfortunatly don't have the brains for it.

Re:/. spammage

[paranoidfish]

We obviously need meta-meta-moderation

Obviously. And meta-meta-meta-meta-moderation. That'll solve the problem. Yup.

</sarcasm >

Re:Use the comunity to find the culprits

[HiQ]

Perhaps this is not such a bad idea; aren't most of the /. & K5 readers hackertypes. Setting up a site with the purpose of informing about these activities, and finding & exposing the culprits. With a bit of combined effort, this shouldn't be too difficult?
How to make a sig
without having an idea

Re:This will never bring you down

[-brazil-]

So far, I see no reason to fear. I've seen stories drown in garbagr posts months ago, and the situation seems to have improved rather than worsened.

Obvious suggestion

[Alik]

If Slashdot is truly sorry about what happened, how about donating a bit of their shiny hyper-powered VA resources to temporarily host kuro5hin?

Re:Obvious suggestion

[jellicle]

It's not server resources that are the problem.
--
Michael Sims-michael at slashdot.org

Re:Obvious suggestion

[Alik]

Oh? They claim part of the trouble was being hit by a DoS attack. Last I heard, Slashdot had recently set up a whole bunch of anti-DoS hardware and expanded its load-handling ability. Seems to me that would solve the load problem, though the troll problem remains.

Re:Obvious suggestion

[topdogg]

no shit, i was thinking this... Why don't slashdot do something for the internet instead of soakin' up our money... Hmm guess we just all need to read S2 and forget this lame "no news" site. I only wish i knew who did this to k5. I could show them some of my mad sniper skillz.

Re:I agree with your point, but not your logic.

[Karmageddon]

To me, this is a point in favour of the "little brother" approach - if there are people who are clueless enough to let it happen, they should be punished until they fix the problem.

right! and while we're more or less in agreement, I want to change your spin. It's not punishment, it's managing abusive access to a scarce and privately financed resource given over to public use, and it's managing it in a very open way and giving people recourse.

Re:trust-based models

[slycer]

Actually IIRC they were blocking just single IP's vs full subnets.

Re:Looking to establish a discussion based site

[ContinuousPark]

You might want to take a look at Advogato, specially their so-called trusted metric.

From the mission statement: "The other major focus of this site is a peer certification system. The members of this site certify each other, specifying one of three skill levels. Then, I've got a trust metric that takes the whole pile of certificates and decides a trust level for each member. What makes the system interesting is that it's attack resistant. If a bunch of attackers were to create lots of accounts and mutually certify each other, only a very few would be accepted by the trust metric, assuming there were only a few certificates from legitimate members to the hackers."

Note that I'm not saying that this is better than the /. moderation system, it's just a different option.

Andover.net conspiracy?

[barooo]

I'm not proposing this as truth, merely advancing the idea... But this could lend some credence to all of the "man, /. sold out to the MAN" mumblings.

Perhaps ANDN saw k5 as a competitor, and in order to maximize shareholder value, told CT & company "put some links to k5 on slashdot. let's see if we can attract the script kiddies & hot grits people over their way".

At any rate, I do believe that the recent spate of slashdot stories mentioning k5 led to their downfall. Whether or not that was part of the man's plans, I don't know.

Just my $.02 CAN.

Re:This really pisses me off . . .

[HiQ]

I somehow doubt that they have *any* talents to put to use. As another poster pointed out, the majority of those actions originate in jealousy & frustration. Maybe a nice punishment would be to tear their website down (if they have one). Although revenge is never the good option, maybe that's the only way for them to see the consequences of their actions.
How to make a sig
without having an idea

Re:And it gets reported immediately on /.

[Tim+C]

Go read the page at kuro5hin.org - they're not down, they're off; they've taken the site down and have no immediate plans to put it back up.

This isn't a hiccup, this could well be the end of k5.

Tim

Re:trust-based models

[mattdm]

Kuro5hin did try those things -- the attacker apparently has a wide base of cracked systems to work from, and way too much time on his/her hands.

--

Re:Moderate into oblivion

[Karmageddon]

the liability is not in deleting. but if somebody posts something like "Daniel Schorr got fired for lying" or "Nina Totenburg got fired for plagiarism", if you delete other stuff the claim can be made you should have deleted this stuff. Though, I tried to pick stuff I've heard is true so I wouldn't be guilty of it.

hacked

[core10k]

Whoa! Slashdot got hacked some good. Did kuro5hin get hacked at the same time?

Re:Kuro5hin was the new slashdot

[Gerund]

Wouldn't it be a bit processor intensive to render a seperate image every time somebody wants to post something? Seperate images for digits would be now good, as they'd just check the filenames. If filenames are variable, they'd check file sizes. So you have to have your number on a sperately generated image each time around.

The obvious solution is to have a huge store of these images ready to use somewhere, so the web server just has to choose a pre-rendered image.

Re:Surprise

[Azog]

Well, if you browse at +2, the signal to noise isn't too bad. A lot of "me too" type posts that don't add too much, a few morons, and a few really good posts.

If Slashdot didn't have the discussion area, nobody would be here. Instead, everyone would just check Wired, CNet, Blues News, and about 4 other sites. Between them, they get at least 90% of the stories that come up here, plus a lot more, and are more accurate.

But the level of trolling sure has increased. I try to read every response to any of my posts, and if I ever lower the threshold to -1 I'm amazed at the amount of junk down there.

By the way, this post is borderline between a "me too!" and interesting... :-)
Torrey Hoffman (Azog)

hmmm,

[Mr.+Quick]

sounds like an rookie attack.
combine that with the fact that they talk about security alot, it would appear that rusty's threat is not a hollow one.

let's hope they makes a record of their pursuit.

Re:Looking to establish a discussion based site

[Kaa]

don't tell people whether they have moderator status or not. Just let everyone moderate and ignore the actions of those who don't currently have the status.

Bad idea.

Moderation is a drain on my time: it is a service I perform as a member of a community. If I know that most of the time it will be pointless -- no more than empty mouseclicks -- I will not do it all.

Kaa

I was thinking along those lines.

[marlowe]

Rusty responded that this sort of approach hadn't worked on Slahdot. I still think it's worth a try. Maybe after everybody's calmed down over there.

Money, I guess

[pwhysall]

"But why, (if I may be so bold) didn't anyone seem to care when Yahoo, CNN.com etc. were being brought down by attackers?"

Because those sites exist for one reason and one reason only - to turn a profit. Sure, their admins and staff care (that, to me, is part of doing a professional job), but only in the same way I care about my servers at work. I care because my employer pays me to care.

K5 was done because people WANTED to, not because they HAVE to. And that's why I do care about K5 getting DOSed, and I don't care about BT getting DOSed.
--

Re:Money, I guess

[nlvp]

What's wrong with making money? If a site goes up that provides something I like, that makes money, then it's my tradeoff as to whether or not I choose to use it. If I choose to use it and it gets DoS-ed, then I'm annoyed.

Looking at it another way, if Kuro5hin gets DoS-ed, then the free time that someone committed to it is sacriliegiously abused. If a company gets DoS-ed, then the loss of profits, the damage to business and the aggro caused to the people that work there actually damages people's livings.

I'm not saying one is worse than the other, I'm saying that either way, it's a violation, and it's stupid, uneducated and bad, but I find it excessively "worthy" to cry about one and not the other. Especially when the immediate net cost to society in terms of hassle to people and loss of service is much higher when a site like Yahoo! goes down.

Do they have the IP of the attackers?

[Nicolas+MONNET]

Even if there was multiple IPs, they should be able to track it down somewhat at least.

Re:It's very, very sad

[tzanger]

I'm reminded of a day at the beach a few years ago where I watched a father and his son build a sand castle. When the finished, the father said to his son, "Do you know what the the best part of this is, David? It's WRECKING the castle!" and then the boy proceded to kick and batter the towers while his father laughed encouragingly.

What the hell's wrong with that? If that were my son and I, I would do the same. My son, depending on his mood, would either protest furoiusly or he would dust the castle in a split second.

Why let someone else destroy your hard work? Why let the tide take it out? Go down in a blaze of glory if you want to get rid of it! It's nice to create but if you want to build something else you usually have to destroy something in the process. There's a zillion reasons for destruction, the least of which is "just because I want to."

Now, if that were someone else's sand castle and he went to tear it down, I'd tear a strip off of him, whether they were around or not. It's called respecting other's work and realizing that you can do what you like with yours. If he didn't want to kick it down, I wouldn't encourage him to. However, if after spending all that time and effort he did want to destroy his sand castle, that's his perogative. When he wants to tell someone else what he built and they want to see it and he can't show them, he'll learn a little something. Yes destruction is fun, but it also ruins your ability to share it/show off/etc.

Script kiddies actually enjoy destroying other people's work.

Yes, but what does destroying other's work have to do with destroying your own?

Re:Looking to establish a discussion based site

[grahamsz]

You could base the credit for the moderation on the number of people to moderate up after you moderated up.

So If i moderate a +5 article, I directly gain nothing but the previous four people who moderated it do gain. This means that the person that does the moderatation from 1 to 2 can quickly gain more power and the straggling 'me-too' people dont get as much.

Re:Looking to establish a discussion based site

[Ramses0]

Ack! /me was a dumbass. I'm been so used to visiting K5, it didn't even occur to me that kuro5hin is down, and that's why we're having this discussion ;^)=

Anyway... If you send some email to rusty, he might be able to dig out some archived stories with comments about moderation. Or check the scoop site for maybe some more info.

--Robert

How does Slashdot prevent this?

[John+Jorsett]

How does /. prevent this same type of attack? Or does K5 operate differently?

Re:It's very, very sad

[penguinicide]

If I remember from my childhood first I liked destroying things because that was all I could do. Once I matured a bit I began to prefer building things. (and still do)

By guess is that the scriptkiddy ran into some developmental problems growing up and is now trapped with a childs mentality.

Not Money..

[slycer]

The difference is..
I LIKED kuro5hin.
A lot.
The other sites I could care less about. When I heard that Yahoo had gone down I couldn't care less, just was curious about the media hype that would occur.
When I visited Kuro5hin this morning (before seeing this) I felt like somehad had reached into my stomach, grabbed the vital parts and twisted them around a little bit.
There is your difference.

Re:Not Money..

[nlvp]

I was talking about damage to groups of people, and the relative total damage that that causes. I also meant to refer to the point that both involve wanton damage to other people's property, and when you start ranking them in terms of "badness" you imply that one is "more Ok" or "less bad" than the other, whereas my argument is that the target is largely irrelevant, it's the act that deserves contempt.

If your argument is based on your personal emotions regarding this specific incident, then you can only be right, since only you can express how you feel about it.

Re:Not Money..

[slycer]

Ahh, ok,
I had you confused with the AC that asked why we were crying about this site on slashdot.

Plain and simple fact is this story got posted because Hemos likes kuro5hin. Apparently there are a lot of /. readers that do as well. Hence an outcry goes up. This is in addition to the fact that kuro5hin is a similar community to /.

Re:Not Money..

[mezzo]

And just when I started to look forward to read kuro5hin in the mornings :(

Re:Looking to establish a discussion based site

[Azog]

I think that instead of a moderation system that just lets people bump a post +1 or -1, moderators should be able to pick a level for the post.

Then the computer would average all those moderations together. For example: Somebody makes a good post, and it starts out at 1. Moderator A rates it "Insightful" and "5". Moderator B rates it "Interesting" and "3". Average them all together, (1 + 5 + 3)/3 and it would show up as "3".

You might need to simplify a little. Perhaps instead of the numbers, have a scale like "Crap, Useless, Ordinary, Good, Very Good, Excellent". Maybe just use that and drop the Insightful, Funny, Interesting part of moderation.

I think that would be simpler for people, even Arts students. (heh. You said it, not me! *ducks*)

However, I think Slashdot works amazingly well, considering how many trollers and losers are attacking the system. So if you think your site is going to be big, or will have a lot of losers on it, you might want to stick with what is known to work.


Torrey Hoffman (Azog)

A real shame

[willie150]

Kuro5hin only came up on my radar a few weeks ago, but I've been visiting it daily since. It just filled a hole that /. was lacking; there was a real community, not just a bunch of people posting comments.

But I don't think it was very wise to put:

To the person or persons responsible for this: we will find you. You will be sorry. I hope you'll learn something.

at the end of the message. This is going to piss whoever did this even more, and probably get them even more worked up. People who enjoy doing this are not resonable, rational people who care for the good of others.

If k5 ever comes back again, it'll probably get taken down by this person again.

A real pity.

Re:Another DoS Attack

[JDisk]

A mirror of cryptome can be found here.

Re:/. spammage

[MostlyHarmless]

I'm not really that much of an idiot, I just play one in the movies :-)

I meant just count br's, but I forgot about multi-line lines. Of course I knew that a line would be a different size in people's browsers; I just forgot the little detail that trolls would just remove all the line breaks from their posts. w/e.
--

About calling the attackers "losers" and "idiots".

[marlowe]

I can understand calling them idiots if you are referring to moral idiocy. But suggesting that they lack mental competence?

Let's be realistic. They pulled this off. That means they're not complete morons.

We've got a real problem here. Disparaging the enemy doesn't help anything. In fact, it's kind of childish. These people are resourceful enough to be a concern. Let's take them seriously so we can beat them.

I see this as a war. The enemy, for whatever dark reason, has seen fit to attack us. They have the technical skill to do some real damage. We need to fight back, and not just with words. We need:

1) Better defenses. Way better.
2) A strategy for counterattack, preferably legal.

and optionally:

3) a way to win the war, so we can get on with our lives.

Dammit, I want Kuro5hin back. I don't have time for whining. Let's get focussed, people.

Re:It's very, very sad

[Ventilator]

If all mankind would be clever enough, to appreciate the freedom of anonymity and would not abuse it with things like DoS, child-porn or racism propaganda we wouldn't need any accountability or whatsoever.

Oh what a wonderful (virtual) world this would be...

I stand by story moderation

[pwhysall]

but take your point on anonmity^Wanonymitity^Wanonimity^Whiding your identity.

Perhaps the ability to post anonymously should be restricted to registered users - i.e. if you register and log in, the system will allow you to post without attaching the fact that you did it to the post. If you see what I mean, and given that explanation you probably don't :)
--

Re:I stand by story moderation

[java_sucks]

I understand what you mean and that would probably work well enough. I think posting anonymously gives you certain freedoms that allows for more frank discussions at times, and yes, the flip side is that people can abuse those freedoms. Freedom does not come without a price, but it's worth it in the long run.

Re:I stand by story moderation

[Quietust]

The only result of that is that the spammers and trolls will just start registering hundreds of accounts.

That, or Slashdot could implement something rather interesting: the ability to distinguish unregistered anonymous comments from registered anonymous comments. The only difference would be that, intsead of labeling registered anonymous comments as "Anonymous Coward", they would be labeled as "Anonymous Hero".
Though I don't know exactly how well this would work, it seems like a good idea.

-- Sig, 120 chars --
Your friendly neighborhood mIRC scripter.
if (ismoderator(reader)) hidecomment(this);

Re:Kuro5hin was the new slashdot

[homoted]

I wouldn't bet that even disallowing anonymous postings does stop the automated crap.

I'm bet that somewhere, someone have written a piece of software that makes it possible to post automated crap as a user.

Re:Not quite

[penguinicide]

Actually if you look at it from my perspective, someone did destroy my library. I no longer have access to it, so effectively it is gone. (same with almost all other readers)

The repairing(time+energy) of the site would be akin to repurchasing the entire library of books.

Re:Or...

[HiQ]

Had the same idea, but this morning I was reading a discussion that was filled with about 20 or 30 unreadable script-generated comments, and I could only read that page after reloading a couple of times. So I assume there was another DOS attack going on, especially because shortly afterwards the internal server errors started appearing again. Next time I looked the site was completely down, only showing the obituary. And I think it was going on a bit longer than just 3 days, last week I saw some of that crap too.
How to make a sig
without having an idea

From a technological standpoint, what can be done?

[Skeezix]

How does /. avoid these problems? Is it just higher bandwidth and faster/more machines?

Does k5 implement any sort of time delay between submissions (either stories or comments) coming from the the same ip address? Or was the problem that the attacker(s) used a highly distributed attack?

Just a few thoughts...
----

Re:/. spammage

[Kickasso]

Sounds reasonable. Also, I'd disallow the and turn [http://text.like.this] into http://text.like.this instead. At least for ACs and those with karma<0. You know what I mean. This can be done right now. Submission 'bots can be defeated right now, too.
--

Re:Same happened to Segfault...

[PotatoNO]

They did shut down their submission queue for a few days. And then made it all non-anonymous.

I thought all was well, but I guess the little f*cks just DOSed their server off the net. Maybe they started submitting new account requests and then filled the comment/story queue.

To whomever did this to such a great site FUCK YOU!

Re:No I'm not

[Wah]

You may not like what I do, but you're being unfair to attribute all of this to me, directly or indirectly.

Not all of it, and even the big in my original post was a bit off.

We're doing it for fun and a challenge, they're doing it because they have nothing better to do than fuck things up.

The problem comes from the fact that they look like the same thing. You take a relatively benign annoying pastime, make it competitive, and someone takes it too far. Anytime that something gets even the hint of organization or recognition, people will try to jump to the head of the class.

"Oh sure, you wrote some great trolls and fooled some folk, but I wrote a script that shutdown k5."

When you've gone through the trouble to put together a HOWTO, even in jest, it helps the thing grow.

Regardless, like the Simpson's episode, the K5 witch hunt will probably result in finding some kid with a head in a bag, begging for his life, screaming "i just wanted you to like me."

(note: I am only associating trolls and spamming because that's what I see here everyday. Spams of trolls. And the only reason I picked you is because you are a known troll and the first one I came across. I'm a big fan of pointing out people's hypocrisies, a point FOR trolling, but then again I hate trying to discuss something when you know at least person talking is just bullshitin' to piss you off)
--

Re:Anti-troll / spam filter idea for slashdot!

[Jeff+Ballard]

So instead of doing diff's of everything (as pointed out already this is n!)... do a histogram on how many times each word is used. Think of this as a fingerprint. If you see two posts with practically the same words used the same number of times (or, even, in the same ratio), then do the diff and flag it appropriately.

BUT, the trouble is that no matter what algorithm, if people want to find a way to beat the system they will. So now they just write a program to submit their stories, but change a random number of "o" to "O", or something. Never underestimate the power of a determined person.

The only thing that seems reasonable is an exponiential backoff in the number of posts an IP address is allowed to submit. After you're first post, you'll need to wait 1 second, after the second 2 seconds, after the third 4 seconds, etc. After the tenth post, you'll have to wait 512 seconds, or 8.5 minutes. Eleven is 17 minutes, etc. Reset the timers every hour or so... This way if you get people slamming the queues, the damage has some hope of being contained.

Re:Kuro5hin was the new slashdot

[Kickasso]

No I don't think it would be very processor-intensive. Did you look at slashcode? Concatenating several pre-generated bitmaps and adding random noize is a very small amount of work, compared to what it already does.
--

And this, coming from the proximate cause

[bkosse]

of /.'s loss of quality.

Thank you for proving your stupidity.

crackors' reasons? yeah, right

[boarder]

One of the most widely used arguments for hacking and cracking is that they want to find the flaws and security holes in a system. That's great and fine IF that is what they are actually doing.

Kiro5hin was a decent site that was totally free for anyone and what does someone do? They break it. I KNOW they weren't doing this "to point out the holes in the system." Everyone already knows this hole exists. They just wanted to do some damage because they have a juvenile, teen-angst urge to destroy anything that is vulnerable whether they have a reason to or not.

I hope they find the person(s) who did this. I'm sure they are only 14 or 15 years old so they can't send them to real jail, but maybe they can have their parents spank them and ground 'em for a month. If they are older than that, they should be shot for polluting the gene pool with their stupidity. IMHO

Re:crackors' reasons? yeah, right

[swordgeek]

"One of the most widely used arguments for hacking and cracking is that they want to find the flaws and security holes in a system. That's great and fine IF that is what they are actually doing."

I know this isn't your point, but I still have to call bullshit on anyone who claims this as a validation for cracking.

It's not an argument. It's not a validation. It's not a justification. It's an excuse for a bunch of juvenile delinquents to violate and destroy other people's property without any moral qualms.

If most systems were buildings, they'd have triple locks, security scans, and a receptionist. Lets face it--most computers on the internet are amply secure to prevent people from walking in either accidentally or with just a quick word. Anyone who breaks into our systems is the moral equivalent of an armed bank robber. Any 'security checking' excuses are only so much BS.

"they should be shot for polluting the gene pool with their stupidity. IMHO"

Agreed. Let's lock up the vermin.

Re:crackors' reasons? yeah, right

[aphrael]

It's not an argument. It's not a validation. It's not a justification. It's an excuse for a bunch of juvenile delinquents to violate and destroy other people's property without any moral qualms.

Yes and no. I have no problem with people breaking into systems (including my own) in order to find holes, snoop data, etc --- as long as they don't *prevent things from working*.

I won't leave an open door, because that's (obviously) inviting trouble; but I don't object to non-destructive behavior.

Deliberately knocking a system off of the net, however, is f****d up, and the people responsible should be beaten within an inch of their lives.

Re:trust-based models

[Kaa]

It's a "little brother" approach, the typical way social systems worked in the old days in small towns, where the vandal's mother generally knew about the vandalism before the perp got home.

Yeah. Small towns are also well-known for their intolerance and xenophobia. The system works well for preventing small crimes, but it works just as well for preventing anything that contradicts the notions of propriety in this particular town. People who are different are shunned at best, killed at worst.

Having said this I see no problem with Kuro5hin blocking off ranges of IP addresses -- he is providing a free service and he can do anything he wants. He has no obligation to the unlucky souls who happen to be in the same subnet as the source of his problems.

Kaa

Re:Anti-troll / spam filter idea for slashdot!

[Azog]

Good idea, except for one thing...

It would be trivial for the attackers to change just a few letters at the end of the post, completely changing the MD5 hash.

What would probably work better is some sort of "diff" approach. If a post is "too similar" to a lousy one it would be rejected. It isn't actually that hard to do similarity checking, and the load is not that high. After all, even on a busy day Slashdot only gets about 3000 posts or so.

This would get rid of the Jenna Elfman, Penisbird, Latin Lessons, and other fools. (I read one of the stories at -1 yesterday. Unbelivable!) I wonder if this would count as censorship? Perhaps instead of deleting the post, the system should just instantly moderate it down to -1.


Torrey Hoffman (Azog)

Re:Much ado about nothing...

[jacobm]

The problem wasn't that somebody did something naughty. The problem was that somebody did something naughty, they fixed it, somebody did something else naughty, they fixed that too, then somebody did something else naughty, and they had to restore their database, and finally somebody did yet another naughty thing that apparently was one naughty thing too much. I don't blame rusty for getting fed up after a stream of abuse.
--
-jacob

Shutup....someone please moderate this trash down

[Carnage4Life]

Why must people always try and sow malice and discord? Micheal posts to kuro5hin and lots of the Slashdot staff read it. When the DDoS attacks started rusty and crew were in touch with CmdrTaco who gave them several tips because they had been through the same thing.

To see worthless posts like yours that try to make a bad situation worse by creating animosity is highly distastefull.

Re:It's very, very sad

[Rombuu]

Well, I hope all of you people who bitch and moan whenever someone or some company take steps towards introducing some form of accountability to the internet (although this is always presented here as "Big Brother wants to destroy your privacy"), remember this sort of thing.

As it stands now, there really isn't anything that can be done... sad really.

Re:It's very, very sad

[warsawza]

DoS? or a link from ./ on the front page?

Re:trust-based models

[Peter+Dyck]

social systems worked in the old days in small towns, where the vandal's mother generally knew about the vandalism before the perp got home.

Ah, yes. The good old days. Don't like your neighbour? Don't worry. Just start spreading a rumour that she's a promiscuous little wench or whatever the narrow-minded small town mentality deems immoral at the time. The social system will take care of the problem for you. Quite nice, actually, until it's your head on the block for saying something less flattering about the local patriarch's nose in the pub.

Re:Good idea...

[dagoalieman]

Acutally, Scoop states that although we have given them significant load, and caused many ISEs, we haven't taken the site down. They're kinda proud of that, and should be.

Good luck to em getting back up, let's offer all the support we can.

Re:Much ado about nothing...

[Gleef]

They've put up backups. After several days of continually fighting to keep a website up in spite of constant attacks, you'd get sick of it too. I understand why they decided to give up, and I just hope it's temporary.

----

Re:Not only is the site...

[nagora]

There is not much to know about why script kiddies do what they do. They do it because they are kiddies, ie they are immature and still stuck in that pre-adult stage of taking pleasure in destruction of things not their own. It's the same thing that causes people to snap saplings in the park or spray-paint a newly painted wall: they get a kick from the thought that they've ruined someone else's work.

The bottom line is that they are incapable of producing their own works of art/skill/technical ability and their jealosy of those who can is sublimated into a childish "well I think that sucks, anyway" reaction, which develops into a hatred of anyone who can do it, from which the pleasure of un-doing other's work derives.

I speak from memory; I can remember these feelings from adolesence and they do still creep up from time to time. Adults control these feelings, children act on them.

I'm sure if you cast your own mind back and are honest with yourself you'll see there isn't any great need for papers on this - it's just (young) human nature.

TWW

Same happened to Segfault...

[andri]

A while back similar thing happened to Segfault. People abused their polls (you were able to add your own choices) and comments (yea, Natalie Portman etc).
Segfault, instead of shutting everything down, shut their comment system and poll system down.

Rather unfortunate that script kiddies and other 31337 h2x0rz can pull a whole site down with their stupidity...

You're missing the point

[marlowe]

Scripts don't spontaneously generate themselves, not they emerge from primordial slime due to rndom processes and natural selection. Somebody has to write these root kits and exploits.

That's the enemy. The script kiddies are pawns. Either we find the mastermind, or we construct our defenses so as to render the point moot. I think the latter course shows more promise of useful results.

Community? What community?

[marlowe]

There's nothing local about attacks of this sort. They cross subnet boundaries. The victim is in one place, the attackers are all over the globe. What can a "beat cop" do?

On the other hand, maybe a burbclave mentality would work. Turn `em back at the firewall (or at least the Digest handshake) if they haven't got a pass. So it becomes an issue of authentication.

Re:About K5

[_SIGKILL_]

One thing to add: Kuro5hin is pronounced "Corosion." It is a play on rusty's name.

Re:Or...

[meadowsp]

No it hadn't been slashdotted. The problem was idiots with automated things filling the submission queue and the comments with garbage. This is a sad day really.

I like it. But is it legal?

[marlowe]

Let's see.. no actual damage or sabotage, just exposure. They could argue invasion of privacy, entrapment.

Any legal eagles want to comment?

Re:No I'm not

[spiralx]

Anytime that something gets even the hint of organization or recognition, people will try to jump to the head of the class.

Yeah I suppose so, some people such as Vladinator take the whole "hidden" troll forum kind of thing waaay too seriously as if it were some kind of massive conspiracy. It's not like we're doing it to be 31337, but some people think that if they try and "out" us or hassle us it makes them cool for pissing us off.

When you've gone through the trouble to put together a HOWTO, even in jest, it helps the thing grow.

As with all of my trolling, the roots for that came out of being very bored at work. It, along with the troll archive, are up at my website :)

And the only reason I picked you is because you are a known troll and the first one I came across.

Yeah, I don't use this account much anymore because it has become known as a troll account, even though it's not - I've never used this account to troll or post shit. *sigh* Can't really blame anyone but myself I suppose :(

... but then again I hate trying to discuss something when you know at least person talking is just bullshitin' to piss you off

Yeah, but there have been some great points raised during the course of trolling and I can honestly say I've learnt a lot. Forcing people to defend a belief makes them explain it which helps everyone to understand it...

Why a link?

[kmcardle]

If the site is down or being DOS'ed, why did you post a link? Get some coffee, it's still early.
--
then it comes to be that the soothing light at the end of your tunnel is just a freight train coming your way

Re:Why a link?

[dvduijn]

Follow the link and you'll see.

Re:Why a link?

[-brazil-]

Because the link does show an explanation of the K5 crew of what's up. This wasn't a "total obliteration" DOS like the one against the bige sites some months ago. This attack only caused the site to be unable to work as a discussion forum because it was filled up with garbage.

Re:Looking to establish a discussion based site

[ethereal]

Maybe you're posting this to the wrong article, but are you aware that K5 is down? That is the whole point of this article, right? Searching that site is going to be a little difficult in the future...

Re:From a technological standpoint, what can be do

[slycer]

Slashdot doesn't - try browsing at -1 sometime..

knee: jerk!

[Karmageddon]

Ah, yes. The good old days. Don't like your neighbour? Don't worry. Just start spreading a rumour that she's a promiscuous little wench or whatever the narrow-minded small town mentality deems immoral at the time

or post something made up to Slashdot, or unfairly moderate it down just because you are a moderator... you've failed to make your case. The difference is just as much in attitude and the actual thoughts in people's heads as it is in the system.

the fact is that there are more promiscous little wenches in the world today, and because it's become more acceptable, and we have more AIDs and unwed mothers as a result. Don't get me wrong, those are probably good things, but don't blame the messengers.

Re:knee: jerk!

[ErikZ]

the fact is that there are more promiscous little wenches in the world today, and because it's become more acceptable, and we have more AIDs and unwed mothers as a result. Don't get me wrong, those are probably good things, but don't blame the messengers.

Oh yeah!

Actually, I blame Regan for spreading AIDS, I mean, before him, there was no AIDS at all! Like, maybe 5 people had it.

And when the messangers start to toss out very complex issues like unwed mothers, and focus the blame on ONE THING, you better have some data to back it up.

Which you don't have, I'm assuming we're talking about teenage single mothers. So tell me, what happened to teenage single mothers a hundred years ago? Fifty years ago? Things like forced abortion, shotgun weddings, being sent off to live with their 'Aunt', seem to add to the mess.

The fact is, people reach sexual maturity in the USA before society can deal with it. Although some of the blame rests on the individual, how long can you tell someone with a fully adult sex drive to hold off on sex?

Later
Erik Z

It's very, very sad

[pwhysall]

And very, very infuriating that the actions of one individual can take away something that has provided so much pleasure and information for so many.

If you, Mr Skript Kiddy, are reading this, beware. This is not the end of the story.

Speaking with Rusty and the gang on IRC I could feel the frustration and anger mounting since Monday.

I guess the best way of describing it is as if you provided a reading room of your *own* books, catalogued on your *own* time for people to use. And then one person came in, tore up the books, pissed on the floor and then disappeared.

It's a sickener and no mistake.
--

Re:It's very, very sad

[swingkid]

I think most of the vitriol spent on the privacy issues has more to do with the potential for abuse of any accountablility system, and less to do with people not wanting it at all.

Re:It's very, very sad

[Skim123]

I agree with you wholeheartedly. In fact I have a twisted sense of respect for those who destroy their own creations. Too many "artists" create their work primarily for approval of others/money. I guess anyone who creates something beautiful and then destroys it clearly created it solely for their enjoyment, not for others' approval or monetary gain.

Re:It's very, very sad

[Outland+Traveller]

There's some people out there who are intrinsically creators, and others who are more interested in destruction.

I'm reminded of a day at the beach a few years ago where I watched a father and his son build a sand castle. When the finished, the father said to his son, "Do you know what the the best part of this is, David? It's WRECKING the castle!" and then the boy proceded to kick and batter the towers while his father laughed encouragingly.

Script kiddies actually enjoy destroying other people's work. It makes them feel powerful. It's really sad that these leeches on society push us one step back for every two steps forward.

Surprise

[meadowsp]

Just look at the comments here so far. Can you blame them? I'm surprised that slashdot don't do the same. Everyone knows that the signal/noise ratio here is very low and you have to wonder why cmdrtaco et. al. don't just get rid of the discussion area.

Re:Surprise

[aTMsA]

But what if i like the posts from, osm or shoeboy? i find them fun, and i like to read them, i like the clever trolls, i just can't see the point on the automated spam that has been posted here lately. I think it could be solved you could set a treshold and a factor for each type of moderation, for example:

• Treshold: 4
• Insightful: *3
• Interesting:*3
• Funny: *1
• Troll:*2
• Flamebait:*(-1)
• Spam:*(-5)
• and so on...

Then a post moderated funny 1 times, troll 2 time, and flamebait 1 time, would end 1*1+2*2+1*(-1)= 4.
This way you could customise what do you want to see very well. Of course, maybe this would put too much strain on the database, i don't know, someone can give an answer about this one?

Re:Surprise

[ethereal]

I disagree - the SNR is fine if you browse at +1 or +2. As long as there are still good comments, it's worthwhile to maintain the discussion fora.

Re:Surprise

[lalas]

Everyone knows that the signal/noise ratio here is very low and you have to wonder why cmdrtaco et. al. don't just get rid of the discussion area.

Without the discussion area, there isn't much to /. It'd be just some links and an occassional Katz article. I don't even mind the signal/noise ratio here so much, but the conversational tone got lost when stories started getting 200+ comments in under an hour. Perhaps keeping more stuff off the main page is the answer?

Re:I just donated $20 to Rusty; how about you?

[fm6]

Good idea. PayPal gives a free $5 credit to new users. Use it to vote for civility and free speech!

I never used Kuro5hin.org (how do you pronounce that?). I'm doing this as a matter of principle.

Re:trust-based models

[Karmageddon]

shut 'em off automatically. I can't believe that the attacker 0wnz more than a very small percentage of available IPs.

Re:A new meaning!

[kevin+lyda]

why #2? did someone on /. dos k5?

No I'm not

[spiralx]

Wrong account idiot. I've never posted a troll under this account at all.

Re:No I'm not

[Wah]

for all your funny shit spiralx, you're a big part of this problem. You convince a couple people that trolling is cool and all of a sudden someone with less sense steps over the line.

Think Simpson's episode where Bart cuts off the head of the town founder trying to impress his "bad-ass" friends.

Hell, isn't there an open-source trolling script running around someplace. I've seen it used here, it couldn't be that hard to adapt to k5. Anyway, this whole thing sucks.

Personally I think Rusty and crew should take a week break or so and then turn the shit back on. The kiddie will probably have found some good pr0n and moved on by then. Plus it'll give them a well-deserved breather.

--

Re:No I'm not

[ronfar]

Hmm...

That puts me in mind of Abraham "Grampa" Simpson's comment in that particular episode:

I hope they find the punk that did this, and I hope they cut his head off!!

Re:No I'm not

[spiralx]

for all your funny shit spiralx, you're a big part of this problem. You convince a couple people that trolling is cool and all of a sudden someone with less sense steps over the line.

Why? I've never convinced anyone to troll, and I've never posted about it outside of the troll forums anyway, and anyone who is there is probably already interested in the idea. I don't "recruit" other trolls, and I definitely wasn't the first person to troll /. And I've never trolled k5.

Spamming is fundamentally different from trolling in the mentality behind it. We're doing it for fun and a challenge, they're doing it because they have nothing better to do than fuck things up.

Hell, isn't there an open-source trolling script running around someplace. I've seen it used here, it couldn't be that hard to adapt to k5. Anyway, this whole thing sucks.

It'd take about 10 minutes for someone to write a spam script to hit /. or k5 if they knew how. And yeah, it does suck, I like k5. I'd hate to see it disappear.

Anyway, whether or not I, osm and the dozen or so people who actually write trolls did it or not would have no impact on the amount of spam that /. or k5 received. You may not like what I do, but you're being unfair to attribute all of this to me, directly or indirectly.

Re:Good idea...

[anonymous+loser]

Hey, idiot. Did you look at the site?

Rusty has taken it *down* as in, kuro5hin is now just a single page that says they're tired of dealing with the problems, and they quit.

I don't think the slashdot effect matters much as this point.

NewsTrolls

[FFFish]

I suspect that the K5 DoS putz is the one who just got thwarted by NewsTrolls (http://www.newstrolls.com/). Just a few days ago, NewsTrolls implemented a sandbox system that allowed the putz to post his crap, without inflicting it on those that didn't care to see it.

Immediately after NT does that, K5 gets swamped.

K5 will resolve the problem, and the putz will target someone else.

It's a cry for help, even if it seems to most of us to be a cry for a bloody good beating. A person has to be pretty damned hard-up to waste so much effort doing something so pointless.

The putz falls into the category of people who deface murals, tip mailboxes, uproot saplings and smear shit in the washroom stalls: they're people who are desperately fucked-up and don't know how to ask for help, so they create situations where they'll have help forced on them.

--

Re:Anti-troll / spam filter idea for slashdot!

[mcelrath]

Except that a diff algorithm would scale as n! (n factorial). For the 10th post, you'd have to diff it against 9 others. For the 11th post you'd have to diff it against 10 others. This is by no means a computationally trivial task.

I once considered this to catch cheaters in a CS course I TA'd. But even with only 20 students, 20! diffs is a hell of a lot.

An IP-based frequency rejection would be better. (Quell requests/posts from the same IP if they occur too often). Then they'd be forced to use a slow DDOS, and what's the point of a DOS if it takes weeks?

--Bob

Re:Kuro5hin was the new slashdot

[Kickasso]

An easy way to defeat automated postings.

Upon each submission, generate a random number and render it to the user as a picture(jpeg or ascii-drawing, for those with text browsers) with some random noise added. Ask the user to enter the same number in the input field. No more authomated postings.
--

Re:Something needs to be done.

[alexpage]

You don't think that licensing parents is a good idea? Most people in this world have no idea of the responsibilities involved in child-rearing and are financially and emotionally unequipped for it.

Personally, I'm in favour of reversible vasectomies at birth...

IP based solution?

[Casshan]

Just brainstorming here, but I think some of these ideas could work with a few adjustments..

1. Why not keep a one-way hash of the IP address of the sender in the DB? If a message gets modded down to -1, and that same hashed IP posts again, say 3 more times, each time being modded down to -1, then give them the lameness filter message, and do not allow the post.

Granted this will impact firewalls, squid servers, etc, where many people would have the same IP address. Maybe in this case people with this hashed IP would get a message saying "this IP has been prone to abuse, and cookies are required to post" and then make a per-browser hash stored in a mandatory cookie..

2. Another option would be to store the actual IP of the sender in the DB, but say only for 1 hour. If the same IP keeps posting troll messages, then the IP address of the troll appears next to the message. (and only in this case) Of course the multiple-ip problem would be in effect here. IP's would be removed from the DB after the expiration date, except for the trolls

3. How about a "Troll IP Address" page, where IP's that are known to be trolls or DOS clients are posted? Some sort of Troll blacklist?


Basically I am trying to think of a way to remove anonymity from the troll messages, while preserving the anonymity of the normal posters. Whether this can be done in a practical way has yet to be seen.

Re:Kuro5hin was the new slashdot

[Jon+Shaft]

I wouldn't bet that even disallowing anonymous postings does stop the automated crap.

If they could automate it via anonymous cowrd, I'm quite sure they could just login first then post the garbage. I bet it's just a small perl script most of these asses are running. :\

Is this the future?

[ajs]

Is the future of the Internet a place where only the most well-monied companies can afford to defend themselves from the onslaught of attackers? Is popularity a death-sentance on the Internet? Sad, but it may come to that....

I will have to think twice about a few of the cool volunteer community sites that I had been thinking of building on my home systems.

Re:Is this the future?

[aphrael]

And who would reap the benefits should that ultimately come to pass? In other words, is it really in the interest of well-monied companies to stop these attacks?

That's unfortunately a good point. A lot of it boils down to how much money the company is spending trying to prevent this sort of attack --- the more they are spending, the more interested they are going to be in *not* spending it any more.

ULtimately, though, the volunteers in the community are going to have to realize that the companies *are a different community* with different interests and goals, and that we shouldn't automagically expect them to share our interests and goals.

Re:trust-based models

[mxs]

This would not help at all. The subnets the attacks came from are most likely NOT the ones of the attacker -- just the ones of some sorry people who have an open socks, Back Orifice, Netbus, or any other number of trojans installed on their hdd and are not aware of it.

Sadly, any script-kiddy knows about it. And they usually know how to daisychain those hosts to evade getting caught.

Im sad Kuro5hin is down -- I really liked being there. The discussions were interesting, the atmosphere great, and the focus just amazed me :-)

D&D in the Real World

[yzorderex]

The bully intimidating everyone analogy is poor. This is an invisible minion of the evil sorcerer. The sorcerer has taught his nasty little imps a few spells and sent them out into the silent war. Ah! the joys of malice.

Scoop's now down as well

[KMSelf]

Persistant buggers out there.

What part of "Gestalt" don't you understand?
Scope out Kuro5hin

K5

[KMSelf]

I posted a rough set of notes on what I felt are the components of a good moderation system at scoop (http://scoop.kuro5hin.org/). Unfortunately, the site's down at the moment.

Abstracting, the Scoop engine uses a bounded metric (floating point 1-5 score) plus editorial oversite (content can be removed) to filter content.

Some of the interface tools need to be improved. Bulk moderation (set scores, then submit en mass) and filtering (seting min/max thresholds) need to be implemented. There's also the whole issue of anonymous story and content submission -- I ultimately feel that a solution akin to that described by Larry Lessig in Code and Other Laws of Cyberspace, the "Yale Wall", is necessary. This describes a physical posting board on which anonymous posts were allowed (not garbage-collected), if signed, potentially by anyone. Weblog equivalent would be an anon queue, regularly cleaned out, in which registered users could "sign" posts, but wouldn't be obligated to. Anonimity is then a grant by the community, but isn't a fully free of responsibility.

I do feel somewhat strongly that there has to be an equivalent of what's called "karma" at /., though the past reaction has been rather strongly negative when the issue's been raised at K5. Advogato's trust metric is one implmentation, I think it's better than /.'s, but I haven't seen something that works really well yet.

What part of "Gestalt" don't you understand?
Scope out Kuro5hin

Slashdot can take it?

[CentrX]

If Slashdot can take such DOS attacks, why don't you make good on some of your claims of being for the community, or for the free software community. Granted, the queues would still fill up with crap, but that could be taken care with careful handling.

Chris Hagar

Police

[phwiffo]

It just shows that the internet requires some sort of police. Not a big brother type but that more of a beat cop or regular officer that responds to the community's needs.

In the realworld(tm) there are more domestic disputes, harassment, vandelism then murder and extortion. It seems the later is all traditional law seems to be interested in at present.

Now, not to diminish this event into a lower form of offence, we need some sort of governing body to investigate and take actions. I'm not suggesting to persecute all "hackers", technological curiosity is not a crime (yeah, so i mentioned that unmentionable movie.. that's the only point it really made that wasn't contrived and hollywood-ified). What needs to be stopped is internet assult. kuro5hin are victims and they are also normal internet citizens, most likely without vast financial resources for private legal and investigative recourse.

Why should they be vicitms?

Re:Something needs to be done.

[scorbett]

Someone has already suggested your idea. Check out the chrome ribbon campaign:

http://members.tripod.com/chrome_ribbon/

This site has been around since I first started using the internet around 95 or 96. It's a pretty elitist world view, expecting the internet to be reserved for a select few individuals.

--

That is crap

[viper3]

I dont know why people feel the need to do that to people that take there own time and money to provide some thing for them. I work at another page called www.cotse.com and we are all volunter, I know how these guys feel when people just kill the site for no reason. I hope they come back.

Re:That is crap

[viper3]

Well here is one of the Lamers now ... Hrmm can you say Luser to whoever made those posts. -=>Viper=-

Re:Everyone for himself...

[slycer]

I assume you're talking about kuro5hin and saying they are lusers. It's probably all a troll, but I'm having a hard time keeping myself from replying.

No, it was not a T1, it was an SDSL connection.
They worked VERY hard a security. Inoshiro has some EXCELLENT articles about how to secure a machine. This is NOT a DOS attack in the traditional sense - ie ping flood etc... This is a case of someone abusing the submit story button. The kuro5hin site was based on users voting on what stories they wanted to see make it to the front page. It was a good system, someone abused it, now it's gone.

Re:/. spammage

[TheTomcat]

Like I said, I didn't mean to flame.

I get regularly pissed off about such things -- I do web programming for a print firm, and they can't seem to grasp the concept of a piece not looking exactly the same everywhere.

In fact, just yesterday, I had to adjust the brightness on the laptop of one of our clients because the suits didn't like that the colors were'nt exactly the same on every monitor. I swear some of those people are going to start referring to me as "the 'THE WEB IS _NOT_ PRINT' guy." I need a better job or something. (-;

Anyway, sorry about the pseudo-flamage.

Re:ANTI TROLL COULDN'T AGREE MORE!

[King+of+the+World]

sid=slashcode or something, wasn't it?

If I remember rightly, the spam script could be defeated quite easily. It submitted directly using the static field names - if you change the field names (transparent to actual users) then the script wouldn't work.

If there was a randomness to the field names with a thousand or so blanks (field names with subject343423423456456434 for example) that might serve to filter out a lot of the crap.

Of course a few days later they'd make a script to pull out the field names then use those, but we would have a day or two of peace.

I'm partial to #2 myself.

[marlowe]

You can do this on a very low level, say between the listen() and the accept() call. Very localized, very efficient.

And application independent, too. Do it as a patch to Apache, and everybody can guard against this sort of attack.

Dunno about the other two. #1 has too much plumbing involved. #3 could penalize the clueless innocents whose systems have been compromised. We want to give them a dope slap, not have them attacked by an angry mob.

Re:Anti-troll / spam filter idea for slashdot!

[photon317]

I definitely agree that any attempt at semi-intelligent filtering must be moderated down rather than killed... you know that no matter how well thought out the system is, it will end up "catching" insightful, legitimate posts from time to time. At least with a mod down, it has a chance to be modded back up by humans.

Also, the diffs would quickly become overwhelming. Using a diff method would mean storing all "bad" recent posts, and diffing each new posts against every one of those...

While the md5 hash is of course easily circumvented, it's still a good system, it will eliminate people too stupid to circumvent it... Perhaps it would even have the unintended effect of filtering out redundant one-liner comment-stereotypes like "I Agree".

Looking to establish a discussion based site

[grahamsz]

I'm hoping to soon be running a discussion based site for non-techie users.

I was curious as to what methods of moderation were best to implement. Certainly I feel the /. method works very well but it's perhaps a little complex trying to explain to less logically minded (or even arts students) people what moderator status is, let alone whether they should actually use it.

Since I expect this to be mainly student based lots of people will be connecting through webcache and proxy servers so trying to just stop more than X posts per IP per hour wont work.

What solutions can you guys think of that dont involve me checking every post (and as a pro-free speech type person i'm not keen to force my views on other people)

Re:Looking to establish a discussion based site

[slycer]

Actually scoop is still up, most of the discussions about moderation/site maintenance/code sits there.

Re:Looking to establish a discussion based site

[slycer]

This is exactly how kuro5hin.org

Re:Looking to establish a discussion based site

[ethereal]

I didn't know about scoop.k5.org, so perhaps it is I who is the dumbass. Or we could call it even.

Re:Looking to establish a discussion based site

[rsidd]

How about something like how Advogato does it? You moderate users,
not comments. Everyone must log in to post. Established users have
posting privileges based on their rating, newcomers posts must initially be
vetted by someone. May be a good idea for slashdot too, actually.

Re:Looking to establish a discussion based site

[stevelinton]

Use the slashdot system, but don't tell people whether they have moderator status or not. Just let everyone moderate and ignore the actions of those who don't currently have the status.

Re:Looking to establish a discussion based site

[grahamsz]

That does seem like quite a good idea actually

extending that further I detect which users would moderate post in accordance with other users and then give them a higher weighting.

Or is that going to make my head explode.

Re:Looking to establish a discussion based site

[Yenya]

I detect which users would moderate post in accordance with other users and then give them a higher weighting.

This can be abused quite easily - user can just display posts with rating +5, and moderate them up. You would give him credit based on nothing more than the ability of read the article rating.

-Yenya
-Yenya
--

Re:Looking to establish a discussion based site

[Ramses0]

Do a quick search for 'moderation' on Kuro5hin, and see several discussions about what users want from moderation.

K5 is a young site, and it's only been recently that it has had to deal with these questions.

--Robert

Re:Kuro5hin was the new slashdot

[Gerund]

I think you'd find that you can't just "concatenate" the images. They might need a little more processing than knocking them together end-to-end! Additionally, you'd probably be working with uncompressed bitmaps initially, so you'd probably want to convert them to a compressed format.

It strikes me that this sort of image processing is entirely out of place in a web server. Anything it needs to do to generate a page should be as quick and simple as possible. Admittedly, for slashdot, this often means generating a page of several hundred comments/comment titles every few seconds, but this doesn't make it OK to add to the load.

Kinda like China...

[Greyfox]

I believe you have to register your internet connection with your friendly government office in China. Hey, if a billion people are doing it, it can't be wrong...

Oh, that government imposed firewall... well it's a small thing really. The Chinese mentality is so... delicate... that the citizens would be... irreparably scarred by some of the finer points of live goat porn available on the net. They're just protecting their citizens from live goat porn. Yeah...

On a more serious note, the blame here rests with the ISPs, none of whom have apparently configured their routers to 1) prevent packet spoofing and 2) not respond to stuff on broadcast addresses. 1 and 2 make smurf-type atttacks easy. 1 also makes it safer to do distributed attacks involving compromised machines.

While you're not going to have much luck suing all the ISPs of the world, I am waiting for some bright soul to try suing Cisco for not making their routers disable spoofing and broadcast reponses by default. Most ISP employees are drooling idiots (Because ISPs operate with such a low margin that they can't afford to hire experienced people) and will just drop the routers in and forget about them.

Of course, IPv6 may make it much more difficult to manage a lot of these attacks and may also make it much easier to trace their origin. Once the net gets moved over, this particular problem may go away.

Re:Or...

[Apotsy]

No, it's been intentionally taken down. In place of the normal homepage there is now a brief (and understandably, somewhat bitter) message from the site's creator and principal admin, "rusty". He explains that it became too much work to deal with all the crap.

I imagine that /. gets hit by shit like what K5 experienced (and probably worse) all the time, but CmdrTaco and the gang just grit their teeth and deal with it. Of course, they can do that, since running /. is their full-time job. But for smaller, run-in-your-spare-time sites like K5, it's just too much.

I wouldn't know, but I'll be dealing with crap from script-kiddies is probably a hell of a lot of work.

Re:Kuro5hin was the new slashdot

[Gerund]

You'd need more than fifteen, I'd say. How hard would it be for someone to acquire all fifteen images, then compare each image they get sent against each image in their stash? Even with some random noise thrown in, they could probably get away with a nearest match for 8 out of ten tries.

I figure it's best to have a set of 1000+ images, so it takes time to build up a stash of significant size. Additionally, a small number of the images should be regenerated at a regular interval (with different font or font size), so the set is constantly changing. Say, ten images every half hour. Ideally, the background of the images should be completely random.

Re:I'm not rising to this one.

[NathanDay]

"Maybe K5 will always stay low volume - there's no incentive for penis bird idiot fuckwit boy and his like there - because the one thing they feed on, seeing their posts, disappears."

Make that seeing their posts mentioned.

Re:About calling the attackers "losers" and "idiot

[swordgeek]

Bit of a mixed response here.

On the one hand, you're right--calling them names won't do much good, other than letting them know that they're getting to us.

On the other hand, just because they can cause damage doesn't make them bright studies. A 14 year old with an AK-47 can cause a lot of damage. It doesn't take much knowledge to pull the trigger. If you dig through the story on rootprompt.org about the hack they suffered, you'll find that some of these exploits are being pulled off by kids who don't understand how (or what it means) to mount a hard drive under Unix! Download an exploit and a rootkit, and you're in business--no brainpower needed.

/. spammage

[demaria]

While reading over the set of comments displayed as of this writing (9 so far), none are legitimate.

Could this be the faith of slashdot too? I propose slashdot having 'troll/asses moderators'. Their job is to take spam, and mod it to -1. This does not mean if something appears to maybe be valid for it to be modded into oblivian (there's a lot of false troll calling), but instead take the goatsex, hot grits, that jerk with the whole page of line returns, the credit card offer, and get rid of them. I hate wasting my meger 5 mod points to blow off the exponentially growing trolls and asses who disrupt the conversations.

Re:/. spammage

[MostlyHarmless]

You can already do that; there's an option in the user page to set the maximum number of bytes to display before showing "read more". However, I do agree that the maximum number of lines would make more sense. That would also work against the people who post really short lines to get attention.
--

Re:/. spammage

[Twon]

I agree completely. I blew my 5 points just yesterday on a whole series of excessively long "You won't believe this deal" clones in boldface. I usually leave shorter stuff alone, but I hate having to scroll through this much crap just to read comments. Maybe it's time to turn up my threshold to 1 instead of 0.

Re:/. spammage

[Kickasso]

Go to your preferences here and set it for yourself (in bytes, not lines. Lines are meaningless in HTML.)

This will not solve any problem. They will just post more.

/. should set up an AUP. Then if abuse continues, find the suckers and sue them (Rob got some IPO cash, right?). Simple.
--

Re:/. spammage

[spiralx]

What /. needs is to cut every post below a certain threshold to say 10 lines with a "Read more..." link below that. So each spam post would only take up a small amount of screen space. I emailed Rob and suggested it to him and he said he liked it, but I dunno if it went any further.

Re:/. spammage

[DeadSea]

Have you noticed that there is no better way to lose karma than to moderate very obvious trolls as such? If I use my points to moderate 5 fp, penis bird, hot grits, beer boy, etc., posts, the next week I will invariable have 2 or 3 fewer karma points. I've probably lost 25 karma doing this. It seem some meta-moderators think is funny to bitch slap you for doing this.

We obviously need meta-meta-moderation.

Re:/. spammage

[spiralx]

Yeah I know that but there are two problems with that method:

• For decent posts it means that to read them you are going to constantly have to click on the link to read the whole post, which is a pain.
• If the spammers use small lines then a byte limit means you can get a hell of a lot of lines into a few bytes.

Re:/. spammage

[luckykaa]

I've just used up 3 lines of screen space in 12 bytes. If on the other hand I wrote 160 characters of random junk, I would take up 2 lines. The calculation shouldn't be totally bytes based. Assume an 80 character line, and use bytes/80 + number of newline tags to decide when to cut. It only has to be approximate after all.

Not me

[FascDot+Killed+My+Pr]

"I hope they will not give up and try to resurrect the site soon."

I hope just the opposite. I want them to resurrect the site. 8^)
--
Give us our karma back! Punish Karma Whores through meta-mod!

Re:About calling the attackers "losers" and "idiot

[TrentC]

I can understand calling them idiots if you are referring to moral idiocy. But suggesting that they lack mental competence?

How much mental competence does it take to run a rootkit that you get from someone else? That is where probably 90% of DDoS attacks and root-compromised machines come from (keeping in mind that 90% of all statistics are meaningless).

Let's be realistic. They pulled this off. That means they're not complete morons.

It doesn't take much intelliegence to realize that it's much easier to break stuff than it is to fix it, giving kiddies a sense of power over those they "own". Sadly, that seems to be as far along the chain of logic as most script kiddies get.

We've got a real problem here. Disparaging the enemy doesn't help anything.

Yeah, it does. It allows you to vent frustration, and any script kiddies who read it might hopefully struggle up the mental food chain far enough to realize that "they're right; typing './rootkit.sh' isn't all that challenging" and look for productive means of testing their wits.

1) Better defenses. Way better.

I agree. Too bad that for every free site that tries to help w/security concerns, there are 30 people on IRC willing to hand out rootkits.

2) A strategy for counterattack, preferably legal.

Hah! No way in hell that'll ever happen. And I don't want it to, personally; if kiddies are using other machines as stepping-stones for an attack, then 'innocent' admins will find their machines being attacked by angry DDoS victims. A lynch mob mentality won't work in this case.

and optionally:
3) a way to win the war, so we can get on with our lives.

The problem is, it's like the *koff*koff* "drug war". As long as people want to be "elite hackers", there will be people willing to pass out rootkits.

The only way to win the war is to convince potential kiddies that it's better to create than to destroy. Which brings us full circle...

Jay (=

Why can't anyone do something good with this?

[L0rdByt0r]

Good lord, instead of taking down great sites like Kuro5hin couldn't they take down damm spammer sites instead? It's still would be wrong to do and lame but least they could be semi productive with their vandalism. Need an example, ok this damm site has been spamming for weeks even after repeated emails to the sysadmin to boot them. I'm not saying you should do anything to the site...

um

[Lord+Omlette]

"Hopefully they will frustrate the spammers long enough that they can grow up, or at least let the site exist in a 'police-state' while they come up with more savvy protection." this is horribly off-topic, completely unrelated to the topic at hand... but the above quote is the scariest thing i've read in a while... *shiver*
--
Peace,
Lord Omlette
ICQ# 77863057

What were they thinking?

[leereyno]

Why were they trying to run a website, ANY WEBSITE, on a DOS based system? No wonder it crashed and burned. But I think their biggest mistake was trying to use that old XT they bought at the salvation army.

BAD BAD BAD

Re:Everyone for himself...

[FreeUser]

I assume you're talking about kuro5hin and saying they are lusers. It's probably all a troll, but I'm having a hard time keeping myself from replying.

I think (I hope) you misunderstood what he was saying. I tool Lusers to refer to the script kiddies launching the DOS attacks, not Kiro5hin for being their victim.

Upon rereading the article it coule be taken either way. Perhaps the original author would care to clarify?

You are right, there were some very good articles on how to secure a system. I for one will miss kiro5hin very much -- it had become the first site I would browse in the morning while sipping soda and waiting for my compiles to finish.

[toung-in-cheek]
Some anonymous coward said something about breeding these lusers (the attackers) out of the
race. While manditory castration might be a little harsh, bitch slapping their parent's for doing such a poor job and foisting such scum upon the rest of us seems like a reasonable start.
[/toung-in-cheek]

Re:I just donated $20 to Rusty; how about you?

[FigWig]

kuro5hin == corrosion

Their logo is the Tacoma Narrows Bridge. I'm pissed they went down before I could get a T-shirt, no better fashion statement than an engineering disaster.

Re:Kuro5hin was the new slashdot

[Kickasso]

Oh, so move this image processing to a dedicated box. Should not be very difficult.
--

Re:What the hell is kuro5hin?

[Fist+Prost]

Think /. with about 1/10th the traffic (if that) a slightly different moderation system (you can moderate stories as well)...

and of course they delete posts containing offensive, wildly offtopic and flaming remarks. I think this was actually to their disadvantage as the amount of policing to be done would *never* diminish, and it's only a matter of time before the people who rain down the cut/paste comments get bored with this site and move to others.

Re:What is/was kuro5hin?

[boneshintai]

Kuro5hin was a Slash-based (Slash is the code that runs Slashdot) news server with a smaller userbase and wider topic base than Slashdot, as well as a moderated submission queue, of sorts.

BoneShintai

Story moderation is best

[pwhysall]

And don't have a "no censorship" policy.

Basically, allow all users to moderate stories as they come in. Crap gets dropped, good stuff gets posted. Your users then get to read stuff they want to read.

You also want to reserve the right to delete trolls and spam and stuff, and one way of eliminating a lot of the rubbish is to have no anonymous posting at all.
--

Re:Story moderation is best

[meadowsp]

I hate to say it on a site like this, but you're spot on suggesting the kuro5hin system. It's a lot more 'democratic' then the slashdot way, and it doesn't lead to millions of 'does this belong on slashdot' posts.

Also, yes, delete the crap. What purpose is there for it. I'm sure that if it got deleted they'd soon stop.

Re:Story moderation is best

[Karmageddon]

You also want to reserve the right to delete ...

if you delete, you are exercising editorial control and you become legally liable for civil lawsuits from people who think they've been libelled, infringed, or even spindled. The "many moderators" model is an attempt to get the benefits of "dropping" junk without incurring the liability.

Re:Kuro5hin was the new slashdot

[Gerund]

Still got the problem of slower response to requests that way. Think about it:

Web server receives HTTP request for comment submission page
Web server sends request for new image to dedicated box
Dedicated box generates image
Dedicated box sends image to web server
Web server sends HTTP reply to client

As opposed to:

Web server receives HTTP request for comment submission page
Web server generates reply, including pre-generated image.
Web server sends HTTP reply to client.

Anecdotally speaking...

[pwhysall]

Actually not entirely anecdotal. I was acquainted (nothing more) with few of these repellent individuals whilst at college and University.
Unsurprisingly, of the half-dozen or so that I knew, only one graduated with a degree of any kind.

They are usually adolescent males (I hesitate to use the phrase "young men"), unable to function well in normal social circumstances, sexually inadequate, physically feeble or obese, with reasonable language skills. Poor personal hygiene is often a feature.

In order to make up for their gross social, physical and sexual deficiencies (sexual partners? only if they pay for it), they invent hard sounding handles (because on IRC, the one with ops AND the cool nick is the one with the biggest dick), accumulate 0-day warez (quite what any script kiddy is going to do with a 0-day copy of Office 2000 Premium, I don't know) and try to get into cracker groups, so they can get their name on a defacement or some other achievement.

These poor, pathetic creatures need to belong so bad it hurts. Having failed completely to empathise or establish normal relationships in their own social setting, they reach out into cyberspace to find like-minded people to impress.

They are sad, sad people and if you ever met one face to face you'd probably just deck 'em there and then.
--

Kuro5hin not the only one

[FascDot+Killed+My+Pr]

I've noticed /. acting flaky the last few days as well. There must be someone(s) working on both (or more) sites.
--
Give us our karma back! Punish Karma Whores through meta-mod!

Re:Kuro5hin was the new slashdot

[Kickasso]

Web server generates reply

...which includes 12756 SQL requests, 321670 context switches, and 1 (one) manual reboot by CmdrTaco. Whereas all this image-processing stuff can easily fit into L1 cache.

Oh well. I guess these images can be pre-generated in advance as you suggest. Just generate them continiously, throw away older ones, and if some get recycled 2 or 3 times that's ok. :)
--

Mandatory Conspiracy Theory...

[Brazilian+Geek]

Maybe Slashdot forced them down?

Rob et. al. does have the technical knowledge, man power, computer power and bandwidth to force a small Slashdot-like site down. After all, Kuro5hin was always said to be better than Slashdot.

... then again ... :)

Hey, it's supposed to be funny - I read Kuro5hin to complement Slashdot...

Re:Or...

[Anal+Surprise]

It hadn't been slashdotted in the traditional sense, true. However...

There are a lot of stupid people on slashdot. Sure, there are a lot of smart people, too, but you get a lot of people wondering what you could do with a Beowulf cluster of Natalie Portmans with hot grits on their penis birds. What the lack in clue they make up for in volume.

Idiots, basically. Script kiddies and the persistently annoying who're more interested in doodling than discussions.

Every time slashdot mentioned kuro5hin, it brought it one step closer to death.

Re:This really pisses me off . . .

[mitheral]

edit is too good for them; make them use EDLIN.

Re:Or...

[Spudley]

....which looks suspiciously like what's happened to this article's comments too... :-(

more of the same

[eastMike]

Stuff like this was getting old a long time ago. I don't know many details of what was happening to kuro5hin, but it really seems like shit that websites just shouldn't have to put up with. But what can be done? Make content filters? That's just a pain in the ass, and shouldn't be necessary. I would have liked to think that people were past this kind of behavior by now. I hope they do find the culprits, and make a nice big shiny example out of them.

Re:This really pisses me off . . .

[CharlieG]

Break a few fingers?

Explain

[Fist+Prost]

Why wouldn't the little fscker simply turn off their machine, get a new IP from their DHCP or dialup provider and then get back on to wreak more havoc? And pity to poor Joe AOL/Sixpack who gets online with that IP.

My own opinion is that if you want to orchestrate a DDoS attack on the people responsible, do it right. Post a mailto: link to their ISP's abuse dept, and a form letter to cut/paste. Even this is pushing the bounds of good taste a little, but at the very least is a more gentlemanly approach.

Slightly OT: Anyone heard the ads for Hollow Man?

[TrentC]

My god, it's the whole script kiddie mentality in 30 seconds.

"Imagine if you could do whatever you wanted with no consequences..."

"It's amazing what you would do when you don't have to look at yourself in the mirror..."

Jay (=

Stop baiting the script kiddies!

[Mdog]

If you, Mr Skript Kiddy, are reading this, beware. This is not the end of the story.

I consider it very counter-productive to use threats like this against the "crackers" who are behind this. If they are script kiddies, then that kind of talk is the stimulation they are looking for, so SHADUP.

And if they aren't script kiddies, you won't find them.

Mike

Re:Good idea...

[Surak]

Sure you don't mean the various other DOSes, like, say the Operating Systems called DOS
for the IBM 370 mainframes?

Or DOS 3.3 on the Apple 2?

I know, I know... But you'll just have to face the fact that people refer to MS-DOS as DOS and those other operating systems.... 370/DOS, AppleDOS 3.3.... etc...

Get over it.

Re:Everyone for himself...

[Lion-O]

I assume you're talking about kuro5hin and saying they are lusers

On the contrary... I'm referring to all the idiots who hook up a server to the internet but miss the knowledge to secure it well enough to keep the kiddies out. IMHO its idiots like that who cause much of the DoS grief. They don't know how to setup their machines so others can mis-use them to start DoS attacks.

To clear any misunderstanding; I call the administrators of the machines which are sending out those DoS packets total morons for not having the clue to secure their machines.

Irony of the Day

[Kyrrin]

> Someone has already suggested your idea. Check out the chrome ribbon campaign:

Irony: the "Keep Idiots Off The 'Net" campaign's home page has no ALT attributes on the IMG tags, thus rendering the page virtually unusable in lynx and other text-based browsers.... a mistake generally considered, in the design circles I usually frequent, to be idiotic.

eek.

[aphrael]

This has got to be the saddest / most infuriating thing I've seen happen on the net in a long time.

It's sad to see Kuro5hin go --- it was a neat site, in many ways a smaller, more comfortable, more tribal version of /. . It sucks to watch people put their hearts into a volunteer project to build a community, only to see it destroyed by random a*****s with nothing better to do.

But it says something infuriating about the net community, and its future, and the level of childishness prevelant on the net. It means that *anything* which comes into the public eye is vulnerable, and that there is no such thing as respect on-line; it means that the only people who can succeed are those with enough time and money to fight off the barbarians, and anyone who is just trying to do a good thing because they care is doomed to failure.

It's worse than the tragedy of the commons ---- it's not just communal space which is being destroyed, but anything which is built by someone who doesn't have the internet equivalent of tanks and anti-aircraft guns to protect them.

It calls up a pretty serious flaw in the architecture of the net --- the designers assumed that everyone would play nicely. That's been clearly untrue for years now, but what can we do about it? The first response is to agitate for a law (after all, repeatedly throwing molotov cocktails in a store window would be construed as criminal activity), but how would that law be enforceable?

*sigh*

Re:I just donated $20 to Rusty; how about you?

[fm6]

I don't entirely disagree. But that's all the more reason to support them. A lot of people seem to think that kuro5hin was doing something right. With a little support, they can come back properly engineered. I also violently dissent from your signature!

Re:Or...

[meadowsp]

Yes, I hadn't thought of it in that way. I certainly first heard of kuro5hin through slashdot, so it's more than likely that the prats did too. What doe's this mean though? Slashdot seems to be causing a trail of destruction everywhere it goes. It's like that open-source website yesterday. The slashdot hordes soon got rid of that. Perhaps it's time to move on...

Kuro5hin/DOS attacks and the state of humanity

[Daunting*Alligheri]

Begin rant:

I'll make this simple.

Everytime I see a DOS (to any site) it makes me cringe. Not because I have a emphatic feeling about that site in general, but its the same cringe that I get when someone gets killed. It's the loss of life . People fail to respect, and above all, fail to take responsibiltiy for the actions they directly cause. Ours is now a society taht has degenerated into a lethargy of responsibiltiy and respect. ITs a damn scary thing. SOmeone, somewhere out there has now congragulated themselves on something they consider to be good. REgardless of the fact that they

1. Haven't made a point.

2. Haven't illustrated a problem.

3. And haven't done anything more than aggrivate many people,

they still feel good about their action. There is no appreciation for the efforts, and above all no respect for anyone.

But it doesn't stop with them. As I was scanning down the list, I was saddened again. Retaliation, spite and 'I'm going to _____ your ____' seemed to be large percentages of the responses. Its no better. And its scary to thing that this is the way the computer world (often) gets recognized. Both as the hostile and renegate Script kiddies, and the retaliatory aggressors who go after them.

Excuse me... but this isn't who I am.

Listen. I've preached this diatribe before. We need to take respect in what we do -- and in what our fellow programmers do. We need to understand, that be it volunteer site, or evil corporate empire, we can't do this shit. Period. This isn't hacking. But thats what it gets reported as to them. This isn't who we are, but thats what gets reported.

The coolest thing in the world that I've found about computers is that they have the abiltiy to exact change and genuinely change the mess we've put ourselves in. They unlock information. And that information remains power. But with that information, with the knowledge, we have to take the necessary steps to assure that we're adequately responsible to use it. Kicking someone's ass at Defcon isn't doing it guys.

I'll leave with one last... This has helped me out along life (both in and out of the machine:

Access to computers should be unlimited and total.

All information should be free.

Mistrust authority - promote decentralization.

Hackers should be judged by their hacking not bogus criteria such as degrees, age, race, or position.

You create art and beauty on a computer,

Computers can change your life for the better.

For the uninitiated -- its the Hacker Ethic, best formulated by Steven Levy in Hackers: Heroes of the Computer Revolution.

/rant

Re:Kuro5hin/DOS attacks and the state of humanity

[aphrael]

We need to take respect in what we do -- and in what our fellow programmers do. We need to understand, that be it volunteer site, or evil corporate empire, we can't do this shit. Period. This isn't hacking. But thats what it gets reported as to them. This isn't who we are, but thats what gets reported.

Sure. Nobody here would disagree (except maybe the trolls, but we all ignore them anyway).

Only ---

what do you do with people who violate the unwritten rules? You can (a) pursue legal action, but that's difficult and *time consuming*; the legal system doesn't work on internet time --- and you may not even be able to identify the guy without going after him. You can (b) apply social sanctions --- but the 'script kiddies' aren't part of our social order; they respond to different pressures and rules, and our social sanctions are *useless* against them. You can (c) retaliate and take them out; or you can (d) ignore them and keep being victimized.

For the most part, I agree with:


Access to computers should be unlimited and total.
All information should be free.
Mistrust authority - promote decentralization.
Hackers should be judged by their hacking not bogus criteria such as degrees, age, race, or position.
You create art and beauty on a computer,
Computers can change your life for the better.


But something has to be done about the people that are undermining all of it in the name of a joyride.

Re:Kuro5hin/DOS attacks and the state of humanity

[Daunting*Alligheri]

[what do you do with people who violate the unwritten rules? You can (a) pursue legal action, but that's difficult and *time consuming*; the legal system doesn't work on internet time --- and you may not even be able to identify the guy without going after him. You can (b) apply social sanctions --- but the 'script kiddies' aren't part of our social order; they respond to different pressures and rules, and our social sanctions are *useless* against them.]

Script kiddie Jail? :-) ... Seriously though. I wonder how much of the separation does it to them? I mean, the philosophical question always comes back to 'Are the insane really as insane as we categorize them to be?' ... 'Are the script kiddies really as evil/stupid/wastes/fillin the bad name as e categorize them to be? Its really funny. In the computer world, they're separated. They're like unwanted stepchildren. But in the real world, where the masses get the info from media outlets that lump us alltogether, there is no clear separation.

Incidentally, what are our social sanctions? I mean the ones that work... We flame people we don't like, but very rarely do they change. Doesn't matter if they're a script kiddie or a Troll. Maybe we should find a way to assign Script kiddie and barcode it to their forehead...

You can (c) retaliate and take them out; or you can

(d) ignore them and keep being victimized]

You forgot one... You can get smarter. If they're really the low class cretins that everyone attributes them to be, keep working on ways to beat them. Security, forethought, understanding the machine you operate, etc. Information is power, and it beats the heck out of being ignorant.

Wow

[Dungeon+Dweller]

You know, I really really really don't get into the new style of troll posting. I still have a hearty laugh at the ones that are mearly meant to be misleading. Every now and again, I see a troll post that makes me laugh, but when you said but you get a lot of people wondering what you could do with a Beowulf cluster of Natalie Portmans with hot grits on their penis birds I busted out laughing in the middle of work.

Re:Good idea...

[slycer]

Actually, I think I corrected you on scoop as well.
That article is a week old. It was talking about the article on /. from last week.

So far not a peep on scoop regarding the takedown of kuro5hin. I can't irc out from here (work) or I'd check out their irc channel for some info.

Sad day; K5 was a great site

[Apotsy]

I loved K5. The discussions were lively and the signal-to-noise ratio was very good. I also liked the design of the story and comment moderation systems. Overall, it was one of the best Slashdot-inspired weblogs around.

I really hope this is not the end of K5. Maybe rusty and the gang will get some offers of help from volunteers, which will allow them to put the site back into operation.

In any case, it just burns me that script kiddies can win like this. As another poster noted, being attacked seems to be the price of popularity.

One good argument for processor IDs

[Kernel+Monkey]

Rather than blocking someone from posting by matching their IP number, why not match their processor ID?

Oh yeah...too many people had a knee-jerk reaction to them, and Intel was forced to remove them from the chips.

I realize that the solution is not as simple as this, but it does irritate me that when a potentially valid reason for having a technology around comes up, it's already been bludgeoned to death by people who are either uninformed or jump to conclusions too quickly.

Re:One good argument for processor IDs

[kindbud]

And if the kidz have compromised a Sun Sparcstation to mount their DOS, what then?

I realize that the solution is not as simple as this, but it does irritate me that when a potentially valid reason for having a technology around comes up, it's already been bludgeoned to death by people who are either uninformed or jump to conclusions too quickly.

The processor ID can never be a reliable means of identifying a particular computer remotely. Even if one couldn't turn it off, all one needs to do to avoid giving out one's PID is to run software that doesn't support giving out the PID, or run software that returns a user-defined PID.

And it does nothing to address non-Intel systems. These are just the more obvious problems. There are plenty of other problems with it.

It's really only useful for the clueful to take advantage of the clueless.

I'm not rising to this one.

[pwhysall]

The whole /. cf K5 debate is a strawman. Michael dropped a bollock, and admitted it. End of story, film at 11.

The only thing that makes /. more resistant to this type of attack is the fact that there are a couple (or more) people who look after this site *full time*.

K5 is a *volunteer* effort. The people running it have fulltime jobs elsewhere. It's done for love, not money. The ads pay for hosting costs and suchlike.

It's also fundamentally different - it's not the free-for-all that /. is. Spam there once, and you'll get warned. Spam there twice, and you'll be banned. Trolls are deleted.

How this policy is going to scale up to the zillions of posts/users, I dunno. Sturgeon's law says 90% of everything is crap. Well, weeding the crap out of a couple of dozen posts is easy. Weeding the crap out of a couple of hundred, somewhat less so.

Maybe K5 will always stay low volume - there's no incentive for penis bird idiot fuckwit boy and his like there - because the one thing they feed on, seeing their posts, disappears.
--

Re:And it gets reported immediately on /.

[rifter]

Yes, and when they come up again, they do not say anything about having been down for several days.

Re:Bah.

[Apotsy]

It's not temporarily down, it's been permanently shut down by the admins. Go to the site now and all you'll see is a message from "rusty", the creator of the site. It explains things.

Key is matching process to audience

[sumana]

Why is Slashdot popular with open-source-type-people? Yes, there's some path dependency -- "it's popular because it's popular." But also, because the process of moderation, participation, etc. reflects OS-type values. Meritocracy, being able to build a reputation, incredible customizability, and so on. And the moderation system here has been an incremental solution to an underlying problem that has also grown incrementally.

As at least one person has noted (in another discussion, on k5, about controlling noise in discussions), CmdrTaco notes in the new FAQ that technical arms races will always be won by the trollers, because there are more of them and they have more time than you. (Kinda like cathedrals vs. bazaars, no?)

The /. system only works with a critical mass of people with civic virtue who participate consistently. The k5 experiment seemed to work very well, but rusty himself deleted trolls/spam/etc., and you don't want to be a deleter full-time. You could simply leave yourself open to checking posts whose unique IDs people mail you (postabuse@whatever.com), but then you run into fake-alert harrassment there. Anyone else?

I wrote an essay partly on this topic; e-mail me for it.

scoop under attack.

[glen]

It looks like scoop is now being attacked. I hope they find the punk and give hime Kevin Mitnick's old cell. And I hope (s)he gets sued for lost time, lost advertising revenue, etc.

Re: scoop under attack.

[fireproof]

Man, that really sucks. I *really* like(d) Kuro5hin . . . rusty (and company) had really done a nice job developing the engine, as well as a nice site. It's annoying that a few brain-dead twerps can ruin good stuff like this for the rest of us . . .

-------

the bad boys get dosed as well

[oliverthered]

a few days ago BT, the largest telecoms opperator here in the UK got taken down by a dos attack, the attacker claimed the reason for his actions was because BT cut the connetion to his cable modem once a night.

Re:Grow up grahamsz

[grahamsz]

It was meant as a lighthearted joke.

Art students slag off engineers for having no life, we slag them off for being crap at technical things. Neither fact is a solid truth but this casual stereotyping makes life just that little bit more amusing.

Personally I find the whole not singleing groups out thing is taken just a little too far these days. Men are different from women, scottish people are different from english people who are again different from americans. /. trolls & real ppl. This isn't to say that one group are better than the other only different.

Re:ReHollow Man? Define.

[TrentC]

"Hollow Man" is an "Invisible Man" story starring Kevin ("Six Degrees of") Bacon. Haven't seen the movie, not shilling for it, but I guess he becomes invisible and starts stalking Elizabeth ("I was yummy-looking in Palmetto") Shue.

I was reading this discussion when the ad came on; it was kinda surreal actually...

Jay (=

The Attack is still in progress

[Artie+FM]

scoop.kuro5hin.org is now under atteck by the spammer. All of the comment threads have garbage in them. Anybody using the scoop engire should look out because it looks like the spammer is moving on to other sites as well.
--
Be insightful. If you can't be insightful, be informative.
If you can't be informative, use my name

Re:Sadness indeed...

[Mike1024]

Hey,

"But why, (if I may be so bold) didn't anyone seem to care when Yahoo, CNN.com etc. were being brought down by attackers?"

Well, most people who brows K5, or for that matter /., know how pathetically easy it is to run a DoS. We know that anyone with the most rudimentry knowledge can do it. It's so easy it's not even worth doing. We know that some idiot teenager 'decided' he didn't like K5, so thought it would be funny to DoS it. I looked at K5 every now and then. Now I can't. Because of him. BECAUSE OF SOME STUPID SCRIPT KIDDIE, I CAN'T LOOK AT A WEBSITE I WANT TO LOOK AT.

As you may be able to detect, I am upset.

The reason I wasn't so upset about the DDoSes against Yahoo and similar is because I don't use them. I don't want a portal. If I want to search, metacrawler.com is great. If I want news, I have news.bbc.co.uk. What's more, if I use these services, my screen won't be cluttered with offers of free webspace at Yahoo! Geocites or stock tickers or web directories.

I never use Yahoo. Or CNN. If I did, I might be angry that a service had been taken away from me. As it hadn't, I wasn't that upset. To use a slightly offensive comparison, Yahoo was a stranger getting shot, but K5 was my buddy getting shot.

"it's important to remember that even corporate web sites (if they're any good) have people behind them who really do care"

Indeed they do, but only care the same as shop assistants care about you having a nice day (Well, maybe a little more care than that). If CNN went under tomorrow, I don't think the web team would be rerouting the cnn.com DNS entries to thier home ADSL lines so they can carry on providing a service for thier users.

Just my $0.02,

Michael


...another insightless comment from Michael Tandy.

Tough decisions

[BoLean]

Obviously you can limit the size of posts. If you do then some people will get ticked. Limiting the quantity of posts isn't too difficult either, as long as you don't allow ACs to post. Then you lose some of your best commentary from informed people. Essentially, anything you you to defend against this sort of attack in a public forum type website inherently makes life more difficult for honest posters.

Good idea...

[Wind_Walker]

Let's compound kuro5hin's problems with DOS attacks by posting not one, but 2 links to their site on the front page of /. That should definately help them get their bandwidth back...
------

Re:Good idea...

Hey, jagoff, read the fucking story. The DOS is not bandwidth related, per se. It is posting related. Too many bogus posts for them to keep up with/delete. Having a bunch of people visit their site wasn't the problem.

Re:Good idea...

[Apotsy]

Actually, with the way the story is written, it is not really clear. It is made to sound more like K5 being is down due to a server outage rather than a permanent, intentional closing down of the site, which is what happened.

FWIW, I submitted a very lengthy and detailed story about this that would have avoided that problem, as it was IMHO, also very clearly written. However, as usual with /. stories, someone else posted it first.

Re:Good idea...

[Apotsy]

It is made to sound more like K5 being is down due to...

Oops! While attempting bragging about how clear my story submission was, I made a typo. That should be "...K5 being down is due to..."

D'oh.

Re:Good idea...

[Jon+Shaft]

Hey, jagoff, read the fucking story. The DOS is not bandwidth related, per se. It is posting related. Too many bogus posts for them to keep up with/delete. Having a bunch of people visit their site wasn't the problem.

Try clicking on the link before you call 'em a jagoff. Here's a clip from the main page at kuro5.

As most of you know, for the past three days, kuro5hin.org has been subject to a series of automated "spam" type attacks by persons currently unknown. The story queue has been filled with crap, the comments have been filled with crap, and we've been hit with denial of service flood attacks, presumably intended to crash the server. We're tired of this shit.

So they were hit with BOTH spam attacks AND DOS flooding attacks.

Re:Good idea...

[Surak]

Let's compound kuro5hin's problems with DOS attacks by posting not one, but 2 links to their site on the front page of /. That should definately help them get their bandwidth back...

Pesky Microsoft operating systems, always bringing down web sites... why would Kuro5hin be running DOS on a Web server anyways? That's crazy. :)

Resident thicky

[Scorchio]

For the benefit of those like myself who've never heard of "Kuro5hin", could someone tell me what it is/was?

Re:Resident thicky

[paranoidfish]

You know how loads of people moan about /. on a regular basis? "CmdrTaco doesn't do y", "There's too much z", "This is offtopic" etc? Well, in line with the open source ethic, Rusty decided to actually do something about it, and set up his own take on what Slashdot could be.

After about 6 months it had grown and changed massively, with a few thousand users and loads of good discussion. Talk was the emphaisis, rather than news, although it beat Slashdot on several stories. Rusty was trying not to make the mistakes he saw that /. had made. It attracted a good crowd, with loads of good discussion and very little trolling (which was totally deleted rather than being moderated down).

The best thing about it was that the story queue was open; all users were editors too. It worked really well, with everyone willing to accept that a story had got onto the site by merit and not prejudice.

It was great, and if it doesn't return I have no doubt that something else will fill it's place.

(btw, Rusty, if you're reading this, thanks and good luck)

Re: Resident thicky

[fireproof]

Kuro5shin was a Slashdot-like site, devoted to the discussion of technology and culture. It was different from Slashdot in that anyone, even folks without an account, could submit a story to the submission queue. Registered users could then vote on whether to post the story to the front page or not.

Its user base was much smaller than Slashdot, and as of the time the attacks started, discussion tended to be more "useful" than what we have here at Slashdot now, since it hadn't attracted the attention of most of the internet. I've been around Slashdot long enough that it reminds me of what this place used to be like in the early days (from my perspective, late 1997 - early 1998).

If you want to have an idea of what the flavor of Kuro5hin was, have a look at scoop.kuro5hin.org, the development site for the scoop engine, the back end of Kuro5hin. I assume the engine is still under development despite the shutdown, and I certainly hope it continues to be developed in the face of all this crap.

I'm not dumb enough or idealistic enough to have expected that Kuro5hin wouldn't have eventually been overrun with the same kind of gargage that Slashdot gets every day, and I don't expect that it will never happen again to sites like Slashdot or Kuro5hin again either. It's sad, but probably just a fact of life that we're just going to have to deal with idiots. Slashdot has shown that technical solutions aren't capable of solving other peoples' personal problems, even though they can seem to make them manageable. I guess the fact of the matter is that no amount of good coding (or bad coding either, for that matter) can keep a jackass from being a jackass.

-------

Something needs to be done.

[shippo]

Something globally needs to be done against spammers, script kiddies and other forms of pond-life. Some useful newsgroups I used to frequent have been killed off by spam. I only read the uk.* hierarchy nowadays. Sites I need for work purposes have been DoS'd in the past

You need a license and to pass a test before you can drive a car - you should also need a license before you can connect to the net. Those who commit offences should have their license revoked.

Simillarly, licenses should also apply to those administrating servers - too many admins at the moment are utterly clueless, and should be ashamed of drawing their pay-cheque at the end of the month. This requires testing on security policies and practices, system maintenance, system updates and the rest. Maybe if this was already in place, breaches such as the Powergen one would never have happened. Draconian, I know, but I can't envisage any other solution that has any hope of working.

Re:Something needs to be done.

[-brazil-]

> Handed out by the government, presumably.

This su supposed to mean that everything the government does is bad, presumably.

You're from the USA, aren't you?

Re:Something needs to be done.

[GigsVT]

You need a license and to pass a test before you can drive a car - you should also need a license before you can connect to the net. Those who commit offences should have their license revoked. Man, this is about the worst thing I have ever heard anybody suggest. Everything we are fighting for would be invalidated if we had to ask the government for permission to use the Internet. It would become much like Amateur radio, with strict restrictions on content, expecially political content meant for the general public. Of course the big commercial stations can do whatever they want. I am not knocking Amature Radio, I think its great. I just really hate the government (chew on that carnivore), and I sure don't want them telling me when and how I can use the Internet, so long as I am not causing a problem or committing electronic trespass.
-----------------------------

Re:Something needs to be done.

What a great idea!

Let's really get into the spirit of things and go the whole nine yards...

• License Parents

  We all know that Parent's are responsible for creating all of the world's criminals. Let's stop the problem before it begins! Of couse this means mandantory sterilization for all non licensed people past the age of puberty, but that is a small price to pay.

• License Speech

  Why listen to what Morons have to say? If we don't like what you say, we take away your license.

• License News Reporters (including /.)

  If your not putting our spin on the news your just not going to be reporting the news...

• Don't license Politicians or the Police

  After all, they have always been above the law.

This message brought to you by your friendly defenders of Civil Liberty... Janet Reno and Louis Freeh.

Re:Something needs to be done.

[Peter+Dyck]

It goes both ways. In the society there are nice people and nasty people and the politicians come from this mix. The problem is, you can't tell the nice and nasty people apart just by their looks. Because of this, I'm not going to let a stranger enter my house or strike up conversation in the street with people I don't know. Why should I trust politicians any more?

Re:Or...

[HiQ]

No, you're wrong. It's not the amount of work that forced them to take the site down. The last three days you could see that the story queue and article comments were being flooded with garbage; due to the nature of the story queue (open construction), this is a bigger problem than it ever could be on /. And apart from that there where continuing DOS attacks - the site was difficult or impossible to reach, and lots of times you would get an 'internal server error'. So it's not a question of hard work, but it was more & more impossible to keep the site up.
How to make a sig
without having an idea

Re:I want your needle dick Viper3

[viper3]

Wow your not a LUSER

I just donated $20 to Rusty; how about you?

[Deven]

I just sent a $20 donation to Rusty Foster (Kuro5hin.org's founder) with PayPal using the rusty@intes.net address listed in the WHOIS servers as the contact for kuro5hin.org. (At present, that email address isn't a registered PayPal user, but he's got 20 reasons to claim the money!) Here's the message I included along with the money:

I'm very sad to see that "the bastards got you down". Kuro5hin.org was an interesting site that was just starting to take off. I had dozens of stories in my hotlist that I hadn't even had a chance to read yet. I do hope this shutdown is temporary; it was a good site. (I don't suppose you can put it up in a readonly mode for registered users to view old material?)

I understand the frustration of dealing with assholes on a volunteer basis; I don't think anyone can fault you for shutting the site down. Still, I think it provided a valuable service to the community, and I think this situation is quite unfair to you. That's why I decided to send you this unsolicited $20 donation for Kuro5hin.org in appreciation for all your hard work. Whether or not you ever revive Kuro5hin.org, keep the money; you've earned it. (Use it to go see a good movie or something!)

Take a break for a few days or weeks; it sounds like you need it. Then, consider if there's a way to bring it back, in a form less vulnerable to abuse. Perhaps anonymous ID's (with waiting periods before posting) and/or "sponsorship" by existing users might help somewhat; I don't know. Maybe just leaving the site down for a week or two will bore the current attackers into going someplace else.

It sure would be nice to return to the spirit of cooperation that Usenet News had 20 years ago. Unfortunately, it's not clear how that's possible given the rampant wave of immature script kiddies ruining everything they can...

Anyone else care to join me, and show that their all-volunteer efforts really are appreciated?

Sad, but not quite that sad

[FascDot+Killed+My+Pr]

This IS sad and unfortunate and etc. But it is definitely NOT the same as if someone tore up the books in your reading room. No information was destroyed and even if it was it could presumably be easily recovered from backup.

A better analogy would be: You provide a reading/public-discussion room. But now some bully is standing at the door intimidating everyone away.

Let's don't fall into the "this email virus cost my company $18 trillion dollars" mind-set.
--
Give us our karma back! Punish Karma Whores through meta-mod!

Re:Or...

Not quite sure why they do it though. The Jon Erikson type trolls make a certain degree of sense. Thats just a strange sense of humour.

Hot Grits boy is playing for an audience. Some people do actually find that quite funny, and he only posts once per article. osm is after an audience for his writing.

The sad spammers who post loads of identical comments (and will probably respond to this) can't get anything out of it. Why do people want to irritate? Have these people ever had a friend?

Slashdot hordes

[Peter+Dyck]

RUSTY
He wanted me to understand.
He communicated with me.
They're like locusts. They travel
from site to site, their whole
civilization. After they've
consumed every system resource
they move on. And we're next.

About K5

[pwhysall]

It is a weblog, like SlashDot. You create yourself a login, post stories, and discuss them.

However, there are some significant differences. Probably the main one is that the submission process is open - you can see the stories that are waiting to be posted, comment on them (either on an editorial "fix-that-link" level or on a topical level) and then vote on whether the story should be posted or not.

The other difference is that there is no karma - individual comments can be rated, and you can rate comments all the time, rather than waiting your turn for moderator points.

Other differences include the fact that K5 is a volunteer effort, there's no non-censorship policy (trolls/spam/rubbish get deleted) and it's non-profit.

When it returns, pay it a visit. You won't be sorry.
--

Re:Kuro5hin was the new slashdot

[tzanger]

The obvious solution is to have a huge store of these images ready to use somewhere, so the web server just has to choose a pre-rendered image.

You don't need a lot of numbers, just say maybe 15 different ones. Make sure all the filesizes are the same (use a noncompressed format maybe?) and either link it to a completely random filename which gets used in the HTML and removed after the page is sent.

Why is this being allowed to happen?

[talks_to_birds]

"...kuro5hin.org has been subject to a series of automated "spam" type attacks by persons currently unknown. The story queue has been filled with crap, the comments have been filled with crap..."

God.. I guess.

Check out scoop.kuro5hin. org, too...

This sounds just like what's going on at /. except that at /. apparently the back end is tougher and the system itself just keeps on running.

At scoop: endless automated posts by, in this case, an "Anonymous Hero" -- coming in about every 1 or 2 seconds, with the title and the body of the post just blocks of randomly assembled phrases.

It's occured to me some time ago that all the AC bullshit that gets posted here is by a bot (or bots..) or a script (or scripts..)...

...but what I don't understand is why our /. crew isn't hard at work coding a defense?

Perhaps because they are afraid of even worse assaults if they don't let the scr1pt k1ddi3z have their way?

Has a tacit agreement been reached: "We'll let you post your AC crap as long as you don't shut us down completely."

Maybe the /. folks and the kuro5hin folks can get together and come up with a joint defense for this kind of nonsense...

Or maybe it's really way past time to get rid of anonymous posts altogether.

Of course, we could just run up the white flag and surrender to these punks completely, except that /.'s already acting like it's done just that.

t_t_b
--
I think not; therefore I ain't®

Just as kuro5hin was really taking off

[spiralx]

I've been reading k5 for about six months now and IMHO it was just starting to really take off, probably about the same time rusty introduced the new story moderation system. There have been some great discussions there in the last few weeks - the site probably has a broader focus than /. thanks to its user-moderated story system and it generates a lot of good points.

It's sad that people feel the need to do this. Does anyone remember the two stories that got spammed to death here on /.? One of the posters on k5, fluffy grue, owned up to those, saying he was bitter at how /. had turned out and thought he'd leave with a bang. Some people really need to stop taking these things so personally - if you don't like a site then find another or start your own, don't react like a petulant child.

Anyway, I hope rusty can get k5 up and running again, because it would be a great shame for a site to be shut down because of the actions of one sad little person with nothing better to do than attack others.

P.S. Is someone doing the same to /. as well? It seems to be awfully shaky recently.

Re:Just as kuro5hin was really taking off

[spiralx]

It was buried right at the bottom of a thread IIRC, so I don't know how many people saw it. Of course he might have been talking shit, but he does seem kind of hostile to /. usually. If it was him then I don't know why he admitted it.

Re:Just as kuro5hin was really taking off

[Apotsy]

Does anyone remember the two stories that got spammed to death here on /.? One of the posters on k5, fluffy grue, owned up to those, saying he was bitter at how /. had turned out...

Whoa, I didn't know that. I can't believe he didn't get banned from K5 just for admitting having done something like that. On the other hand, he hadn't done anything bad to K5, just /.

Re:Just as kuro5hin was really taking off

[Apotsy]

Yeah, I noticed he was one of the most outspoken critics of /. on K5. Hell, he was one of the most outspoken people on K5, period. Still, it's amazing that someone would admit something like that. Unless of course, he didn't do it and his "admission" was just a joke...

Sadness indeed...

Let me tell you, I'm also broken up about it.

But why, (if I may be so bold) didn't anyone seem to care when Yahoo, CNN.com etc. were being brought down by attackers?

I'm not complaining about the lost money, but it's important to remember that even corporate web sites (if they're any good) have people behind them who really do care, slaving away to make a site that works.

That said, it must take a special kind of asshole to attack a nonprofit site like Kuro5hin. I feel sorry for anyone immature enough to pull a pathetic stunt like this. This is no better than kicking dogs.

Wow.

[pb]

Shutting down a site until the quality of discussion goes back up...

...what a great idea!

Now all we need to do is get rid of ads, and portal sites, and frames...

Oh yeah, and find a business model for kuro5hin. They probably have the most innovative web-BBS system I've seen, so I'm sure those guys could make something unique and marketable...
---
pb Reply or e-mail; don't vaguely moderate.

How painful.. perhaps take some measures...

[Rezand]

I literally just started taking a liking to the site, and was really getting into the atmosphere they had. I'm quite disappointed (yet again) that we're going to have to fight off people doing this sort of thing for fun.

One possibility is to turn off his 'Anonymous Hero' functionality for the time-being. Rusty's site has email verification for new accounts; should the spammer start manufacturing email accounts it may be easier to track him down, and even if not, you can delay the auto-verification emails to once an hour. It's also likely easier to add a 5-post a day limit to a particular account than it is to an anonymous user.

Another temporary solution would be to only allow logged-in users to post/submit as Anonymous Heros. A bit backwards, but combined with the items above, could make it easier to track down the yucksters and reduce spam in the meantime.

These temporary measures are certainly not ideal, but tough times call for tough measures. These work better on kuro5hin than they would on a bigger site like slashdot. Hopefully they will frustrate the spammers long enough that they can grow up, or at least let the site exist in a 'police-state' while they come up with more savvy protection.

Not quite

[pwhysall]

"No information was destroyed"

Actually, the database was corrupted at one point, and K5 rolled back about 9 hours, losing any posts and story submissions in that time.

So yes, information was lost.
--

trust-based models

[Karmageddon]

I'm looking forward to a net that has more trust-based culpability and security. Where anonymity is for people who don't abuse it.

No! I'm not advocating for big brother. Let me give a small example. Kuro5hin should have turned off (via firewall/packet filter) the abusers. The other people who used addresses in those same ranges would have the recourse of going to their ISP and getting the miscreants kicked off. Then, kuro5hin could turn the IPs back on. It's a "little brother" approach, the typical way social systems worked in the old days in small towns, where the vandal's mother generally knew about the vandalism before the perp got home.

It's a little bit the way ORBS works, and though they attract a lot of anger, it seems to work pretty well to me. If the trust network got ubiquitous enough, even large criminal conspiracies like Network Solutions could be brought under control.

I think it starts with ISPs cooperating in attacking abuse.

Not only is the site...

[Jon+Shaft]

Not only is kuro5 going to suffer from these DOS attacks, they're probably also going to suffer from our dearly beloved, dreaded slashdot effect...

But anyways, Last week Cryptome suffered a hard icmp attack becasue of information they had pertaining to a CIA document about Japan.

Can anyone point me to some articles that pertain to the psychology of script kiddies and their thinking of WHY they want to attack and destory other computers with such non-sense? I remember the thread posted here on slashdot a while back, but I browsed through it a few times and didn't find anything I'm looking for...

Re:And it gets reported immediately on /.

[zorn]

Of course /. is slow to report their own downtimes... they're down. And this was no ordinary "our server is flaky for a few minutes", K5 was getting creamed.
Zorn

Much ado about nothing...

[tofus]

Okay, i can understand you volunteer to work on a community site without getting paid for it. I also understand you have a lot of work to do, so keeping security at the optimum level is prolly out of the question. I also understand you don't like it if someone phuxors up the site that you put so many (unpaid) hours into. I even understand you get pissed. What i don't understand is the reaction to this particular action: closing down the site... I mean: if the damage was too big, put back a backup (i recon you have backups). Shit happens. Not only on the Net. And the more shit happens on the Net, the more it's a sign that people are actually doing things with it. Isn't this precisely what geeks have been wanting? A free internet for everyone? Then accept a mishap every now and then. The only thing that really got cranked was your pride. Take a good night's sleep, and get over that. You cannot pull the plug from a site you've worked on with pleasure. You cannot give those little bastards that satisfaction.... Just keep your chin up!

Re:Much ado about nothing...

[malkavian]

Mishaps are one thing. Yeah, you go back to backups and redo from start. I get the impression that the Kuro5hin guys would do that, no hassle, with a cheery whistle.
However, when you're working full time, the last thing you need at the end of the day is to come home and find that someone is trampling all over work you do for pleasure.
I guess it's like coming home every day and finding your house burgled.
Eventually, you go barmy, or move. Or get someone to pay the burglar a nice visit and 'gently' dissuade them from doing such things in future.
Or all the above.
I can understand the decision to pull the plug.
I can also understand that time heals wounds, and that someday, the Kuro5hin guys may bring the site back up when things have cooled down, the SK has been lynched and the bug to see the hard work already put into the site bearing fruit once again arises once more.
I wish the Kuro5hin voluteers peace of mind, and hope they do get the urge to start business as usual sometime..

Malk

Re:Or...

[spiralx]

The Jon Erikson type trolls make a certain degree of sense.

As the real poster behind Jon Erikson I can honestly say that people like myself, osm, gnarphlager etc. all like /. and don't want to see it ruined at all. What we do isn't aimed at breaking /. and we all hate idiots like Penis Bird Guy as much as anyone.

Things like Patrick Bateman and hot grits have become funny in the same way a running joke does, and because they are only one comment per article. The cut 'n' pasters are all cunts IMHO and add nothing to the conversation at all.

What is/was kuro5hin?

[stego]

I'm unfamiliar w/ the site. Anybody care to enlighten me?

Kuro5hin was the new slashdot

[homoted]

It is sad to see them go. I hope whoever is responsible for this crap get prosecuted in some way.

There seem to have become more automated crap postings here lately too. With the goatse thing and other lameness.

Makes me wonder who will be their next target. Technocrat.net?

Screw DOS'ers.

Re:Kuro5hin was the new slashdot

[Kickasso]

Disallowing automated postings is very easy. Does /crew want them disallowed? This is the question.
--

Re:Kuro5hin was the new slashdot

[Jon+Shaft]

There seem to have become more automated crap postings here lately too. With the goatse thing and other lameness.

This can be easily solved by setting your treshhold to +2... but you miss a lot of +1 posts that are still very intresting and well written, but I guess it can be a good tradeoff. When I moderate I keep it down to 0, and sometimes -1.

The only way we can keep this crap off Slashdot is to have enough users intrested in moderating correctly and keeping the higher crop of posts smarter then redundant beer and bird ascii's. Oh welps, that's just my 2 cents, back to contributing. :)

Use the comunity to find the culprits

[Stuart+Ward]

Given the success of the comunity development model in such projects as linux, could this be used to find the perportrators of this kind of attack. Perhaps a dedicated site to contain the detailed information on each attack, with thousands of eyeballs looking for them it would be much harder to hide.

The obvious diffulcty is that you are then provideing detailed information to the Crackers as well as the white hats.

And it gets reported immediately on /.

[rifter]

Slashdot has been slow to report their own downtimes; in many cases not reporting them at all. But of course they quickly jump to report the slightest outage from a competitor less flush with IPO cash.

What happened to fairness and accuracy in reporting? or has that indeed joined the realm of virgins, unicorns, fairies, and other mythological creatures?

legal offense fund

[Karmageddon]

I wonder if we could raise enough $$$ through contributions to pay for the lawsuits necessary to help kuro5hin shake the system down? I'd kick in a few hundred.

Another DoS Attack

[Jim+Tyre]

Last week, Slashdot reported that John Young's cryptome.org was being threatened by the FBI on account of some documents posted there. Pretty much ever since, it has been been down because of a DoS attack.

There was a brief report in Wired on Monday, and John confirmed in email last night.

I have no idea if this is a new trend in sites targetted for DoS attacks, but definitely it is not good.

Re:Or...

[java_sucks]

I'll have to admit that I enjoy the Patrick Bateman posts.. I even get a kick out the the Don Knotts guy although I'm not sure why.
There is a big difference between what these guys are doing and what happened to kuro5in. It's kinda like the difference between making a phoney phone call to your neighbors and repeatedly turfing their lawn. One is harmless the other is not.

I think that the clever trolls who post on /. are all a part of the attraction for me and it's one of the reasons I read some of the discussions that I'm really not interested in. It's the angry bitter destructive script kiddies that I'll never quite understand. But such is life.

Nice commenting system

[shod]

Scoop is still up and available...

Some self-defense..

[dwlemon]

Moderators of even the smallest web boards know how to find and ban IPs.

Anti-troll / spam filter idea for slashdot!

[rent]

Ok, this is not fool proof - but it could eliminate about half of the annoying & redundant posts we see on slashdot each day.

Before the post is published on slashdot, you could take the md5 hash code of the post.
As the post gets moderated down, the corresponding hash code of the post would then be updated to keep a tally count of how many times that particular hash code / post was moderated down.

Now, if a user decides to submit a new post to slashdot, the md5 hash code is taken and compared with all the previous hash codes. If a code matches, then the tally count is retrieved. If the tally count is more than three, slashdot will refuse the user to post.

The md5 hash codes are used for efficiency (much easier to match bit pattern of a hash code then 1000's of bytes of ascii code!)

This would not work well if the abusing user decides to spam slashdot with random garbage. However it might be useful if it worked in combination with the 60second ban, lameness filter etc.

You could also implement an automated process that will change the values of the name="whatever" parameters in the HTML tag to crush those automated posting scripts. (a process will need to change the script source as well) Or have some sort of token value hidden in the form - and only a client that posted with the current token can be accepted.

When I'm dead...

[sammy+baby]

There's a saying: "People will speak well of me when I'm dead." In other words, it's much easier to be a big guy and say nice things about someone when they're down, than when they're actively being a thorn in your side (or at least a worthy competitor).

I'll admit to the following bit of newbie-ishness: my first trip to Kuro5hin was last week. Which is a shame, because it seemed like a pretty quality site, with the exception of the dumbass "You won't see this story on Slashdot, because they're censoring it, those corporate running dogs," posts. I suspect that the site will return before too terribly long, but this is just a damn shame.

Maybe that's the point

[Croaker]

This is going to piss whoever did this even more, and probably get them even more worked up. People who enjoy doing this are not resonable, rational people who care for the good of others.

Maybe they're trying to provoke the kiddie further. Someone who's pissed off often makes mistakes. Maybe they'll mouth off on some k1dd1es IRC channel someplace, or try another attack at the web server. A hasty attack made in a fit of rage could be just the thing to get the kiddie some quality time with The Man.

Personally, I hope the Kuro5hin crew's up to carry out their threat. Both from the standpoint that whoever did this needs to be taken down, and from the standpoint that I'd rather not have them left there impotently waving their fists in the air and making empty threats.

Of course, I'm assuming they're getting the law involved after figuring out who it was.

This really pisses me off . . .

[Goonie]

I'm sure some 13-year-old kid is sitting back basking in the glory of how 1337 he is. Sorry, kiddo, but this kind of thing is just like pouring sump oil all over a football field - one built on the donations of lots of hard-working indviduals. It's not clever, it's not even vaguely hard to do, and it makes life tough for people who are just trying to have fun and make life better for the rest of us.

I discovered early in life that you could have fun doing *useful* things with computers. For your sake, my sake, and the greater good, please redirect your talents to something else before you get caught and suffer the appropriate consequences of your actions.

On another note, if the individuals involved in the attacks on K5 get caught, what punishment would other readers suggest? Personally, I would like them to do community service using computers to help people - doing a web site for a senior citizens' group, helping teach the unemployed computer skills (if the perpetrators are old enough to do that) - that kind of thing. What do you think, people?

A new meaning!

[jacobm]

Congratulations! You've just invented a secondary meaning of the word 'slashdotted!'

Slashdot, v.

1. To bring an Internet site, esp. one with an HTTP server, offline due to excessive demand for its contents as a result of its mention on Slashdot. "Let's hope that memepool doesn't get slashdotted by this..."

2. To destroy what might otherwise be an intelligent public discourse by flooding it with nonsense or deliberately offensive or stupid garbage. "Looks like George and Al are trying to slashdot the election."
--
-jacob

I agree with your point, but not your logic.

[schon]

I agree with you that the "little brother" idea is a bad idea, but not for the same reason you do.

The subnets the attacks came from are most likely NOT the ones of the attacker -- just the ones of some sorry people who have an open socks, Back Orifice, Netbus, installed on their hdd and are not aware of it.

To me, this is a point in favour of the "little brother" approach - if there are people who are clueless enough to let it happen, they should be punished until they fix the problem.

"I know I kept my AK47 in an unlocked display case on my front yard along with 50 clips of ammo, but it's not MY fault that someone took it and committed crimes with it."