Slashdot Mirror
DoubleClick Hit by DDoS Attack
YetAnotherName writes "The Washington Times is reporting that everyone's most beloved online advertising distributor, DoubleClick, was subject to a DoS attack crippling the company's DNS servers, and preventing up to 75% of advertising from making it to web pages and surfers' eyes."
They are truly my hero! Double-click can suck it. Twice.
Trying to get rid of traffic they don't want to see... sounds like trying to get rid of adds we don't want to see.
ogg
Black cat, searing pain, flames...? I must be in Heaven! - Homer Simpson
The issue wasn't that Double Click had problems, but that every site that uses them become very slow.
Until the basic routing infrastructure of the net changes, this is going to be a common issue anytime a number of big sites all require another organization to serve up their pages (e.g. Akamai).
I'm a little disappointed that a group of fairly die-hard anti-doubleclick geeks could only hobble it a few hours at 75%...it may simply have been more effective to introduce a nasty virus into their network, so we'll just call this attack a symbolic way to raise awareness of this historically nasty company. I much rather have heard that a more intrusive and smaller company like CoolWeb was attacked.
Often wrong but never in doubt.
I am Jack9.
Everyone knows me.
1. Terrorist training servers.
2. Goatzee
3. Doubleclick
Your list ?
Yes. Also, keep in mind that this didn't only hurt doubleclick - it also hurt the webmasters that used doubleclick ads on their site. For some, a day's worth of ad revenues may be the difference between being able to eat one day or not.
Likewise, cracking down on drug abuse doesn't only hurt dealers - it also hurts the junkies.
Some of us are of the opinion that while in the short term the people who are hurt by restricting despicable activities may deserve our sympathies, perhaps in the long term they would be better off finding a more socially acceptable way of life?
Or, you can do what I did for Safari, and use a .css that blocks out ads featuring the typical properties of ads.
It also adds a little unicode email character next to email links, and colors java or javascript links green.
That CSS file that blocks ads
Would a cracker 127.0.0.1'ing doubleclock via a worm or virus be a black hat or a white hat?
May we never see th
I wrote my own spam filter. One of things it does is decode the message body, isolate those web addresses, then perform a simple blacklist/whitelist check on both the web server name and IP address. It turned out that, on average, every IP address was the home of three or four names.
That may not be a representative sample, though. Most of my spam is rejected by one of the DNSBLs; only mail that makes it over that hurdle actually gets the message body checked. That comes out to (usually) less than 10 web-server-based rejections per day.
But hey, I'm not going to complain. I average about one piece of spam every five days or so.
Am I the only one, who after reading the doubleclick DoS article here found that their usage of the term 'hackers' was really rather....stupid? Something to that point? After reading the Great Hackers article, anyways... Surely I can't be the only one who was bugged by this.
I'm no big fan of DoubleClick but think about this for just a moment. All those sites that you go to that have these ads are staying in business because of them. If DoubleClick went away so would a lot of that content.
This sig has been temporarily disconnected or is no longer in service
It's worth noting that the attack on DoubleClick, which is an Evil Corporation (TM), also affected the ~900 sites that use DoubleClick to serve their ads. Those sites had to wait for their ad cycle to time out or something (IANAWD). So quite a few web sites were affected, with slow loading times. Sites that disabled DoubleClick ad banners had to deal with the fact that, for the better part of a day, they lost all banner revenue. So in the end, this DDOS was probably just a Bad Thing (TM).
If my answers frighten you, stop asking scary questions.
I don't think I've seen a banner ad in a year or so.
I have. I don't mind them when they don't blink or aren't placed in a really annoying position. If they do either of these things, I block the ad company that provides the ads. I do actually send quite a bit of business to online advertisers. Moral of the story? If you want my money, don't use an ad company that allows annoying ads.
This is completely off-topic of me, but...
;)
/., but oh well.
I wish people could get as worked up about stopping war as they do about stopping hackers.
So fucking sad. So very fucking sad.
Replace a 'DDoS' with 'war' and kernel.org/microsoft.com with any two nation names and re-read your post if you are wondering wtf I'm talking about.
Of course, that would get you modded to oblivion on
http://adzapper.sourceforge.net/
a nifty plugin for squid. does more than just remove ads, it replaces them with a 'this ad zapped' image / swf, so pages don't render weird.
it's written in perl so it's easy to hack and is easily configurable.
I block ads, then when I open sites I use regularly I either make a donation, or just unblock ads and click all the links. If they lead to something intereseting, I'll often buy it. /. generally has well targeted ads, so I don't often block OSDN stuff. Nor do I block google's text ads, as they are often quite useful.
Not a sentence!
I found the PreferenceBar extension really useful. I just unclick the "JavaScript" checkbox, and the pages speed up again. Now, if only I could create a plugin that does site-specific JavaScript blocking...
Opinions my own, statements of fact may contain errors
That may explain why so many web pages with doubleclick ads have been loading so slowly lately. It has been really annoying; in many cases the rest of the page won't display until the add is finished loading.
I have an urge to give a snotty "you block a whole site because of their ads? Isn't that excessive"?
But that is kind of the point - I am sure that you can justify using the site without the ads. Justification is the parlor game of most internet power users. I just don't see it that way. If I walk into a bar with a two drink minimum, even if it is not enforced, the right thing to do is order two drinks. I'll sit at a diner for hours with a cup of coffee, but I won't do it during a mealtime rush. These are things that aren't illegal, but are merely rude; you are taking advantage of the proprietor.
How is blocking the ads but using the site not an immoral act? Not a terrible one like cheating on your wife, but mild one like skipping on the two drink minimum or leaving a lousy tip?
I tip well, I follow the rules, both official and unspoken of an establishment that I enjoy, and I leave the ads on if I read the site. The glee of saving a few bucks by not leaving a tip is tempered by recognizing that there's a waitress who you just screwed. Is it because you can't see the work that the author put into the site? Is it moral because you don't see the website employees you've (mildly) screwed over?
--
Evan
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
Check out the 2 year graph. I think it puts things in perspective. http://www.alexa.com/data/details/traffic_details? &range=2y&size=large&compare_sites=slashdot.org&ur l=http://www.doubleclick.com#graph
"just do it."
"takes a licking and keeps on ticking."
if any of these phrases bring a companies name to mind, and any ideas about that company, then youve been affected by advertising more than you think. its branding, and you dont have to interact with an ad to be affected by it. a big part of marketing is just letting people know a company exists, not making you buy a product then and there. :-P
OSDN uses doubleclick.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
But that wasn't what I was saying. I'm saying, if the staff of the bar was rude to you, perhaps saying something insulting to you, or giving you a really hard time when you tried to order something... well, you might be moved to be rude in return to them, and not really care about ordering the minimum 2 drinks. Even if you wouldn't, certainly there are a lot of other people who would.
In the case of web sites, the sites are being rude by popping up windows that must be moved, and flashing bright colors that are distracting. In fact, many ads will do everything they can to take your attention away from the real content of the site so that you will look at the ad instead. By serving up these kinds of ads, the owner of the site has been rude to me. Therefore I am moved to be rude in return, and remove all such distractions from my screen.
Text ads, on the other hand? Those are fine with me. Because they aren't so rude.
Doing that will make them unblockable since the ads and the content are being served from the same IP address. However, there is nothing to stop someone with coming up with a clever HTML rewriter plugin/browser to strip out the content (readable text and meaningful binary content files) and make a simplified version of the (likely ad-ridden) original page.
My firewall program cannot detect deliberately broken up 'SCRIPT' tags via the document.write Javascript function--otherwise Google's AdSense advertising would be blocked too. If I didn't need Javascript, I could turn it off at the browser level and kill these ads as well.
Simple, HTML-only, text-based ads for me, thank you very much (works for Google)--I am on 'sessioned', time-limited dailup and cannot waste time downloading an (animated) ad banner image, or an (obnoxious, animated) shockwave ad.
When you connected to somebody else's server and requested content?
Pretty simple, really. HTTP is a request based protocol.
--
Evan "Versus Spam, for instance"
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
Bob takes pictures of flowers. He thinks they are nifty and other people might like them. He pays $10 a month for a website and puts them up online. Bob is paying to give you something for free. Bob's site becomes popular, and the bandwidth jumps over the course of six months to $200 a month. Whoa. Those are some high res flowers. Bob puts some ads on the site to try to defray the cost - to help pay for what he's giving out for free.
Bob is (implicitly) saying: "Hey, I went out and took these pictures, and you can have them! When you view them, I have some ads running so I can continue to bring them to you".
Now, you don't have to visit Bob's site. You won't see any ads. You asked when you agreed to view ads... when you chose to go to Bob's site.
You certainly have the technology to block those ads. But that's being rude to Bob who is trying to host these pictures for everybody to use. Not very polite. Thus the wrong thing to do.
Bob is being nice to you. He's giving you free pictures of flowers. Being nice to Bob and viewing the whole site is the right thing to do.
Now, where am I wrong?
--
Evan
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
How about designing a browser or browser add-on
that blocks adds, but simulates clicks on banner ads at random intervals? Then the user wouldn't have to see ads, the ad company would think that their ads were being viewed, and everyone would be happy.