ProtonMail Restores Services After Epic DDoS Attacks

← Back to Stories (view on slashdot.org)

ProtonMail Restores Services After Epic DDoS Attacks

Posted by timothy on Tuesday November 10, 2015 @01:55AM from the stronger-in-the-broken-places dept.

An anonymous reader writes: After several days of intense work, Switzerland-based end-to-end encrypted e-mail provider ProtonMail has largely mitigated the DDoS attacks that made it unavailable for hours on end in the last week. The attacks exceeded 100Gbps, and are still going on, but they are no longer capable of knocking ProtonMail offline for extended periods of time. The ProtonMail community of users proved to be invaluable for the company. In fact, in just a few days, they donated over $50,000 to the company's "defense fund," providing the resources to resist further attacks against email privacy.

57 comments

Min score:

Reason:

Sort:

That's some serious traffic by Falconnan · 2015-11-10 02:06 · Score: 5, Interesting

State actors or malicious mischief? That is the real question.
1. Re:That's some serious traffic by Anonymous Coward · 2015-11-10 02:22 · Score: 1
  
  State actors. They were paid off, but went ahead and DDoS'd anyway. The DDoS or dissolving of protonmail entirely were the goals.
2. Re:That's some serious traffic by Anonymous Coward · 2015-11-10 02:23 · Score: 0
  
  Maybe ProtonMail attacked itself... for the massive publicity.
3. Re:That's some serious traffic by Anonymous Coward · 2015-11-10 02:41 · Score: 4, Informative
  
  Just to clarify:
  ProtonMail were *forced* to pay the ransom, it wasn't entirely their choice.
  "At this point, we were placed under a lot of pressure by third parties to just pay the ransom"
  due to... "hundreds of thousands of Swiss Francs in damages suffered by other companies caught up in the attack against us"
  And no doubt, this is the start of a series of attacks against them, by the likes of the terrorists at the NSA/GCHQ.
4. Re:That's some serious traffic by Anonymous Coward · 2015-11-10 04:52 · Score: 0
  
  I think you mean "forced" not *forced*. They still could have said no.
5. Re:That's some serious traffic by Anonymous Coward · 2015-11-10 05:26 · Score: 0
  
  "Patriotic" crackers. They want to enforce their dystopian police state where the weak are discovered and killed. Free flow of information is a subversion of their party and cause.
6. Re:That's some serious traffic by Anonymous Coward · 2015-11-10 07:01 · Score: 0
  
  So your argument is that in addition to being stupid they are also cowards? I totally trust this "secure" service more now.
7. Re:That's some serious traffic by GuB-42 · 2015-11-10 07:02 · Score: 2
  
  There are two different actors. The first was in for the ransom and stopped after being paid.
  The second uses a much more advanced attack, has unknown motives, and may have chosen to strike at the same time as an attempt to put the blame on the first group.
8. Re:That's some serious traffic by myowntrueself · 2015-11-10 08:39 · Score: 1
  
  State actors or malicious mischief? That is the real question.
  We shall see.
  If these guys suddenly start getting payments of just over US$10,000 into their bank accounts, which are then reversed or cancelled, so that their bank is forced to close their accounts because they can't cope with the overhead of the constant stream of reporting on possible money laundering, then we'll know its a state actor.
  
  --
  In the free world the media isn't government run; the government is media run.
Wrong FIFY by Anonymous Coward · 2015-11-10 02:22 · Score: 0

ProtonMail Restores Services After Epic DDoS Attacks
s/b
ProtonMail Restores Services After DDoS Attacks of Epic Proportions Deflates Into Flacid Dysfunction
Re:Attn Slashdot: I have a Penis by Anonymous Coward · 2015-11-10 02:24 · Score: 0

and im not afraid to use it
Well give back then. That guy really misses it.
Strike #3,094... by Anonymous Coward · 2015-11-10 02:27 · Score: 0

Frivolous use of superlatives. Slashdot is getting more and more "amazeballs" Time to move on to a more mature source of information.
1. Re:Strike #3,094... by Anonymous Coward · 2015-11-10 03:40 · Score: 0
  
  Frivolous use of superlatives. Slashdot is getting more and more "amazeballs" Time to move on to a more mature source of information.
  Like what? Slashdot is doing a great job of driving away their old core readership, but Soylent is a joke, Reddit is even more full of 'amazeballs' 'totes epic' content, ycombinator is just OK, but their whole site just barely qualifies as barebones. Let's face it, the Buzzfeedification of the Internet has ruined just about everything that once made the Internet great.
  The Internet is still a great tool for content distribution (like music, movies, and software), but the signal to noise ration on the Web is so low that it has mostly turned into an enormous pile of faeces with a few bits of corn in it, which are becoming harder and harder to find.
2. Re:Strike #3,094... by Anonymous Coward · 2015-11-10 03:49 · Score: 0
  
  Ars Technica, Anandtech, Tom's Hardware, [H]ard|OCP.
  Slashdot lifts most of its stories from those sites anyhow, so you might as well go directly to the sources.
3. Re:Strike #3,094... by Anonymous Coward · 2015-11-10 04:10 · Score: 0
  
  https://pipedot.org/
4. Re:Strike #3,094... by Anonymous Coward · 2015-11-10 04:52 · Score: 0
  
  The problem with all of those websites (well, not the only problem) is that their communities blow. Nobody comes to Slashdot to get days old news, they come for the discussions. Seriously, the caliber of the discussions on those sites you mentioned doesn't even come close to the discussions on Slashdot today, which barely hold a candle to the caliber of discussions in Slashdot's salad days.
5. Re: Strike #3,094... by Anonymous Coward · 2015-11-10 06:39 · Score: 0
  
  Really? You must be moo here - most people come for the memes...
6. Re:Strike #3,094... by Anonymous Coward · 2015-11-10 07:03 · Score: 0
  
  The problem with all of those websites (well, not the only problem) is that their communities blow. Nobody comes to Slashdot to get days old news, they come for the discussions. Seriously, the caliber of the discussions on those sites you mentioned doesn't even come close to the discussions on Slashdot today, which barely hold a candle to the caliber of discussions in Slashdot's salad days.
  Agreed with you 1000%. Especially Ars, that place is strictly pro apple and microsoft, everything else just gets bad press and the comments there just follow them blindly.
7. Re:Strike #3,094... by Anonymous Coward · 2015-11-10 10:59 · Score: 0
  
  Are you kidding? They have much better communities than Slashdot. At least the people there are intelligent and somewhat polite.
"anonymous" and "secure" what a joke by Anonymous Coward · 2015-11-10 02:28 · Score: 3, Interesting

They're asking for an email account so that they can send you an invite. How is this remotely anonymous?
Being in .ch is nice and all, and gives you that "Swiss Bank Account" feel, but the XKCD coming about encryption & pipewrenches comes to mind. Since the Banks have rolled (because Nazis) what is going to keep your free email secure when the Polizei comes knocking?
1. Re: "anonymous" and "secure" what a joke by Corwyn_123 · 2015-11-10 04:26 · Score: 2
  
  Simple, the admins cannot access the emails of their users, it's encrypted on the servers. The most the police can how to get, of they can get anything at all, would b header and routing information, which is the meta data, not the content.
2. Re:"anonymous" and "secure" what a joke by Anonymous Coward · 2015-11-10 06:58 · Score: 1
  
  It depends on your threat model. If you're sufficiently interesting to the thugs that pipe wrenches become involved, then no, ProtonMail won't save you. But an encrypted email service will at least protect your mail from getting caught up in the "new normal" mass data collection. (And the use of encrypted mail may in turn make you more interesting to the thugs, sigh...)
3. Re: "anonymous" and "secure" what a joke by SethJohnson · 2015-11-10 07:38 · Score: 1
  
  I think the goal they are trying to provide is sincere and valid. But, looking over their company, I don't see a reason to trust their implementation. Check the 'about' page and you'll see no description of anyone being a true data scientist with a Masters or Phd. To be credible, they would need to have a third-party security audit performed on their source code. No mention of that anywhere.
  
  Because it's closed-source, you have no assurance the client and server are not juggling SSL keys and allowing a MITM attack to be performed at the request of a subpoena.
  
  An easy step to credibility would be to publish their server's API and allow third-parties to implement their own mail client apps. Then they become a cloud service provider and leave the app development to others (in addition to a feature-poor POC app developed in-house).
  
  Finally, not to beat a dead-horse here, but this phrase isn't confidence-building--
  
  "By using open source encryption libraries, we can help guard against back doors designed to compromise your privacy."
  No guarantee against back doors. They're just helping to guard against them.
  
  --
  $5 / month hosted VPS on linux = awesome!
4. Re: "anonymous" and "secure" what a joke by bartbutler · 2015-11-10 11:45 · Score: 1
  
  It's not closed source--the encryption library used is OpenPGPjs, which has been extensively audited, and the client, which is where all the encryption and decryption happens, is also open source: https://github.com/ProtonMail/... Nobody can really guarantee against back doors, but using open source certainly helps, as the more eyes on it the better. Also, not that it's terribly relevant, but there are at least 4 PhDs working for ProtonMail.
Which government is responsible? by Anonymous Coward · 2015-11-10 02:34 · Score: 0

or how many?
1. Re:Which government is responsible? by TWTiger · 2015-11-10 02:51 · Score: 1
  
  Well, I don't know, but I do know which government that just approved a new surveillance law....
2. Re:Which government is responsible? by nitehawk214 · 2015-11-10 02:54 · Score: 1
  
  Yes
  
  --
  I'm a good cook. I'm a fantastic eater. - Steven Brust
Re:Attn Slashdot: I have a Penis by Maritz · 2015-11-10 02:34 · Score: 1

Well, just because you have one, doesn't mean you're not one.

--
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
I wonder about the client base by Coisiche · 2015-11-10 02:41 · Score: 1, Interesting

The article says:

in just a few days, they donated over $50,000
I would just complain to my ISP, over the phone obviously, and demand a compensatory cut in monthly bill... not give them *more* money.
1. Re:I wonder about the client base by Anonymous Coward · 2015-11-10 02:47 · Score: 0
  
  And your ISP will promptly tell you to fuck off, because you cost more money than you're worth.
SubjectsInCommentsAreStupidCusTheSubjIsTheArticle by lesincompetent · 2015-11-10 02:42 · Score: 3, Informative

Much more info on this official blog post: https://protonmail.com/blog/pr...
Donating money to fight a DDOS is dumb by Anonymous Coward · 2015-11-10 02:46 · Score: 0

Donating money to a fight a DDOS is as good as flushing it down the toilet. The attackers will just keep the attack up, until the money dries up. $50k doesn't last long against 100Gbps, and you're just inviting the assholes to increase their botnet capacity.
1. Re:Donating money to fight a DDOS is dumb by nitehawk214 · 2015-11-10 02:56 · Score: 2, Interesting
  
  I would donate money to help fight it, but not if they are just going to give the money to the attackers. Which seems to be exactly what they did here.
  And it was probably the government of a country obsessed with surveillance of their own people, so no amount of ransom is going to make that go away. The internet service providers are, of course, in on it.
  
  --
  I'm a good cook. I'm a fantastic eater. - Steven Brust
2. Re:Donating money to fight a DDOS is dumb by Zorpheus · 2015-11-10 03:14 · Score: 1
  
  What? Are you claiming that Radware attacked them to get the contract to help them?
3. Re:Donating money to fight a DDOS is dumb by Anonymous Coward · 2015-11-10 05:10 · Score: 1
  
  And it was probably the government of a country obsessed with surveillance of their own people, so no amount of ransom is going to make that go away.
  Heh. I do find it interesting that the FBI's official advice regarding CryptoWall is to just pay the ransom. Considering CryptoWall has plagued the world for several years now with no one caught, when other TOR-based crimes like online drug sales and child porn are easily busted, it sorta makes you wonder who's behind CryptoWall and why they're not busted, no? I can picture James Comey checking the FBI's clandestine Bitcoin balance when he arrives at work each morning, figuring out how many more Stingrays he can buy off the books.
4. Re:Donating money to fight a DDOS is dumb by Anonymous Coward · 2015-11-10 10:28 · Score: 0
  
  At this point, we were placed under a lot of pressure by third parties to just pay the ransom, which we grudgingly agreed to do at 3:30PM Geneva time to the bitcoin address 1FxHcZzW3z9NRSUnQ9Pcp58ddYaSuN1T2y. This was a collective decision taken by all impacted companies, and while we disagree with it, we nevertheless respected it taking into the consideration the hundreds of thousands of Swiss Francs in damages suffered by other companies caught up in the attack against us. We hoped that by paying, we could spare the other companies impacted by the attack against us, but the attacks continued nevertheless. This was clearly a wrong decision so let us be clear to all future attackers – ProtonMail will NEVER pay another ransom.
5. Re:Donating money to fight a DDOS is dumb by nitehawk214 · 2015-11-10 11:56 · Score: 1
  
  I believe it was a government that sponsored the DDOS. Thus it did not stop when they were paid off. I don't know who Radware is.
  
  --
  I'm a good cook. I'm a fantastic eater. - Steven Brust
6. Re:Donating money to fight a DDOS is dumb by nitehawk214 · 2015-11-10 11:57 · Score: 1
  
  Of course, if people take the payoff, then the FBI doesn't have to bother with hunting for the criminals. Pretty convenient to skip out on doing their jobs.
  
  --
  I'm a good cook. I'm a fantastic eater. - Steven Brust
7. Re:Donating money to fight a DDOS is dumb by Zorpheus · 2015-11-10 12:27 · Score: 1
  
  According to the article Radware were paid the $50000 to handle this attack. Well, it is not that much to read ;)
8. Re:Donating money to fight a DDOS is dumb by Anonymous Coward · 2015-11-10 18:57 · Score: 0
  
  I think that most here are missing the point- ProtonMail was the entry point to a massive attack that took down _hundreds_ of other sites.
  They were the Mosquito bite that let the Malaria flood into the bloodstream.
  Who knows how many of those other sites have the same vulnerabilities?
  Don't forget- this is Switzerland, where Privacy, well to some value of Privacy, is taken very seriously. Financial Privacy.
  High-profile ProtonMail took one for The Team, and will have significant ...Security... expenses from now into the future. So, I may add, will their ISP.
  How many of those other Sites and ISPs are going to be spending the same amounts? To whom is the Money paid? How many would ever even admit it?
  I don't think that this is Terrorism, or some shady TLA Black Op. It is a Demonstration, a Corollary of Sutton's Law:
  As Willy Sutton has been quoted, maybe:
  "Why do you keep robbing Banks?"
  "Because that is where the money is."
  Follow the Money, if Switzerland allows it.
  (I'm not talking about that piddly Bitcoin amount; those Kiddies are probably shitting bowling balls...)
ProtonMail are bad guys too by Anonymous Coward · 2015-11-10 02:47 · Score: 0

ProtonMail are bad guys too, because they paid the ransom. It made them complicit in the criminal incident.
Re:Attn Slashdot: I have a Penis by PopeRatzo · 2015-11-10 02:52 · Score: 1

I have a Penis and im not afraid to use it
You better ask the guy it's attached to first.

--
You are welcome on my lawn.
The word Epic. by Anonymous Coward · 2015-11-10 03:13 · Score: 0

Can I grind the genitals off of the next writer who uses the word Epic in a headline? Same with marketing droids who use the word stunning, I'd like to stun those assholes with a cattle prod in the genitals.
1. Re:The word Epic. by KGIII · 2015-11-10 06:51 · Score: 1
  
  What if the next writer is referring to a saga that is truly epic? What then, smart guy? Grind their nuts off just 'cause the word chafes your nether regions?
  Stand up, put a foot on one chair and the other foot on another chair. Use a brick to hit yourself in the head, over and over, until you've knocked some of the sand from your vagina. Life will be much easier then.
  
  --
  "So long and thanks for all the fish."
No worse than what IRC networks get by Anonymous Coward · 2015-11-10 03:15 · Score: 0

This crap is child's play compared to the packets that IRC networks receive on a regular basis. Whiny assholes.
Re:Attn Slashdot: I have a Penis by Tokolosh · 2015-11-10 03:45 · Score: 1

And they say there are no women in tech.

--
Prove anything by multiplying Huge Number times Tiny Number
Question On How Proton Works by Anonymous Coward · 2015-11-10 03:51 · Score: 0

Proton mail claims to have self destructing emails. They liken it to SnapChat, claiming that the sender can set an expiration date on the email and it will be deleted from the recipient's mailbox. They also say that this feature works with recipients external to the Proton system.
I was unable to find anything about how exactly this "ephemeral" message actually works. I presume that it uses some sort of key expiration, but the claim of it being deleted form the mailbox doesn't fit that method. Does anyone, preferably someone that has used it or can provide a link to documentation, know how exactly the Proton self destructing email system works?
1. Re: Question On How Proton Works by Anonymous Coward · 2015-11-10 07:03 · Score: 1
  
  Wasn't aware that they claires self-destructing mais but when I send an en crypted Mail to a non-protonmail account what they receive is a LINK to the encrypted message on the proton mail server where they must enter the password to read it. So I guess the link probably expires.
2. Re:Question On How Proton Works by ale2011 · 2015-11-10 07:17 · Score: 1
  
  The fact than one finds more advertising than explanations already betrays the true nature of that feature. In short, you post a link to an ephemeral resource; but you may further encumber that with DRM-like stuff. More here and here.
  In fact, all email is self-destructing, eventually. Just not under the sender's control.
Use the E word sparingly... by truck_soccer · 2015-11-10 03:54 · Score: 0

Are you a frat boy from 2005? There are literally 0 things that are deserving of the hyperbolic expression "epic" that are not Literary Masterworks, or perhaps the Himalayan mountains. Maybe the Atlantic Ocean...Anyway, just stop it with that word for the love of Pete, I've had to endure it for years and just when I thought it was over the Media took it and FUCKING RAN. Relying on internet memetics doesn't make you look cool, it makes you seem lazy.
1. Re:Use the E word sparingly... by Anonymous Coward · 2015-11-10 04:09 · Score: 0
  
  There are literally 0 things that are deserving of the hyperbolic expression "epic" that are not Literary Masterworks, or perhaps the Himalayan mountains. Maybe the Atlantic Ocean...
  You forgot the makers of the Unreal Engine.
BlueFrog anyone? by Anonymous Coward · 2015-11-10 04:34 · Score: 0

There are plate tectonic forces at work... if you're doing something controversial, you gotta have a metric shitload of stones and capability!
And these guys weren't in a low-traffic-isp...
1. Re: BlueFrog anyone? by Anonymous Coward · 2015-11-10 13:27 · Score: 0
  
  Other than hosting my own they are now at the top of my list. Its nice being able to throw a few dollars towards the govt with a big fu note.