Several Sites Including Twitter, GitHub, Spotify, PayPal, NYTimes Suffering Outage -- Dyn DNS Under DDoS Attack [Update]

Several popular websites and services are down right now for many users. The affected sites include Twitter, SoundCloud, Spotify, and PayPal among others. The cause appears to be a sweeping outage of DNS provider Dyn -- which in turn is under DDoS attack, according to an official blog post. From a TechCrunch report:Other sites experiencing issues include Box, Boston Globe, New York Times, Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties. Users accessing these sites might have more or less success depending on where they're located, as some European and Asian users seem not to be encountering these issues. Last month, Bruce Schneier warned that someone was learning how to take down the internet. Update: 10/21 14:41 GMT by M : Dyn says that it has resolved the issue and sites should function normally. Update: 10/21 17:04 GMT by M : Department of Homeland Security says it is aware of the first DDoS attack on Dyn today and "investigating all potential causes." Dyn says it is still under DDoS attack. News outlet The Next Web says it is also facing issues. Any website that uses Dyn's service -- directly or indirectly -- is facing the issue. Motherboard has more details. Update: 10/21 17:57 GMT by M : It seems even PlayStation Network is also hit. EA Sports Games said it is aware of the issues in live-play. Dyn says it is facing a second round of DDoS attacks.

Update: 10/21 18:45 GMT by M : U.S. government probing whether east coast internet attack was a 'criminal act' - official.

Editor's note: the story is being updated as we learn more. The front page was updated to move this story up. Are you also facing issues? Share your experience in the comments section below.

Great!

[ickleberry]

Hopefully they never come back up! It would be great to live in a world with the above gone. Hopefully the FANG companies are next to go.

Re:Great!

[ScentCone]

Hopefully they never come back up! It would be great to live in a world with the above gone.

Right! Because we sure wouldn't want small businesses to be able to do business using a payment mechanism they choose to use, or people to conveniently communicate from their phones using a service they choose to use, or listen to music from a source they choose to use. Definitely, all such things should be destroyed. What the hell is wrong with you?

Re:Great!

Why?

Re: Great!

You're confused as usual ScentCone, the problem is with those companies, whose offenses are well-known. They have engaged on evil, of their own volition, not because of their function, but choice.

You really need to be less of an absolutist, you have a severe tendency to overreact and respond with a less precise and effective response. It's a character flaw you need to address.

Re:Great!

[ickleberry]

Paying money every month for a couple of sine waves coming out of a cheap tinny Chinese speaker.
Paying money to paypal for the privilege of paying. Paypal fees are f**ing ridiculous

We'll live in a freer world with those tech parasites gone

Re:Great!

Twitter is useless for anything but propaganda and "i just ate X at Y" posts.
Spotify is wastefull, if you want to stream the same songs over and over while paying for it be my guest.
PayPal is criminal, theyd much rather just take your money than provide their service.

I have no idea why SoundCloud is so bad though, it doesnt cost money and most of the shit on there is made by normal people.

Re: Great!

[ScentCone]

You really need to be less of an absolutist

See, my perspective is that you absolutely should have the choice to use PayPal or Square or what have you, if you choose to. You ... absolutely think they should be shut down? In what way am I over-reacting to someone who thinks that Twitter should go away? Why not simply offer a better choice, or at least ignore the thing they don't like? The world view that calls for the destruction of businesses that whiners resent or wish were different is a fundamental problem with our current culture. So yes, it's worth reacting, and pointing out the baseline trollishness of such perspectives. Because the little baby tyrants that live inside people who think like that are poisonous to everyone. "I don't like that thing! I hope it dies!"

No, I'm not confused. But I see that you're trying very hard to avoid the big picture.

Re:Great!

[ScentCone]

Paying money every month for a couple of sine waves coming out of a cheap tinny Chinese speaker.
Paying money to paypal for the privilege of paying. Paypal fees are f**ing ridiculous

Here's an idea: don't use those services.

Obviously you are personally running a much better music streaming service that you'd like to offer to Spotify's millions of customers. Can you provide a link to something that they will find persuasive? I'm sure your system is easier to use, less expensive, widely available, performs well, pays the artists who create the material they license to you, and in all other ways is superior to Spotify. Looking forward to your offering! Right? Yes?

And, obviously you have never been involved in any sort of commerce there in your mom's basement. Or, are you offering the infrastructure, security, staff, and other resources that will allow individuals and businesses the means by which to handle financial transactions on the fly, a million times a day, but at no cost to any party involved? Fantastic! Please provide a link to that other service of yours, too. That would be awesome. Right? Yes? No? I see.

Re:Great!

[stealth_finger]

Paying money to paypal for the privilege of paying. Paypal fees are f**ing ridiculous

Ha, you should check out the bank fees.

Re:Great!

[ickleberry]

Torrent, cryptocurrency. Spotify uses DRM. DRM is evil. I am surprised to see someone on Slashdot supporting these muppets.

There has been a great centralisation going on since 2005. Be great to see it come to an end

Re:Great!

I agree I hope these services die!

Re:Great!

[Maritz]

Hopefully they never come back up!

It's weird that you would state a hope like that, because it's not going to happen, is it?

Re:Great!

[ScentCone]

Torrent, cryptocurrency. Spotify uses DRM. DRM is evil. I am surprised to see someone on Slashdot supporting these muppets.

I'm supporting your CHOICE to use whatever services you like, and to move to something else if you prefer. Wishing for the destruction of such services by a malicious third party is BS. If you want them to go away because you philosophically disagree with, say, musicians choosing to whom they license their works ... then offer a service that musicians like better. Some don't license their works to Spotify. That's different than cheering when some script kiddies act to destroy access to it.

Re:Great!

Sadly the services are back up and appeared to have come back up just as Slashdot posted the story. Too bad, the world would be a much better place if PayPal and Twitter just suddenly stopped existing. I don't know what SoundCloud and Spotify are so I'll just assume they're crappy wanna-be social networking things too with a woefully inadequate advertising budget.

Re:Great!

Sadly, most people don't believe in choice anymore - unless you choose what you want them to choose.

It's the cornerstone of the Progressive movement, which dates back to the 1920s and culminated in Prohibition here in the USA. We beat them back, but they've never really gone away.

Re:Great!

[Foundryman]

Hey, I'm on board with people being able to use what they choose! Just gotta make sure those choices are all ones that I also like.

Re: Great!

No, it actually isn't.

Re: Great!

No, you are confused, you just won't admit it. That's why your reaction was an absolutist one, as opposed to a particular one. You can't conceive of an individual or gradiated reaction, everything is all or nothing to you. This in turn leads you astray as you don't think of anything beyond your superficial reaction. The behavior of only a shallow examination without consideration of nuance.

That's leading you unable to understand how the actions and practices of the companies involved can be hindering choices, that they are the actual problem, not because of the what, but because of the how. Which derives from the why, which relates to who they are. The when is only marginally related, though if they changed themselves, I suppose it might be significant. The where only barely matters.

But you need not trouble yourself, due to your inability to overcome your faults, you are becoming more and more marginalized all the time. Eventually your irrelevance will become complete and you will cease to exist. You will simply have no place in the world.

Re:Great!

[houghi]

Some people just want to see the world burn.

Re:Great!

cryptocurrency.

Which cryptocurrency provides services such as escrow that PayPal provides?

Re: Great!

Why are you even bothering to reply to this retard?

Re: Great!

You realize you're retarded, right?

Re: Great!

No, you are confused, you just won't admit it.

I'm confused by your posts, and I will freely admit it.

Re: Great!

[ScentCone]

You can't conceive of an individual or gradiated reaction

So what is your "gradiated" take on whether or not malicious script kiddies should burn down Twitter's DNS provider? Personally, I think that's a black and white issue. I responded to someone who was cheering on the script kiddies doing the damage. You, with your advanced and clearly superior intellect and sense of nuance, obviously think it's kind of OK that the script kiddies wreck things like that. Can you elaborate please? Be sure to use simple words to describe the part where launching a DDoS like that is a good thing, so that us simpletons can keep up with your anonymous, cowardly self as you teach us more about our irrelevance. Or will explaining the ethical merits of the DDoS attack on Dyn fail to provide you with a proper venue for your pretentious faux condescension? I'd hate for you to have to just simply get to the point - that might hurt your tender, advanced, nuanced feelings.

Re:Great!

[ScentCone]

Hey, I'm on board with people being able to use what they choose! Just gotta make sure those choices are all ones that I also like.

Meaning ... if you don't like a choice, you don't think other people should have access to it?

Re:Great!

If you're going to go that angle, you're going to have to talk about the Suffragettes and their link to the Temperance Movement since the late 1870s or so iirc.

Ken Burns' documentary Prohibition will help you out.

Then you can extrapolate to how the forces behind the Volstead Act got beat back after the women behind the Temperance Movement saw the true horror of prohibition (i.e. mixed drinks and speakeasies) and moved on to cannabis prohibition.

Except you wouldn't, because cannabis legalization is progressive and politically correct, amirite?

Dipshit.

Re:Great!

[rickb928]

TANSTAAFL

Re:Great!

You are supporting the tyranny of the masses. Masses are controlled by those who shout loudest, that would be those who can afford global megaphones.

Supporting free choice in a world of consumers is supporting corps with the biggest PR machines. People are stupid. They believe what they are repeatedly told.

Re:Great!

[rickb928]

Blockchain currencies offer similar security. It's in there.

Re:Great!

[rickb928]

PayPal *is* a bank in every way that is meaningful for payments tech.

Re: Great!

[PopeRatzo]

You're wasting your breath, ScentCone. Guys like him have declared war on the Internet because Twitter took away Milo Yiannopoulos' blue checkmark, and some female video game critic gave Bayonetta a 7.5/10.

This is the nihilism that online anonymity and toxic 4chan culture has engendered. They're terrorists who are simply too lazy to leave their moms' basements. That they see themselves as some sort of shit-posting freedom fighters would be very funny if it wasn't so tragic and pitiable.

Re:Great!

You're a Muppet!

Re: Great!

[lgw]

See, my perspective is that you absolutely should have the choice to use PayPal or Square or what have you, if you choose to. You ... absolutely think they should be shut down?

I have a different perspective. I think Twitter should go away -- that's a moral "should", as I think it encourages people to behave badly -- but I think the fundamental rights of people to make mistake takes is a higher imperative. As much as I will cheer at Twitter's natural death, I can't support some outside force taking away people choice to use it.

Thus, while Twitter should die, people should have freedom, including the freedom to cause de minimus harm to others, and that's a bigger "should".

Re:Great!

Twitter is useless for anything but propaganda and "i just ate X at Y" posts.
Spotify is wastefull, if you want to stream the same songs over and over while paying for it be my guest.
PayPal is criminal, theyd much rather just take your money than provide their service.

I have no idea why SoundCloud is so bad though, it doesnt cost money and most of the shit on there is made by normal people.

You're point being? That you condone shutting down by illegal means anything you don't happen to agree with?

There is a US presidential candidate who espouses that philosophy. It's a rather dangerous one to even think about. The rule of law is one of the few things that actually keeps a society mostly functional.

Re:Great!

[lgw]

Your just fighting the GPL vs BSD argument all over again. Might as well argue that Kirk using EMACS can beat up Picard using VI.

Re: Great!

[erapert]

...the problem is with those companies, whose offenses are well-known. They have engaged [in] evil, of their own volition, not because of their function, but choice.

Please explain what each of these companies have done wrong.

Re: Great!

Funny how life in prison wakes a mother fucker up. Hope they are caught and send a very long time as Bubba's bitch.

Re:Great!

Hopefully they never come back up! It would be great to live in a world with the above gone.

Right! Because we sure wouldn't want small businesses to be able to do business using a payment mechanism they choose to use, or people to conveniently communicate from their phones using a service they choose to use, or listen to music from a source they choose to use. Definitely, all such things should be destroyed. What the hell is wrong with you?

Not to mention, GitHub is currently down... talk about evil organizations, right? Nobody needs access to source code for anything.

I'd just like to thank whoever is behind this for killing my productivity today. Hopefully you're caught and sterilized as soon as possible.

Re:Great!

It's ok to destroy things we disagree with.

I'm with her.

Re: Great!

Oh, god! You realize hackers do DDOS for ransom, right? And you also realize that sometimes a competitor will pay to have their rival DOS'd.... right???

Nope. Blame 4chan and the entitled millennial. We took down PayPal because No Man's Sky sucked.

Re:Great!

>...Paying money every month for a couple of sine waves coming out of a cheap tinny Chinese speaker...

Some people, literally, must complain about anything & everything. These tiny issues must be solved or the 99.9% of their otherwise trouble-free day is blemished. Nevermind some people don't even have hot water, or a solid meal.

Re: Great!

[bigtomrodney]

Janeway used gedit, Sisko used Kate but Archer used Windows Notepad.

Re:Great!

Does your wrist hurt from all that handwaving?

Re: Great!

Thus, while Twitter should die, people should have freedom, including the freedom to cause de minimus harm to others, and that's a bigger "should".

...but only the freedom to do what you like

Re:Great!

[pr0fessor]

Which service DNS?

Re:Great!

[amicusNYCL]

Paying money every month for a couple of sine waves coming out of a cheap tinny Chinese speaker.

Real music aficionados such as myself attach a wire directly to the inner ear and use a homemade needle on the other end to manually read the grooves in the vinyl record which I'm turning myself. I would tell you who I'm listening to but you probably haven't heard of them.

Re:Great!

[Scarletdown]

Paying money every month for a couple of sine waves coming out of a cheap tinny Chinese speaker.

Paying money to paypal for the privilege of paying. Paypal fees are f**ing ridiculous

Buyers do not pay PayPal anything for the privilege of paying. The sellers pay a transaction fee to PayPal as their payment processor. For a standard account, it is 2.9% of the total amount plus 30 cents. And for a Micro Payments account, it is 5% plus 5 cents. The wash point is $12 (that is where the cost is pretty much the same no matter what type of account).

And PP's rate for a standard account is pretty much in line with other payment processors. It is just a cost of doing business, and those fees are simply written off on the business's taxes.

That said, with PP being down, I can make it mostly a light day for me on the 'bay and elsewhere. Because if my buyer's can't pay, they are not going to shop. So that means just a little prep work for the next batch of listings, and then giving myself an early weekend.

Re:Great!

There's nothing wrong with him, we did all those things before the internet just fine. You're frame of reference is limited by your age.

Re:Great!

I don't. If it burns, I piss on it to put out the fire. Am I not kind?

Re: Great!

[lgw]

...but only the freedom to do what you like

Yes, you have precisely captured the exact opposite of what I just said. Well put.

Re: Great!

Actually, yes it is. Progressives don't believe in choice. You accept what they believe, or they tar and feather you publicly.

Re: Great!

[Applehu+Akbar]

If your DNS provider can be burned down by script kiddies, you need a provider who knows something about security.

Re: Great!

[DutchUncle]

Nah, Sisko used TECO. And wrote his own macros.

Re: Great!

Oh, but we weren't engaging in discourse about the denial of service, you are only bringing it up several posts in, the actual conversation had previously revolved around these companies themselves, which again, due to your absolutist attitude, you were confusing their function, with their performance of their function.

Now, realizing that you are incapable of making a coherent argument in advancement of what you realize was a flawed position arising out of your confusion, you try to switch tactics, avoiding the issue of those companies and their individual character and go down another line of attack. Where again, your position is flawed due to your absolutist nature.

You are simply reacting as you are indoctrinated to do, rather than honestly seeking to improve your own understanding. That is why you overload your words with pointless emotional rhetoric. Such hyperbolic emphasis reflects upon yourself, not anyone else.

But, and this is important for you to realize, I actually do not have any idea who engaged in this action, nor what their goals or purposes were. They most likely do not share an agenda with me at all. The world is very complex, and a host of conflicting entities can collide of a paroxysm of action.

However, if you believe you simply must know, towards attaining the goals I have endorsed, I think this attempt was flawed, as such attempts have always been flawed, as they will achieve no lasting effect. It is a temporary action that does next to nothing to achieve a permanent solution. At most, you get some minor attention, though in this case, I cannot even see that arising. Therefore, were I consulted, for the purposes I support, I'd have told them to refrain as it was pointless and counterproductive. For their own purposes, as I do not know them, I obviously cannot speak to their achievements.

When it comes down to it, I am merely endorsing the recognition of certain malignant entities as warranting removal. To use a bit of figurative language, it is like if a cancerous limb got removed in some accidental incident. But unfortunately, the cancer has metastasized, rendering the value of such as a medical procedure minimal. Except in this case, it may well just be an axe-wielding maniac with no particular meaning.

This may be difficult for you to assimilate, but I suggest you endeavor to make the attempt if you wish to resolve your own confusion. It is a serious problem for you. You don't make such efforts since you prefer lazy thinking. It is less challenging.

Re:Great!

[christoofar]

Time to QoS our links to .RU, .CN origin routes.

Re: Great!

You really need to be less of an absolutist

See, my perspective is that you absolutely should have the choice to use PayPal or Square or what have you, if you choose to. You ... absolutely think they should be shut down? In what way am I over-reacting to someone who thinks that Twitter should go away? Why not simply offer a better choice, or at least ignore the thing they don't like? The world view that calls for the destruction of businesses that whiners resent or wish were different is a fundamental problem with our current culture. So yes, it's worth reacting, and pointing out the baseline trollishness of such perspectives. Because the little baby tyrants that live inside people who think like that are poisonous to everyone. "I don't like that thing! I hope it dies!"

No, I'm not confused. But I see that you're trying very hard to avoid the big picture.

Slashdot is full of pseudo-intellectuals who think they know better than anyone else. Those typically gravitate towards authoritarian solutions rather than free-market and democratic solutions to problems. So in his mind, you are confused, because you believe that people should be allowed to choose for themselves.

Re:Great!

"Because we sure wouldn't want small businesses to be able to do business using a payment mechanism they choose to us"

But Elon Musk has a spaceship!

When there's 20 competitors to replace these parasitic sites, why do you care? Sounds like you just want the big bank funded / venture capital sites to succeed, and not the poor mom and pop shops you desperately try to defend.

What the hell is wrong with you?

Re: Great!

[Zhe+Mappel]

"Because the little baby tyrants" *snip*

Brave words in defense of a social media platform that sees fit to disappear ideas and expression that it arbitrarily doesn't like.

You might give a little thought to the way Valley media platforms now shape public discourse along narrow lines and for what reasons; that is, if the Kool Aid is not too strong in you, young Jedi.

Re:Great!

[Curunir_wolf]

Hopefully they never come back up! It would be great to live in a world with the above gone. Hopefully the FANG companies are next to go.

You can hate on all those very popular sites all you want, but it's affecting my tiny websites too.

Re: Great!

[mjwx]

This is the nihilism that online anonymity and toxic 4chan culture has engendered. They're terrorists who are simply too lazy to leave their moms' basements.

Calling them "Terrorists" is giving them way too much credit. Terrorists typically believe strongly in something. These people are just losers who have too much time and a far to comfortable life*. They're just losers and idiots with an internet connection. They're not even proper nihilists, they're not contemplating the futility of their own existence... in fact they think the end of the world is running out of pop tarts.

* Please note, I don't think our society needs to be harder/more authoritarian... in fact I believe it needs to be less authoritarian... but we need to be able to call proper idiots, idiots whilst collectively ignoring the shrill cries of "SJW" and "PeeCee gone Mad" or whatever thought terminating cliche they like to defend their stupidity with. Every now and then, even I have to agree there is an arse missing a boot though.

Re: Great!

Oh no, PopeRatzo, you're wrong. Well, you are right that ScentCone is wasting his breath, but not for the reasons you believe. It's just simply wasteful for ScentCone to issue forth his ill-considered pronouncements when the problem is his misdirected confusion that arises from his absolutist attitude. Notice how ScentCone's initial post was raving over not being able to do certain things, rather than addressing the particular entities involved.

Not that this has anything to do with the events that are ongoing, it is merely a reflection upon ScentCone's continuing inability to communicate effectively with others. There is just a fundamental disconnect in any discussion, as ScentCone will be making interpretations that have little in the way of understanding, and thus any conversation will be impeded. If you haven't already noticed this when engaging with him, I suggest you learn it quickly. Otherwise you will likely be wasting your own time.

As for the ongoing events, who knows about them? Maybe it's an alien invasion. Better make friends with a vampire they are our only hope.

Re:Great!

[mjwx]

Paying money to paypal for the privilege of paying. Paypal fees are f**ing ridiculous

Ha, you should check out the bank fees.

Bank fees are quite reasonable and easily avoided.

I can only assume that you meant to say credit card fees. They're the killer for a business. Seriously, go and look at how many parties take fees out of a credit card transaction.

Besides this, PayPal's fees stack with bank fees and credit card fees.

When you introduce more parties into the mix, each of them has their hand out for a piece of the pie and no-one is willing to give up the tiniest fraction of their slice for the new guy.

Re: Great!

[BronsCon]

What's funny is... as bad as people thought 4chan was 6 years ago, it's so much worse now. At least there was some substance to some of what's posted there, at some point... Now? Not so much. The best of 4chan has moved on and the worst has multiplied itself. I still browse there on occasion, much for the same reason I still browse here: hope that the good will come return. Not that there was ever that much good on 4chan to begin with, but what there was was really good.

Re: Great!

[BronsCon]

And he doesn't even realize he was enjoying great freedom in doing so.

Re: Great!

[BronsCon]

I don't think he was defending Twitter so much as defending peoples' right to commit the grand error of using Twitter. He even, later, said as much; he believes Twitter should die, but a natural death, one borne of people realizing it sucks, rather than one borne of a few script kiddies attacking it and taking away the freedom of choice that others currently enjoy.

In other words, Twitter should die because we, as a society, exercised our freedom of choice to stop using it, not because a few assholes exerted force to take that choice away from us.

Re: Great!

[ScentCone]

Brave words in defense of a social media platform ...

I'm not defending Twitter, I'm defending YOUR right, and mine, to be free of script kiddies trashing things just because they can. And I was replying to a user here who was cheering on a DDoS attack and hoping it permanently destroyed something he doesn't like. I didn't see that user, or you, proposing or providing an alternative that unicorns its way past your standards.

So, you don't like SV's social media systems. What have you got designed that will work better? Be specific.

Re: Great!

[sakono]

What does a DDoS attack have to do with security? All a DDoS attack is, is flooding servers with millions of connections a second causing them to freeze up and crash. Security would be making sure no one is able to access information, which so far they haven't.

Re: Great!

[ScentCone]

Yes, he is quite the patronizing little wannabe tyrant. That's the main subtext in all of his posts.

Re: Great!

[sakono]

right someone is watching way to much V for Vendetta to be talking like this.

Re: Great!

[ScentCone]

Yeah, Dyn is just a bunch of clueless amateurs. If only they'd asked you how to mitigate a colossal DDoS flood. You'd tell them: security! Because ... the problem with a publicly exposed service that doesn't work if it's not publicly exposed, is that it doesn't have good enough security to keep the public traffic out. Gotcha.

Re:Great!

[BronsCon]

Oh, how I wish that was true. More hipsters would die trying to perform the body mod themselves because having a brain surgeon do it is too mainstream, and the world would be such a better place.

Re:Great!

[BronsCon]

He wasn't condoning anything, just answering the simple question that was asked: What did these companies do wrong?

Re:Great!

[BronsCon]

It's pretty simple, really. When the big players are so easy to take down, what hope is there for mom and pop?

Re: Great!

You sound like you washed out of whatever school Bond villains go to. Reconsider your life choices, or at the very least, tighten up your schtick.

Re:Great!

[sims+2]

With the exception that they aren't regulated like a bank so they can place an indefinite hold on the funds in your account for no reason and you have no recourse.

Re: Great!

[PopeRatzo]

Not that there was ever that much good on 4chan to begin with, but what there was was really good.

I agree, but I also see it as a social experiment that was doomed to failure because anarchic social interaction will always result in the very few who have never learned to play well with others believing they have the right - even the permission - to poison the public well.

There was never a mechanism to clap back at the shitlords, in other words.

Re:Great!

[cjjjer]

Twitter is useless for anything but propaganda and "i just ate X at Y" posts.

Must be your narrow mind looking at it.

I follow lots of local service based accounts from traffic, police, fire, transit, city, utilities, etc. and find them posting information about the current state of things. I maybe have 5 actual people I follow mind you.

Re: Great!

Ah, see, this would be a good example of behavior for ScentCome and others to follow, instead of a thoughtless screed, make an inquiry without all the excess hyperbole.

But let me start by saying, it should not be presumed that these acts are directed towards any particular end. The responsible parties are unknown, as is their purpose. It maybe they are inadvertent victims of another act, like a carload of pimps being run down by a drunk driver. This is more a case of schadenfreude.

Nonetheless, if you want to know the evils of PayPal, you need to look at their dealings. They have cut off customers for capricious reasons, seized funds, made discharges, and more. And even now, Amazon is being confronted by Apple over fraudulent products being sold. And Apple itself, well, I'm sure the Mac/PC support story has some posts. I'm sure any of these could be shown to have engaged in evil at some point, though it may be obscure and individual to the point where it is hard to imagine a singular passion to it.

So the targets as widespread as they are, you would have to be opposed to a more nebulous set of affairs, though that is not without precedent. There is a host of philosophy on that subject, from the Bible and before.

I am not, however, asserting that is the case, as the actors involved are as yet undetermined. This is merely a case of being able to say "this couldn't happen to a nicer group of people" as the sarcastic saying goes.

Re: Great!

[BronsCon]

Oh, for sure. There were never enough moderators and the few there were were too lax in their duties until the well of shit overflowed and, now, no amount of moderation can save it, I believe.

Re: Great!

Some of us prefer to read Alan Moore's work directly. Though I can't say that particular work is quite on point, however as regards the film, his position of having no involvement is commendable in itself. Notice the revised credits.

Re: Great!

Yudkowsky calls this phenomenon "evaporative cooling". In short, every community has more and less arduous members, and when shit gets real tough, less devoted members are more likely to quit. Thus the average dedication moves up, and the remnant of the group is generally more fanatical.

Re: Great!

[0123456]

If the 'Internet Of Things' wasn't such a swamp of security holes, no-one would need to care.

Re: Great!

And that is why we must burn progressives at the stake.

Like God intended.

Re: Great!

[Applehu+Akbar]

DDoS is not a magic death ray that cannot be countered:
http://www.darkreading.com/att...

Re: Great!

I'll bring the marshmallows!

Re: Great!

A lot, if insecure IOT devices are the means by which it is effectuated.

Re:Great!

[EvilAlphonso]

They are actually regulated as a bank in Luxembourg, and the results is that they may have to indefinitely hold the funds in your account without telling you exactly why (due to AML regulations).

Re: Great!

Why Mr. Anderson, why? Why do you persist?

Because I choose to.

Re: Great!

Thats cute that you think you have rights. Its also cute that you think there are solutions. What said anyone has to offer anything better? If you want to actually solve the problems, cure humanity of greed and avarice, and some other Sins. EVERYTHING else flows from that.

Re: Great!

MY God doesn't believe in fire.

Re:Great!

[nnet]

awww how cute, you relied on "the cloud", and its broken. that's YOUR fault, no one elses.

Re: Great!

[ScentCone]

We agree on the rights that we agree to protect. Then when someone decides they don't care about that agreement, we agree on what to do about that person if they act in violation of our agreement. If someone outside of our agreement decides they don't care how we operate as a society, and looks to destroy it (or parts of it) for the lulz or for territorial acquisition etc., then we agree on when and to what degree we do something about it.

You're "that's cute" bit of phony condescension shows you to be just another whiner who likes to pretend we can't decide on and enforce the protection of such things because your notion of what you're entitled to is at odds with everyone else's. Just to help your cause, you're complaining about other people's greed, to fake insulating yourself from anyone else's criticism that you're too lazy to get involved in the defense of the rights we recognize. So, just another anonymously craven, lazy whiner troll who thinks that calling other people cute gets them off the hook for their own intellectual cowardice. Carry on! Just remember you're not kidding anyone.

Re:Great!

[swalve]

Progressives desire progress. When you try to change things for the better, it doesn't always work out how you think it should. Modern progressives are generally quite freedom loving. They do draw the freedom line a little differently- powerful people shouldn't have the power to fuck people over.

Re:Great!

Definitely glad I don't have to depend on you.

Twitter Down

[Feneric]

It's hard to tweet that Twitter is down when Twitter is down.

Re:Twitter Down

[Big+Hairy+Ian]

But if Google+ went down would anybody notice :D

Re:Twitter Down

Services have been restored to normal as of 13:20 UTC.
Posted 2 minutes ago. Oct 21, 2016 - 13:36 UTC

Re:Twitter Down

#notabug #wontfix

Re: Twitter Down

Darn you Putin!

Re:Twitter Down

[ausekilis]

If a tree falls in the forest and lands on a mime, does anybody care?

Re:Twitter Down

[rickb928]

"But if Google+ went down would anybody notice :D"

Some, who value more enlightened discussions, or resent the FB data grabs, and the FB way of ignoring your preference to see what has happened in your sphere most recently and instead try to force feed you what THEY think is most relevant.

Relevance being defined by THEM, to THEIR purposes.

G+ isn't big. That's not even the best thing about it. You, however, I doubt have even actually used it beyond a single visit and thinking 'wow, there's no one here'. You were not missed.

Re:Twitter Down

If a tree falls in the forest and lands on a mime, does anybody care?

Hell yes I care. I would pay cash money for tickets to that show.

Re:Twitter Down

If a tree falls in the forest and lands on a mime, does anybody care?

If a man talks in the forest and there is no woman there to hear him, is he still wrong?

Re:Twitter Down

Mildly humorous comment, spoiled by juvenile shit-eating-grin emoticon.

The internet does not need a laugh track.

Kindly keep that shit in the Youtube comments, or on Facebook. This site is generally populated by adults and adults don't need stupid fucking images telling them they've just read a joke.

Thank you.

Re:Twitter Down

[iONiUM]

Well at least Slashdot is sti

Re:Twitter Down

Yeah. Time magazine's news on the subject quoted Reuters on the story with a quote to Reuter's Twitter feed. derp.

Re:Twitter Down

*link. derp

Re:Twitter Down

[whoever57]

If a tree falls in the forest and lands on a mime, does anybody care?

I am reasonably confident that the mime would care.

Re:Twitter Down

"Resent the FB data grabs."

So you go to GOOGLE+ to avoid data grabs?
Bwahahah.

Re:Twitter Down

[Darinbob]

I checked, it's still up.

XKCD is down...

[moosehooey]

The main page loads but the comic image itself doesn't work.

Re:XKCD is down...

[Big+Hairy+Ian]

Works for me https://xkcd.com/241/

Re:XKCD is down...

[Holi]

Seems to be affecting those on the Easet Coast US the most.

Re:XKCD is down...

Here's the mirror site for those who can't get to the main site.

The horror!

No doubt a spike in depression over Twitter being down.

Small dick russians

[Ryanrule]

Why they gotta take their small dick issues out on others? Won't fix their small dicks.

Re:Small dick russians

[Maritz]

Won't fix their small dicks.

No, but it distracts them for a while.

Re:Small dick russians

[kodabmx]

Actually Russians have bigger dicks than Americans. https://static.independent.co....

Re:Small dick russians

You misspelled "are" in that sentence. Just ask anyone who's shared a border with them.

Re:Small dick russians

[Ryanrule]

yes, america lets asians in. what of it?

Re:Small dick russians

[interkin3tic]

On the topic of Russians, I'm going to assume that this is Putin trying to help his employee Trump win. If Trump can't tweet, he can't keep reminding voters of all the reasons they want to vote against him. And the only way to keep Trump from tweeting is to take out Twitter.

It's mainly affecting the east coast, sure, but also Ohio which Trump needs to win.

Seems like a much more straightforward than using trolling to help him win.

Re:Small dick russians

[CanEHdian]

LOL, was going to fake a 'Hillary Clinton for President' campaign Press Release, with the exact same argument that it was Putin's state-sponsored hacking groups preventing Trump from tweeting, but you already beat me to it.

Re:Small dick russians

[WhiplashII]

You need to look deeper - it's not that Trump works for Putin; It's that Putin's organization is in competition with Clinton's organization. Putin does not want the competition, even in the US criminal market.

It's just business, it's not personal.

Re:Small dick russians

or it could just be the same dipsticks that went after krebs.

"The attack on DYN comes just hours after DYN researcher Doug Madory presented a talk on DDoS attacks in Dallas, Texas at a meeting of the North American Network Operators Group (NANOG). Madory’s talk — available here on Youtube.com — delved deeper into research that he and I teamed up on to produce the data behind the story DDoS Mitigation Firm Has History of Hijacks. Continue reading "
https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/

Nah that would be to simple, lets go with loony conspiracy theories instead.

Re:Small dick russians

[Curunir_wolf]

Wait - Hillary AND Trump are working for Putin??!! Wow.

Re:Small dick russians

[yuriklastalov]

Of course. The boogeyman's henchmen are legion.

Re: Small dick russians

[bestweasel]

More from that link:

That story (as well as one published earlier this week, Spreading the DDoS Disease and Selling the Cure) examined the sometimes blurry lines between certain DDoS mitigation firms and the cybercriminals apparently involved in launching some of the largest DDoS attacks the Internet has ever seen. Indeed, the record 620 Gbps DDoS against KrebsOnSecurity.com came just hours after I published the story on which Madory and I collaborated.

A botnet for hire can be rented by a variety of customers at different times, even nation states.

Re:Small dick russians

Word is that it's the Chinese. They just got the Philippines, a longtime US ally, to turn against America; a show of strength against the US now might help convince other Asian nations that China is the future and allying with her instead of the US makes sense.

Not everything has to do with Putin, Clinton, and Trump. The Chinese just sent you a reminder that your petty squabbles and shitshow of a "democracy" aren't as important as you think they are. Your allies are beginning to realize the same.

Dns

[fluffernutter]

These large sites couldn't host their own dns? Really?

Re:Dns

[omnichad]

The thing about DNS is that to get the best speed, you want the nodes distributed as far and wide as possible. And you don't want it on the same servers as your main service. So it's either a different department or a different company - guess which one is cheaper.

Re: Dns

[fluffernutter]

I can't see milliseconds making that big of a difference. Especially for a music streaming site where most of it is a long transfer. Oh well you get what you pay for it guess.

Re:Dns

[guruevi]

If it were truly distributed this wouldn't happen as DNS has inherent failovers. This is just an example of using "the cloud" box.net and other enterprise cloud software is also down. They're all using the same providers which is not as distributed as it promises.

Re:Dns

[unimind]

Yeah, I thought DynDns was for small-timers trying to avoid paying for static IPs to provide services. Paypal? Hopefully now they will consider paying someone who knows what they're doing to set up actual distributed DNS for themselves. They really should be able to afford it.

Re: Dns

What, you haven't heard about the browsers dick measuring contest to claim the fastest page load time? The one that prompted google to drop support for OCSP because of the extra call to the certificate revocation check server?

oh my....

Re:Dns

[Ash-Fox]

Yeah, I thought DynDns was for small-timers trying to avoid paying for static IPs to provide services

It is. That's why the big websites are using dyn.com as opposed to dyndns.org.

Re: Dns

[omnichad]

Try an ISP DNS server sometime. Before I remembered to change DNS after upgrading my router, I would get 2+ seconds of latency on every single page load before anything would happen at all. Even running my own DNS server and every query going straight to the root servers takes less time than that.

Re:Dns

[omnichad]

DDoS attacks are distributed too - it's in the name. And each bot will hit the closest server if the DNS system is using Anycast or similar.

Re:Dns

They could, but that would make them easier targets. With much of web hosting becoming distributed across CDNs and "the cloud," it's hard to take down a big company's website these days, it's not like the times when they had 1 or 2 web servers and a good Slashdotting would cripple them. DNS remains a single point of failure for a lot of companies though. If you self-host your DNS you're an easy target, because an attacker usually only has to overwhelm 2 or 3 servers to effectively wipe you out. Distributed DNS across multiple providers should fix this in theory - have Dyn as your primary and Route53 as your secondary, or whatever. It's alarming that they've managed to DDoS Dyn.

Re:Dns

[guruevi]

Yes, but the problem here is all these services are using a singular DNS service which is under attack.

A good decade and a half ago, when I was part of a hosting company, we had the DNS for our customers across 3 or 4 different providers. That way, if for whatever reason one provider went out of business, the domains would continue to operate.

The problem is this:
Github.com:
      Name Server: NS1.P16.DYNECT.NET
      Name Server: NS2.P16.DYNECT.NET
      Name Server: NS3.P16.DYNECT.NET
      Name Server: NS4.P16.DYNECT.NET

Twitter.com
      Name Server: NS1.P34.DYNECT.NET
      Name Server: NS2.P34.DYNECT.NET
      Name Server: NS3.P34.DYNECT.NET
      Name Server: NS4.P34.DYNECT.NET

Box.net
Name Server: ns3.p05.dynect.net
Name Server: ns1.p05.dynect.net
Name Server: ns2.p05.dynect.net
Name Server: ns4.p05.dynect.net

If for whatever reason DynDNS pulls the plug (which they have a history of for reasons of profit and incompetence), all these sites are down. It doesn't matter whether or not you're using Unicast or Anycast, if your provider 'dies' (or it's host providers like Amazon which also has a history of major outages) then your domain dies. And before you get all your glue records fixed, you're out at least 48-72 hours.

Re:Dns

[guruevi]

https://medium.com/@brianarmst...

Re: Dns

[phantomfive]

What dns do you us now? I am unhappy with mine, because sometimes it adds seconds of latency to each page load.

Re:Dns

[sexconker]

Why aren't they:

1) Running an internal DNS server for their internal shit.
2) Pointing that DNS server to a public DNS server.
3) Pointing the public DNS server point to the root DNS servers.

1 shouldn't be hit by a DDoS as it should be entirely limited to access within your network (or VPN).
2 can be as distributed as you need it to be.
If 3 goes down, no one will blame you.

If this is what they're doing then dyn is failing hard at step 2.

Re:Dns

[omnichad]

I don't disagree with any of that. A company that large should be using multiple.

Re: Dns

[RealGene]

Ironically, I use Dyn's (216.146.35.35), with Google (8.8.4.4) as secondary.

Re:Dns

[chispito]

Yes, but the problem here is all these services are using a singular DNS service which is under attack.

Well it doesn't take a genius to see that won't be the case much longer.

Re:Dns

[JesseMcDonald]

That's why the big websites are using dyn.com as opposed to dyndns.org.

They're the same thing. The dyndns.org domain has been obsolete for a while now, and redirects to dyn.com.

Re: Dns

[i.r.id10t]

Actually a good use of a raspberry pi for your home network at least. Mine does DHCP duty as well as DNS - caching for the World, spoofing a few domains for ads, and a non-real domain for my home network.
 

Re: Dns

[phantomfive]

That's a good idea.

Re:Dns

[Ash-Fox]

Renesys was acquired by Dyn, the dynamic dns services are a completely seperate system and infrastructure.

Re: Dns

[omnichad]

I actually just run BIND on a server on my LAN and that's still faster than my ISP. You can also always use Google's 8.8.8.8 and 8.8.4.4.

Internet faster than usual...

Interesting how a DNS failure that makes several big-name websites unaccessible seems to have resulted in my internet being faster than usual...no shit 3rd party links to slow it down?

Re:Internet faster than usual...

[omnichad]

Unresponsive DNS queries would make pages slower if they relied on them. It's just that your neighbors aren't using their favorite web sites, leaving you with some extra bandwidth.

Box.com is Down

[Dust038]

Seems like Box.com is down also

Re:Box.com is Down

[Dust038]

Box is Back Up.

Re:Box.com is Down

[slazzy]

Still down for me: http://justdownforme.com/www/box.com

Oh Noes

Russians!
Or Biden.

Gotta love the cached DNS

[Karl+Cocknozzle]

....I'm bumping along nicely on Spotify right now... Must have cached the DNS entries since I go there a lot.

"Sweeping Outage"???

[Goose+In+Orbit]

According to Dyn: "This attack is mainly impacting US East and is impacting Managed DNS customers in this region."

The PC in my flat (in the UK - on a free dyndns.org address) is alive and well and talking to the outside world.

As usual - someone has assuming that the US = the whole world - learn some fucking geography!

Re:"Sweeping Outage"???

[Ryanrule]

sorry you dont matter not sorry.

Re:"Sweeping Outage"???

According to Dyn: "This attack is mainly impacting US East and is impacting Managed DNS customers in this region."

The PC in my flat (in the UK - on a free dyndns.org address) is alive and well and talking to the outside world.

As usual - someone has assuming that the US = the whole world - learn some fucking geography!

Your backwater country is much smaller than the region we're talking about here.

Re:"Sweeping Outage"???

[DNS-and-BIND]

Congratulations for earning the "Eurotrash idiot of the thread" award. I didn't think a technical story like this could get the award, but you nailed it. Maybe you need to stop reading US websites. Read European technology websites, like, uh, I'm not really sure, but I'm sure they're there and a thousand times better than Slashdot.

Re:"Sweeping Outage"???

[kodabmx]

LOL says an anonymous douchebag in the world's most hated country... SMH.

Re:"Sweeping Outage"???

[Ryanrule]

russiaarabia?

Re:"Sweeping Outage"???

as usual, some fuckwit, I mean Brit, feels that they are more important than they actually are.

Re:"Sweeping Outage"???

Ireland here.
Have been experiencing sweeping DNS problems for the last 3 days. Eir(com), Ireland's main telecom developed DNS issues on Wednesday which rendered the internet unusable here for a lot of people.

Reddit Ireland Thread from Wednesday night, has some technical details. It was a widespread issue.

Could just be an unrelated technical issue, but if I was going to pull something with DNS, I'd test it out on a small fish like Ireland first before I went on to the US.

Re:"Sweeping Outage"???

I'm on the west coast and a fuck ton of sites aren't working for me.

Re:"Sweeping Outage"???

"Read European technology websites, like, uh, I'm not really sure..."
Spoken like a truly ignorant Yank.

http://www.theregister.co.uk

Since Page left, it hasn't been quite so rabidly Right-Wing, but Orlowsky is still around bearing the burden of Classical Liberalism. (Libertarianism, for you Merkins.)
The Editors there actually take their job seriously, and their Writers are first-rate, including the rare contributions of the ineffable Verity Stob. (Merkins may remember her, if they are capable of remembering anything, from Dr. Dobbs Journal.)

Re:"Sweeping Outage"???

[Ash-Fox]

The PC in my flat (in the UK - on a free dyndns.org address) is alive and well and talking to the outside world.

Dyndns.org is unrelated to dyn.com, so, I don't know what point you're rying to make.

Re:"Sweeping Outage"???

Also, if it's only effecting US East, who the fuck cares? That's, what, New York and DC? So a bunch of bankers and politicians can't access Twitter. Boo-fucking-hoo.

The tech industry in the US is on the best coast and the majority of people are on the west coast too. No one cares if a bunch of bankers and New York hipsters can't access Twitter. This is a complete non-story. None of the supposedly effected services appear to be down to me and no one I know seems to be aware of any outage either.

So whatever this "DDOS" was, it apparently wasn't very effective in the grand scheme of things. Although I guess if it is effecting DC, that would explain why DHS is involved: they've got nothing better to do, since they certainly aren't bothering to protect us from terrorist attacks.

Re:"Sweeping Outage"???

[Sandman1971]

I have a few buddies in France and Italy that are affected by this DDOS. So far in my part of Canada I don't seem to be affected *knock on wood*

Re:"Sweeping Outage"???

[JesseMcDonald]

Dyndns.org is unrelated to dyn.com

If they're unrelated, why does http://dyndns.org/ redirect to http://dyn.com/? DynDNS is just an obsolete brand name for the same service from the same company, which now refers to itself simply as Dyn.

Re:"Sweeping Outage"???

[pr0fessor]

I've never been there but I hear it's less than half the size of Texas and more than twice the number of people... it must be fairly crowded.

Re: "Sweeping Outage"???

In soviet America, internet reads you!

Re:"Sweeping Outage"???

Isn't Texas a fairly large state, with a low population relative to its size?

Re:"Sweeping Outage"???

[Ash-Fox]

If they're unrelated, why does http://dyndns.org/ redirect to http://dyn.com/?

Because Renesys was acquired by Dyn, do I really have to spell out everything?

Re:"Sweeping Outage"???

[Cederic]

Plus, of course, theinquirer.net

DynECT is a dinosaur

Working at a medium traffic startup, DynECT always insisted that their service was worth a lot[1] more money than AWS's Route 53 or Google's Cloud DNS because unlike AWS or Google they had never had a service outage and boasted 100% uptime since their company was founded.

Looks like we made the right choice going with Route 53 instead of these guys.

1. Seriously, they wanted 5,000 USD/mo when AWS charges 8 USD/mo for the same service.

Re:DynECT is a dinosaur

Oh, nice, so you DDOS-ed them only to feel you purchased the right service?

Starbucks is down too

[known_coward_69]

Tried to reload my card via the app and couldn't. had to pay for my drink with a credit card. The shame

Re:Starbucks is down too

[sinij]

Tried to reload my card via the app and couldn't. had to pay for my drink with a credit card. The shame

Did you drop your monocle into chardonnay^H^H^H^H Google Glass into your frappe because of that?

Re:Starbucks is down too

[kodabmx]

It's called cash. A neat low tech payment method that doesn't cost anything to use!

Re:Starbucks is down too

[ausekilis]

Oh the horror!
I had a similar experience. (it's safe for work, promise)

Re:Starbucks is down too

(it's safe for work, promise)

That pretty much guarantees that nobody will click on your link. :P

Re:Starbucks is down too

I did, and the result was *shudder* an unprecedented visual extravaganza of helic chromatic four-dimensional .JPGness.
Oh, and a clever quip typed against a stock photo.

Re:Starbucks is down too

[LunaticTippy]

That is a common misconception. Anyone who has to pay for people to handle cash knows that it is not free. It depends on particulars of the business, but in general cash is somewhere between the cost of debit card and credit card fees. You can learn about it from this article [pdf warning]

Re:Starbucks is down too

It's called cash. A neat low tech payment method that doesn't cost anything to use!

Cash, you say? Can you point me to where I can download that app?

Re:Starbucks is down too

That is a common misconception. Anyone who has to pay for people to handle cash knows that it is not free. It depends on particulars of the business, but in general cash is somewhere between the cost of debit card and credit card fees.

Ha! That's from a bank who makes profits of those cards. Over 1/3 of the cost of cash listed there was in bank fees from depositing the cash. Spend that cash instead of using checks and credit cards and that fee goes away. Honestly, did you really thank a bank would tell you the true store?

Re:Starbucks is down too

Only a problem if you're a big retailer, most businesses are perfectly capable of disposing of cash without banking it.

Next you'll be telling me you post a profit every year.

Re:Starbucks is down too

Fool, (((they))) always tell the truth!

Re:Starbucks is down too

[Cederic]

Are you a fucking imbecile?

You really think a corner shop, a bar, the local butcher is going to take their $2000 daily revenue and dispose of it?

Most of that goes straight into the bank. Shit, you don't want a week's earnings sat in the safe.

How is this a thing?

Maybe I'm mis-remembering my network theory classes (they were ever so long ago) but shouldn't DNS caching allow any computers that have accessed any of these websites in a relatively recent amount of time to continue to access them normally? If not perhaps it is something that needs to be baked into future DNS protocols, that when the DNS server is down they simply rely on the last IP they had for that site. DNS server DDoS attacks should be the most ineffective attack possible, its not like there is a lot of information there, 99% of the website addresses that are utilized by most people could probably fit in the hard drive space taken up by a single digital camera photo.

Re:How is this a thing?

[ZenShadow]

Sites have control of their own cache expiration/refresh times. Major sites also have a tendency to use DNS for geographic load balancing, which can screw with this (and is one of the main reasons sites continue to use Dyn).

Google DNS

You can use Google's free DNS services to work around this issue - and, you might want to use it full time. Google tends to be much snappier than most ISPs.

https://developers.google.com/speed/public-dns/

8.8.8.8 and 8.8.4.4

Re:Google DNS

Of course, this only works if you don't mind being tracked. Otherwise just set up BIND on a Raspberry Pi or something. :p

Re:Google DNS

[Ash-Fox]

You can use Google's free DNS services to work around this issue

Nope, it too was broken for certain domains like t.co which is hosted by dyn.

Disqus also down for about 15 minutes

[neo-mkrey]

But it is backup and functioning again.

Re:Disqus also down for about 15 minutes

Thank god they came back up. The right-wing conspiratards who live on disqus had already swarmed other outlets, claiming the DDoS was launched by John Kerry to suppress Wikileaks.

The eternal balance question...

[ErichTheRed]

I've been doing end user computing for quite a while, and we've gone through so many cycles of "where the client intelligence lives" or "where the virtual desktop is hosted" and everyone oscillates between two extremes. PCs to zero clients usually ends up being a mix of laptops and thin clients in the end. All VDI ends up being some VDI after some very expensive POCs in most cases. I guess the same debate of "host it yourself vs. rely on a cloud provider" is alive and well here. I see it every day where I work -- the management is all about cloud, and the staff are fine with some cloud, but going all the way over to total dependence on a third party is not great in my mind.

Something as fundamental as DNS should probably at least have some footprint in your "locus of control." I didn't say "in your office" but fundamental stuff that could completely kill everything else if you lost it shouldn't be given over to a third party that you don't directly control. In this case, Dyn had a DDoS attack, and on-premises DNS could too. But having a way to run both off and on premises makes good sense...if one entity is having a bad day, the other could at least keep things alive. However, all this old school DR stuff is lost in the world of the cloud and startups. It all comes down to how much in dollars or reputation the loss of a service costs the company...if you can quantify that and the number exceeds the cost of mitigation, businesses would be stupid not to put something in place to mitigate it.

Re:The eternal balance question...

[ZenShadow]

The dynamics of this issue have changed considerably.

Five years or so ago, going offline was a Big Deal. Nowadays, people (both users and CxO's) don't seem to care as much; outages are transient, and accepted as a part of the cost of doing business. It's kinda sad for those of us who build high availability systems, but at the same time it's probably a lot more realistic for the budgets of most businesses.

Part of it, IMO, is that the Internet has been around long enough now (in a commercial sense) that the users are finally more prone to saying "my Internet is down" than "my Twitter is down".

Perception is everything.

Twitter is working good here

[FudRucker]

i just been there a moment ago, works fine, pages load quickly and completely

Re:Twitter is working good here

[sombragris]

Twitter still does not resolve here.

DDOS will continue until we decide to stop them

Want to significantly reduce the number and magnitude of DDOS attacks? It's easy. Just make people legally responsible for their packets.

(1) The owner of a device attached to the Internet must make a reasonable effort to maintain it. Specifically, they must install security updates in a timely fashion. In addition, they must disconnect the device if they are unable to maintain it. No device or piece of software lasts forever. You don't get to keep using a PC with Windows XP, or a 10 year old router with dozens of known security holes -- you need to throw them away. Failure to do so will make the owner liable for damages if their device is used in a DDOS attack.

(2) Network operators shall be required to ensure that packets originating on their network have a valid source address (e.g. use filters at all ingress points). Failure to do so will make them liable for damages related to the DDOS attack.

(3) Network operators shall be required to provide rapid technical assistance to trace DDOS traffic that is passing through their network, so that it can be traced back to it's source. Failure to do so will make them liable for damages related to the DDOS attack.

Re:DDOS will continue until we decide to stop them

[ZenShadow]

(1) The owner of a device attached to the Internet must make a reasonable effort to maintain it. Specifically, they must install security updates in a timely fashion. In addition, they must disconnect the device if they are unable to maintain it. No device or piece of software lasts forever. You don't get to keep using a PC with Windows XP, or a 10 year old router with dozens of known security holes -- you need to throw them away. Failure to do so will make the owner liable for damages if their device is used in a DDOS attack.

Useless. New devices are at nearly as much risk as old devices; that it's new should not in any way make you feel secure. You'll also be fighting legitimate businesses with legitimate use cases for, say, Windows '95. Specifically, that their legacy software and drivers have never been upgraded by the people who wrote them, and don't work on newer versions of Windows.

(2) Network operators shall be required to ensure that packets originating on their network have a valid source address (e.g. use filters at all ingress points). Failure to do so will make them liable for damages related to the DDOS attack.

(3) Network operators shall be required to provide rapid technical assistance to trace DDOS traffic that is passing through their network, so that it can be traced back to it's source. Failure to do so will make them liable for damages related to the DDOS attack.

Also useless. The modern day DDoS isn't necessarily about flooding a site with spoofed packets from a small number of high-bandwidth machines. It's about sending a tiny number of legit packets from an enormous number of compromised hosts. No outbound packet filter is going to be able to discern the good from the bad (and since the host is already compromised in the first place, there's no help there either).

There are exceptions, of course; for example, many IoT devices should be nuked from orbit, as they have no legitimate reason to EVER talk to most web sites.

I do agree that people should be held accountable for having insecure crap on the Internet and allowing it to participate in attacks. Detection and enforcement, however, is much more difficult than one would think.

Re:DDOS will continue until we decide to stop them

New devices are at nearly as much risk as old devices; that it's new should not in any way make you feel secure.

I never said new devices were safe. My point is that all devices/software have a lifespan, beyond which it is unreasonable to expect the vendor to continue supplying security updates. Devices without security support shouldn't be attached (directly or indirectly) to the public Internet. Devices with known security issues (which typically means older devices, since it takes time to discover said issues), should definitely not be connected.

You'll also be fighting legitimate businesses with legitimate use cases for, say, Windows '95. Specifically, that their legacy software and drivers have never been upgraded by the people who wrote them, and don't work on newer versions of Windows.

What happens on private networks between consenting devices isn't my concern. However, "business need" is no excuse for putting an insecure device on the public Internet and allowing it to harm others.

The modern day DDoS isn't necessarily about flooding a site with spoofed packets from a small number of high-bandwidth machines. It's about sending a tiny number of legit packets from an enormous number of compromised hosts. No outbound packet filter is going to be able to discern the good from the bad

Source address filters are part of the solution, but aren't intended to be the entire solution. The main point is to accurately identify the source of DDOS traffic so the device owners can be held accountable for the harm their devices are causing.

I do agree that people should be held accountable for having insecure crap on the Internet and allowing it to participate in attacks. Detection and enforcement, however, is much more difficult than one would think.

I think a few high profiles cases of both businesses and individuals being sued for damages will go a long way towards solving the problem. Right now the people in the best position to fix the problem (people who connect insecure shit to the public Internet) have no incentive to do so. They need to be given that incentive. The carrot doesn't seem to be working, so it's time for the stick.

That explains this morning

[whitroth]

Forget the sites the articles mention. I was having very serious troubles getting to the Guardian's site, pictures not loading, and worse, I couldn't even log onto my hosting provider.

Now, I'm on Verizon FIOS, and my system (Linux, a real o/s) couldn't even ping hostmonster.com, it couldn't find the name, until I manual added nameserver 8.8.8.8 (one of google's) to my resolv.conf. Then it started working.

That tells me that it was overloading nameservers in a *LOT* of places.

          mark

Re:That explains this morning

[whitroth]

Also, I'm wondering how much of this is political - I cannot reach Paul Krugman's blog in the NYT.

        mark

Re:That explains this morning

I don't know who Paul Krugman is, but I can promise you nobody initiated a global impact DDoS to keep his opinions from being heard. The right-wing conspiracy sites are already awash in theories that this is a conspiracy to take down WikiLeaks, despite that site remaining 100% online (they don't use Dyn for DNS).

Occam's razor tells us this is probably some group of teenage dorks upset about a video game.

Holiday Soon!

Bank holiday, here we come!

Maybe it's because US "promised" a message to Russ

[sperxios10]

From this: http://www.wnd.com/2016/10/rus...

Joe Biden told NBC a “message” would be sent to Russian President Vladimir Putin over the alleged hacking, with the channel saying the CIA was preparing a retaliatory cyber attack “designed to harass and ’embarrass’ the Kremlin leadership.”

Kremlin spokesman Dmitry Peskov immediately denounced Biden’s remarks, saying Moscow would take precautions to safeguard its interests in the face of the increasing “unpredictability and aggressiveness of the United States”.

Good

[frovingslosh]

Sounds good to me. I'll gladly live without Spotify if it means PayPal is down too. You might want to add Slashdot to that list too, I've had a lot of timeouts in just the last few minutes on Slashdot, but other sites I check seem to be fine.

Re:Good

[SmokeyRobot]

From what I saw, the issue was with the ad servers not necessarily Slashdot.

One reason we need distributed and decentralized

My company takes BitCoins and users whom had BitCoins wouldn't have been impacted by this outage. Now we aren't completely decentralized nor distributed, but it's one example of where we are. Now we've seen numerous times with attacks on piracy sites that adding an onion to your site also makes you more resistant to attack/downtime. We need BitCoin, BitTorrent, and similar, not less. BitCoin might not be perfect or even anonymous, but it has its value and is one step closer to where we want to be. z.cash and zero coin should solve some of the anonymity and privacy issues with BitCoin unlike psudo-anonymous solutions we've seen before.

Dyn is still down.

[adameros]

We are a Dyn customer and our names are still failing to resolve.

Re:One reason we need distributed and decentralize

[Ash-Fox]

My company takes BitCoins and users whom had BitCoins wouldn't have been impacted by this outage.

My company uses GBP and wouldn't have been impacted by this outage either.

Now we aren't completely decentralized nor distributed, but it's one example of where we are.

Same as my company.

Now we've seen numerous times with attacks on piracy sites that adding an onion to your site also makes you more resistant to attack/downtime.

Indeed, but so it spinning up resilient servers across multiple cloud infrastructures and using CDNs used to protect against a variety of attacks.

We need BitCoin, BitTorrent, and similar, not less.

I think we need more diverisfied infrastructure in the cloud, not BitCoin, BitTorrent, and similar. These technologies are significantly wasteful in processing, bandwidth and most importantly, time.

but it has its value and is one step closer to where we want to be. z.cash and zero coin should solve some of the anonymity and privacy issues with BitCoin unlike psudo-anonymous solutions we've seen before.

But I don't want unapproved majority people managing the network and dictating how payments work and being capable of deanonymizing - we're better off assuming we're not anonymous on any system, it's a false sense of security. The people that build this decenteralized system and those that buy into it completely ignore the prospect of systems out that that can deliver mass internet worms as we've seen in previous years.

OH SHIT SON

>Editor's note: the story is being updated as we learn more. We have moved this story up on the front page.

Progress! Better than 4 stories about the same thing each with 6 comments.

Re:OH SHIT SON

better than
- climate change
- new google feature
- new facebook feature
- something totally not related to technology

Slashdotting ...

is so old.

IoT is great though guys

[SmokeyRobot]

It's not like we accidentally gave botnet creators millions of more devices to use as processing power for DDoS. Right?

Hosts = best speed & safety vs. remote DNS

For users in hardcoded favs @ TOP of hosts via APK Hosts File Engine 9.0++ SR-4 32/64-bit https://www.google.com/search?...

Ads rob speed, security (malvertising) & privacy (tracking).

Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively.

Works vs. caps & PUSH ads.

Avg. page = big as Doom http://www.theregister.co.uk/2... & ads = 40% of it.

Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity.

Compliments firewalls (blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load).

Gets data via 10 security sites.

APK

P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "seen the code & it's safe" http://forum.hosts-file.net/vi... )

Re:Hosts = best speed & safety vs. remote DNS

For once you are both on topic and are providing useful services. However since my DNS was down, I couldn't get to the links you posted, can you give me the IP addresses for those mate?

Inb4 US blames Russia

Prep the propaganda machines! Must get them running before Trump wins the presidency!

Re:Inb4 US blames Russia

[Ryanrule]

Who do you think would do it? The Chinese aren't as stupid as the Russians.

Caching DNS.

Did you ever cache the entire internet file, and how often is that file updated?

Re:Maybe it's because US "promised" a message to R

“The 1980s are now calling to ask for their foreign policy back because the Cold War’s been over for 20 years.”

–President Obama, during the third presidential debate, Oct. 22, 2012

We used to keep local DNS

[WillAffleckUW]

When we created the Internet (ARPA) we had local DNS files, and would only download fresh copies of other DNS when we needed them, or on a periodic basis.

Maybe we should go back to that, and cut off entire countries when they DNS attack us?

Re:We used to keep local DNS

[guruevi]

Proper practice is to have multiple DNS providers. All of the sites that are currently 'down' have failed best practice we had 20 years ago. The great "cloud" has finally come down to this: https://xkcd.com/908/

Re:Maybe it's because US "promised" a message to R

[phantomfive]

That does seem like something the US would do: try to take retaliatory international action, end up shooting itself in the foot. We've never been particularly good at international relations.

star trek online having issues

star trek online having issues lagggy real bad whine its not like that ever this bad

speedtest net

I currently cannot access speedtest.net, among many other sites. First thought my router is messing thigs up, rebooted it but did not help.

WAR!

This is an act of WAR! Russia is behind this! And China too, and surely more of those treacherous BRICS countries!!!

It will not go unpunished!!!

An ode to WAR!!! Under President Clinton we will CRUSH those upstarts BRICS countries, conquer them and take their ill-managed resources for OUR benefit!

We cannot fail with the leadership of Our Great President Hillary Clinton! Huzzah! WAR! WAR! WAR!

Twitter is down? Trump must be furious.

[surfcow]

RIGGED!

FWIW, twitter is working for me

[No+Longer+an+AC]

Not that I care much. I have 2 twitter accounts, one for my cat and one so I can keep up with the latest inane things that Jeremy Clarkson, Neil DeGrasse Tyson and John McAffee say and McAffee is kind of annoying so I'm thinking of unfollowing him

I'm sure the NYTimes will be up by the time I want to click on a link to them if they're not up already.

Reddit seems to be working as does Fark, YouTube and Netflix. I know those last three weren't mentioned but I frequent those sites.

Disqus is down if anyone but trolls care.

LOL, I just put in nytimes.com and got an attempted browser hijack. I got about 5 pop-ups trying to scare me. I managed to close them too fast to read exactly what they said.

Re:FWIW, twitter is working for me

[No+Longer+an+AC]

I meant to add something to the effect that the internet is far from dead.

Re:FWIW, twitter is working for me

"Not that I care much..."

You cared enough to mention it to everyone. Just sayin'.

Beanstalkapp.com

[sgrover]

Beanstalkapp is down for us here (prairie region of Canada). Beanstalkapp is a git repository similar to GitHub and Bitbucket, kinda important when you are a development shop. Twitter is down too. Current time is 1:30pm MDT.

Is isitdownrightnow down right now?

[johnslater]

Also down apparently is isitdownrightnow.com. Well played, sir.

gist.github.com / pdfkit.org are down

[michaelcole]

gist.github.com has browser DNS issue. pdfkit.org has a cloudflare dns issue. I'm in Austin TX on Time Warner Cable.

gist.github.com’s server DNS address could not be found.
DNS_PROBE_FINISHED_NXDOMAIN

and pdfkit.org

Error 1001 Ray ID: 2f571286803458cd 2016-10-21 19:21:26 UTC
DNS resolution error

Re:Twitter is down? Trump must be furious.

No doubt this is step one of Crooked Hillary's nefarious plan to assume power, aided and abetted by the Obama regime, who are no doubt behind this, aided by George Soros, climate-scientists, transsexuals, and other assorted leftists ...

With what Veritas | Podesta released...

...in the last few days, impeding the flow of information on a huge scale prior to the election shouldn't surprise anyone! Note that only US is affected. And look at who is affected: social media sites primarily. I don't see government or brick & mortar sites in that URL list.

"Hellary" must my protected - at all costs: productivity and the dissemination of information & truth be damned.

Addresses matter, not hostnames

[nuckfuts]

The problem is this:
Github.com:
Name Server: NS1.P16.DYNECT.NET
Name Server: NS2.P16.DYNECT.NET
Name Server: NS3.P16.DYNECT.NET
Name Server: NS4.P16.DYNECT.NET
...

There's nothing wrong with having all your DNS servers under the same subdomain. What matters is what IP addresses those names resolve to. I've seen primary and secondary DNS servers that aren't even on different IPV4 subnets, never mind geographically distant ones.

Re:Addresses matter, not hostnames

[DaHat]

There is when say... the DNS server which handles authoritative lookups of DYNECT.NET and related sub domains is overwhelmed or down.

Re:Addresses matter, not hostnames

[xtsigs]

In a sense, that is true unless there is an attack, for example, on DynDNS which target, well, dynect.net domains in which case you're screwed.

Re:Twitter is down? Trump must be furious.

The Guardian is down, too, though -- and that really is a bête noir of the 4chan crowd!

CAPTCHA: revenge (ISYN)

Are they blaming Russia yet?

because if Russia _could_ do it, then they will jump at the chance to accuse them, knowing it's complete bullshit as usual.

livestream also down

major economics conference live streaming via livestream.com also knocked out.

We are hit

Fri Oct 21 16:04:09 EDT 2016

- We are an enterprise user of Dyn's DNS, including their failover Traffic Manager

What's down

- All DNS lookups, effectively our A records and as such Mail, DNS, VPN, WWW

What's working:

Dynect is working but their NS are not.

Kenshoo Affected, therefor AdWords are useless.EOM

EOM

Investigating IF this is a criminal act??

[darkonc]

At the very least it's criminal mischief -- denying someone the legal use of their property. You can add all sorts of cyber crimes to the pool as well -- like using zombie servers means accessing (hundreds of) thousands of people's computers without authorization or permission.

The next thing to look at is whether or not this is just a dress rehearsal for a real attack. My guess is that this is just a test... They want to know what it takes to shut down a chunk of the internet. Next time will be the real act of 'terrorism'.

dns resolution loop

dns resolution loop

Hope you kept your modem

And your POTS/ISDN, plus have a working copy of uucp.

Re:Twitter is down? Trump must be furious.

[xtsigs]

It is actually the Russians attempting to protect The Donald from himself.

Use OpenDNS

[NotARealUser]

Most of your internet problems can be solved today with OpenDNS. https://use.opendns.com/

I can access Github, Twitter, etc. right now after I updated my dns settings. It is literally a one minute fix.

Re:Use OpenDNS

[sl3xd]

So you want to replace one single point of failure with a different one?

Re:Use OpenDNS

[NotARealUser]

So you want to replace one single point of failure with a different one?

It was a suggestion for this the duration of this incident and is not a comment intended to fix any other issues beyond the immediate need. Read the word "today" in the post.

DDoS

Thanks god dailystreamz.com is still working, I will watch movies online all this weekend :D

Re:Maybe it's because US "promised" a message to R

Oooh, Putie, we're gonna EMBARRASS you guys so hard! Ya'll gonna be so red in the face!

Boys, war has changed.

Re:Maybe it's because US "promised" a message to R

Or it was intentional.
More manufacturing of consent for conflict with russia.

Make someone care, IoT device owners don't!

[Mal-2]

Time to demand recalls of all affected devices as the hazards that they are. Those who wish to keep them become responsible for what they do -- if your IoT "cloud" shits all over the network again, you get switched off.

If the end users don't care (and may not be able to care if they can't patch the devices), then it has to go a step up the food chain. If the manufacturers won't comply, pull their FCC certifications.

Re:One reason we need distributed and decentralize

It is best to assume your not anonymous, particularly given a certain set of circumstances, but that is not a good reason not to aim for anonymity. I utilize radios to communicate with other people in the town where I live. It's completely decentralized. It's not encrypted. It's not going to solve the anonymity problem and we're certainly all on the governments radar already even if they're only selectively persecuting people (government doesn't like people who promote concepts like independence, civil disobedience, the concept of non-violence, etc, so instead the do things like spread rumours and twist words to make people look like paedophiles, and then conduct raids on the people *who attacked the FBI for distributing child porn*, mind you this is a person whom has his own radio show aired across 170 stations and online during prime time hours). None of this though means we shouldn't shoot for anonymous non-back-doored computers or give up our GPG keys or do any of the other things that may interfere with the ability of the NSA to conduct mass spying on the american people or for that matter selective spying.

The way z.cash works it isn't psudo-anonymous like dash. It's why it's actually pretty exciting. Check out the math behind it. Even if you were to compromise an individual system it won't reveal other people's transactions.

What makes BitCoin exciting is not its anonymity, but it's removal of centralized control. When you can transfer thousands of dollars to someone without having to ask permission that's revolutionary. I can pay my employees without having to deal with the banks whom are tightly controlled by the government.

Hosts = best speed & safety vs. remote DNS

For users in hardcoded favs @ TOP of hosts via APK Hosts File Engine 9.0++ SR-4 32/64-bit https://www.google.com/search?...

Ads rob speed, security (malvertising) & privacy (tracking).

Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively.

Works vs. caps & PUSH ads.

Avg. page = big as Doom http://www.theregister.co.uk/2... & ads = 40% of it.

Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity.

Compliments firewalls (blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load).

Gets data via 10 security sites.

APK

P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "it's safe" http://forum.hosts-file.net/vi... )APK Hosts File Engine 9.0++ SR-4 32/64-bit/b

Re:One reason we need distributed and decentralize

[Ash-Fox]

but that is not a good reason not to aim for anonymity

You missundertsand me. It's not good to advertise something for anonymity because it leads to a false sense of security which is a bigger issue than anonymity. When people assume they're not anonymouse, they are more cautious and use better obfuscation.

Even if you were to compromise an individual system it won't reveal other people's transactions.

But compromising the vast majority would. If you can watch the vast majority of end points (because you got a worm similar to msblaster's potency out, you've now got massive control over everything which is what I was pointing out).

When you can transfer thousands of dollars to someone without having to ask permission that's revolutionary.

I can do that already.

I can pay my employees without having to deal with the banks whom are tightly controlled by the government.

To be honest, I never really had to 'deal' with the banks, they just 'worked' and I never had to worry too much about the particulars of managing incoming and outgoing because I just set the limits with the bank and 2nd factor authentication, checks etc. that I wanted. I have most of my HR handed off to an external HR company, including managing people's pay and taxes because I have other things to worry about during business.

I don't have that problem due to hosts

See subject: My 50 favorite sites hardcoded @ top of hosts cached in local system RAM beats DNS issues galore https://news.slashdot.org/comm... (enumerated 12++ categories w/ 100's of examples from reputable sources) running in kernelmode speed too.

This is YET another fail for DNS in this article's topic AS DNS HAS FAILED YOU!

Of course, to where I spend the MOST time online (favorite sites)? I go faster resolving them vs. remote DNS (for less power + resource usage & less complexity room for exploit/breakdown/fails as this article's another 'example thereof' of, lol).

The GOOGLE link I posted points to it as result #1 & by now, it all should be sorted/fixed!

APK

P.S.=> I 9/10 times post on hosts where they apply & it's Occam's Razor illustrated as simplest solution (that works doing more for less in hosts' case) - usually the best answer!

Hosts are, for more speed, security, reliability for far less & more anonymity on those grounds alone... apk

Re:I don't have that problem due to hosts

Yes I get that DNS has failed me, it continues to fail me since I cannot download your hosts file program, since my DNS no longer works.

You got an IP address of where I can download it?

Here 'tis (your DNS's STILL out? WoW)

http://107.22.171.143/?s=Download/

* FYI - 107.22.171.143 = Malwarebytes' hpHosts (it's on that page in the linked url above, as they directly host it)

APK

P.S.=> There you go - enjoy... apk