Slashdot Mirror

← Back to Stories (view on slashdot.org)

DDoS Attacks Will Now Be 'Something You Only Read About In The History Books', Says Cloudflare CEO (vice.com)

Posted by msmash on from the big-promises dept.

Louise Matsakis, writing for Motherboard: Cloudflare, a major internet security firm, is on a mission to render distributed denial-of-service (DDoS) attacks useless. The company announced Monday that every customer -- including those who only use its free services -- will receive a new feature called Unmetered Mitigation, which protects against every DDoS attack, regardless of its size. Cloudflare believes the move is set to level the internet security playing field: Now every website will be able to fight back against DDoS attacks for free. "The standard practice in the industry for some time has been to charge more if you come under attack," Matthew Prince, the CEO of Cloudflare, told me on a phone call last week. Firms often "fire you as a customer if you're not sort of paying enough and you get a large attack," he explained. "That's kind of gross."

4 of 100 comments (clear)

  1. Hubris by DaMattster · · Score: 4, Insightful

    That's just Hubris and I am going to store this little nugget for when Cloudflare does get DDoS'd. Then I will laugh.

    1. Re:Hubris by Obfuscant · · Score: 3, Insightful

      The only way this works (financially) is if they can publicize well enough, "DDOS against Cloudflare won't work, they have too much bandwidth," and people stop trying.

      No, that's not enough. They either also have to become the host to every website on the planet, or convince everyone who would attempt a DDoS that they are and thus shouldn't bother trying.

      That's what ""something you only read about in the history books" means. It never happens.

      Of course, to be financially beneficial to Cloudflare, all it takes is this, from TFA: "Cloudflare has even protected the websites of DDoS perpetrators, while selling services to mitigate them." Yes, when you sell mitigation services against attacks from people you also sell network services to, it is a win-win for you. Not so much for anyone else.

      What's scary is that this guy keeps talking about "Now every website will be able to fight back against DDoS attacks for free." Fighting back is not the same as mitigating damage from.

  2. History by Anonymous Coward · · Score: 2, Insightful

    I guess we'll read about the concept of a decentralized world wide web in history books too then.

  3. A few possible problems: by Rick+Schumann · · Score: 5, Insightful

    1. They just threw down the 'digital gauntlet' at the feet of every hacker/hacker collective/black hat/white hat/whoever; they've more or less declared Open Season on themselves.
    1A. They might know damned well they're doing this -- and want their own systems and methods tested in live-fire scenarios.
    2. On the surface (allowing for some assumptions, for the sake of argument) this sounds great; but the 'hey, wait a minute..' moment soon comes, and you realize that they're setting themselves up as the Gatekeepers for the Internet; the digital Heimdall standing guard at the Rainbow Bridge to the Internet. That's a lot of power for one company to have, and with that power comes a lot of responsibility -- and potential for abuse.
    3. DDoS attacks are just one form of digital treachery that is committed on the Internet; what about everything else?