"Well, then there are those kids that start with modding and actually get a degree and come to work for us, to find the snot-nosed little...I mean growing modders who are becoming a problem. Clearly, the ones who are becoming fighters against the problem have no sway in the statistics that most are the problem."
Ah ha ha ha. Surely the bible was written to inform. Human language Is so spectacularly imprecise that the debates rage on. Define you terms, use a formal grammar; profit.
...and the language behind the bible's language is still being debugged and modified to this day. Did you mean to have 'profit' in the same post as bible, or 'prophet'? Ehe.
Even a session wouldn't help. Many communications over the net are machine to machine. Also there's the whole solve the CAPTCHA by mechanical Turk (paid for with copied porn).
I wouldn't be surprised if within a year of setting up such a scheme, CAPTCHAs for certain websites would develop a very high failure rate.
How would a search engine spider the web?
I get it. It's beyond my scope of presentable knowledge.
Just one thing still bothers me - there has to be something that malware written to act as a DDoS attacker is lacking in its TCP transactions... Something. I give up in discussing it publicly, but there has to be something.
Sorry, I didn't say that the CAPTCHA would cover a session, not an individual request. But, that would mean the whole concept of IP blocking after failure and all of the fallout would have to be tolerated or simplified. We know that's not going to happen.:(
What's interesting is the seemingly unlikely locations where projects are actually in place or being planned. So much for the argument that profitable wind locations would be rare or hard to reach.
They just want to kill a bunch of birds to reduce the chances of bird-strike drone-delivery failures.
There are a LOT of turbines where I come from - Orkney 59N. Not only is it windy here but we have a lot of birds too.
There are not mountains of dead birds under them. There are not people complaining about them either. The big ones belong to the electricity company and the smaller (4-8m blades) to individual farms. They can't be bad for farm animals either.
Orkney may be small (pop about 20,000) but it is self sufficient in electricity. If Tesla opened a shop there, we could cut down on another fossil fuel too.
Interesting!
Could you be cut from the HT power grid and have power 24/7/365?
Who cares why they do it? Companies do things for profit. (Which is not a bad word and not a bad thing.)
They're doing it now because it's economical. And that's a good thing. We want this trend to continue.
Even though the amount of energy used to create these solutions is taking energy from other sources that can't be replaced? The only viable option other than the evil nuclear energy one is solar. However, solar will alter the weather and climate on the planet after a certain threshold is reached. I'm not completely aware of the sources of ALL of the metals needed for panel manufacturing, but I do know that there is only so much metal for conductivity to destinations, and energy needed for the manufacturing of them (and transportation to dest.).
Law of Conservation of Energy. You can't have what you want unless you diminish or damage something else. Period.
Actually, I suspect they do. I know a lot of higly placed people that actually do care about it. If thy didn't, for the immense drain on profitability as claimed by some - they'd never be allowed to go this route.
I'm not arguing, but that is a typical rationalization by people in that position. If they aren't making the decision and getting involved with the risk of moving forward with it, they can have any opinion and share it any way they want to others for the purpose of self image. See: politician.
What's happened is that Amazon has come to realize that there is little point in continually pay someone for power when you can just get your own. This is simply a cost cutting measure to grow their AWS profit margin and ensure they can compete with competitive pricing. It's also good PR which they can use as ammunition for marketing. Amazon execs don't give a fuck about the environment, it's all about the money.
You're a smart cookie. Anyone who thinks otherwise (in terms of motive) is almost completely unaware of how business executives think. People assume that they think the same way Joe across the street does about global warming, and the same way that Bob next door does about them being a great incentive-pusher for everyone to get on-board with.
What the eff ever. If it doesn't benefit them directly, they don't effing do it. It's not that hard of an equation, and it applies everywhere to ANYONE who is IN THE POSITION of a decision maker at a business. Equation: If it doesn't reduce expense OR increase tax breaks OR increase income, don't do it. The business person's income is based on 'how well the business is doing'. Gee, I wonder what the business person is focused on... Hmm.. That's a real stumper there. Ugh.
So... are you guys for free markets or not.. it's so hard to tell because your position changes with the direction of the breeze.
That's the problem, psychologically. It's about "ME" and "NOW". It's about people getting what they want, but choosing when to care or not care about their effect, given what they get now as a benefit.
Not to be offtopic, but I have a family member that believes that recycling is the only way to go. I said, "[name], you understand that recycling recycles recyclable materials, but requires a lot of energy to be used in the process, right?"
Ok, so I answer with, "Right. So if you believe we're contributing to global warming AND long-term destruction of the happy environment around us, you recycle. You're contributing to, your belief of the cause of global warming, for the energy used in the process."
She says, "Well, it's better to do something rather than nothing."
I stared blankly until she stomped a foot and screamed, "WHAT?"
Sorry, but if you want to blame somebody for what our society "is coming to", then you better first look in the mirror, and then turn around and look behind you: You'll see fat cats like Drumpf standing there.
I thought it was just going to end with "fat cats". They contribute, too. Literally.
The data center uses power from whatever generation facility is closest to it. Off-site renewable source serve to offset that power usage.
Electricity is a commodity - there's no difference to the end user what source generated the exact electricity they're using at any given moment. It's about offsetting usage.
Same thing happens to a different extent to homes with solar panels on their rooftops. At least in states that allow for net metering, homes have oversized installations, which generate far more power at peak than the house will actually use. That power is pumped back out into the grid and goes to the nearest neighbors, with the solar owner getting credit for that power, allowing their daytime production to be used to offset their evening usage.
So, Amazon when creates a wind farm in Texas - even if that power isn't used directly by their facilities, it does still have the same exact effect on reducing CO2 generation, by effectively offsetting their CO2 production by supplying clean energy elsewhere.
Question (you're smart and I'm not talking down to you; really looking for your wisdom, literally): what happens if we maximize solar and wind for power conversion? Note, I didn't say generation; I said conversion. A field with wind turbines cuts down on the kinetic energy outflow from the area; in solar conversion, the excitation of electrons reduces the emitted heat to the atmosphere from the Sun's contact with the ground (ground being surface things, not literally all ground; mountains, trees, etc). It also emits a lot of IR radiation due to the heating of the material in the panel, which is what happens every day and night - incoming radiation, (reflection or conversion), output (converted energy or emission back into space). That affects something that life relies on - weather. Weather is not what I'm focusing on, it's just one of the many things that is affected by solar radiation and kinetic energy from pressure differentials. The argument comes into play - what happens if we capture the kinetic energy and radiation on a global scale? Arguments will say the potential energy from wind will be deflected by pressure differential and blow more somewhere else. Solar energy captures radiation that normally either heats the surface or reflects back to the lower-upper layers of the atmosphere where it causes excitation of molecules (well, electrons, but you get the concept overall) for protection from dangerous radiation and ALSO helps to capture heat even more. We're going to be changing the weather patterns on the planet. If we don't, we'll declare that we've failed because global warming is continuing. If we do, we'll declare we've failed because the weather is changing and blame it on ourselves (whether we are part or not), and cite global warming as the cause.
Follow the rock history. Global warming happens in cycles with or without us, and for us to believe that our conversion methods make US the cause of an event is borderline absurd. It's going to happen with or without us. To use "clean energy", we're capturing incoming and reflected, as well as atmospheric and underground kinetic energy (geothermal). Capture the waves, and we're altering the flow of energy in the ocean. Capture water in falls, alter the effects, amount, and direction of erosion.
Humans need to understand that we're part of the equation, which makes us observe when we see changes and take credit for the cause when we can connect one thing we do to an effect. We have a very high belief that we're a superpower that can take control of energy and be responsible for the outcomes. We fail to remember that we're animals, and as such we take in energy, convert it, store it sometimes, and emit it in another form or the same form later (call it leaving a mess). To stop leaving a mess, we have to stop converting in a way that leads to a mess. To stop converting in a way that leads to a mess, we have to change a system which we can't change but are just learning how t
When are these companies (and future bandwagoners) going to realize that people seeing you as a "green helper" is not going to drive them to purchase products or use services through you -vs- others? All people want is what's going to please them NOW, and they'll do whatever it takes and rationalize away any environmental help.... Well, until an argument for environmental health comes up and then it suddenly matters again.
This is not trolling or flamebaiting. It's just psychological proven fact.
The companies trying to get tax breaks/more business/their name out there is fairly useless as the companies that are doing it already have the primes (no pun) on their names. The tax breaks are minuscule compared to the equipment cost. The bubble is going to burst eventually, as (at least in the Cincinnati area) power companies HATE those who feed the grid in small amounts because it's unreliable, inconsistent, and difficult to vary depending on circumstances (solar flare grazing, etc).
There has to be something different in the TCP headers, the ordering of the packets, SOMETHING, that differentiates a browser and a standardized DDoS attack drones' packets.
If that is researched and is NOT the case, I see the only way around it being a Human verification system, like CAPTCHA. Fail CAPTCHA > 3 times, block IP. But this IP blocking has to be done upstream and has to have a punishment system for sites that abuse it.
Basically, there has to be a head controller of Internet comms (an organization without government involvement [yeah, right]), see above, or fail.
The more I've thought about this, there is always a dead end. You just mentioned one - customer satisfaction. Unless DDoS attacks start ruining the online video viewing & Facebook addiction satisfaction of consumers, I don't see a solution in sight. I came up with about 5 different solutions that could work, but every one of them involved the average consumer understanding its purpose and accepting it. That, as the intelligent know, means that it ain't gonna happen. In each of the solutions I came up with, the consumer might feel like they are being targeted as an enemy, or someone who has done something wrong, when they don't even know that they have done anything. That's not to mention if they truly haven't done anything at all. What I'm saying is that if a consumer feels like they are unfairly treated 1 time out of 100, it's going to lead to a bunch of them grouping together in order to start some sort of movement BS (or people trying to be compensated for their suffering [not able to watch social media for 10 minutes one day]). People have a real problem understanding that sometimes you have to suffer for a short time in order to have a long-term solution with less suffering in the long term. Also, the length of each the âsufferingâ shortens as the total solution starts to work and be improved upon. People can't miss what they want for even 15 minutes to improve the total quality and inherent robustness of the internet's damage control protocol. I'm not even going to get started with how the same needed happiness of people results in an operating system that makes it very easy for people to seize control of it and execute these DDoS attacks. Even if that operating system is completely destroyed or another one becomes the primary, they're (abusers) going to find ways around it in order to take advantage of people, because you know, people are stupid. It's all about the "now now now, what I want now". I copyright this as the Veruca Effect. I don't understand why taking one minute to think about the potential problem is so painful to people. I guess that's why I'm not in the common category.
Apologies for bad paragraph formatting. Posting this from phone.
Agreed completely. I'm still thinking but your idea is one of the base must-dos. I have to think this through to make sure that I'm not saying it incorrectly, but my initial thought is that if the protocol is not being used, you're automatically rejected. This puts a big limit upfront and encourages companies and individuals to upgrade firmware/OS on all routers to be compliant. If not, fingers can be pointed at the individual devices and companies running those devices that refuse to comply. Consumer demand will prevail in the end. It's not like you have to pay for it, it's just a firmware upgrade, or OS upgrade. If the manufacturer or provider of the firmware flash OS upgrade wants to charge money for it, nasty fingers could get pointed in their direction for breaking standards. What is being requested and set as a standard is not something that makes any company or entity lose anything, it only helps gain control over a problem. There is no reason not to do it. Therefore, after, oh, many months availability, those who refuse to upgrade will become primary targets in initial blocking. You don't implement BCP38 and any new DDoS prevention and mitigation standards, you become the first to be blocked upstream (if traffic is coming from that path in an attack). Customers will win in the end. Those who refuse to comply just become first-ignored (like emails coming from Nigerian people who want you to hold on to their dead relative's riches for them - lololol). I'm just starting on this. More to come. I always assumed that companies like Cisco would find ways to make sure that this kind of thing could immediately implement and set a fix as a base standard. Seeing that it's not required as a base standard, I'm coming up with something. I'm not saying I'm smarter than them or anyone else. Just doing something that they / others don't feel the need to do.:)
You ask a very good and intelligent question there. I don't know what other people's thoughts are, but my method would have to be non-public, as that easily presents workarounds. Having said that, that isn't going to happen so I'll have to answer your question. I got a way into it before I deleted everything and typed this response. You'll see a response later this weekend. Drawing board time, literally.
Next time, remember: there is no such thing as a secure cloud service. Ever.
I still face-plant every time I have to talk to a non-tech (AND EVEN SOME TECH) persons about what "the cloud" is. It's very simple:
"The Cloud" == a data center, or a set of datacenters used to store and/or process information remotely. The word "Cloud" is used to simplify a term that's been in existence since, what, the 1940s?
Those who are given this simple infomration respond with, "Huh? So what is the cloud then?"
Why would you include people who watched a video for less than 3 seconds? Would you say you've read a book because you glanced at the cover? Or seen a movie because you saw a 30-second trailer (okay, that last one, too often the trailers contain all the interesting stuff, so you're wasting your time watching the movie, but you get what I mean(.
As long as you don't include those people in the "total viewers" category, I see no problem.
Agreed and observed first-party. I don't have a Facebook account, so it doesn't matter in terms directly, but I will be given search terms for a video that I'm told to "look at the third related video under it". Go to YouTube, search short name to get to the video, click on the third related one below. It may have showed the video for more than 3 seconds, or less than 3. I wouldn't consider that "watching". It's "piggyback finding another video".
I also (from looking over others' shoulders while they're Facebookin' it) see that a lot of Facebook videos start on their own. If I were scrolling down a page and a video starts playing, and I'm still looking for the relevant or interesting info I'm after, the seconds of that video playing (that I'm ignoring, if I were using Facebook), I would not consider that "viewing". Now the question comes - why would they want that number to look bigger? To whom is the presentation geared where a larger number is going to gain them something?
So they booted him off because he was costing them a ton of money and wasn't paying anything. (I guess they were providing him service as a charity?)
But does that mean that they'll kick their paying customers off as well if the costs of defending them against attacks exceed the revenue they're getting from that specific customer? If so that would mean you could put Akamai out of business just by targeting one customer at a time, moving on to a new one as each one was evicted from the service.
Interesting question. Let's find out. Who wants to volunteer?;)
He should consider using a.bit address with Zeronet.
He should publish his site on Freenet. There's no such thing as a DDoS there, quite the opposite: the more requests there are for a specific URL, the more widely that content is propagated across the network, making it easier and faster for everyone to load. I say again, you cannot DDoS a Freenet site, there is no server to DDoS, as the content is distributed and hosted across the entire network. The only thing he'd lose is the comment section (Freenet's design is not conducive to interactive/dynamic stuff like commenting).
He'd lose his comment section, and his site's visibility to anyone who isn't running Freenet on their machine. Mentioning a fix isn't going to change peoples' ignorance of best-method and workaround solutions. Good idea, just not doable.
Unfortunately, this has always been the case. The whole point of a DDoS is the ability of the attacker to multiply its efforts enormously. The only possible defense against any and all DDoS attacks would be to own more than half the bandwidth of the network, which hopefully nobody ever will -- or at least more than any adversary or group of adversaries can ever point your way. Since the attackers are not paying for the bandwidth, and Akamai is, the attackers win by economic siege.
Either Akamai can bow and take down Krebs, or they can let the whole ship go down in a symbolic gesture. Which one would you do, if you had a business to run?
Has it been discussed before to modify either layer 1 or TCP standards to include a DDoS ICMP/other response upstream that indicates that there is a stream of unwanted, high-bandwidth data coming from a source IP of xxx.xxx.xxx.xxx, going all the way back to the source's downstream node in each case. If the traffic is confirmed, block traffic to the reporting IP. If not, don't. Simple standard (yes, many issues that can be exploited or abused, but those can be worked around simply).
Not understanding why DDoS is still such a problem if it's stoppable.
Slashdot Mirror
"Well, then there are those kids that start with modding and actually get a degree and come to work for us, to find the snot-nosed little...I mean growing modders who are becoming a problem. Clearly, the ones who are becoming fighters against the problem have no sway in the statistics that most are the problem."
Ah ha ha ha. Surely the bible was written to inform. Human language Is so spectacularly imprecise that the debates rage on. Define you terms, use a formal grammar; profit.
...and the language behind the bible's language is still being debugged and modified to this day. Did you mean to have 'profit' in the same post as bible, or 'prophet'?
Ehe.
Even a session wouldn't help. Many communications over the net are machine to machine. Also there's the whole solve the CAPTCHA by mechanical Turk (paid for with copied porn).
I wouldn't be surprised if within a year of setting up such a scheme, CAPTCHAs for certain websites would develop a very high failure rate.
How would a search engine spider the web?
I get it. It's beyond my scope of presentable knowledge.
Just one thing still bothers me - there has to be something that malware written to act as a DDoS attacker is lacking in its TCP transactions... Something. I give up in discussing it publicly, but there has to be something.
Sorry, I didn't say that the CAPTCHA would cover a session, not an individual request. But, that would mean the whole concept of IP blocking after failure and all of the fallout would have to be tolerated or simplified. We know that's not going to happen. :(
What's interesting is the seemingly unlikely locations where projects are actually in place or being planned. So much for the argument that profitable wind locations would be rare or hard to reach.
Amazon@ Fowler Ridge Indiana
Amazon@ Paulding County Ohio
Amazon@ Perquimans and Pasquotank Counties, North Carolina
Amazon@ Scurry County, Texas
The ignorance astounds me. Good info to back up the point of waste of materials for self-image enhancement!
They just want to kill a bunch of birds to reduce the chances of bird-strike drone-delivery failures.
There are a LOT of turbines where I come from - Orkney 59N. Not only is it windy here but we have a lot of birds too.
There are not mountains of dead birds under them. There are not people complaining about them either. The big ones belong to the electricity company and the smaller (4-8m blades) to individual farms. They can't be bad for farm animals either.
Orkney may be small (pop about 20,000) but it is self sufficient in electricity. If Tesla opened a shop there, we could cut down on another fossil fuel too.
Interesting!
Could you be cut from the HT power grid and have power 24/7/365?
Who cares why they do it? Companies do things for profit. (Which is not a bad word and not a bad thing.)
They're doing it now because it's economical. And that's a good thing. We want this trend to continue.
Even though the amount of energy used to create these solutions is taking energy from other sources that can't be replaced? The only viable option other than the evil nuclear energy one is solar. However, solar will alter the weather and climate on the planet after a certain threshold is reached. I'm not completely aware of the sources of ALL of the metals needed for panel manufacturing, but I do know that there is only so much metal for conductivity to destinations, and energy needed for the manufacturing of them (and transportation to dest.).
Law of Conservation of Energy. You can't have what you want unless you diminish or damage something else. Period.
Actually, I suspect they do. I know a lot of higly placed people that actually do care about it. If thy didn't, for the immense drain on profitability as claimed by some - they'd never be allowed to go this route.
I'm not arguing, but that is a typical rationalization by people in that position. If they aren't making the decision and getting involved with the risk of moving forward with it, they can have any opinion and share it any way they want to others for the purpose of self image. See: politician.
What's happened is that Amazon has come to realize that there is little point in continually pay someone for power when you can just get your own. This is simply a cost cutting measure to grow their AWS profit margin and ensure they can compete with competitive pricing. It's also good PR which they can use as ammunition for marketing. Amazon execs don't give a fuck about the environment, it's all about the money.
You're a smart cookie. Anyone who thinks otherwise (in terms of motive) is almost completely unaware of how business executives think. People assume that they think the same way Joe across the street does about global warming, and the same way that Bob next door does about them being a great incentive-pusher for everyone to get on-board with.
What the eff ever. If it doesn't benefit them directly, they don't effing do it. It's not that hard of an equation, and it applies everywhere to ANYONE who is IN THE POSITION of a decision maker at a business. Equation: If it doesn't reduce expense OR increase tax breaks OR increase income, don't do it. The business person's income is based on 'how well the business is doing'. Gee, I wonder what the business person is focused on... Hmm.. That's a real stumper there. Ugh.
So... are you guys for free markets or not.. it's so hard to tell because your position changes with the direction of the breeze.
That's the problem, psychologically. It's about "ME" and "NOW". It's about people getting what they want, but choosing when to care or not care about their effect, given what they get now as a benefit.
Not to be offtopic, but I have a family member that believes that recycling is the only way to go. I said, "[name], you understand that recycling recycles recyclable materials, but requires a lot of energy to be used in the process, right?"
Ok, so I answer with, "Right. So if you believe we're contributing to global warming AND long-term destruction of the happy environment around us, you recycle. You're contributing to, your belief of the cause of global warming, for the energy used in the process."
She says, "Well, it's better to do something rather than nothing."
I stared blankly until she stomped a foot and screamed, "WHAT?"
Sorry, but if you want to blame somebody for what our society "is coming to", then you better first look in the mirror, and then turn around and look behind you: You'll see fat cats like Drumpf standing there.
I thought it was just going to end with "fat cats". They contribute, too. Literally.
The data center uses power from whatever generation facility is closest to it. Off-site renewable source serve to offset that power usage.
Electricity is a commodity - there's no difference to the end user what source generated the exact electricity they're using at any given moment. It's about offsetting usage.
Same thing happens to a different extent to homes with solar panels on their rooftops. At least in states that allow for net metering, homes have oversized installations, which generate far more power at peak than the house will actually use. That power is pumped back out into the grid and goes to the nearest neighbors, with the solar owner getting credit for that power, allowing their daytime production to be used to offset their evening usage.
So, Amazon when creates a wind farm in Texas - even if that power isn't used directly by their facilities, it does still have the same exact effect on reducing CO2 generation, by effectively offsetting their CO2 production by supplying clean energy elsewhere.
Question (you're smart and I'm not talking down to you; really looking for your wisdom, literally): what happens if we maximize solar and wind for power conversion? Note, I didn't say generation; I said conversion. A field with wind turbines cuts down on the kinetic energy outflow from the area; in solar conversion, the excitation of electrons reduces the emitted heat to the atmosphere from the Sun's contact with the ground (ground being surface things, not literally all ground; mountains, trees, etc). It also emits a lot of IR radiation due to the heating of the material in the panel, which is what happens every day and night - incoming radiation, (reflection or conversion), output (converted energy or emission back into space). That affects something that life relies on - weather. Weather is not what I'm focusing on, it's just one of the many things that is affected by solar radiation and kinetic energy from pressure differentials. The argument comes into play - what happens if we capture the kinetic energy and radiation on a global scale? Arguments will say the potential energy from wind will be deflected by pressure differential and blow more somewhere else. Solar energy captures radiation that normally either heats the surface or reflects back to the lower-upper layers of the atmosphere where it causes excitation of molecules (well, electrons, but you get the concept overall) for protection from dangerous radiation and ALSO helps to capture heat even more. We're going to be changing the weather patterns on the planet. If we don't, we'll declare that we've failed because global warming is continuing. If we do, we'll declare we've failed because the weather is changing and blame it on ourselves (whether we are part or not), and cite global warming as the cause.
Follow the rock history. Global warming happens in cycles with or without us, and for us to believe that our conversion methods make US the cause of an event is borderline absurd. It's going to happen with or without us. To use "clean energy", we're capturing incoming and reflected, as well as atmospheric and underground kinetic energy (geothermal). Capture the waves, and we're altering the flow of energy in the ocean. Capture water in falls, alter the effects, amount, and direction of erosion.
Humans need to understand that we're part of the equation, which makes us observe when we see changes and take credit for the cause when we can connect one thing we do to an effect. We have a very high belief that we're a superpower that can take control of energy and be responsible for the outcomes. We fail to remember that we're animals, and as such we take in energy, convert it, store it sometimes, and emit it in another form or the same form later (call it leaving a mess). To stop leaving a mess, we have to stop converting in a way that leads to a mess. To stop converting in a way that leads to a mess, we have to change a system which we can't change but are just learning how t
When are these companies (and future bandwagoners) going to realize that people seeing you as a "green helper" is not going to drive them to purchase products or use services through you -vs- others? All people want is what's going to please them NOW, and they'll do whatever it takes and rationalize away any environmental help.... Well, until an argument for environmental health comes up and then it suddenly matters again.
This is not trolling or flamebaiting. It's just psychological proven fact.
The companies trying to get tax breaks/more business/their name out there is fairly useless as the companies that are doing it already have the primes (no pun) on their names. The tax breaks are minuscule compared to the equipment cost. The bubble is going to burst eventually, as (at least in the Cincinnati area) power companies HATE those who feed the grid in small amounts because it's unreliable, inconsistent, and difficult to vary depending on circumstances (solar flare grazing, etc).
There has to be something different in the TCP headers, the ordering of the packets, SOMETHING, that differentiates a browser and a standardized DDoS attack drones' packets.
If that is researched and is NOT the case, I see the only way around it being a Human verification system, like CAPTCHA. Fail CAPTCHA > 3 times, block IP. But this IP blocking has to be done upstream and has to have a punishment system for sites that abuse it.
Basically, there has to be a head controller of Internet comms (an organization without government involvement [yeah, right]), see above, or fail.
See https://slashdot.org/comments....
The more I've thought about this, there is always a dead end. You just mentioned one - customer satisfaction.
Unless DDoS attacks start ruining the online video viewing & Facebook addiction satisfaction of consumers, I don't see a solution in sight.
I came up with about 5 different solutions that could work, but every one of them involved the average consumer understanding its purpose and accepting it. That, as the intelligent know, means that it ain't gonna happen. In each of the solutions I came up with, the consumer might feel like they are being targeted as an enemy, or someone who has done something wrong, when they don't even know that they have done anything. That's not to mention if they truly haven't done anything at all. What I'm saying is that if a consumer feels like they are unfairly treated 1 time out of 100, it's going to lead to a bunch of them grouping together in order to start some sort of movement BS (or people trying to be compensated for their suffering [not able to watch social media for 10 minutes one day]). People have a real problem understanding that sometimes you have to suffer for a short time in order to have a long-term solution with less suffering in the long term. Also, the length of each the âsufferingâ shortens as the total solution starts to work and be improved upon. People can't miss what they want for even 15 minutes to improve the total quality and inherent robustness of the internet's damage control protocol. I'm not even going to get started with how the same needed happiness of people results in an operating system that makes it very easy for people to seize control of it and execute these DDoS attacks. Even if that operating system is completely destroyed or another one becomes the primary, they're (abusers) going to find ways around it in order to take advantage of people, because you know, people are stupid. It's all about the "now now now, what I want now". I copyright this as the Veruca Effect. I don't understand why taking one minute to think about the potential problem is so painful to people. I guess that's why I'm not in the common category.
Apologies for bad paragraph formatting. Posting this from phone.
Agreed completely. I'm still thinking but your idea is one of the base must-dos. I have to think this through to make sure that I'm not saying it incorrectly, but my initial thought is that if the protocol is not being used, you're automatically rejected. This puts a big limit upfront and encourages companies and individuals to upgrade firmware/OS on all routers to be compliant. If not, fingers can be pointed at the individual devices and companies running those devices that refuse to comply. Consumer demand will prevail in the end. It's not like you have to pay for it, it's just a firmware upgrade, or OS upgrade. If the manufacturer or provider of the firmware flash OS upgrade wants to charge money for it, nasty fingers could get pointed in their direction for breaking standards. What is being requested and set as a standard is not something that makes any company or entity lose anything, it only helps gain control over a problem. There is no reason not to do it. Therefore, after, oh, many months availability, those who refuse to upgrade will become primary targets in initial blocking. You don't implement BCP38 and any new DDoS prevention and mitigation standards, you become the first to be blocked upstream (if traffic is coming from that path in an attack). Customers will win in the end. Those who refuse to comply just become first-ignored (like emails coming from Nigerian people who want you to hold on to their dead relative's riches for them - lololol). :)
I'm just starting on this. More to come. I always assumed that companies like Cisco would find ways to make sure that this kind of thing could immediately implement and set a fix as a base standard. Seeing that it's not required as a base standard, I'm coming up with something. I'm not saying I'm smarter than them or anyone else. Just doing something that they / others don't feel the need to do.
You ask a very good and intelligent question there. I don't know what other people's thoughts are, but my method would have to be non-public, as that easily presents workarounds. Having said that, that isn't going to happen so I'll have to answer your question. I got a way into it before I deleted everything and typed this response. You'll see a response later this weekend. Drawing board time, literally.
The Echo is a hit? Citation, please.
Heh. http://www.dictionary.com/brow...
Noun, 24.
Rookie epic fail
Next time, remember: there is no such thing as a secure cloud service. Ever.
I still face-plant every time I have to talk to a non-tech (AND EVEN SOME TECH) persons about what "the cloud" is. It's very simple:
"The Cloud" == a data center, or a set of datacenters used to store and/or process information remotely. The word "Cloud" is used to simplify a term that's been in existence since, what, the 1940s?
Those who are given this simple infomration respond with, "Huh? So what is the cloud then?"
War is piece
The whut??
*click-click* Does the gun I'm pointing make it make sense now? ;)
Why would you include people who watched a video for less than 3 seconds? Would you say you've read a book because you glanced at the cover? Or seen a movie because you saw a 30-second trailer (okay, that last one, too often the trailers contain all the interesting stuff, so you're wasting your time watching the movie, but you get what I mean(.
As long as you don't include those people in the "total viewers" category, I see no problem.
Agreed and observed first-party. I don't have a Facebook account, so it doesn't matter in terms directly, but I will be given search terms for a video that I'm told to "look at the third related video under it". Go to YouTube, search short name to get to the video, click on the third related one below. It may have showed the video for more than 3 seconds, or less than 3. I wouldn't consider that "watching". It's "piggyback finding another video".
I also (from looking over others' shoulders while they're Facebookin' it) see that a lot of Facebook videos start on their own. If I were scrolling down a page and a video starts playing, and I'm still looking for the relevant or interesting info I'm after, the seconds of that video playing (that I'm ignoring, if I were using Facebook), I would not consider that "viewing". Now the question comes - why would they want that number to look bigger? To whom is the presentation geared where a larger number is going to gain them something?
So they booted him off because he was costing them a ton of money and wasn't paying anything. (I guess they were providing him service as a charity?)
But does that mean that they'll kick their paying customers off as well if the costs of defending them against attacks exceed the revenue they're getting from that specific customer? If so that would mean you could put Akamai out of business just by targeting one customer at a time, moving on to a new one as each one was evicted from the service.
Interesting question. Let's find out. Who wants to volunteer? ;)
He should consider using a .bit address with Zeronet.
He should publish his site on Freenet. There's no such thing as a DDoS there, quite the opposite: the more requests there are for a specific URL, the more widely that content is propagated across the network, making it easier and faster for everyone to load. I say again, you cannot DDoS a Freenet site, there is no server to DDoS, as the content is distributed and hosted across the entire network. The only thing he'd lose is the comment section (Freenet's design is not conducive to interactive/dynamic stuff like commenting).
He'd lose his comment section, and his site's visibility to anyone who isn't running Freenet on their machine. Mentioning a fix isn't going to change peoples' ignorance of best-method and workaround solutions. Good idea, just not doable.
Unfortunately, this has always been the case. The whole point of a DDoS is the ability of the attacker to multiply its efforts enormously. The only possible defense against any and all DDoS attacks would be to own more than half the bandwidth of the network, which hopefully nobody ever will -- or at least more than any adversary or group of adversaries can ever point your way. Since the attackers are not paying for the bandwidth, and Akamai is, the attackers win by economic siege.
Either Akamai can bow and take down Krebs, or they can let the whole ship go down in a symbolic gesture. Which one would you do, if you had a business to run?
Has it been discussed before to modify either layer 1 or TCP standards to include a DDoS ICMP/other response upstream that indicates that there is a stream of unwanted, high-bandwidth data coming from a source IP of xxx.xxx.xxx.xxx, going all the way back to the source's downstream node in each case. If the traffic is confirmed, block traffic to the reporting IP. If not, don't. Simple standard (yes, many issues that can be exploited or abused, but those can be worked around simply).
Not understanding why DDoS is still such a problem if it's stoppable.