I've been the victim of a low-grade DoS attack from a Linode IP, an email to abuse@ stopped it quite quickly, although I don't recall getting a response.
It popped up again from another IP, and again, an email to abuse@ got it stopped quite quickly.
I've got several Linodes, I've probably seen about 10-15 minutes of downtime total (per node, and not at the same time), so in my case this translated into approximately 8 minutes of customer-facing outage due to my internal redundancy.
However, my redundancy is within a Linode network, if an entire Linode data-center goes down, so do I, I don't attempt to replicate outside of an individual DC, outside of off-site backups (which I store outside the Linode environment). We do have core infrastructure (DNS, our own mail and system status pages) distributed across multiple providers so that losing a single provider won't take us down, although this is mainly to prevent a situation such as where my Linode account itself is suspended.
All in all, I'm quite impressed at how well they've handled it.
I didn't wish such DDoS attacks on them at all. Has/. reading comprehension really fallen this low?
What I hope is that their provider is as unhelpful to them as Linode was to me when I was a victim of similar, ongoing and sustained attacks, as it will help them understand the difficulty that customers face and that they're left struggling to resolve it on their own because if so, they may develop both sympathy and tools that can be used to protect both themselves and their customers in the future.
If "Oh, just shut everything down and wait it out" is good enough for me, it should be good enough for them. If not, well, maybe they'll improve after having a bit more personal experience being the victim.
And for the record, I'm still a Linode customer (and have more services with them now than I did then); I was just disappointed at their lack of usefulness.
I see why you're posting as A/C. Try reading again: Linode didn't threaten me or the customer or anyone else, we (my customer, and me as a host) were threatened by a DDoS extortion scheme -- A "Nice web site you host there, it would be a shame if someone were to keep up a sustained DDoS against it"
And no, I didn't threaten a lawsuit or anything else, I just asked them for information on the type of attack, and later once I identified the type of attack, help filtering rather than a complete nullroute.
They were polite, but completely unhelpful in terms of even providing any information about the particulars of the attack (one source or multiple, port numbers, type of traffic, etc) "Luckily" the DDoS hit servers I run on another network too, and the network operator there was able to provide me with said details, which helped to mitigate the attacks.
Okay, I'm probably a jerk, but I don't care and I hope their upstream(s) isn't/aren't helpful.
I'm a happy Linode customer, but when one of my customers was being targeted by a DDoS extortion scheme which was using a very specific, very blockable attack, Linode's only solution/suggestion was to boot the customer, or wait it out, and in the meantime, they nullrouted my IP. Now I get that nullrouting my IP keeps the rest of the customers in that subnet/node/etc online, but it frustrated me that they wouldn't even attempt to block selectively, and as such, I can't get a ton of sympathy when they're victims of similar attacks.
And for the record, my customer didn't pay, eventually the DDoS group got bored and moved on.
"Some people are really fucking stupid" "Think of how stupid the average person is, and then realize half of them are stupider than that."
-- George Carlin
You're right, but just the same, it's hurting his business -- Even if it's just the denial-of-service attack on his phones, it's hurting his business.
How about the legitimate customers who were afraid to use his business because of what their neighbours might think? It takes a lot less than "Oh, is that the ISIS guy?" to kill a business in small town America. And what about the customers who tried to get through, but due to the hundreds of crank calls, couldn't get through and switched to another plumber, thereby losing current and future business?
Most small non-internet businesses are basically out of business without usable phones, and if this business is anything like my plumber, his number is stickered to every single piece of major work his company has done since 1984, and changing his number would undo all of that marketing effort. I'm certain I'm not the only one that calls the company that did the installation when I need service, at least if I'm happy with the original work -- Even if it's not a warranty issue, I know they deal with all of the brands of equipment installed, and they aren't going to claim the original installation was defective and charge me an arm and a leg fixing made-up issues with the original installation either.
$1M isn't much actual damages for current and future business, and some punitive damages would seem to be in order if the dealership failed to remove the logo as contracted, if that was part of the arrangement (which, admittedly, will likely be difficult to prove)
Yup. I really struggled as there were a few characters (YHN, and less so, TGB) that I type with both hands on a normal keyboard, but I avidly prefer ergonomic designs. The Microsoft Natural 4000 is my favourite. But I'd love it if the 6TGB and 7YHN were duplicated on both the left and right side.
I picked up the habit by keeping my pointer fingers on the D and H back when F# keys were on the far left, and then GJ or GK after the F# keys moved to the top. I have big hands, long fingers, and can reach the entire keyboard that way, but it kept me going faster when I grabbed a drink.
Another implementation would be to encrypt each item with a unique key and destroy the keys, rather than the underlying item, in a delete event, such that not even forensic tools would have a reasonable chance at recovery once the key-storage media has been re-written.
I guess it depends on the scope of applications, but I expect that typical apps will still use the radio to update data, but as they go native on the watch they'll start to do processing on the watch itself.
We'll have to wait and see, it really depends on what sort of apps end up being popular.
The issue is that, at the moment, no apps are really running on the Apple Watch itself, but rather, the display is basically streamed over Bluetooth from the connected iPhone. Once apps run on the watch itself, the situation will change.
Now whether it ends up being better or worse is anyone's guess, it will probably depend on the apps and implementation details, but I would expect that for most apps, it won't reduce power consumption.
The other interesting thing with placebos is that they're typically only effective for a limited period of time, whereas real medication typically can reach a point of stability.
I saw a study that attempted to counteract this by putting both the control and experiment groups on a placebo, and telling the experiment group that they were on a placebo, the known-placebo was still more effective than an untreated patient, but the effect wasn't as strong and didn't last as long. What I'd like to see studied is the reverse, put both groups on a known-effective treatment, but tell the experiment group that they are on a placebo and see what happens.
Sure, you can't use a "true" placebo here, but you can compare against currently accepted treatments and get useful results, as long as you lie and tell your control group that they're getting something new (while in reality, maintain the existing treatment baseline)
This isn't substantially different than using a placebo, although in some cases it may prevent a true double-blind study since the treatment protocols for the new drug may be different or obvious to the user.
With the advantage that, if successful, the device can be turned on at a later date. Whether this is feasible or not, is anyone's guess, but it could be built into the study such that at 50% of the way into the study, the switch is flipped (with the intention of learning whether people who's devices previously worked, and now stop, still receive ongoing benefit from their overall improved health, or whether only the online use of the device is effective)
I doubt terminating his account would remove any existing data, although it may well reduce the amount of additional data that gets exposed going forward. It doesn't solve the problem.
Sure. But it's in the item that started every thread in this discussion, so by definition, it's on-topic anywhere in this/. article, being downstream of the incendiary comment.
So is AppleCare (no +) a warranty or insurance? It's provided by the manufacturer...
AppleCare+ is more like insurance since it covers accidental damage as well, with a deductible.
Personally I've done very well with AppleCare. Since I live in an area where Apple has no local store, a warranty swap without AppleCare runs me $30-$40 for advanced exchange, or I go 2-6 weeks without my phone, which isn't acceptable. Paying $69 for AppleCare the first time I need it is a no-brainer (since I waive the $35 advanced-exchange fee, that means it only runs me $34. I generally swap my devices once a year, and I've found I do get better resale value too since I'm selling a device with 10-14 months of warranty on it).
Now that Apple won't sell straight AppleCare for the iPhone and I have to get AppleCare+, I'm more apprehensive, but since I also plan on keeping this one for a little over 2 years instead of my usual 12-14 months, I figure it'll work out. I currently have a dead-standby-button iPhone 5 on my desk waiting for UPS pickup on Monday, so I'm $35 of savings into the $99 investment.
However, this takes into account the fact that I've had to warranty all but one iPod Touch / iPhone that I've owned, with a couple DOAs along the way (one DOA was, itself, a warranty replacement). Usually it's the Standby or Home button that goes over time -- If it were just me, I'd say I'm rough on them. Since it's a known defect, I have no problem making Apple replace 'em -- The more they spend on replacing bad buttons, the more likely they are to re-engineer, like they finally did for the iPhone 5.
For me the $69-$99 warranty cost is worth it since replacement cost on the device is ~$700.
(And before anyone throws a tantrum about my prices being "wrong", remember that there is more than one country in the world)
Slashdot Mirror
I've been the victim of a low-grade DoS attack from a Linode IP, an email to abuse@ stopped it quite quickly, although I don't recall getting a response.
It popped up again from another IP, and again, an email to abuse@ got it stopped quite quickly.
So in this respect, I'm very happy with them.
I've got several Linodes, I've probably seen about 10-15 minutes of downtime total (per node, and not at the same time), so in my case this translated into approximately 8 minutes of customer-facing outage due to my internal redundancy.
However, my redundancy is within a Linode network, if an entire Linode data-center goes down, so do I, I don't attempt to replicate outside of an individual DC, outside of off-site backups (which I store outside the Linode environment). We do have core infrastructure (DNS, our own mail and system status pages) distributed across multiple providers so that losing a single provider won't take us down, although this is mainly to prevent a situation such as where my Linode account itself is suspended.
All in all, I'm quite impressed at how well they've handled it.
I didn't wish such DDoS attacks on them at all. Has /. reading comprehension really fallen this low?
What I hope is that their provider is as unhelpful to them as Linode was to me when I was a victim of similar, ongoing and sustained attacks, as it will help them understand the difficulty that customers face and that they're left struggling to resolve it on their own because if so, they may develop both sympathy and tools that can be used to protect both themselves and their customers in the future.
If "Oh, just shut everything down and wait it out" is good enough for me, it should be good enough for them. If not, well, maybe they'll improve after having a bit more personal experience being the victim.
And for the record, I'm still a Linode customer (and have more services with them now than I did then); I was just disappointed at their lack of usefulness.
I see why you're posting as A/C. Try reading again: Linode didn't threaten me or the customer or anyone else, we (my customer, and me as a host) were threatened by a DDoS extortion scheme -- A "Nice web site you host there, it would be a shame if someone were to keep up a sustained DDoS against it"
And no, I didn't threaten a lawsuit or anything else, I just asked them for information on the type of attack, and later once I identified the type of attack, help filtering rather than a complete nullroute.
They were polite, but completely unhelpful in terms of even providing any information about the particulars of the attack (one source or multiple, port numbers, type of traffic, etc) "Luckily" the DDoS hit servers I run on another network too, and the network operator there was able to provide me with said details, which helped to mitigate the attacks.
Okay, I'm probably a jerk, but I don't care and I hope their upstream(s) isn't/aren't helpful.
I'm a happy Linode customer, but when one of my customers was being targeted by a DDoS extortion scheme which was using a very specific, very blockable attack, Linode's only solution/suggestion was to boot the customer, or wait it out, and in the meantime, they nullrouted my IP. Now I get that nullrouting my IP keeps the rest of the customers in that subnet/node/etc online, but it frustrated me that they wouldn't even attempt to block selectively, and as such, I can't get a ton of sympathy when they're victims of similar attacks.
And for the record, my customer didn't pay, eventually the DDoS group got bored and moved on.
Given that those people aren't actually harmed... Quit trolling?
"Some people are really fucking stupid"
"Think of how stupid the average person is, and then realize half of them are stupider than that."
-- George Carlin
You're right, but just the same, it's hurting his business -- Even if it's just the denial-of-service attack on his phones, it's hurting his business.
How about the legitimate customers who were afraid to use his business because of what their neighbours might think? It takes a lot less than "Oh, is that the ISIS guy?" to kill a business in small town America. And what about the customers who tried to get through, but due to the hundreds of crank calls, couldn't get through and switched to another plumber, thereby losing current and future business?
Most small non-internet businesses are basically out of business without usable phones, and if this business is anything like my plumber, his number is stickered to every single piece of major work his company has done since 1984, and changing his number would undo all of that marketing effort. I'm certain I'm not the only one that calls the company that did the installation when I need service, at least if I'm happy with the original work -- Even if it's not a warranty issue, I know they deal with all of the brands of equipment installed, and they aren't going to claim the original installation was defective and charge me an arm and a leg fixing made-up issues with the original installation either.
$1M isn't much actual damages for current and future business, and some punitive damages would seem to be in order if the dealership failed to remove the logo as contracted, if that was part of the arrangement (which, admittedly, will likely be difficult to prove)
Yup. I really struggled as there were a few characters (YHN, and less so, TGB) that I type with both hands on a normal keyboard, but I avidly prefer ergonomic designs. The Microsoft Natural 4000 is my favourite. But I'd love it if the 6TGB and 7YHN were duplicated on both the left and right side.
I picked up the habit by keeping my pointer fingers on the D and H back when F# keys were on the far left, and then GJ or GK after the F# keys moved to the top. I have big hands, long fingers, and can reach the entire keyboard that way, but it kept me going faster when I grabbed a drink.
No, keys are small enough to store without needing cold storage.
Another implementation would be to encrypt each item with a unique key and destroy the keys, rather than the underlying item, in a delete event, such that not even forensic tools would have a reasonable chance at recovery once the key-storage media has been re-written.
They shouldn't have laid off Ted.
I guess it depends on the scope of applications, but I expect that typical apps will still use the radio to update data, but as they go native on the watch they'll start to do processing on the watch itself.
We'll have to wait and see, it really depends on what sort of apps end up being popular.
The issue is that, at the moment, no apps are really running on the Apple Watch itself, but rather, the display is basically streamed over Bluetooth from the connected iPhone. Once apps run on the watch itself, the situation will change.
Now whether it ends up being better or worse is anyone's guess, it will probably depend on the apps and implementation details, but I would expect that for most apps, it won't reduce power consumption.
The other interesting thing with placebos is that they're typically only effective for a limited period of time, whereas real medication typically can reach a point of stability.
I saw a study that attempted to counteract this by putting both the control and experiment groups on a placebo, and telling the experiment group that they were on a placebo, the known-placebo was still more effective than an untreated patient, but the effect wasn't as strong and didn't last as long. What I'd like to see studied is the reverse, put both groups on a known-effective treatment, but tell the experiment group that they are on a placebo and see what happens.
Good times.
Sure, you can't use a "true" placebo here, but you can compare against currently accepted treatments and get useful results, as long as you lie and tell your control group that they're getting something new (while in reality, maintain the existing treatment baseline)
This isn't substantially different than using a placebo, although in some cases it may prevent a true double-blind study since the treatment protocols for the new drug may be different or obvious to the user.
With the advantage that, if successful, the device can be turned on at a later date. Whether this is feasible or not, is anyone's guess, but it could be built into the study such that at 50% of the way into the study, the switch is flipped (with the intention of learning whether people who's devices previously worked, and now stop, still receive ongoing benefit from their overall improved health, or whether only the online use of the device is effective)
I doubt terminating his account would remove any existing data, although it may well reduce the amount of additional data that gets exposed going forward. It doesn't solve the problem.
Or just walk away.
While true, this solution doesn't allow one to protect their own data which is also exposed.
Screw it, let's just do straight up Markov chains to generate patents, see if anyone notices.
No, I mostly ignore it. But this *is* still /.
Sure. But it's in the item that started every thread in this discussion, so by definition, it's on-topic anywhere in this /. article, being downstream of the incendiary comment.
Except that the /. article discusses Windows, making comparisons between Windows and OSX on this topic on-topic by definition.
Better yet, go with "Bueller" and then leave without your coffee, leaving them calling Bueller, Bueller, Bueller.
So is AppleCare (no +) a warranty or insurance? It's provided by the manufacturer...
AppleCare+ is more like insurance since it covers accidental damage as well, with a deductible.
Personally I've done very well with AppleCare. Since I live in an area where Apple has no local store, a warranty swap without AppleCare runs me $30-$40 for advanced exchange, or I go 2-6 weeks without my phone, which isn't acceptable. Paying $69 for AppleCare the first time I need it is a no-brainer (since I waive the $35 advanced-exchange fee, that means it only runs me $34. I generally swap my devices once a year, and I've found I do get better resale value too since I'm selling a device with 10-14 months of warranty on it).
Now that Apple won't sell straight AppleCare for the iPhone and I have to get AppleCare+, I'm more apprehensive, but since I also plan on keeping this one for a little over 2 years instead of my usual 12-14 months, I figure it'll work out. I currently have a dead-standby-button iPhone 5 on my desk waiting for UPS pickup on Monday, so I'm $35 of savings into the $99 investment.
However, this takes into account the fact that I've had to warranty all but one iPod Touch / iPhone that I've owned, with a couple DOAs along the way (one DOA was, itself, a warranty replacement). Usually it's the Standby or Home button that goes over time -- If it were just me, I'd say I'm rough on them. Since it's a known defect, I have no problem making Apple replace 'em -- The more they spend on replacing bad buttons, the more likely they are to re-engineer, like they finally did for the iPhone 5.
For me the $69-$99 warranty cost is worth it since replacement cost on the device is ~$700.
(And before anyone throws a tantrum about my prices being "wrong", remember that there is more than one country in the world)