Posts Tagged ‘technology’

A Few Points on Yesterday’s Big DDos Attack

Saturday, October 22nd, 2016

If you had trouble getting to a various websites yesterday it was probably fallout from a huge distributed Denial-of-Service (DDoS) attack:

Criminals this morning massively attacked Dyn, a company that provides core Internet services for Twitter, SoundCloud, Spotify, Reddit and a host of other sites, causing outages and slowness for many of Dyn’s customers.

In a statement, Dyn said that this morning, October 21, Dyn received a global distributed denial of service (DDoS) attack on its DNS infrastructure on the east coast starting at around 7:10 a.m. ET (11:10 UTC).

More coverage of the attack here. “At the peak of the attack, average DNS connect times for 2,000 websites monitored by Dynatrace went to about 16 seconds from 500 milliseconds normally.”

Internet-of-Things-enabled devices appear to be at the heart of the DDoS attack:

According to Dan Drew, the chief security officer at Level 3 Communications, the attack is at least in part being mounted from a “botnet” of Internet-of-Things (IoT) devices.

Drew explained the attack in a Periscope briefing this afternoon. “We’re seeing attacks coming from a number of different locations,” Drew said. “An Internet of Things botnet called Mirai that we identified is also involved in the attack.”

The botnet, made up of devices like home Wi-Fi routers and Internet protocol video cameras, is sending massive numbers of requests to Dyn’s DNS service. Those requests look legitimate, so it’s difficult for Dyn’s systems to screen them out from normal domain name lookup requests.

Earlier this month, the code for the Marai botnet was released publicly. It may have been used in the massive DDoS attack against security reporter Brian Krebs. Marai and another IoT botnet called Bashlight exploit a common vulnerability in BusyBox, a pared-down version of the Linux operating system used in embedded devices. Marai and Bashlight have recently been responsible for attacks of massive scale, including the attack on Krebs, which at one point reached a traffic volume of 620 gigabits per second.

Matthew Prince, co-founder and CEO of the content delivery and DDoS protection service provider CloudFlare, said that the attack being used against Dyn is an increasingly common one. The attacks append random strings of text to the front of domain names, making them appear like new, legitimate requests for the addresses of systems with a domain. Caching the results to speed up responses is impossible.

At least some commenters have pointed to a possible connection between DDoS attacks and web services firm BackConnect Inc.:

The latest comes the day after Doug Madory, director of Internet Analysis at Dyn, gave a presentation at an industry conference about research he had done on questionable practices at BackConnect Inc., a firm that offers web services, including helping clients manage DDoS attacks. According to Madory, BackConnect had regularly spoofed Internet addresses through a technique known as a BGP hijack, an aggressive tactic that pushes the bounds of industry.

Madory’s research was conducted with Brian Krebs, a well-known writer on computer-security issues. Krebs also published an article based on the research last month. Within hours, his website was hit by a “extremely large and unusual” DDoS attack, he wrote.

Perhaps someone with more computer security knowledge than I (Dwight? Borepatch?) might comment on how best to defend from these attacks in the future. Spin up big on-demand cloud clustered DNS VMs when a DDoS attack is detected?

GTA 5 Mod Let’s You Use Samsung Galaxy Note 7s as Grenades

Thursday, October 20th, 2016

You’ve probably heard that Samsung has recalled and cancelled the Galaxy Note 7 phone after numerous incidents where the battery exploded.

You may not have heard that someone did a mod for the video game Grand Theft Auto 5 that lets you use Samsung Galaxy Note 7s as grenades.

Since Samsung has evidently forced YouTube to take down video of the mod in “arguably the worst misuse of the DMCA we have ever come across,” I thought I would share two other videos.

LinkSwarm for September 30, 2016

Friday, September 30th, 2016

Another Friday, another LinkSwarm. On a personal note, I am once again looking for a Senior Technical Writing position in the greater Austin area. If you have any leads in that direction, please let me know.

  • Polls show Hillary losing ground after debate.
  • Likewise, LA Times poll shows a slight bump for Trump.
  • Professor says there are 13 keys for an incumbent to lose the White House. By my count, Democrats suffer from just about all of them.
  • Minnesota, the only state to vote for Walter Mondale in 1984, is now a battleground state. (Hat tip: Director Blue.)
  • Democrats give up on Ohio. (Hat tip: Stephen Green at Instapundit.)
  • Nineteen dead people registered to vote in Virginia. Yet more of that voting fraud Democrats swear up and down doesn’t exist… (Hat tip: Director Blue.)
  • Republicans cave on everything and leave town. But somehow it’s Trump that’s going to sully the spotless reputation of the Grand Old Party…
  • But at least congress overrode Obama’s veto of bill allowing 9/11 survivors to sue the Saudis 97-1. One wonders why Obama even bothered vetoing the bill, given how he had already stabbed the Saudis in the back with the Iran deal.
  • Blue Cross/Blue Shield drops out of ObamaCare exchange in Nebraska.
  • More illegal aliens on the way. (Hat tip: Praire Pundit.)
  • Two Maryland Democrats fight over which is more responsible over making Baltimore burn.
  • Chicago schools are boned. (Hat tip: The American Interest.)
  • Taxis vs. Uber.
  • Will Franklin of WILLisms put a lot of work into this school choice video:

  • Texas among four states to sue to stop the transfer of ICANN to an international governing body.
  • “Target Corporation’s transgender bathroom pander costing its shareholders billions.” (Hat tip: Ace of Spades HQ.)
  • Scott Adams think that the Middle East is just building a wall around the Islamic State.
  • Ace of Spades declares war on the Republican leadership:

    Apparently, some in this party really do think they’re going to hand the election to Hillary, and, bizarrely, they think this will bully the rest of us into knuckling under to their agenda in 2020.

    Rather than simply getting payback and tanking their candidate in return.

    This party is on the verge of self-destructing. The upper class of the party is upset that the lower class has finally had its say, and they’re determined that should never be permitted to happen again.

    Why then would anyone of the lower class ever vote for the GOP again? Are they required to sign a piece of paper confirming that they are Lessers who should know their place in order to have the privilege of voting against their own interests?

    He’s also turns his fire on #NeverTrump:

    we have a hundred people who claim to be #NeverTrump and #NeverHillary but, strangely enough, never talk about the downsides of a Hillary presidency. Oh, they’ll talk up how much of an authoritarian Trump is, but not Hillary’s sense of entitlement, grievance, vengeance, and her own history of authoritarianism and lawlessness in covering up her crimes.

    They talk all day about “Principles,” but discard the most basic principles — such as keeping a proven lawbreaker out of the White House, or just honestly admitting which candidate they’re actually supporting to their readers — as convenience may recommend.

    In fact, right now they’re howling about Ted Cruz’ “calculations” in endorsing Trump, while not admitting their own pose of “Being Against Both Equally” is in fact a completely contrived lie they’ve calculated will permit them to agitate for their candidate (Hillary) while not compromising their career prospects within Conservatism, Inc. too much.

    How much can I agitate for Hillary while still retaining plausible deniability?

    How much can I agitate for Hillary to appease my anti-Trump donors while still keeping enough pro-Trump readers that my anti-Trump donors will feel they’re getting enough eyeballs per dollar of their patronage?

    The party — not just the party;the writers who are supposed to have telling the truth as their first mission, but instead of become nonstop liars all the time decrying Trump as a liar himself — has declared war on all of the Lessers beneath their station, those not in The Media and who should, therefore, not have quite as much of a say in things as they themselves have.

    They’ve made themselves into exactly what they pretend to oppose — and exactly what I do in fact oppose.

  • Canada launches prescription smack. Part of me wants to see how the experiment turns out. And part of me wants to start offering junkies one-way bus tickets to the Great (China) White North.
  • Other Canadian craziness: Montreal to euthanize all non-owned pit bulls. Way to jerk those knees, French Canadians.
  • Navy changes the way it categorizes sailors.
  • Burning Man camp vandalized.
  • More of that vaunted liberal tolerance we hear so much about these days. “Kill yourself bitch.” (Hat tip: Will Shetterly.)
  • There’s a proper and an improper way to turn down an orgy. Proper: “No thank you.” Improper: Getting stabby. Don’t they teach kids basic manners these days?
  • I picked up some signed William F. Buckley, Jr. books cheap.
  • LinkSwarm for August 26, 2016

    Friday, August 26th, 2016

    Welcome to another Friday LinkSwarm! We’re just weeks away from The Burning Time giving way to The Season of Football.

    Some links:

  • Here’s one forecast that has Trump and Clinton tied.
  • “Always correct election forecast model predicts Trump win, 51%-48%.” (Hat tip: Instapundit.)
  • Average ObamaCare premiums surge 24% for 2017.
  • Well, not in Illinois. There, they’re going up as much as 90%.
  • In case you missed it last week, Pennsylvania’s Democratic attorney general Kathleen Kane resigned after being convicted of nine counts of perjury and obstruction of justice.
  • Silicon Valley CEO Gurbaksh Chahal allegedly hit his girlfriend 117 tiems, but was sentenced to probation. Oh, and he gives his political donations exclusively to Democrats. Why do so many Democrats commit violence against women?
  • George Soros hit up for money to sell the Iran deal.
  • Soros also celebrated the European refugee crisis being the new normal.
  • Obama wants to ban smoking in public housing. Hey, if you think we have riots now… (Hat tip: Ace of Spades HQ.)
  • Massachusetts takes rent-seeking to the next level, taxing ride-sharing services to subsidize taxis. Next up: Taxing cars to subsidize railroads and horses.
  • Germany in August.
  • July in the U.S. was one of the least hot months ever. Maybe not in Austin, but elsewhere…
  • Speaking of which, the 1936 heat wave must have been a nightmare to live with without air conditioning. It hit 121°F in North Dakota…
  • At one level, this piece is a good look at Gawker’s demise. At another, it’s shows New York media professionals at their whiny, narcissistic, incestuous, entitled worst. “It’s an inevitable consequence of living in today’s New York: Youthful anxiety and generational angst about having been completely cheated out of ownership of Manhattan, and only sporadically gaining it in Brooklyn and Queens, has fostered a bloodlust for the heads of the douchebags who stole the city.” Waaaah, the world owes me Manhattan real estate because I think I’m so much cooler than people who can actually afford it!
  • “NPR Deletes Comments, Says Commenters Are Too Old And Male.”
  • Google fiber hits reality: “Gee, wiring up that last mile is sure expensive! Why didn’t anyone tell us?”
  • Researchers say they can diagnose clinical depression from Instagram feeds. If they ever get to Tumblr, there won’t be enough Prozac left in the world…
  • “DNC Creates ‘Cybersecurity Board’ Without Any Cybersecurity Experts.”
  • Federal judge puts kibosh on Obama’s tranny bathroom plans.
  • What Canada needs is strict crossbow control laws. (Hat tip: Dwight.)
  • The Silence of the Jews in advance of the slow Islamicization of Sweden.
  • I know that when I think of Jewish history, I naturally think of Yoko Ono. And when I think of people who need Kickstarter to get funding, Yoko is way up there…
  • The tragic history of RC Cola. Too bad Diet RC tastes like crap. (That goes for that crappy offbrand Maine soda as well.)
  • Important Safety Tip: Don’t have sex on a neighbor’s roof, naked and high on meth.
  • I’m not going to pony up $200+ to attend the Texas Tribune Festival, and I doubt I could finagle a press badge. But Phil Collins being there does indeed make it more tempting, if only I could be sure I could get all my old Genesis albums signed…
  • Abandoned Olympic venues from around the world. (Hat tip: Ace of Spades HQ.)
  • This woman doesn’t have issues, she has a lifetime subscription and bound volumes.
  • And then there was one.
  • LinkSwarm for July 1, 2016

    Friday, July 1st, 2016

    Happy Independence Day weekend! (That’s America’s Independence Day, not the newfangled UK version.) Enjoy a LinkSwarm to tide you over for the weekend:

  • Kevin Williamson explains why firearms ownership is a civil right. “It is a measure of the corruption of the Democratic party and its ability to inspire corruption in others that John Lewis, once a civil-rights leader, is today leading a movement to strip Americans of their civil rights based on secret lists of subversives compiled by police agencies and the military…The Democrats have lynching in their political DNA, and they seem to be unable to evolve past it.”
  • Hillary’s State Department just ignored FOIA requests.
  • The Clinton Foundation is Hillary’s personal piggy bank. (Hat tip: Director Blue.)
  • The left cares about ‘the people’ as much as the Soviet Communist Party cared about the workers.” (Hat tip: Ed Driscoll at Instapundit.)
  • Obama’s unconstitutional illegal alien amnesty remains blocked on a 4-4 Supreme Court vote.
  • Ted Cruz endorsed candidate Darryl Glenn wins the Colorado Republican Senate primary and will face incumbent Democrat Michael Bennet in November.
  • 154 million voter records exposed, revealing gun ownership, Facebook profiles, and more. Caveat: A “MacKeeper” research discovered this and MacKeeper is foul malware
  • This lengthy article in the New York Times talks about how a new Panama Canal expansion designed to handle bigger ships (and which is on the edge of opening) has numerous possible debacles due to radical underbidding by the primary contractor. (Hat tip: Ace of Spades HQ.)
  • Bill de Blasio cronies are being arrested right and left. Or, keeping in mind this is de Blasio we’re talking about, left and left…
  • An Arizona Democratic lawmaker was indicted on felony charges for allegedly falsifying her application when applying for food stamps.”
  • Results of Austrian Presidential election overturned due to voting irregularities. (Hat tip: Stephen Green at Instapundit.)
  • Brexit is just what the doctor ordered.
  • ASK KUNTZMAN!
  • Drunken wife-beater Neil Steinberg not allowed to buy a gun. (Hat tip: Ace of Spades HQ.)
  • “Al-Jazeera: A willful decision to support an insurgency that had Salafists, Al Qaeda and the Muslim Brotherhood? Flynn: It was a willful decision to do what they’re doing.” On the flip side, if Obama’s secret Middle East goal is to halt Iranian expansion, why the nuke deal?
  • Lessons from Orlando.
  • “The MSM eagerly chomps down on its ball-gag.” (Hat tip Instapundit.)
  • Cuba’s hospitals are filthy, undersupplied hellholes.
  • Behold the nightmarish portal to hell that is Arlesford! (Hat tip: Ace of Spades HQ.)
  • Texas closes in on adding 250 DPS border control troopers.
  • Ft. Worth’s superintendent’s tranny bathroom law is in violation of both Chapter 11 and 26 of the Texas Education Code.
  • This Week in Clinton Corruption for June 23, 2016

    Thursday, June 23rd, 2016

    This week’s roundup of Clinton Corruption is being headlined by Guccifer 2.0 revelations. The stuff released so far is interesting, but (and I say this as someone who thinks Hillary Clinton should be in prison) pretty weak sauce.

    Oh sure, it’s nice to have documented proof that the DNC and the media were out to support Clinton and to screw Bernie Sanders, but everyone already knew that.

    There are dozens of Clinton shoes (especially from Hillary’s own email server and the Clinton Foundation) still to drop…

  • Leaked Memo Teaches Clinton Staffers How To Break Campaign Finance Laws And Get Away With It. (Hat tip: Director Blue.)
  • Rush Limbaugh thinks that Donald Trump’s speech slamming Clinton’s corruption was effective. “She is the most corrupt person ever to seek the presidency.”
  • Here’s the text of that speech. Excerpt:

    Hillary Clinton has perfected the politics of personal profit and theft.

    She ran the State Department like her own personal hedge fund – doing favors for oppressive regimes, and many others, in exchange for cash.

    Then, when she left, she made $21.6 million giving speeches to Wall Street banks and other special interests – in less than 2 years – secret speeches that she does not want to reveal to the public.

    Together, she and Bill made $153 million giving speeches to lobbyists, CEOs, and foreign governments in the years since 2001.

    They totally own her, and that will never change.

  • Clinton’s incompetence caused the State Department to turn off email protection for State systems to accommodate her. Interestingly, the sentence “They were trying urgently to resolve an apparent conflict between the server’s built-in email delivery features with a version of “ScanMail for Exchange” security software from Trend Micro Inc. that had been installed on her server.” has been removed from the original AP story…
  • “Clinton IT specialist invokes 5th more than 125 times in deposition.” (Hat tip: Instapundit.)
  • “Judicial Watch Releases State Department Inspector General Investigation Records Related to Hillary Clinton Emails.” But I’m not seeing a “Download here” link… (Hat tip: Director Blue.)
  • “You don’t have an army. You’ve got 500 marxists in mom’s basement.”

    Tuesday, April 5th, 2016

    TL:DR Summary: Social Justice Warriors tried to pull their usual social justice warrior thing, in this case trying to get a presenter for a programming conference called LambdaConf kicked off because he said politically incorrect things on his blog. LambdaConf told them, far too politely, to get stuffed. So next the SJW managed to pressure some sponsors into pulling out. In response, conference organizers put up an Indigopop appeal to make up the funding shortfall and support free speech.

    Result: They reached their funding goal in one day.

    Rather than deploy my own snark, I’m going to lazily embedded ClarkHat’s far more deliciously pointed Tweets on the same subject:

    But I have to thank the SJW things for one thing: Without them, it might have been a while before I delved into Urbit, the project of the guy they want to ban. It’s completely off the hook, utterly bonkers and probably entirely feasible. It’s halfway between early open source goals and something out of a Greg Egan novel. Here’s an early look at same from ClarkHat,

    (Hat tip: Borepatch.)

    rm -rf .github

    Tuesday, February 16th, 2016

    Git, if you are unfamiliar with it, is a software source control program, allowing you to check code (and other things; I’ve used it for documentation) in and out of a repository, which can be either local or remote.

    GitHub is (for now) the most popular remote repository for Git. You can either put all your code in a public repository for free, or in a private repository for a modest per-user fee. GitHub makes its money off bells and whistles for private repositories.

    Now comes word that GitHub’s “Social Impact Team” has decided “We don’t want any of those stinking white people here.” “It is very hard to even interview people who are ‘white’ which makes things challenging.”

    Git and GitHub got to be where they are today because they’re both free-ish, but also because they’re deeply beloved of open source programmers not deterred by the steep learning curve of Git’s command-line-fu. But open source programmers, in addition to being distinctly pale of hue on average, tend to hate Social Justice Warrior types, if the comments on the SJW threads the “new” Slashdot keeps trying to cram down their reader’s throats on a regular basis is any indication.

    Since Git (the program) isn’t limited to any particular repository, it’s fairly easy (remembering, always, that everything about Git falls into two general categories: trivial (because you’ve memorized and mastered the syntax) and impossible (because you haven’t)) to move your existing code to a new repository. And there are plenty of GitHub competitors, including a new one from Google.

    No wonder GitHub is suffering an exodus of talent…

    (Hat tip: Moe Lane.)

    Anonymous Takes Down Islamic State Twitter Accounts (Again)

    Wednesday, November 18th, 2015

    Anonymous goes to war, at least in cyberspace:

    Islamic State sympathizers using social media to spread propaganda and recruit fighters are now drawing an increasing amount of return fire from activists who have been knocking some sites offline and infiltrating others.

    The loose hacking collective Anonymous is the latest to draw attention to such campaigns, with members claiming credit this week for having thousands of pro-IS Twitter (TWTR.N) accounts disabled.

    This is not the first time that Anonymous has taken down Islamic State Twitter accounts, as they did so on a wide scale in Operation #TangoDown back in May.

    Will this effort actually damage the Islamic State? Well, slightly, which is to say it will do a damn site more than peace signs with Eiffel Towers or overlaying your icon with a French flag, meaningless feel-good displacement gestures liberals use rather than admitting to themselves they’re doing absolutely nothing to fight radical Islam…

    Hillary Clinton’s Email Server: Worse Security Than Apu’s Kwik-E-Mart

    Tuesday, September 1st, 2015

    So Hillary’s Super Secret Secure Server was actually hosted on the same server as the not secret and not particularly secure Clinton Foundation email system.

    Which means any hacker that could pwn the Clinton Foundation server (and why wouldn’t they?) could almost certainly pwn Hillary’s private e-mail server, chock full of illegal classified national security information, through any number of exploits or privilege escalation attacks.

    And evidently she was running her emails off an Exchange 2010 Server, which meant it was running on top of Windows, which means there were no end of exploits by which a dedicated hacker could gain control.

    “Oh hey! I’m hosting this list of ISIS secret agents on my Doom III deathmatch server! I’m sure there’s no way that could possibly backfire on me!”

    Or to put it in non-computer terms, she was storing classified information in an unlocked tin box under her bed that everyone in her neighborhood also knew contained bundles of unmarked $100 bills, and she was just hoping no one broke in.

    She’s a major security risk that should never, ever be in the oval office…