Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

DDoS or Borg, you decide..

By Inoshiro in News
Tue Feb 15, 2000 at 01:45:24 AM EST
Tags: Technology (all tags)

Ever had that warm, fuzzy feeling that your advocacy and education and patient explaining had led to some shred of cluefullness, only to see the PHBs of the world trade the clues in for pet rocks? I have.. It's called Techweb news.

[editor's note, by rusty] I posted this myself, because it cracked me up. I mean, this is just bizarre! I don't even have a JVM installed on my machines (other than the Netscape one). How is this supposed to work? The phrase "just drop the freaking route" leaps to mind...

This recent Techweb article has (and if you don't believe me, load it yourself) this juicy quote:
"If there is mock traffic coming from a particular client machine, the software will send out a cryptographic puzzle in the form of a Java applet to that machine. As the attacking machine attempts to solve the puzzle, it will become too overworked to continue its DoS attack, Umiejewski said."
My first thought: "But, Data, how do we know the Borg will try to solve this unsolvable conic? And is it right for us to stop them?"

Who the hell do they think they are kidding? If these people are smart enough to compromise a fleet of machines and lauch a DDoS, I'm sure they're smart enough to set BLINDLY_EXECUTE_SERVER_PUSH_JAVA_APPLETS = FALSE in their TfN2k or some such config file. Although this is the first time I've seen someone admit that the real purpose of Java applets on the web is to decrease security and make the machines more loaded :-)

How many other people think this is more of the Darwinian thing between which PHBs will order people to use malicous java applets against possible customers, and which will let the techs do something useful, such as set their routers to start dropping packets from hosts once they exceed a magic ratio?


Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure


Related Links
o Techweb news
o This
o Also by Inoshiro

Display: Sort:
DDoS or Borg, you decide.. | 5 comments (5 topical, editorial, 0 hidden)
And another thing... (none / 0) (#1)
by rusty on Tue Feb 15, 2000 at 07:45:03 AM EST

Assuming this scheme is sensible to begin with, and they want to use Java to slow down the attacking machine, why go to all the trouble to make it a complex crypto puzzle? Wouldn't any java applet do the trick? ;-)

Not the real rusty
Even better ... (1.00 / 1) (#2)
by Anonymous Hero on Tue Feb 15, 2000 at 09:46:46 AM EST

RSA Security Website Hacked.


Wizard's First Rule: People are stupid.

Re: Even better ... (none / 0) (#4)
by rusty on Tue Feb 15, 2000 at 10:11:25 AM EST

Normally I'm not very impressed by website vandalism, but... that's pretty funny. :-)

I especially liked this quote from the article:

Additionally, we note that "nigs" should not be construed to express any racist sentiments, but is best understood as a term of fraternal affection along lines expressed by the familiar "homies".
That reporter's really "with it," "man." Really "down" with the "lingo" of the "street." He's "fly." :-)

Not the real rusty
[ Parent ]
Re: Even better ... (none / 0) (#5)
by Inoshiro on Tue Feb 15, 2000 at 11:12:15 AM EST


Yes.. I think it's funny how they mock them, but still leave the link to their "cyrptographic problem" self defence announcement thing... <rant> I thought we'd already gone through the whole abstraction between executable stuff and data on the web, as well as presentation and direct formatting. Too bad clueluess PHBs and layout people everyone feel the need to get their perfect java-applet drive pages in 640x480 only mode -- and force it on the rest of the free world </rant>..

[ イノシロ ]
[ Parent ]
The hackers get another tool! (none / 0) (#3)
by Strange Charmed One on Tue Feb 15, 2000 at 09:57:01 AM EST

What is to prevent this applet being used on the corporate web servers? Using tolls provided by the companies to take down their servers is mildly amusing as an idea.

Note: I do not support computer cracking, but I think that aggressive defences are of as much use to the crackers as the crackees.
Feel the urge to put excessively cute little quotes into your .sig?


If you or one of your friends is frequently plagued by this tendency, Help IS available- Ask me how.

DDoS or Borg, you decide.. | 5 comments (5 topical, 0 editorial, 0 hidden)
Display: Sort:


All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!