Storify: DDOS Attacks and Social Media Callouts

Storify is shutting down in May and has informed users that we have to migrate our content elsewhere if we wish to save it. This is one of my old threads.



Good morning, loves. Today I'm going to talk about harassment on social media using the metaphor of network hacking. Pull up a chair.

There was a lot in the media this week about the DDOS attack that indirectly hit Twitter. I saw a lot of "what's a DDOS again?" "DOS" (we'll start without the extra D first) is a denial of service attack. The goal is to disrupt a service from its intended users.

In ye olden days, you could DOS attack a network by flooding it with messages. Ping-ping-ping-ping-ping until the network can't deal. Network designers got smarter from that and created networks that would selectively ignore a spamming signal. That was a good thing! If one computer was malicious or broken, it couldn't take down the network. The network just muted it.

So then the DDOS was born: a distributed denial of service attack. Hackers gather a LOT of computers (usually through trojan viruses) and they count down to spam a network together as a unified whole. This is massively effective because the attack is distributed across multiple attackers. The network can't just mute one and be done.

Networks can't function when hundreds or thousands of signals are screaming at it over the valid traffic. But... we expect humans to.

I keep seeing this cycle play out, where a target is inundated with traffic they're not expecting. Maybe in good faith, maybe not so much. Eventually--maybe a few days, maybe a few hours--they're snippish or make a mistake or lash out. This becomes the impetus for new interactions. People who didn't witness the first mistake get tagged in, often without context. They add to the signal.

A network CAN'T function normally or healthily under these conditions. It's NOT a matter of trying really really hard. The only way to restore normalcy is to take the network offline entirely (delete account, make new one, go private) or block the signals. And, hey, maybe some folks are okay with that for some people. I don't want Actual Satan on Twitter either, I guess.

But I think it's important to understand that this is a pattern of ATTACK. There's no "Distributed Denial of Service Constructive Criticism". It's not an 'attack' because hackers are mean. DDOS attacks can happen by accident! It's an 'attack' because the system CAN'T HANDLE IT.

I'm against harassment because it's violence. But I'm also against most (most! not all!) large-scale callouts because they don't work. Unless, again, the goal IS to drive the victim away. In which case they work very well, but I wish people would be honest about their goal.

I've seen a lot this year about how [target] blocked [multiple people] during a well-intentioned DDOS attack. Well... yeah?? I don't care who it is nor who they blocked; that's the only way to restore normalcy when pings are coming in. Even if the pings are good, correct, helpful traffic (DDOS messages can be!), the network can't function in a flood.

0 comments:

Post a Comment