Thursday, August 6, 2009

(Random) Lesson: Denial of Service and Twitter

Twitter crashed this morning, shutting down and preventing the world from sharing missives in 140 characters or less—twice, in fact—when hackers attacked the site, bringing a denial-of service (DoS), or Distributed Denial-of-Service (DDoS), to the site. (Note: This is a "prequel" post, as the blog has not "officially launched." Given today's Twitter outage, I thought it would be a good idea to have this lesson in the archives. Twitter is listed in the Glossary and an article is slated for the future.)

What is a DOS?

Time's Dan Fletcher explains:
DDoS attacks are surprisingly low tech. Using a network of computers (dubbed zombies) controlled by a single master machine, the hacker tries to overwhelm the a website's servers. It's a brute force approach — the network of hacker-controlled computers flood the server with requests for data until the server overloads and comes crashing down.
Fletcher also notes that big sites, such as Yahoo! and CNN, have been the victim of this technique in the past. (He also notes that DoS was used last year during the conflict between Russia and Georgia!)

This method of attack doesn't compromise data; the hackers are not privvy to your protected tweets or passwords, and a DOS is typically a short-term inconvenience. The computers used, however, are. "Zombie computers" are targeted by hackers for their low security, and their are little to zero signs that the computer is infected and looking for braaaains. If you're concerned about your security regarding similar attacks in the future, Lifehacker has a great post about cloud computing.

At the time of this post's drafting, Twitter is back, and @biggayicecream has updated to let me know that he's playing Duran Duran from the truck. Which is good to know, because when I seek the truck next month, following the sound of Simon LeBon may bring me closer to my beloved choinkwich (that's an ice cream sandwich with chocolate cookies, nutella, soft serve, and caramelized bacon).

How Did Hackers Cripple Twitter? (Time)
Denial-of-service attack (Wikipedia article)
Twitter Hit By Denial-Of-Service Attack (The Wall Street Journal)
The Hidden Risks of Cloud Computing (Lifehacker)

No comments: