Forgot your password?

Close
typodupeerror
Social Networks The Internet Bug

Twitter Offline Due To DDoS 398

Posted by CmdrTaco
from the hate-when-that-happens dept.
The elusive Precision dropped a submission in my lap about a DDoS taking down Twitter running on CNet. It's been down for several hours, no doubt wreaking havoc on the latest hawtness in social networking. Won't someone please think of the tweeters? Word is that both Facebook & LiveJournal have been having problems this AM as well.
This discussion has been archived. No new comments can be posted.

Twitter Offline Due To DDoS More

Twitter Offline Due To DDoS

Comments Filter:

  • It's kinda back... (Score:4, Interesting)

    by pdboddy (620164) <pdboddy@NOsPaM.gmail.com> on Thursday August 06, 2009 @11:38AM (#28973073) Homepage Journal
    My tweets are getting through, albeit slower than usual.

  • Whoops. (Score:5, Interesting)

    by BigglesZX (734765) on Thursday August 06, 2009 @11:40AM (#28973105) Homepage

    Might it have had something to do with the Twitter-based HTML demo (http://tech.slashdot.org/story/09/08/05/2348219/HTML-5-Canvas-Experiment-Hints-At-Things-To-Come?art_pos=8) that made Slashdot earlier today? The site in question hits Twitter for a large number of tweets, and I imagine a lot of /.'ers were checking it out earlier. I doubt it helped, at the very least...

  • Re:I Only Use Slashdot Anyway (Score:4, Interesting)

    by bakana (918482) on Thursday August 06, 2009 @11:40AM (#28973125)
    anyone else thinks this may have something to do with this: http://tech.slashdot.org/story/09/08/05/1555219/XML-Library-Flaw-mdash-Sun-Apache-GNOME-Affected [slashdot.org]

  • Cloud? Decentralize (Score:3, Interesting)

    by Bob9113 (14996) on Thursday August 06, 2009 @11:44AM (#28973221) Homepage

    Decentralization is the solution to single-link failures.

    Cloud is centralization.

    JM2C, YMMV.

  • Oh come on. (Score:5, Interesting)

    by thePowerOfGrayskull (905905) <marc.paradise@gma[ ]com ['il.' in gap]> on Thursday August 06, 2009 @12:02PM (#28973551) Homepage Journal
    This is how their "journalists" report news on CNet? FTA - the very last line:

    There has been no indication that any of these various attacks are connected. But it's probably not a coincidence that they all coincide with the annual Defcon hacker convention.

    You mean the one that ended Sunday? Nice. Real nice.

  • HTML5 demo (Score:4, Interesting)

    by tom17 (659054) on Thursday August 06, 2009 @12:04PM (#28973579) Homepage

    I'm wondering if that HTML5 demo http://tech.slashdot.org/story/09/08/05/2348219/HTML-5-Canvas-Experiment-Hints-At-Things-To-Come?art_pos=8 [slashdot.org] had anything to do with it. If the normal /. crowd went to the demo, which then in turn loads 100 'tweets' from twitter, is that not equivalent to twitter receiving a 100x slash-dotting?

    Tom...

  • Re:I Only Use Slashdot Anyway (Score:2, Interesting)

    by mini me (132455) on Thursday August 06, 2009 @12:06PM (#28973615)

    Normally I would use Twitter to find out why a site is inaccessible, since it is the goto place for up to the minute news. While Slashdot did eventually bring the story forward, it too far too long to be relevant. Twitter was already back online by the time this story appeared on the front page.

  • Re:Nelson ------- (Score:3, Interesting)

    by Dragonslicer (991472) on Thursday August 06, 2009 @12:29PM (#28974081)

    What's truly disheartening to me is that a formerly relevant news site like cnn.com has it on their front page. Oh CNN, I remember when you used to report actual news...now look what you've become.

    Obviously you haven't watched CNN lately, otherwise you would know how dependent they are on Twitter now. Seems like all they do these days is read Twitter messages from viewers.

  • How Will CNN Survive?!? (Score:3, Interesting)

    by MartinSchou (1360093) on Thursday August 06, 2009 @12:51PM (#28974547)

    Don't they get most of their stuff from Twitter these days?

    Granted, I don't watch CNN and get my impression of them from The Daily Show, but judging by that coverage it seems like CNN is reduced to just reading aloud stuff from Twitter.

    I'm still waiting for The Daily Show showing a clip showing a CNN host trying to read out "OMG PWNIES!!1!!111oneONE"

  • Re:I Only Use Slashdot Anyway (Score:5, Interesting)

    by kristjansson (624846) on Thursday August 06, 2009 @01:16PM (#28974985)
    and mine is this [slashdot.org]... think about it, every /.er that fired up the test pulled 100-ish tweets simultaneously for the sparkling dot bling on the test page. that would make the site a slashdot-effect magnifier with a factor of about 100...
    then again, how many slashdotters actually RTFA?

  • Re:Give me a break (Score:3, Interesting)

    by Anonymous Coward on Thursday August 06, 2009 @01:32PM (#28975283)

    The funny thing is that nobody used or cared about twitter outside of a handful of nerds until the people in charge of twitter struck on the advertising idea of "convince everyone that everyone is already using it, and it's the most popular thing online". After that, it started being reported on weekly by sites like Slashdot as well as major news sites, until it started getting massive buyout offers.

    Honestly, I still don't think that many people care about it. There are a handful of popular bloggers, but I don't think I've ever met a person in "real life" that has twittered for longer than a week. I'm 26, by the way.

    A similar strategy was/is used by Second Life, which is why corporations started flocking to it and then realized they'd been duped.

  • Re:I Only Use Slashdot Anyway (Score:3, Interesting)

    by sverrehu (22545) on Thursday August 06, 2009 @03:08PM (#28976923) Homepage
    I don't know about the new attacks, but I researched a bit after
    Gregory Steuck posted about "XXE (Xml eXternal Entity) attack" on
    Bugtraq in 2002 (http://www.securityfocus.com/archive/1/297714).

    You can easily do DoS attacks on a Java-based thing running on
    e.g. Linux if you manage to trick the server into parsing one of the
    following two XML documents:

            <?xml version="1.0" encoding="ISO-8859-1"?>
            <!DOCTYPE foo [
                <!ENTITY xee SYSTEM "file:/dev/tty">
            ]>
            <foo>foo: &xee;</foo>

            <?xml version="1.0"?>
            <!DOCTYPE foo SYSTEM "file:/dev/tty">

    Both will make the XML parser try to read from the TTY, thus blocking
    "forever" waiting for input that never comes. The fun thing is that
    it doesn't help to setExpandEntityReferences(false), even though the
    name sounds like it would help. The only thing that works (afaik), is
    to install a custom made EntityResolver that refuses to look up
    external entities. Since nobody does that, this vulnerability may be
    found all over the place.

    Variations exist for other OS-es and other web platforms as well. I
    even found that Adobe Reader was vulnerable once
    (http://shh.thathost.com/secadv/adobexxe/), and I recently stumbled
    across a similar thing in a commercial web-protecting security
    application. (They're working on a fix.)

It has been said that Public Relations is the art of winning friends and getting people under the influence. -- Jeremy Tunstall

Close