Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
IT Technology

Telegram's Description of DDoS Attack is the Best (cnet.com) 117

A distributed denial of service attack may sound like hacker talk, but there's a simple explanation behind it. Secure messaging app Telegram said it had to endure one Wednesday, and it gave an explanation that almost anyone could understand. From a report: Telegram tweeted Wednesday morning that it was dealing with a DDoS attack. The app was down for many users across the globe, according to DownDetector. The downtime period was just a little over an hour, and while it was going on, Telegram explained how a DDoS attack works.

"Imagine that an army of lemmings just jumped the queue at McDonald's in front of you -- and each is ordering a whopper," Telegram tweeted. "The server is busy telling the whopper lemmings they came to the wrong place -- but there are so many of them that the server can't even see you to try and take your order." The tweets then went on to describe how hackers accomplish a DDoS attack. "To generate these garbage requests, bad guys use 'botnets' made up of computers of unsuspecting users which were infected with malware at some point in the past. This makes a DDoS similar to the zombie apocalypse: one of the whopper lemmings just might be your grandpa," the company said in another tweet.

This discussion has been archived. No new comments can be posted.

Telegram's Description of DDoS Attack is the Best

Comments Filter:
  • Nailed it. If you can't explain something in simple terms you don't understand it well enough XD
    • Add it to Wikiquotes. That was beautiful.

    • I agree, I might re-use that. Your grandpa is a lemming who can't order a proper Royal with Cheese :-D

      • I agree, I might re-use that. Your grandpa is a lemming who can't order a proper Royal with Cheese :-D

        What about a Big Mac?

      • I'll take Meghan Markle with a nice gouda, please, since my previous order of Natalie Portman with hot grits has been held up for so long.

        • by nnet ( 20306 )
          Nobody waits 20+ years for an order of Natalie Portman with hot grits. Nobody.
    • by Shaitan ( 22585 ) on Wednesday June 12, 2019 @10:48AM (#58750082)

      Or you understand it perfectly and it is just complicated. It is one thing giving someone a rough idea of a high level concept in a conversation at dinner, it is quite another feeding oversimplified and flawed analogies to business decision makers who then think they actually know what is going on because they understood the simplified analogies. These things bite when you the difference between the dumbed down descriptions and reality rears its head and someone is making bad decisions you are stuck with.

      • Yeah, there is that. Some exec somewhere is probably reading this and thinking "so all we need to protect against ddos is a self serve salad bar."
        • Some exec somewhere is probably reading this and thinking "so all we need to protect against ddos is a self serve salad bar."

          And he'd be right, albeit stretching the analogy. If you can bring enough backup servers online, the DDoS queue dissipates and your customers don't see a delay of significance.

          • by Shaitan ( 22585 )

            Unless of course, it doesn't because the different types of DDoS and the choke points associated with them are many and vary depending on dozens of variables in your architecture and deployment. If for example the attacker has identified a set of a dozen requests that hits a particular and essential back end provider and spreads a command to attack those requests across the botnet that is still a DDoS and bringing more servers online isn't going to clear the bottleneck. In fact, it may be quite complicated

            • And he might be right in the sense that he replaced the staff that would know how to mitigate such an attack a year ago and replaced them with "real developer" devops engineers from overseas who the devs love because they pass through changes at high volume but know dick about high volume, high throughput, fault tolerant architecture and tuning.

              Don't hold back, tell us how you really feel.

              • by Shaitan ( 22585 )

                lol I'm about as subtle as a ton of bricks ;)

                Just saying, making the platform as unstable as your buggy beta in-house code was a bad plan. Replacing the guys who managed that with people who have development knowledge instead of platform experience took bad and escalated it to terrible. The idea spreading like wildfire through the industry... that is horrific, like its just a matter of time before the financial collapse from bad mortgages looks like a blip on the radar horrific. Right now its mostly fraying

        • So a carefully crafted analogy is all we need to get better food variety? I'm all for that.

    • I guess they don't understand it well enough then, because packets don't jump in front of each other in the line. It is more like a small group of workers is handing each person 1000 jellybeans but they have to offer them 1 at a time and can't give a second one out to the same customer until all the other customers get a chance at a jelly bean or move on to the next customer until the current customer has accepted the jelly bean or a minute has elapsed. 10000 people all show up to the jelly bean giveaway in
    • Growing up, I loved reading books by Isaac Asimov (and boy were there a ton to read). He had a knack for taking complicated scientific principles and explaining them using plain language. It's something that I've tried to emulate - especially if I'm explaining a complicated computer system to someone with minimal computer experience.

    • Yo, glad to see you're still around. Your Fun with fog generators halloween story is a classic I revisit every year, as an example of why I don't even try...

    • Anyone who needed a lemmings metaphor to understand that getting flooded with data from multiple sources makes it harder to see your requests, is a victim of the American educational system. I wonder if there's a case for a class action lawsuit there.

  • "Imagine that an army of computers just requested our computers for data" Telegram tweeted. "The server is busy responding to their requests -- but there are so many of them that the server can't even see you to try and take your requests."

    More accurate, simpler and you don't need to know what a "whopper" is.

    • by Anonymous Coward on Wednesday June 12, 2019 @10:37AM (#58750024)

      No, that's worse. That's a description, whereas Telegram was using an analogy. As a programmer (which I assume based on your user name), you understand what the description is. The layman non-programmer does not. There are more people in the world who understand what a Whopper is and why it doesn't exist at McDonalds than there are people who can conceptualize what happens when one computer requests data from another computer. Telegram isn't speaking to you, they're speaking to the layman.

      • It has nothing do with programming. Even my Mom knows what a "web server" is. You don't even need to know how requests work.

        • by Anonymous Coward

          That's because your mom had you; your anecdote does not prove anything. My wife knows all about construction trucks, something she knew nothing about, because we have a young son who loves big trucks.

          I am not a programmer by any stretch, nor is anyone in my extended family. I can assure you that no one in my extended family has the slightest clue what a web server is.

          • I bet you they do. By now people have figured out what a lot of technical terms mean even if they don't know much more than, "A web server? Is that the thing the runs a website?", which is a good enough idea to get by with. I'm quite sure, however, that a number of people think that servers, websites, and programs are the same thing with different names, which is technically wrong, but not so wrong as to be completely stupid. I know my grandparents have a hard time with understanding that AOL's website runs

      • The problem with the lemming analogy is that it said lemmings were ordering whoppers, but it's not clear that the lemmings don't actually WANT the whoppers. It makes it sound like the lemmings are legitimate customers, a la anchovies swarming the Krusty Krab.

        If anything, an analogy involving prank phone calls would have been more appropriate, which is closer to the description "110010001000" gave. Most people can understand the concepts of a busy phone line and asshole teenagers with too much free time.

      • by Roger W Moore ( 538166 ) on Wednesday June 12, 2019 @01:53PM (#58750976) Journal

        That's a description, whereas Telegram was using an analogy.

        True but their analogy is far more confusing than it needs to be because it leaves so many questions unanswered. Why are lemmings which are usually small, furry herbivorous rodents suddenly wanting to eat meat? How did they figure out human speech and basic commerce? Why can't you be seen over the tops of the lemmings which are only a few centimetres high - are they giant lemmings? How did your grandpa become one of these giant lemmings - is some form of lycanthropy involved? ...and most importantly now that we have established that they are giant, carnivorous, were-lemmings, what are they going to eat when they can't get a Whopper?

        I know it is far less exciting and does not sound like the plot of a truly appalling, made-for-TV horror movie but perhaps a bus-load of confused tourists would be a far better analogy and finding your granddad amongst them would be a lot easier to explain.

      • by Anonymous Coward

        That's a description, whereas Telegram was using an analogy.

        Yes, a bad one. A really awful terrible one. Among the many things wrong with this crapfest:

        • Why is it lemmings? That makes zero sense. Why isn't it just regular people instead of a surrealist nightmare?
        • Why are they ordering whoppers? This detail makes no sense. It requires you to realize that McDonald's doesn't have whoppers. Which most Americans probably know when they think about it, but may not pick up on right away when reading the
    • by stealth_finger ( 1809752 ) on Wednesday June 12, 2019 @10:51AM (#58750100)

      "Imagine that an army of computers just requested our computers for data" Telegram tweeted. "The server is busy responding to their requests -- but there are so many of them that the server can't even see you to try and take your requests."

      More accurate, simpler and you don't need to know what a "whopper" is.

      What if you don't know what a server is? If you are unaware of the whopper I wouldn't assume you know the basics of how the internet works. In terms of lowest common denominator its pretty low to know that you cant get a whopper from burger king. Their point isn't just there are lots of request its that they the wrong type of thing requesting the wrong item in the wrong place and they have to be told to fuck off individually. Is that better?

      • *Can't get a whopper from mcdonalds rather
      • A server has nothing to do with the Internet. Christ. Everyone knows what a "web server" is. Plus you can do a DDoS requesting the "right" item too.

        • A server has nothing to do with the internet? Careful you'll get a troll army following you with that one but are you honestly suggesting 'web server' is more widely known than 'whopper' to the general public?
      • No. You have no idea how a DoS works. They don't request "the wrong type of thing." The (literal) server could recognize the bogus request immediately. They request the right type of thing, say a Big Mac, then wait for the staff to take time cooking it and then touch it with their fingers (liberty taken so staff can't just give it to a different customer in the analogy) but refuse to accept it and tell the staff to make them another one, over and over.
        • Well they're not technically requesting the wrong type of thing because it's still a burger they want. But of course it falls down under scrutiny because it's actually nothing like that at all. That's just a vast simplification of the concept so a lay person can understand it. If it was on /. it would have been a car analogy of some kind with a bunch of replies saying 'well, it's actually more like this...' with increasingly complex scenarios.
          • Again, you just aren't getting it. The request is always for the right thing. A Big Mac in this scenario if you will. It is the refusal to accept it (ACK) that accomplishes the feat.
            • In the terms of the simplification that doesn't matter. It's not meant to be an exact match. Anyway, don't tell me, tell them.
              • Why would I tell them that you have no idea how a DoS works?
                • Why would I tell them that you have no idea how a DoS works?

                  Because you're there at the same time to have how an analogy works explained to you? Seriously, let go on the focus of whether its a bic mac or whopper they are asking for and look at the big picture.

      • What if you don't know what a server is?

        What if you do know what a lemming is though? They are small, furry, herbivorous rodents. They lack speech, an understanding of human commerce and any desire to eat meat plus they are only a few centimetres high. As such this is not going to stop you being seen by the server and any denial of service is going to come from the fact that they (a) exist and (b) are in a McDonald's not because they are distracting the server with requests for Whoppers.

        • Yeah using lemming was a questionable choice lol I guess because there's usually lots of them, in peoples, well, my mind at least \_()_/
    • I agree with you, and we're both wrong. The problem is that we both know that the really helpful whopper analogy is freggin wrong. It's not about lemmings breaking into line, it's that they're inside, bothering all of the workers with requests for napkins, salt, ketchup, the key to the bathroom, and asking "who's in charge?" all as fast as they can, over and over and over.

      But the analogy, for those that aren't familiar with networking/servers, serves the purpose of making them feel like they understand it

    • "Imagine that an army of computers just requested our computers for data" Telegram tweeted.

      When a child "requests a cookie" they're asking me to give them a cookie. If I imagine that someone "requested our computers" wouldn't that mean someone asked me to give them my computers?

      And does "army of computers" mean the Chinese military are doing this?

      "The server is busy responding to their requests -- but there are so many of them that the server can't even see you to try and take your requests."

      I don't have a webcam. Do I need a webcam so it can see me?

      If you think I'm exaggerating you've never worked tech support. The reason analogies are frequently better is that people know they're analogies and don't try to take them literally.

  • by cloud.pt ( 3412475 ) on Wednesday June 12, 2019 @10:39AM (#58750032)

    ... this probably wasn't even an attack, but real usage scenario-induced DDoS from the massive Hong Kong protests. I remember back in 2014 FireChat is what they used, but I wouldn't be surprised if that was taken down and Hon Kongers now rely on Telegram for their freedom of association rights.

    • Actually, as it affected the americas, it is probably due to a political problem in Brazil.

      this week the intercept put out an article with messages from the Minister of Justice (and former judge) and prosecutors stolen from their telegram accounts, and this has been all over the news, it is very likely a another brazilian group attacking the telegram servers for some related but not revealed reason.

      • Take back what I said, Durov just stated that it was likely china trying to silence protests in hong kong, as you GP said.
        • actually, it seemed exactly the opposite of what I said, yet related: not from real-world scenario but a concerted attack by the state to prevent exactly the kind of usage I mentioned could be the thing impacting the service. So there's that :D

  • ...that is educated enough to know how lemmings behave in the wild, or old + educated enough to have played lemmings the computer game. I doubt this analogy is really easy to understand for everyone.
    • Re: (Score:2, Funny)

      by Anonymous Coward

      ive never seen one but i know they can explode

    • by HiThere ( 15173 )

      WRT lemmings: Disney lied. In order to show the lemmings going over the cliff some workers had to stand off camera and *THROW* them over the cliff.

      Presumingly during a lemming "stampede" some will occasionally get shoved over a cliff edge, accounting for the legend, but they try to avoid it, and the film was a lie.

    • Yeah, I'm not sure why they went with lemmings.

      "Imagine you're in line at a coffee shop when a hundred teens come running in, and all push past you towards the counter. Most of them are ordering things that don't exist on the menu, and trying to pay with monopoly money. The staff have a choice: Either close the store and kick everyone out, or try to process all the requests, separate the good from the bad, and kick out the kids making bad requests. You're caught in the middle of all of this, with no way to

  • by drew_kime ( 303965 ) on Wednesday June 12, 2019 @11:03AM (#58750148) Journal
    From now on botnet nodes in a DDOS are whopper lemmings.
  • My grandpa was a whopper lemming, in fact.

    • I was shopping at a store that required a user tracking card for a certain discount that I wanted, and the card wouldn't work in the reader, it had to have the barcode scanned.

      The clerk was worried I might be a whopper lemming, but no, I didn't have the wrong card it just has a damaged magnetic strip.

  • If it were just lemmings, that's a regular DoS, and you can just instruct the computers to ignore lemmings and you're done. The whole point of a DDoS is all the attacks come from different things, so it's much harder to filter out. Ok analogy for DoS. Not that great for DDoS.
    • by jimbo ( 1370 )

      True but does that really matter to the average non techie reading it? The analogy gives a rough idea, which is good enough for those who need it - fulfilling its purpose.

      We could iterate over technical accuracy of an analogy ad infinitum because it's turtles all the way down. Us pedantic nerds understands what DDoS is anyway.

    • ... Also they don't order whoppers at McDonalds, because again, easy to detect and ignore. They order off the menu and let the staff take their valuable time making it, then refuse to accept the item.
  • by IMightB ( 533307 ) on Wednesday June 12, 2019 @11:12AM (#58750184) Journal

    BadAnalogyGuy! We need you!

    • by Anonymous Coward

      He went to simile school and lost all his powers.

  • RunDMC had the better analogy.

    (One) day when I was chillin' in Kentucky Fried Chicken
    Just mindin' my business, eatin' food and finger lickin'.
    This dude walked in lookin' strange and kind of funny
    Went up to the front with the menu and his money.
    He didn't walk straight, kind of side to side.
    He asked this old lady, "Yo, yo, um...is this Kentucky Fried?"
    The lady said "Yeah", smiled and he smiled back.
    He gave a quarter and his order, small fries, Big Mac!

    You be illin'.

  • Is this from the Ted Stevens center for technology explanations?
  • Alas, poor Slashdot! I knew the site: a forum
    of fellow nerds, of most excellent wit: it hath
    borne me on its servers a thousand times; and now, how
    abhorred in my perception it is! My gorge rims at
    it. Here hung those links that I have clicked I know
    not how oft. Where be your gibes now? Your
    guile? Your laconisms? Your flashes of jocularity,
    that were wont to set the comments on a roar? Not one
    now, to mock your own trolling ? Quite lugubrious?
    Now get ye to the submission section and daub the site with jejunity.

  • I may be at fault for that. During the days of 33.6 and 56K was the geeks wet dream, IRC and their patrons were getting clobbered by DOS attacks. While this was getting fixed, me and few other geeks had a think-tank session regarding future threats, and I brought up the idea of a synced disctributed attack, where the attackers were clock-synced and would be cooperative in attacking a single target.

    We were close to being prophets when DDOS started to hit the bricks a few years later.

  • "To generate these garbage requests, bad guys use 'botnets' made up of computers of unsuspecting users which were infected with malware at some point in the past. This makes a DDoS similar to the zombie apocalypse: one of the whopper lemmings just might be your grandpa,"

    What was the name of these 'computers' the 'botnets' run on?

Genius is ten percent inspiration and fifty percent capital gains.

Working...