Telegram's Description of DDoS Attack is the Best

A distributed denial of service attack may sound like hacker talk, but there's a simple explanation behind it. Secure messaging app Telegram said it had to endure one Wednesday, and it gave an explanation that almost anyone could understand. From a report: Telegram tweeted Wednesday morning that it was dealing with a DDoS attack. The app was down for many users across the globe, according to DownDetector. The downtime period was just a little over an hour, and while it was going on, Telegram explained how a DDoS attack works.

"Imagine that an army of lemmings just jumped the queue at McDonald's in front of you -- and each is ordering a whopper," Telegram tweeted. "The server is busy telling the whopper lemmings they came to the wrong place -- but there are so many of them that the server can't even see you to try and take your order." The tweets then went on to describe how hackers accomplish a DDoS attack. "To generate these garbage requests, bad guys use 'botnets' made up of computers of unsuspecting users which were infected with malware at some point in the past. This makes a DDoS similar to the zombie apocalypse: one of the whopper lemmings just might be your grandpa," the company said in another tweet.

If you can't explain something in simple terms

[stealth_finger]

Nailed it. If you can't explain something in simple terms you don't understand it well enough XD

Re:

[BigBlockMopar]

Add it to Wikiquotes. That was beautiful.

Re:If you can't explain something in simple terms

[PolygamousRanchKid]

Add it to Wikiquotes. That was beautiful.

Oh, it's probably in there already. Dr. Richard Feynman said it.

Re:

[stealth_finger]

Add it to Wikiquotes. That was beautiful.

Oh, it's probably in there already. Dr. Richard Feynman said it.

Yeah, that's definitely not an original lol

Re:

[aix tom]

Funny. In his talk about Magnets,

https://www.youtube.com/watch?... [youtube.com]

he closes with.... (in the last ~30 seconds or so)

"I can't do a good job, any job, of explaining magnetic force in term of anything else that you are more familiar with, because I don't understand it in terms of anything else that you are more familiar with" ;-)

Re:

[alex67500]

I agree, I might re-use that. Your grandpa is a lemming who can't order a proper Royal with Cheese :-D

Re:

[stealth_finger]

I agree, I might re-use that. Your grandpa is a lemming who can't order a proper Royal with Cheese :-D

What about a Big Mac?

Re:

[GungaDan]

I'll take Meghan Markle with a nice gouda, please, since my previous order of Natalie Portman with hot grits has been held up for so long.

Re:

[nnet]

Nobody waits 20+ years for an order of Natalie Portman with hot grits. Nobody.

Re:If you can't explain something in simple terms

[Shaitan]

Or you understand it perfectly and it is just complicated. It is one thing giving someone a rough idea of a high level concept in a conversation at dinner, it is quite another feeding oversimplified and flawed analogies to business decision makers who then think they actually know what is going on because they understood the simplified analogies. These things bite when you the difference between the dumbed down descriptions and reality rears its head and someone is making bad decisions you are stuck with.

Re:

[stealth_finger]

Yeah, there is that. Some exec somewhere is probably reading this and thinking "so all we need to protect against ddos is a self serve salad bar."

Re:

[cellocgw]

Some exec somewhere is probably reading this and thinking "so all we need to protect against ddos is a self serve salad bar."

And he'd be right, albeit stretching the analogy. If you can bring enough backup servers online, the DDoS queue dissipates and your customers don't see a delay of significance.

Re:

[Shaitan]

Unless of course, it doesn't because the different types of DDoS and the choke points associated with them are many and vary depending on dozens of variables in your architecture and deployment. If for example the attacker has identified a set of a dozen requests that hits a particular and essential back end provider and spreads a command to attack those requests across the botnet that is still a DDoS and bringing more servers online isn't going to clear the bottleneck. In fact, it may be quite complicated

Re:

[drew_kime]

And he might be right in the sense that he replaced the staff that would know how to mitigate such an attack a year ago and replaced them with "real developer" devops engineers from overseas who the devs love because they pass through changes at high volume but know dick about high volume, high throughput, fault tolerant architecture and tuning.

Don't hold back, tell us how you really feel.

Re:

[Shaitan]

lol I'm about as subtle as a ton of bricks ;)

Just saying, making the platform as unstable as your buggy beta in-house code was a bad plan. Replacing the guys who managed that with people who have development knowledge instead of platform experience took bad and escalated it to terrible. The idea spreading like wildfire through the industry... that is horrific, like its just a matter of time before the financial collapse from bad mortgages looks like a blip on the radar horrific. Right now its mostly fraying

Re:

[Krishnoid]

So a carefully crafted analogy is all we need to get better food variety? I'm all for that.

Re:

[HiThere]

The tubes analogy had the potential to be developed into something reasonable, but he left it at a sound bite. (Of course, nothing more complex would have been reported anyway, but...)

As a result it was silly. But just try to imagine the router for a Bellamy tube system. Pipes would have been a bit better, but even then the secret sauce it the routing system. With the proper routing system you could even use homing pigeons as your carrier. So "tubes" really misses the point.

Re:

[Dragonslicer]

Years ago there was some politician from Alaska or some other US state who described the Internet as a series of tubes. Despite not being too far off the mark (fiber optic cables are just tubes carrying light), he was ridiculed and insulted here at /. and on other tech sites.

He wasn't ridiculed so much for the analogy itself ("series of tubes" vs. "big truck"), but for the rest of what he said:

Ten movies streaming across that, that Internet, and what happens to your own personal Internet? I just the other day got... an Internet was sent by my staff at 10 o'clock in the morning on Friday. I got it yesterday [Tuesday]. Why? Because it got tangled up with all these things going on the Internet commercially.

Re: If you can't explain something in simple terms

[Zero__Kelvin]

I guess they don't understand it well enough then, because packets don't jump in front of each other in the line. It is more like a small group of workers is handing each person 1000 jellybeans but they have to offer them 1 at a time and can't give a second one out to the same customer until all the other customers get a chance at a jelly bean or move on to the next customer until the current customer has accepted the jelly bean or a minute has elapsed. 10000 people all show up to the jelly bean giveaway in

Re:

[stealth_finger]

I guess they don't understand it well enough then, because packets don't jump in front of each other in the line. It is more like a small group of workers is handing each person 1000 jellybeans but they have to offer them 1 at a time and can't give a second one out to the same customer until all the other customers get a chance at a jelly bean or move on to the next customer until the current customer has accepted the jelly bean or a minute has elapsed. 10000 people all show up to the jelly bean giveaway in a single dress style but refuse to accept any jelly beans.

Will that fit in a tweet though?

Re: If you can't explain something in simple term

[Zero__Kelvin]

Why do you ... think it needs to?

Re:

[stealth_finger]

Because the original did and that's apparently how companies communicate these days

Re: If you can't explain something in simple term

[Zero__Kelvin]

I knew you wouldn't get the point. Use two. Put "..." DOH

Re:

[stealth_finger]

I knew you wouldn't get the point. Use two. Put "..." DOH

Well, you could do that if you want do double down on your twatter.

Re:

[Jason Levine]

Growing up, I loved reading books by Isaac Asimov (and boy were there a ton to read). He had a knack for taking complicated scientific principles and explaining them using plain language. It's something that I've tried to emulate - especially if I'm explaining a complicated computer system to someone with minimal computer experience.

Re:

[mikelieman]

Yo, glad to see you're still around. Your Fun with fog generators halloween story is a classic I revisit every year, as an example of why I don't even try...

Re:

[stealth_finger]

Are you confusing me with someone else or was that a reference to something I don't get?

If you need that explanation you are a victim

[Excelcia]

Anyone who needed a lemmings metaphor to understand that getting flooded with data from multiple sources makes it harder to see your requests, is a victim of the American educational system. I wonder if there's a case for a class action lawsuit there.

Re:

[stealth_finger]

Their description isn't simple, but rather just a lot of what I suspect is Millennial idiocy. If you aren't a Millennial, then it just reads as a bunch of retarded gibberish buzzwords. A simple explanation could be understood by anyone, including non-Millenials.

Like a millenial knows wtf a lemming is. And are you implying only millennials know mcdonalds don't sell whoppers?

Re:

[Anonymous Coward]

I order whoppers at McDonald's all the time. Of course, what they give me is really a Big Mac, but it still tastes just as nasty and results in the same whoppers plopped in a toilet later on.

Re:

[HiThere]

Well, I had to think a bit before I remembered that. But it's been a long time since I bought a chain hamburger. (Still, at that time Whoppers were a *LOT* better than "Big Mac"s.

Re:

[HiThere]

I think it's become a sort of "default initialization to 0xdeadbeef" in a more complex context.

Better description

[110010001000]

"Imagine that an army of computers just requested our computers for data" Telegram tweeted. "The server is busy responding to their requests -- but there are so many of them that the server can't even see you to try and take your requests."

More accurate, simpler and you don't need to know what a "whopper" is.

Re:Better description

[Anonymous Coward]

No, that's worse. That's a description, whereas Telegram was using an analogy. As a programmer (which I assume based on your user name), you understand what the description is. The layman non-programmer does not. There are more people in the world who understand what a Whopper is and why it doesn't exist at McDonalds than there are people who can conceptualize what happens when one computer requests data from another computer. Telegram isn't speaking to you, they're speaking to the layman.

Re:

[110010001000]

It has nothing do with programming. Even my Mom knows what a "web server" is. You don't even need to know how requests work.

Re:

[Anonymous Coward]

That's because your mom had you; your anecdote does not prove anything. My wife knows all about construction trucks, something she knew nothing about, because we have a young son who loves big trucks.

I am not a programmer by any stretch, nor is anyone in my extended family. I can assure you that no one in my extended family has the slightest clue what a web server is.

Re: Better description

[BKX]

I bet you they do. By now people have figured out what a lot of technical terms mean even if they don't know much more than, "A web server? Is that the thing the runs a website?", which is a good enough idea to get by with. I'm quite sure, however, that a number of people think that servers, websites, and programs are the same thing with different names, which is technically wrong, but not so wrong as to be completely stupid. I know my grandparents have a hard time with understanding that AOL's website runs

Re:

[Waccoon]

The problem with the lemming analogy is that it said lemmings were ordering whoppers, but it's not clear that the lemmings don't actually WANT the whoppers. It makes it sound like the lemmings are legitimate customers, a la anchovies swarming the Krusty Krab.

If anything, an analogy involving prank phone calls would have been more appropriate, which is closer to the description "110010001000" gave. Most people can understand the concepts of a busy phone line and asshole teenagers with too much free time.

Giant, Carnivorous Were-Lemmings...or Tourists?

[Roger W Moore]

That's a description, whereas Telegram was using an analogy.

True but their analogy is far more confusing than it needs to be because it leaves so many questions unanswered. Why are lemmings which are usually small, furry herbivorous rodents suddenly wanting to eat meat? How did they figure out human speech and basic commerce? Why can't you be seen over the tops of the lemmings which are only a few centimetres high - are they giant lemmings? How did your grandpa become one of these giant lemmings - is some form of lycanthropy involved? ...and most importantly now that we have established that they are giant, carnivorous, were-lemmings, what are they going to eat when they can't get a Whopper?

I know it is far less exciting and does not sound like the plot of a truly appalling, made-for-TV horror movie but perhaps a bus-load of confused tourists would be a far better analogy and finding your granddad amongst them would be a lot easier to explain.

Re:

[Anonymous Coward]

That's a description, whereas Telegram was using an analogy.

Yes, a bad one. A really awful terrible one. Among the many things wrong with this crapfest:

• Why is it lemmings? That makes zero sense. Why isn't it just regular people instead of a surrealist nightmare?
• Why are they ordering whoppers? This detail makes no sense. It requires you to realize that McDonald's doesn't have whoppers. Which most Americans probably know when they think about it, but may not pick up on right away when reading the

Re:Better description

[stealth_finger]

"Imagine that an army of computers just requested our computers for data" Telegram tweeted. "The server is busy responding to their requests -- but there are so many of them that the server can't even see you to try and take your requests."

More accurate, simpler and you don't need to know what a "whopper" is.

What if you don't know what a server is? If you are unaware of the whopper I wouldn't assume you know the basics of how the internet works. In terms of lowest common denominator its pretty low to know that you cant get a whopper from burger king. Their point isn't just there are lots of request its that they the wrong type of thing requesting the wrong item in the wrong place and they have to be told to fuck off individually. Is that better?

Re:

[stealth_finger]

*Can't get a whopper from mcdonalds rather

Re:

[110010001000]

A server has nothing to do with the Internet. Christ. Everyone knows what a "web server" is. Plus you can do a DDoS requesting the "right" item too.

Re:

[stealth_finger]

A server has nothing to do with the internet? Careful you'll get a troll army following you with that one but are you honestly suggesting 'web server' is more widely known than 'whopper' to the general public?

Re: Better description

[Zero__Kelvin]

No. You have no idea how a DoS works. They don't request "the wrong type of thing." The (literal) server could recognize the bogus request immediately. They request the right type of thing, say a Big Mac, then wait for the staff to take time cooking it and then touch it with their fingers (liberty taken so staff can't just give it to a different customer in the analogy) but refuse to accept it and tell the staff to make them another one, over and over.

Re:

[stealth_finger]

Well they're not technically requesting the wrong type of thing because it's still a burger they want. But of course it falls down under scrutiny because it's actually nothing like that at all. That's just a vast simplification of the concept so a lay person can understand it. If it was on /. it would have been a car analogy of some kind with a bunch of replies saying 'well, it's actually more like this...' with increasingly complex scenarios.

Re: Better description

[Zero__Kelvin]

Again, you just aren't getting it. The request is always for the right thing. A Big Mac in this scenario if you will. It is the refusal to accept it (ACK) that accomplishes the feat.

Re:

[stealth_finger]

In the terms of the simplification that doesn't matter. It's not meant to be an exact match. Anyway, don't tell me, tell them.

Re: Better description

[Zero__Kelvin]

Why would I tell them that you have no idea how a DoS works?

Re:

[stealth_finger]

Why would I tell them that you have no idea how a DoS works?

Because you're there at the same time to have how an analogy works explained to you? Seriously, let go on the focus of whether its a bic mac or whopper they are asking for and look at the big picture.

Re:

[Roger W Moore]

What if you don't know what a server is?

What if you do know what a lemming is though? They are small, furry, herbivorous rodents. They lack speech, an understanding of human commerce and any desire to eat meat plus they are only a few centimetres high. As such this is not going to stop you being seen by the server and any denial of service is going to come from the fact that they (a) exist and (b) are in a McDonald's not because they are distracting the server with requests for Whoppers.

Re:

[stealth_finger]

Yeah using lemming was a questionable choice lol I guess because there's usually lots of them, in peoples, well, my mind at least \_()_/

Re:

[BringsApples]

I agree with you, and we're both wrong. The problem is that we both know that the really helpful whopper analogy is freggin wrong. It's not about lemmings breaking into line, it's that they're inside, bothering all of the workers with requests for napkins, salt, ketchup, the key to the bathroom, and asking "who's in charge?" all as fast as they can, over and over and over.

But the analogy, for those that aren't familiar with networking/servers, serves the purpose of making them feel like they understand it

Re:

[drew_kime]

"Imagine that an army of computers just requested our computers for data" Telegram tweeted.

When a child "requests a cookie" they're asking me to give them a cookie. If I imagine that someone "requested our computers" wouldn't that mean someone asked me to give them my computers?

And does "army of computers" mean the Chinese military are doing this?

"The server is busy responding to their requests -- but there are so many of them that the server can't even see you to try and take your requests."

I don't have a webcam. Do I need a webcam so it can see me?

If you think I'm exaggerating you've never worked tech support. The reason analogies are frequently better is that people know they're analogies and don't try to take them literally.

Re:

[nnet]

How does a type of cow mandate anything?

Funniest thing is though...

[cloud.pt]

... this probably wasn't even an attack, but real usage scenario-induced DDoS from the massive Hong Kong protests. I remember back in 2014 FireChat is what they used, but I wouldn't be surprised if that was taken down and Hon Kongers now rely on Telegram for their freedom of association rights.

Re:

[esperto]

Actually, as it affected the americas, it is probably due to a political problem in Brazil.

this week the intercept put out an article with messages from the Minister of Justice (and former judge) and prosecutors stolen from their telegram accounts, and this has been all over the news, it is very likely a another brazilian group attacking the telegram servers for some related but not revealed reason.

Re:

[esperto]

Take back what I said, Durov just stated that it was likely china trying to silence protests in hong kong, as you GP said.

Re:

[cloud.pt]

actually, it seemed exactly the opposite of what I said, yet related: not from real-world scenario but a concerted attack by the state to prevent exactly the kind of usage I mentioned could be the thing impacting the service. So there's that :D

well for everyone...

[HTD]

...that is educated enough to know how lemmings behave in the wild, or old + educated enough to have played lemmings the computer game. I doubt this analogy is really easy to understand for everyone.

Re:

[Anonymous Coward]

ive never seen one but i know they can explode

Re:

[HiThere]

WRT lemmings: Disney lied. In order to show the lemmings going over the cliff some workers had to stand off camera and *THROW* them over the cliff.

Presumingly during a lemming "stampede" some will occasionally get shoved over a cliff edge, accounting for the legend, but they try to avoid it, and the film was a lie.

Re:

[apoc.famine]

Yeah, I'm not sure why they went with lemmings.

"Imagine you're in line at a coffee shop when a hundred teens come running in, and all push past you towards the counter. Most of them are ordering things that don't exist on the menu, and trying to pay with monopoly money. The staff have a choice: Either close the store and kick everyone out, or try to process all the requests, separate the good from the bad, and kick out the kids making bad requests. You're caught in the middle of all of this, with no way to

How To Name Things 101

[drew_kime]

From now on botnet nodes in a DDOS are whopper lemmings.

Good description

[nitehawk214]

My grandpa was a whopper lemming, in fact.

Re:

[Aighearach]

I was shopping at a store that required a user tracking card for a certain discount that I wanted, and the card wouldn't work in the reader, it had to have the barcode scanned.

The clerk was worried I might be a whopper lemming, but no, I didn't have the wrong card it just has a damaged magnetic strip.

Bad analogy for DDoS

[niftydude]

If it were just lemmings, that's a regular DoS, and you can just instruct the computers to ignore lemmings and you're done. The whole point of a DDoS is all the attacks come from different things, so it's much harder to filter out. Ok analogy for DoS. Not that great for DDoS.

Re:

[jimbo]

True but does that really matter to the average non techie reading it? The analogy gives a rough idea, which is good enough for those who need it - fulfilling its purpose.

We could iterate over technical accuracy of an analogy ad infinitum because it's turtles all the way down. Us pedantic nerds understands what DDoS is anyway.

Re: Bad analogy for DDoS

[Zero__Kelvin]

If it isn't supposed to help them understand it *correctly* then what is the point. A simple "a bunch of different computers overwork/overload the website" works better in that case.

Re: Bad analogy for DDoS

[Zero__Kelvin]

... Also they don't order whoppers at McDonalds, because again, easy to detect and ignore. They order off the menu and let the staff take their valuable time making it, then refuse to accept the item.

Time to Summon...

[IMightB]

BadAnalogyGuy! We need you!

Re:

[Anonymous Coward]

He went to simile school and lost all his powers.

Analogy fail.

[Areyoukiddingme]

RunDMC had the better analogy.

(One) day when I was chillin' in Kentucky Fried Chicken
Just mindin' my business, eatin' food and finger lickin'.
This dude walked in lookin' strange and kind of funny
Went up to the front with the menu and his money.
He didn't walk straight, kind of side to side.
He asked this old lady, "Yo, yo, um...is this Kentucky Fried?"
The lady said "Yeah", smiled and he smiled back.
He gave a quarter and his order, small fries, Big Mac!

You be illin'.

Lemmings in a series of tubes

[infuriatedweasel]

Is this from the Ted Stevens center for technology explanations?

Let me see. 'Tis not Yorick's. Twas Slashdot

[Cito]

Alas, poor Slashdot! I knew the site: a forum
of fellow nerds, of most excellent wit: it hath
borne me on its servers a thousand times; and now, how
abhorred in my perception it is! My gorge rims at
it. Here hung those links that I have clicked I know
not how oft. Where be your gibes now? Your
guile? Your laconisms? Your flashes of jocularity,
that were wont to set the comments on a roar? Not one
now, to mock your own trolling ? Quite lugubrious?
Now get ye to the submission section and daub the site with jejunity.

Origins of Distributed Denial Of Service

[TheHawke]

I may be at fault for that. During the days of 33.6 and 56K was the geeks wet dream, IRC and their patrons were getting clobbered by DOS attacks. While this was getting fixed, me and few other geeks had a think-tank session regarding future threats, and I brought up the idea of a synced disctributed attack, where the attackers were clock-synced and would be cooperative in attacking a single target.

We were close to being prophets when DDOS started to hit the bricks a few years later.

MICROS~1 strikes again :]

[najajomo]

"To generate these garbage requests, bad guys use 'botnets' made up of computers of unsuspecting users which were infected with malware at some point in the past. This makes a DDoS similar to the zombie apocalypse: one of the whopper lemmings just might be your grandpa,"

What was the name of these 'computers' the 'botnets' run on?