Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Twitter Plans To Cut About 300 Jobs As Soon As This Week: Bloomberg ( 56

An anonymous reader quotes a report from Bloomberg: Twitter Inc. is planning widespread job cuts, to be announced as soon as this week, according to people familiar with the matter. The company may cut about 8 percent of the workforce, or about 300 people, the same percentage it did last year when co-founder Jack Dorsey took over as chief executive officer, the people said. Planning for the cuts is still fluid and the number could change, they added. An announcement about the job reductions may come before Twitter releases third-quarter earnings on Thursday, one of the people said. Twitter, which loses money, is trying to control spending as sales growth slows. The company recently hired bankers to explore a sale, but the companies that had expressed interest in bidding -- Inc., The Walt Disney Co. and Alphabet Inc. -- later backed out from the process. Twitter's losses and 40 percent fall in its share price the past 12 months have made it more difficult for the company to pay its engineers with stock. That has made it harder for Twitter to compete for talent with giant rivals like Alphabet Inc.'s Google and Facebook Inc. Reducing employee numbers would relieve some of this pressure.

People Like Netflix's Original Content More Than Its Other Content: AllFlicks ( 34

According to a study by IHS Markit this month, in the last two years Netflix's spending on original content rose from $2.38 billion to $4.91 billion. The company has invested big in original programming -- and it looks to be paying off. The folks over at AllFlicks have found that Netflix's subscriber base prefers Netflix's original content to that of its syndicated content. AllFlicks reports: Netflix user ratings show that Netflix's subscriber base prefers Netflix's original content to its syndicated content. Netflix originals sport an average rating of 3.85 stars out of five; all other content averages 3.47 stars. That means that user ratings for Netflix originals are 11% higher, on average, than user ratings for syndicated content. Netflix does best in the documentaries category, where users rate non-original content, on average, at 3.54. Netflix's documentaries average 4.07 stars, a pretty impressive showing. Netflix's TV shows do the worst, but still edge their other TV show content by 5.7%. It's possible that the frequent reviewers among Netflix's user base differ from the user base as a whole, but there's not a lot of reason to doubt the raw data here. The Netflix originals and non-originals were both reviewed on the same service and using the same rating system, yet originals consistently outperformed the rest of the content.

Alibaba Founder To Chinese Government: Use Big Data To Stop Criminals ( 27

An anonymous reader quotes a report from Bloomberg: Chinese billionaire Jack Ma proposed that the nation's top security bureau use big data to prevent crime, endorsing the country's nascent effort to build unparalleled online surveillance of its billion-plus people. China's data capabilities are virtually unrivaled among its global peers, and policing cannot happen without the ability to analyze information on its citizens, the co-founder of Alibaba Group Holding Ltd. said in a speech published Saturday by the agency that polices crime and runs the courts. Ma's stance resonates with that of China's ruling body, which is establishing a system to collect and parse information on citizens in a country where minimal safeguards exist for privacy. "Bad guys in a movie are identifiable at first glance, but how can the ones in real life be found?" Ma said in his speech, which was posted on the official WeChat account of the Commission for Political and Legal Affairs. "In the age of big data, we need to remember that our legal and security system with millions of members will also face change." In his speech, Ma stuck mainly to the issue of crime prevention. In Alibaba's hometown of Hangzhou alone, the number of surveillance cameras may already surpass that of New York's, Ma said. Humans can't handle the sheer amount of data amassed, which is where artificial intelligence comes in, he added. "The future legal and security system cannot be separated from the internet and big data," Ma said. Ma's speech also highlights the delicate relationship between Chinese web companies and the government. The ruling party has designated internet industry leaders as key targets for outreach, with President Xi Jinping saying in May last year that technology leaders should "demonstrate positive energy in purifying cyberspace."

Electronic Surveillance Up 500% In DC Area Since 2011, Almost All Sealed Cases ( 27

schwit1 quotes a report from Washington Post: Secret law enforcement requests to conduct electronic surveillance in domestic criminal cases have surged in federal courts for Northern Virginia and the District, but only one in a thousand of the applications ever becomes public, newly released data show. The bare-bones release by the courts leaves unanswered how long, in what ways and for what crimes federal investigators tracked individuals' data and whether long-running investigations result in charges. In Northern Virginia, electronic surveillance requests increased 500 percent in the past five years, from 305 in 2011 to a pace set to pass 1,800 this year. Only one of the total 4,113 applications in those five years had been unsealed as of late July, according to information from the Alexandria division of the U.S. District Court for the Eastern District of Virginia, which covers northern Virginia. The report adds: "The federal court for the District of Columbia had 235 requests in 2012, made by the local U.S. attorney's office. By 2013, requests in the District had climbed 240 percent, to about 564, according to information released by the court's chief judge and clerk. Three of the 235 applications from 2012 have been unsealed. The releases from the Washington-area courts list applications by law enforcement to federal judges asking to track data -- but not eavesdrop -- on users' electronic communications. That data can include sender and recipient information, and the time, date, duration and size of calls, emails, instant messages and social media messages, as well as device identification numbers and some website information."

Seth's Blog: Hardware is Sexy, But It's Software that Matters ( 48

American author and entrepreneur Seth Godin argues that though hardware is nice and dandy, it is the software that matters. And not just software that runs on a computer, "but the metaphorical idea of rules and algorithms designed to solve problems and connect people," he writes. Godin has used the piece to note how Apple has increasingly grown focused on hardware, and as a result, it's not putting much effort to fixing its software. He writes, "Automator, a buggy piece of software with no support, and because it's free, no competitors. Keynote, a presentation program that hasn't been improved in years. iOS 10, which replaces useful with pretty. iTunes, which is now years behind useful tools like Roon. No significant steps forward in word processing, spreadsheets, video editing, file sharing, internet tools, conferencing, etc. Apple contributed mightily to a software revolution a decade ago, but they've stopped. Think about how many leaps forward Slack, Dropbox, Zapier and others have made in popular software over the last few decades. But it requires a significant commitment to keep it moving forward. It means upending the status quo and creating something new." From the article: Software can change faster than hardware, which means that in changing markets, bet on software. It's tempting to treat the user interface as a piece of fashion, some bling, a sort of jewelry. It's not. It's the way your user controls the tool you build. Change it when it stops working, not when you're bored with it. Every time you change the interface, you better have a really good reason.John Gruber disagrees. He writes: Software, in general, is much better than it used to be. Unlike 1995, we don't lose data due to bugs very often. (For me personally, I can't even remember the last time I lost data.) But our hardware is so much better than our software, the contrast is jarring. An iPhone is a nearly perfect object. Sleek, attractive, simple. The hardware is completely knowable -- there are only five buttons, each of them easily understood. iOS, however, is effectively infinite. The deeper our software gets, the less we know and understand it. It's unsettling.

New York Times Buys The Wirecutter For $30 Million ( 33

An anonymous reader quotes a report from Recode: The New York Times is buying The Wirecutter, a five-year-old online consumer guide. The Times will pay more than $30 million, including retention bonuses and other payouts, for the startup, according to people familiar with the transaction. Brian Lam, a former editor at Gawker Media's Gizmodo, founded The Wirecutter in 2011, and has self-funded the company's growth. The Wirecutter provides recommendations for electronics and other gadgets that are both obsessively researched and simply presented. The Wirecutter also owns The Sweethome, which takes the same approach for home appliances and other gear. "We're very excited about this acquisition on two fronts," said Mark Thompson, CEO of The New York Times Company, in the acquisition release. "It's an impressively run business with a very attractive revenue model and its success is built on the foundation of great, rigorously reported service journalism." The Wirecutter tweeted earlier today: "Hey, we're still us. But we're a part of The New York Times now."

XPrize's New Challenge: Turn Air Into Water, Make More Than a Million Dollars ( 109

An anonymous reader shares a CNET report: If you can turn thin air into water, there may be more than $1 million in it for you. XPrize, which creates challenges that pit the brightest minds against one another, is hoping to set off a wave of new innovations in clean water -- and women's safety too. The company announced its Water Abundance XPrize and the Anu & Naveen Jain Women's Safety XPrize on Monday in New Delhi. The first competition will award $1.75 million to any team that can create a device able to produce at least 2,000 liters of water a day from the atmosphere, using completely renewable energy, for at most 2 cents a liter. Teams have up to two years to complete the challenge. India is at the center of the world's water crisis, with access to groundwater depleted in some northern and eastern parts of the country. Water has become so scarce in India that natural arsenic has infiltrated the soil and water in certain regions. While there are systems that can currently extract water from the atmosphere, many of them aren't energy-efficient, or generating enough water. "We know that overuse of groundwater resources are causing the water crisis and it's only getting worse," said Zenia Tata, XPrize's executive director of Global Expansion. The $1 million Women's Safety XPrize calls for an emergency alert system that women can use, even if they don't have access to their phones. The alert would have to be sent automatically and inconspicuously to emergency responders, within 90 seconds, at a cost of $40 or less a year. The device would have to work even in cases where there's no cellphone signal or internet access.

Internet is Becoming Unreadable Because of a Trend Towards Lighter, Thinner Fonts ( 266

An anonymous reader writes: The internet is becoming unreadable because of a trend towards lighter and thinner fonts, making it difficult for the elderly or visually-impaired to see words clearly, a web expert has found. Where text used to be bold and dark, which contrasted well with predominantly white backgrounds, now many websites are switching to light greys or blues for their type. Award winning blogger Kevin Marks, founder of Microformats and former vice president of web services at BT, decided to look into the trend after becoming concerned that his eyesight was failing because he was increasingly struggling to read on screen text. He found a 'widespread movement' to reduce the contrast between the words and the background, with tech giants Apple, Google and Twitter all altering their typography. True black on white text has a contrast ratio of 21:1 -- the maximum which can be achieved. Most technology companies agree that it is good practice for type to be a minimum of 7:1 so that the visually-impaired can still see text. But Mr Marks, found that even Apple's own typography guidelines, which recommended 7:1 are written in a contrast ratio of 5.5:1.

China Electronics Firm To Recall Some US Products After Hacking Attack ( 67

An anonymous reader writes:Chinese firm Hangzhou Xiongmai said it will recall some of its products sold in the United States after it was identified by security researchers as having made parts for devices that were targeted in a major hacking attack on Friday. Hackers unleashed a complex attack on the Internet through common devices like webcams and digital recorders, and cut access to some of the world's best known websites in a stunning breach of global internet stability. The electronics components firm, which makes parts for surveillance cameras, said in a statement on its official microblog that it would recall some of its earlier products sold in the United States, strengthen password functions and send users a patch for products made before April last year. It said the biggest issue was users not changing default passwords, adding that, overall, its products were well protected from cyber security breaches. It said reports that its products made up the bulk of those targeted in the attack were false. "Security issues are a problem facing all mankind. Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too," the company statement said.

Slashdot Asks: How Can We Prevent Packet-Flooding DDOS Attacks? ( 327

Just last month Brian Krebs wrote "What appears to be missing is any sense of urgency to address the DDoS threat on a coordinated, global scale," warning that countless ISPs still weren't implementing the BCP38 security standard, which was released "more than a dozen years ago" to filter spoofed traffic. That's one possible solution, but Slashdot reader dgallard suggests the PEIP and Fair Service proposals by Don Cohen: PEIP (Path Enhanced IP) extends the IP protocol to enable determining the router path of packets sent to a target host. Currently, there is no information to indicate which routers a packet traversed on its way to a destination (DDOS target), enabling use of forged source IP addresses to attack the target via packet flooding... Rather than attempting to prevent attack packets, instead PEIP provides a way to rate-limit all packets based on their router path to a destination.
I've also heard people suggest "just unplug everything," but on Friday the Wall Street Journal's Christopher Mim suggested another point of leverage, tweeting "We need laws that allow civil and/or criminal penalties for companies that sell systems this insecure." Is the best solution technical or legislative -- and does it involve hardware or software? Leave your best thoughts in the comments. How can we prevent packet-flooding DDOS attacks?

Who Should We Blame For Friday's DDOS Attack? ( 174

"Wondering which IoT device types are part of the Mirai botnet causing trouble today? Brian Krebs has the list," tweeted Trend Micro's Eric Skinner Friday, sharing an early October link which identifies Panasonic, Samsung and Xerox printers, and lesser known makers of routers and cameras. An anonymous reader quotes Fortune: Part of the responsibility should also lie with lawmakers and regulators, who have failed to create a safety system to account for the Internet-of-Things era we are now living in. Finally, it's time for consumers to acknowledge they have a role in the attack too. By failing to secure the internet-connected devices, they are endangering not just themselves but the rest of the Internet as well.
If you're worried, Motherboard is pointing people to an online scanning tool from BullGuard (a U.K. anti-virus firm) which checks whether devices on your home network are listed in the Shodan search engine for unsecured IoT devices. But earlier this month, Brian Krebs pointed out the situation is exacerbated by the failure of many ISPs to implement the BCP38 security standard to filter spoofed traffic, "allowing systems on their networks to be leveraged in large-scale DDoS attacks..."
United States

American 'Vigilante Hacker' Defaces Russian Ministry's Website ( 198

An anonymous Slashdot reader quotes CNN Money: An American vigilante hacker -- who calls himself "The Jester" -- has defaced the website of the Russian Ministry of Foreign Affairs in retaliation for attacks on American targets... "Comrades! We interrupt regular scheduled Russian Foreign Affairs Website programming to bring you the following important message," he wrote. "Knock it off. You may be able to push around nations around you, but this is America. Nobody is impressed."
In early 2015, CNN Money profiled The Jester as "the vigilante who hacks jihadists," noting he's a former U.S. soldier who now "single-handedly taken down dozens of websites that, he deems, support jihadist propaganda and recruitment efforts. He stopped counting at 179." That article argues that "the fact that he hasn't yet been hunted down and arrested says a lot about federal prosecutors and the FBI. Several cybersecurity experts see it as tacit approval."

"In an exclusive interview with CNNMoney this weekend, Jester said he chose to attack Russia out of frustration for the massive DNS cyberattack that knocked out a portion of the internet in the United States on Friday... 'I'm not gonna sit around watching these f----rs laughing at us.'"

Dyn Executive Responds To Friday's DDOS Attack ( 74

"It is said that eternal vigilance is the price of liberty...We must continue to work together to make the internet a more resilient place to work, play and communicate," wrote Dyn's Chief Strategy Officer in a Saturday blog post. An anonymous reader reports: Dyn CSO Kyle York says they're still investigating Friday's attack, "conducting a thorough root cause and forensic analysis" while "carefully monitoring" for any additional attacks. In a section titled "What We Know," he describes "a sophisticated attack across multiple attack vectors and internet source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack." But he warns that "we are unlikely to share all details of the attack and our mitigation efforts to preserve future defenses."

He posted a timeline of the attacks (7:00 EST and 12:00 EST), adding "While there was a third attack attempted, we were able to successfully mitigate it without customer impact... We practice and prepare for scenarios like this on a regular basis, and we run constantly evolving playbooks and work with mitigation partners to address scenarios like these." He predicts Friday's attack will be seen as "historic," and acknowledges his staff's efforts to fight the attack as well as the support received from "the technology community, from the operations teams of the world's top internet companies, to law enforcement and the standards community, to our competition and vendors... On behalf of Dyn, I'd like to extend our sincere thanks and appreciation to the entire internet infrastructure community for their ongoing show of support."

Online businesses may have lost up to $110 million in sales and revenue, according to the CEO of Dynatrace, who tells CNN more than half of the 150 websites they monitor were affected.

Should Journalists Ignore Some Leaked Emails? ( 350

Tuesday Lawrence Lessig issued a comment about a leaked email which showed complaints about his smugness from a Clinton campaign staffer: "I'm a big believer in leaks for the public interest... But I can't for the life of me see the public good in a leak like this..." Now mirandakatz shares an article by tech journalist Steven Levy arguing that instead, "The press is mining the dirty work of Russian hackers for gossipy inside-beltway accounts." This is perfectly legal. As long as journalists don't do the stealing themselves, they are solidly allowed to publish what thieves expose, especially if, as in this case, the contents are available to all... [But] is the exploitation of stolen personal emails a moral act? By diving into this corpus to expose anything unseemly or embarrassing, reporters may be, however unwillingly, participating in a scheme by a foreign power to mess with our election...

As a 'good' journalist, I know that I'm supposed to cheer on the availability of information... But it's difficult to argue that these discoveries were unearthed by reporters for the sake of public good...

He's sympathetic to the idea that minutiae from campaigns lets journalists "examine the failings of 'business as usual'," but "it would be so much nicer if some disgruntled colleague of Podesta's was providing information to reporters, rather than Vladimir Putin using them as stooges to undermine our democracy." He ultimately asks, "is it moral to amplify anything that's already exposed on the internet, even if the exposers are lawbreakers with an agenda?"

John McAfee Thinks North Korea Hacked Dyn, and Iran Hacked the DNC ( 148

"The Dark Web is rife with speculation that North Korea is responsible for the Dyn hack" says John McAfee, according to a new article on CSO: McAfee said they certainly have the capability and if it's true...then forensic analysis will point to either Russia, China, or some group within the U.S. [And] who hacked the Democratic National Committee? McAfee -- in an email exchange and follow up phone call -- said sources within the Dark Web suggest it was Iran, and he absolutely agrees. While Russian hackers get more media attention nowadays, Iranian hackers have had their share... "The Iranians view Trump as a destabilizing force within America," said McAfee. "They would like nothing more than to have Trump as President....

"If all evidence points to the Russians, then, with 100% certainty, it is not the Russians. Anyone who is capable of carrying out a hack of such sophistication is also capable, with far less effort than that involved in the hack, of hiding their tracks or making it appear that the hack came from some other quarter..."

Bruce Schneier writes that "we don't know anything much of anything" about yesterday's massive DDOS attacks. "If I had to guess, though, I don't think it's China. I think it's more likely related to the DDoS attacks against Brian Krebs than the probing attacks against the Internet infrastructure..." Earlier this month Krebs had warned that source code had been released for the massive DDOS attacks he endured in September, "virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices."

Google Has Quietly Dropped Ban On Personally Identifiable Web Tracking ( 153

Fudge Factor 3000 writes: Google has quietly changed its privacy policy to allow it to associate web tracking, which is supposed to remain anonymous, with personally identifiable user data. This completely reneges its promise to keep a wall between ad tracking and personally identifiable user data, further eroding one's anonymity on the internet. Google's priorities are clear. All they care about is monetizing user information to rake in the big dollars from ad revenue. Think twice before you purchase the premium priced Google Pixel. Google is getting added value from you as its product without giving you part of the revenue it is generating through tracking through lower prices. The crossed-out section in its privacy policy, which discusses the separation of information as mentioned above, has been followed with this statement: "Depending on your account settings, your activity on other sites and apps may be associated with your personal information in order to improve Google's services and the ads delivered by Google." ProPublica reports: "The change is enabled by default for new Google accounts. Existing users were prompted to opt-in to the change this summer. The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on your name and other information Google knows about you. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct. The move is a sea change for Google and a further blow to the online ad industry's longstanding contention that web tracking is mostly anonymous. In recent years, Facebook, offline data brokers and others have increasingly sought to combine their troves of web tracking data with people's real names. But until this summer, Google held the line." You can choose to opt in or out of the personalized ads here.

Cisco Develops System To Automatically Cut-Off Pirate Video Streams ( 111

An anonymous reader quotes a report from TorrentFreak: Pirate services obtain content by capturing and restreaming feeds obtained from official sources, often from something as humble as a regular subscriber account. These streams can then be redistributed by thousands of other sites and services, many of which are easily found using a simple search. Dedicated anti-piracy companies track down these streams and send takedown notices to the hosts carrying them. Sometimes this means that streams go down quickly but in other cases hosts can take a while to respond or may not comply at all. Networking company Cisco thinks it has found a solution to these problems. The company's claims center around its Streaming Piracy Prevention (SPP) platform, a system that aims to take down illicit streams in real-time. Perhaps most interestingly, Cisco says SPP functions without needing to send takedown notices to companies hosting illicit streams. "Traditional takedown mechanisms such as sending legal notices (commonly referred to as 'DMCA notices') are ineffective where pirate services have put in place infrastructure capable of delivering video at tens and even hundreds of gigabits per second, as in essence there is nobody to send a notice to," the company explains. "Escalation to infrastructure providers works to an extent, but the process is often slow as the pirate services will likely provide the largest revenue source for many of the platform providers in question." To overcome these problems Cisco says it has partnered with Friend MTS (FMTS), a UK-based company specializing in content-protection. Among its services, FMTS offers Distribution iD, which allows content providers to pinpoint which of their downstream distributors' platforms are a current source of content leaks. "Robust and unique watermarks are embedded into each distributor feed for identification. The code is invisible to the viewer but can be recovered by our specialist detector software," FMTS explains. "Once infringing content has been located, the service automatically extracts the watermark for accurate distributor identification." According to Cisco, FMTS feeds the SPP service with pirate video streams it finds online. These are tracked back to the source of the leak (such as a particular distributor or specific pay TV subscriber account) which can then be shut-down in real time.

Russians Seek Answers To Central Moscow GPS Anomaly ( 172

stevegee58 writes: Russians have been noticing that their GPS doesn't work in Moscow near the Kremlin. Everyone from taxi drivers to Pokemon Go players suddenly notice that they're transported 18 miles away at the airport when they near the Kremlin. While this may be an annoyance to the public it seems like a reasonable countermeasure to potential terrorist threats. Is it only a matter of time before other vulnerable sites such as the White House or the Capitol in Washington start doing the same? "A programmer for Russian internet firm Yandex, Grigory Bakunov, said Thursday his research showed a system for blocking GPS was located inside the Kremlin, the heavily guarded official residence of Russian President Vladimir Putin," reports Yahoo. "The first anomaly was recorded in June, according to Russian media reports, which have also suggested that the GPS interference comes and goes in a pattern. Putin's spokesman Dmitry Peskov said Thursday he did not know why the malfunction was occurring and admitted experiencing the problem himself when driving recently. Peskov redirected questions to Russia's Federal Guards Service, which is responsible for protecting the Kremlin and senior Russian officials."

WikiLeaks To Its Supporters: 'Stop Taking Down the US Internet, You Proved Your Point' ( 326

MojoKid writes: The Internet took a turn for the worst this morning, when large parts of the DNS network were brought down by a massive distributed denial of service attack (DDoS) targeting DNS provider Dyn. If you couldn't access Amazon, Twitter, and a host of other large sites and online services earlier today, this was why. Now, if a couple of additional tweets are to be believed, it appears supporters of WikiLeaks are responsible for this large scale DDoS attack on Dynamic Network Services Inc's Dyn DNS service. WikiLeaks is alleging that a group of its supporters launched today's DDoS attack in retaliation for the Obama administration using its influence to push the Ecuadorian government to limit Assange's internet access. Another earlier tweet reassures supporters that Mr. Assange is still alive, which -- along with a photo of heavily armed police posted this morning -- implies that he may have been (or may still be) in danger, and directly asks said supporters to stop the attack. WikiLeaks published this tweet a little after 5PM: "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point." It was followed by: "The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate."

Mirai and Bashlight Join Forces Against DNS Provider Dyn ( 56

A second wave of attacks has hit dynamic domain name service provider Dyn, affecting a larger number of providers. As researchers and government officials race to figure out what is causing the outages, new details are emerging. Dan Drew, chief security officer at Level 3 Communications, says the attack is at least in part being mounted from a "botnet" of Internet-of-Things (IoT) devices. "We're seeing attacks coming from a number of different locations," Drew said. "An Internet of Things botnet called Mirai that we identified is also involved in the attack." Ars Technica reports: The botnet, made up of devices like home WiFi routers and internet protocol video cameras, is sending massive numbers of requests to Dyn's DNS service. Those requests look legitimate, so it's difficult for Dyn's systems to screen them out from normal domain name lookup requests. Earlier this month, the code for the Mirai botnet was released publicly. It may have been used in the massive DDoS attack against security reporter Brian Krebs. Mirai and another IoT botnet called Bashlight exploit a common vulnerability in BusyBox, a pared-down version of the Linux operating system used in embedded devices. Mirai and Bashlight have recently been responsible for attacks of massive scale, including the attacks on Krebs, which at one point reached a traffic volume of 620 gigabits per second. Matthew Prince, co-founder and CEO of the content delivery and DDoS protection service provider CloudFlare, said that the attack being used against Dyn is an increasingly common one. The attacks append random strings of text to the front of domain names, making them appear like new, legitimate requests for the addresses of systems with a domain. Caching the results to speed up responses is impossible. Prince told Ars: "They're tough attacks to stop because they often get channeled through recursive providers. They're not cacheable because of the random prefix. We started seeing random prefix attacks like these three years ago, and they remain a very common attack. If IoT devices are being used, that would explain the size and scale [and how the attack] would affect: someone the size of Dyn."

Slashdot Top Deals