Life's lemons, a list of steps

Thursday, 02 October, Year 6 d.Tr. | Author: Mircea Popescu

Step I. On September the 13th I wrote an article explaining why am I going to kill Reddit, and how.i

Step II. On September the 24th, I hear on irc that righteous indignators be leveling threats of DDoSing and other nefarious business! So upon reviewing the logs of Trilema it turns out that it had been in fact attacked! Twice!

The first attack came on the 19th, and it was piddly, probably a kid with his 500 strong botnet trying to bring down wordpress through reloading pages or something. As you can see it barely registered on the dial, but then again how's random derp to know half a GB is peanuts here at the core of the Internet, where The New York Times comes for inspiration and cribbing material ?

The second attack came on the 24th, in the shape of a Wordpress pingback amplified DDoSii. It also didn't do anything notable, Trilema was online throughout. The attacker was diligent however, using a somewhat lengthy (tens of thousands) list of vulnerable blogs, and reusing them rarely (less than once an hour). Practically speaking, the only actual effect of this was an inflation of apparent unique visitors as far as Awstats is concerned.

The third attack came on the 28th, in the wake of frustration, desperation and ridicule endured also on irc. This time fewer blogs (thousands) were used intensively (thousands of times each) making it reasonably easy to blockiii, and that was pretty much the last we've ever heard of this "Reddit police" thing/dorkery.

Step III. The following day I went on the counteroffensive. I created a one line fix for the vulnerability that allows this particular form of DDoS to happeniv, I created a static html page describing the problem and the fix, I extracted the list of blogs involved in the attack and I proceeded to send them a pingback notifying them of the problem, and in the same pass providing proof that it is in fact a problem. So they can fix it, and in the process learn a thing or two about Automattic (and hopefully the rest of the bezzle world).

I received tons of email, some from people thanking me, a majority from people completely confused as to anything and everything, beginning at "how to ask a meaningful question" or "what to do when something happens". The list's not done yet (I'm trying not to DDoS myself while doing it, obviously), but here's a nice illustration covering the second half of September :

lol-attax

Depicted in that screencap : first attack, no effect. Second attack, lots of visits (ie, different IPs), very few pages and proportionally even fewer hits (ie, the various resources loaded to compose a page). Third attack, fewer apparent visits (Awstats doesn't count banned/bot IPs, obviously), a shitton of pages and hits (because the few IPs that didn't hit often enough to get blocked hit again and again and again). Then once I started pinging people, a lot more hits than the sum of all the attacks, and while their behaviour isn't exactly in line with the average behaviour of the Trilema reader in terms of time spent on site, they're slowly getting there.

In conclusion : not only "Reddit police" fails miserably at its stated goal, but this has been by far the best exposure Trilema ever got to this dayv.

And if you're in an accounting mood : it took me a coupla hours' worth of derping with awk and sed to extract the list, five minutes to save a html copy of the article and the whole shebang's been running in bash ever since (and no, it's not done yet - not nearly done yet).

So, how much do you pay your preferred selection of swindlers per click ? 10 cents ? Because the ~200k uniques I'm seeing over here so far would then put my hour's work well over 20 Bitcoin (which is just about right, which is kinda why I've bothered with this in the first place), and I can guarantee in any format you prefer that this is better traffic than whatever crap doubleclick, facebook, reddit, gawker or whoever else is selling you. Way better.

I said it before, but it bears repeating : Today is the International Day of Remembering How Mircea Popescu Is Better Than Me and related observances.

———
  1. I have a history doing that kind of thing, perhaps of most interest to this crowd being the untimely death of Reddit's own coin, the Doge. Or else the death of Reddit's own retard, Andreas Derpenstockulous, Grand Shill of Allthescams. Or other things. []
  2. If you're curious about the details, there's an amply documented, very detailed field report available. []
  3. DDoS nullroutes work kinda like shadowbanning : the attacker figures he's successful, the rest of the interwebs dunno wtf he's on about nor do they care. []
  4. Something that has been reported in the "tech" media back in April and has otherwise been known for years.

    And yet... nobody over at Shittenweg's "Code is Prostitution" Palace has so far managed to fix that steaming pile of doo-doo they sing lieds over. They claim it's fixed, of course, but if you review the logs of the attack you'll notice virtually all the blogs involved are 3.x and 4.0, releases after the one where the issue was supposedly fixed. []

  5. For comparison, back in March when I was all over the "tech" press with the OpenBSD story, the traffic bump was about a tenth this. Think about it : the combined might of the oh-so-important "media" is barely a tenth of a lemonade! []
Category: Meta psihoza
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

7 Responses

  1. Amazing how the Reddit 5-0 only make one stronger. Where are those extradition bombing drones nao?

  2. Mircea Popescu`s avatar
    2
    Mircea Popescu 
    Thursday, 2 October 2014

    I suspect they're starting their own cryptocurrency.

  3. I've heard there are as well and it represents "equity" which is basically a death knell.

  4. Mircea Popescu`s avatar
    4
    Mircea Popescu 
    Thursday, 2 October 2014

    Wait lol. Bwahahha.

  5. Peter Lambert`s avatar
    5
    Peter Lambert 
    Thursday, 2 October 2014

    There seems to be a lesson in there about the importance of first generating good content, and then worrying about how to get exposure. If you had no content, contacting all these people would just be worthless spam; with content in place, they can learn something useful from the experience.

  6. Mircea Popescu`s avatar
    6
    Mircea Popescu 
    Thursday, 2 October 2014

    Arguably the exploit fix would be just as useful coming off a pastebin, but I guess having other things to read gives people a reason to stay.

  1. [...] Mircea Popescu Arguably the exploit fix would be just as useful coming off a pastebin,... [...]

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.