Ask the FCC for proof it was crashed by DDoS -- not outraged Net Neutrality commenters


#1

Originally published at: http://boingboing.net/2017/05/10/extraordinary-claims-extraordi.html


#2

I fail to see the difference.


#3

Merely “asking” them is going rather easy. Demand evidence, with the stipulation that their jobs depend upon providing it.


#4

The thing to understand is that they see the flood of public comments that they grudgingly had to invite (due to that pesky democracy business) as the DDoS attack. That would be the case even if Oliver hadn’t promoted the surge that overwhelmed their designed-to-break system.

In their eyes, democratic institutions (e.g. demands for transparency, a free press, an independent judiciary, etc.) are security holes that must be patched. The patches have to be applied in a sneaky way, because in order to pretend they’re freedom-lovin’ patriots they also have to pretend they think the bugs are features.


#5

3rd option, the people at the FCC are inept enough to not be able to tell the difference.

Well there is a huge difference. One is a failure of infrastructure to withstand a spike in traffic, and one is a failure against an organized bot attack that there are few defenses against.

Ever try to get tickets to a limited event or maybe order something on a Black Friday deal that is “too good” too pass up, only to have the website basically stop working? I have. I ended up with two extra tickets to a Lord of the Rings marathon that way (worked in my favor, made money on that deal). Worked against me once, didn’t get that Turkish CZ-75 clone that was only $200.

So claiming their site just couldn’t handle the traffic from PEOPLE, and claim it was millions of BOTS doing a malicious attack is hyperbole at best, and lying at worst.


#6

From the perspective of me as a security person and I’d say the same in my past life managing infrastructure, any situation which results in servers being unable to respond reasonably under a condition of an intentional coordinated access spike is a denial of service condition.


#7

Wouldn’t you say adjusting the system to accommodate more people visiting is going to be easier than defending against a DDoS attack? I can’t imagine the number of people going to the FCC site is any where near the number of bots used in a large attack, but I confess I am not an expert here. I do know an expert, though, and maybe some of his knowledge rubbed off on me.


#8

From the FCC description of the incident:

Beginning on Sunday night at midnight, our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDos). These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC. While the comment system remained up and running the entire time, these DDoS events tied up the servers and prevented them from responding to people attempting to submit comments.

The FCC is explicitly ruling out that it was just a spike in traffic caused by people trying to file comments.


#9

Easier? Depends really. You can build out more servers in your data center and put a load balancer in them and make the adjustments to your public & internal DNS or you ca contract out to a company like CloudFlare but in the end its the same goal, to handle more traffic.


#10

Explicitly and falsely. In their eyes, Oliver is a black-hat hacker, his viewers are mindless bots, and the serious business of enclosing the digital commons is being deliberately disrupted by these bad actors.

Note the language: not a denial of service “condition” (which is a weird way to refer to a server overloaded by high legitimate demand, but whatever), but an “attack”; “deliberate attempts by external actors” without specifying who those actors were or what methods they used or what their motivations were; said actors were “not attempting to file comments themselves” – an easily disproven falsehood.

If there had been an actual botnet attack on the site that flooded the comments on all pending FCC issues with ads for boner pills and such they could have said so.

The FCC (especially the current leadership) is just cheesed off that they’re not allowed to make commenting dependant on being a member of the bar. Oliver mobilised a lot of non-lawyers and non-lobbyists to remind the FCC that lots of Americans are now aware of Title 2 and its relationship to Net Neutrality, and since Ajit Pai and co. resent it they characterise it as a DDoS attack.


#11

The difference is political.


#12

or rhetoric


#13

To quote a really cool regular on these bbs:

:wink:


#14

Well, yeah. I was just arguing against the position that there isn’t a difference between what the FCC claims happened and what John Oliver says happened: the latter being that a bunch of people, having watched John Oliver’s show, were encouraged to send their comments to the FCC and did so in numbers which overwhelmed the server.

As the FCC says that “These actors were not attempting to file comments themselves,” there is a clear difference in narrative between the FCC’s “this was a denial of service attack” and everybody else’s “this was a spike in legitimate traffic.”


#15

Part of me is laughing, thinking of the reaction that Pai and his cronies would get from the permanent staff sysops if they asked them to monkey with the server logs and pollute the database with fake spam in order to manufacture evidence for this “DDoS attack.”

Then part of me starts crying, realising that Pai wouldn’t feel the need to do so in post-evidence America.


#16

Did the comment-reporting system even work? The first day I couldn’t get through. The second day, the form loaded just fine. I filled it out and tried to send it. (Or “express” it or however they said it in the offensive Bureaucratese that peppers the site.) The page reloaded because I had supposedly left a box blank. It said my name was missing. I typed it again, sent my comment, and the form reloaded with my name missing. I tried this three or four more times. It wouldn’t work.

And reading this account now, all I can think is, “God, but that’s an interesting story.” Also, you’re welcome.


#17

This article’s headline is misleading. I expected to find a link to a petition to the FCC or Mr. Pai demanding the release of the logs. No such link.


#18

Actually, there is a grain of truth in this. Once in April and again earlier this week, the FCC comment site got flooded with comments from a spambot which was doing copypasta of the same anti-Title 2 comment with different user names.



#19

Still not working. Hitting the Submit button returns a 503.


#20

I read that earlier. If anyone’s doing an actual spamming DDoS attack here, it’s the anti-Net Neutrality gang, which basically amounts to people and orgs working on behalf of the telecom industry.