Random notes on technology by Kenji Rikitake
[ blog home | about me | my homepage | recent entries | categories | archives | atom ]
I noticed Twitter was dead during 13Z-15Z 6-AUG-2009. (Z = UTC hours, BTW) Facebook was also affected. Other major world-wide social web sites including Livejournal and Blogger/blogspot.com were victims of a denial-of-service (DoS) attack altogether.
Elasticvapor.com has an article which says the attack was to one Georgian account from Russia, and that the attack was multi-staged through BGP and DNS vectors. I also feel the attack is not just a simple HTTP DoS, though unconfirmed.
DoS attacks are so popular on the Internet that I've got nothing to talk about. You can even hire a botnet to make a specific attack. Nevertheless, DoS attacks to popular sites do impact on our lives. Watching how people including myself responding to the simultaneous attacks to social web sites disclosed that we were living in a vulnerable society depending on just a couple of domains and IP networks.
I always ask a question to myself when I see a global service disruption event: isn't Internet a distributed system with adequate redundancy? Unfortunately, the answer is, no. Taking down a few systems of the social web will effectively paralyze the whole networking of people. Those systems have become a set of points of failure.
Regaining redundancy on Internet is not easy. Making a redundant system with multiple layers of technologies is a very hard task. The designer needs to put redundancy on every layer of the system; host machines, identifiers (such as IP addresses and domain names), physical networks, logical/overlay networks, data (or objects), etc. Just a simple replication will add a big price to an existing system. Not many sites can afford this.
Nonetheless, we've got to do the replication ASAP anyway; the Twitter attack incident tells us that replication, either manual or automatic, of data or identifiers, is still critical to provide alternative routes once the popular systems are took down.
And I now feel much safer to know that I've got my own Web site space other than external blogs out of my control. Diversifying the data and identifiers by replication is the easiest, if not only, way to deal with failures and attacks, which are inevitable in the hostile world of Internet. Maybe I need to make some copies of my articles put on the external sites into this blog too.
posted at: 08 Aug 2009 | path: /security | permanent link
Copyright 2009 by Kenji Rikitake. All Rights Reserved.
The contents are licensed under Creative Commons License Attribution 3.0 Unported (CC-BY-3.0).