Re: Hypothesis regarding recent DDoS attacks from Zijyfe Duufop on 2014-12-31 (public-web-security@w3.org from December 2014)

From: Zijyfe Duufop <zdoofop@gmail.com>
Date: Wed, 31 Dec 2014 15:30:46 -0500
To: Colin Gallagher <colingallagher.rpcv@gmail.com>
Cc: "public-web-sec." <public-web-security@w3.org>
Message-ID: <CAO+vDUTK4V2=ebh_fZpu1g2M-oMrdpLeMPCnmNrtLp8d4GRzzQ@mail.gmail.com>
probably should be clearer:
     *Michael Nieves* @*virus* <https://twitter.com/virus>

These @*LizardMafia* <https://twitter.com/LizardMafia> chumps ripped their
"stresser" code from http://titaniumstresser.net  <http://t.co/BlL1YZSzXz> #
*LizardSquad* <https://twitter.com/hashtag/LizardSquad?src=hash> #
*LizardMafia* <https://twitter.com/hashtag/LizardMafia?src=hash>

On Wed, Dec 31, 2014 at 3:17 PM, Zijyfe Duufop <zdoofop@gmail.com> wrote:

> update:  It appears I was mostly correct: titaniumstresser.net
>
> On Sun, Dec 28, 2014 at 6:21 PM, Zijyfe Duufop <zdoofop@gmail.com> wrote:
>
>> Oh, my mistake.  In my first message I didn't mean new tech as in
>> gadgets, more like an app or program with the specs I gave.  If I am
>> correct, all we would have to do would be to find this new
>> website/program/app and destroy it.  I know it's a lot easier said than
>> done, but I thought I'd put it out there.
>>
>> On Sun, Dec 28, 2014 at 6:16 PM, Zijyfe Duufop <zdoofop@gmail.com> wrote:
>>
>>> I'm not sure I understand.  You started off with saying they are easy
>>> enough already and then went off on a tangent.
>>>
>>> On Sat, Dec 27, 2014 at 11:25 PM, Colin Gallagher <
>>> colingallagher.rpcv@gmail.com> wrote:
>>>
>>>> You're not missing much. I bet you have already seen the Norse
>>>> visualizations. What's bothersome is these attacks are so easy to pull off
>>>> that it's not even a "man-children" or "internet of things" attribution. So
>>>> the cost of association of a person or a group with a non-event becomes so
>>>> low that the fruit is lower hanging for most Tor devs to let players keep
>>>> playing them for attention that comes to Tor, rather that focusing on
>>>> silently addressing node and certificate authority issue problems. Which
>>>> they are, but with a sort of exaggerated sense of denial about the ongoing
>>>> attacks.
>>>>
>>>> Watch and get free entertainment as some dude from Mega throws
>>>> bazillions of credits around to "MAKE IT STOP" and then the hacks resume
>>>> again after money is received. Sad.
>>>>
>>>> As I've pointed out before the reason I wouldn't agree to participate
>>>> in Web Payments group or its conf calls was the ludicrous CLA which in many
>>>> ways literally said, "If you call in, all your ideas are belong to us
>>>> forever." Kind of like .... SONY
>>>>
>>>> so obv I never called in.
>>>>
>>>> Basically:
>>>> These firms / nonprofits (often tainted by too much exposure to the
>>>> infobleedment industry, eg Sony, Mega, Tor, etc) release funds to keep the
>>>> hacks going a bit longer. To get attention in a market that is getting
>>>> tougher (hell, look at slur.io's model - and they'll be gone soon
>>>> because they don't publish keys for gpg etc). The cybercybercyber attacks
>>>> (past few days mostly between US, China, with Russians watching and eating
>>>> popcorn according to NORSE) made ppl run around in circles in low places,
>>>> like Hollywood, White House, and a local garbage incinerator.
>>>>
>>>> I love my privacy (even tho I am contacting you today via gmail) but
>>>> for serious comnunications I use open source and serious crypto, not this
>>>> stuff.
>>>>
>>>> Ok ciao... happy new year
>>>> On Dec 27, 2014 4:35 PM, "Zijyfe Duufop" <zdoofop@gmail.com> wrote:
>>>>
>>>>> Something occured to me recently:
>>>>>
>>>>> As you know, there has been a rash of DDoS attacks on pretty much
>>>>> everything from XBox to North Korea.  From what I understand, different
>>>>> hacker groups are claiming responsibility for nearly every single attack.
>>>>>
>>>>> Now, it occurs to me that the possibility that a bunch of hackers
>>>>> starting to form groups at around the same time is highly unlikely.
>>>>> However, there is another interesting, and more likely explanation: new
>>>>> tech.
>>>>>
>>>>> This tech would have to make DDoS so easy, your grandmother could do
>>>>> it.  It would have to be affordable, reliable, adaptable, and known
>>>>> throughout the hacker community, but not necessarily to the general
>>>>> public.  It would have to be run through a server in such a way that not
>>>>> one of the attacks used can be linked.  And, most importantly, it would
>>>>> have to be intelligent enough to find a weak link in the destination and
>>>>> exploit it.  If I am correct, then man-children in basements everywhere are
>>>>> trying to glorify themselves by taking down high profile targets and then
>>>>> boasting about it in a way that makes them seem bigger than they are.
>>>>>
>>>>> Am I completely wrong?  Am I missing something?  Is this not even
>>>>> news?  Why do I feel like this is too obvious?
>>>>>
>>>>
>>>
>>
>
Received on Wednesday, 31 December 2014 20:31:34 UTC