Re: Hypothesis regarding recent DDoS attacks from Zijyfe Duufop on 2014-12-31 (public-web-security@w3.org from December 2014)

From: Zijyfe Duufop <zdoofop@gmail.com>
Date: Wed, 31 Dec 2014 15:17:44 -0500
To: Colin Gallagher <colingallagher.rpcv@gmail.com>
Cc: "public-web-sec." <public-web-security@w3.org>
Message-ID: <CAO+vDUTYymR1q3R6B2Dkx8ZsfOtY6sc1_rAaYyvAC2sFwmk1=w@mail.gmail.com>
update:  It appears I was mostly correct: titaniumstresser.net

On Sun, Dec 28, 2014 at 6:21 PM, Zijyfe Duufop <zdoofop@gmail.com> wrote:

> Oh, my mistake.  In my first message I didn't mean new tech as in gadgets,
> more like an app or program with the specs I gave.  If I am correct, all we
> would have to do would be to find this new website/program/app and destroy
> it.  I know it's a lot easier said than done, but I thought I'd put it out
> there.
>
> On Sun, Dec 28, 2014 at 6:16 PM, Zijyfe Duufop <zdoofop@gmail.com> wrote:
>
>> I'm not sure I understand.  You started off with saying they are easy
>> enough already and then went off on a tangent.
>>
>> On Sat, Dec 27, 2014 at 11:25 PM, Colin Gallagher <
>> colingallagher.rpcv@gmail.com> wrote:
>>
>>> You're not missing much. I bet you have already seen the Norse
>>> visualizations. What's bothersome is these attacks are so easy to pull off
>>> that it's not even a "man-children" or "internet of things" attribution. So
>>> the cost of association of a person or a group with a non-event becomes so
>>> low that the fruit is lower hanging for most Tor devs to let players keep
>>> playing them for attention that comes to Tor, rather that focusing on
>>> silently addressing node and certificate authority issue problems. Which
>>> they are, but with a sort of exaggerated sense of denial about the ongoing
>>> attacks.
>>>
>>> Watch and get free entertainment as some dude from Mega throws
>>> bazillions of credits around to "MAKE IT STOP" and then the hacks resume
>>> again after money is received. Sad.
>>>
>>> As I've pointed out before the reason I wouldn't agree to participate in
>>> Web Payments group or its conf calls was the ludicrous CLA which in many
>>> ways literally said, "If you call in, all your ideas are belong to us
>>> forever." Kind of like .... SONY
>>>
>>> so obv I never called in.
>>>
>>> Basically:
>>> These firms / nonprofits (often tainted by too much exposure to the
>>> infobleedment industry, eg Sony, Mega, Tor, etc) release funds to keep the
>>> hacks going a bit longer. To get attention in a market that is getting
>>> tougher (hell, look at slur.io's model - and they'll be gone soon
>>> because they don't publish keys for gpg etc). The cybercybercyber attacks
>>> (past few days mostly between US, China, with Russians watching and eating
>>> popcorn according to NORSE) made ppl run around in circles in low places,
>>> like Hollywood, White House, and a local garbage incinerator.
>>>
>>> I love my privacy (even tho I am contacting you today via gmail) but for
>>> serious comnunications I use open source and serious crypto, not this stuff.
>>>
>>> Ok ciao... happy new year
>>> On Dec 27, 2014 4:35 PM, "Zijyfe Duufop" <zdoofop@gmail.com> wrote:
>>>
>>>> Something occured to me recently:
>>>>
>>>> As you know, there has been a rash of DDoS attacks on pretty much
>>>> everything from XBox to North Korea.  From what I understand, different
>>>> hacker groups are claiming responsibility for nearly every single attack.
>>>>
>>>> Now, it occurs to me that the possibility that a bunch of hackers
>>>> starting to form groups at around the same time is highly unlikely.
>>>> However, there is another interesting, and more likely explanation: new
>>>> tech.
>>>>
>>>> This tech would have to make DDoS so easy, your grandmother could do
>>>> it.  It would have to be affordable, reliable, adaptable, and known
>>>> throughout the hacker community, but not necessarily to the general
>>>> public.  It would have to be run through a server in such a way that not
>>>> one of the attacks used can be linked.  And, most importantly, it would
>>>> have to be intelligent enough to find a weak link in the destination and
>>>> exploit it.  If I am correct, then man-children in basements everywhere are
>>>> trying to glorify themselves by taking down high profile targets and then
>>>> boasting about it in a way that makes them seem bigger than they are.
>>>>
>>>> Am I completely wrong?  Am I missing something?  Is this not even
>>>> news?  Why do I feel like this is too obvious?
>>>>
>>>
>>
>
Received on Wednesday, 31 December 2014 20:18:32 UTC