Slashdot Log In
CNN Misrepresenting etoy vs. etoys Battle?
Posted by
Hemos
on Tue Dec 21, 1999 12:36 PM
from the battle-of-domain-names dept.
from the battle-of-domain-names dept.
J Hotch writes "Check out CNN's story:
eToys attacks show need for strong Web defenses.
Check out this frighteningly inaccurate description of the conflict:
"Online retailer eToys has taken legal steps to prevent a Swiss art group from using the domain name etoy.com."
This makes it sound like etoy.com was trying to muscle in on etoys.com. They don't mention that etoy.com was registered years before etoys.com was even a twinkle in some business-major's eye.
Unfortunately, they are just using the denial-of-service attacks on etoys.com as a springboard into a web security article. "
This discussion has been archived.
No new comments can be posted.
CNN Misrepresenting etoy vs. etoys Battle?
|
Log In/Create an Account
| Top
| 200 comments
(Spill at 50!) | Index Only
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
|
2
(1)
|
2
Let's just /. them (Score:3)
How to add more information (Score:3)
Please note: they screen each post for relevance, so no Mae Ling Mak Naked Drunk Petrified Spray Painted And Auctioned Off To Disney posts will get through.
The Kulturwehrmacht [onelist.com]
To be fair to CNN.. (Score:5)
Now, let the ranting begin:
1) The only time that I would ever advocate a DoS attack on a site is never. There is no reason to do so; sure, you might put it down for a while (etoys reported 98% instead of 100% reliability during the last few weeks), but if anything it could lead to worse things (see below). There are more effective ways to state your dislike for something.
2) CNN's not wrong; their article on the etoy/etoys things is truth. Just using a different set of words that seems to put etoys on the right side of the thing. Words are very powerful, but you can't blame CNN for misusing them.
3) I really don't like this idea of DoS attacks, especially in light of this article. Chain of events: All over e-commerce they read that a service can be put down because of DoS (they won't care why the DoS was initiated); Etoys says they have to use custom-built DoS prevention tricks to stop it; E-commerce security experts all up in arms on how to stop this; e-commerence management wonders how to easily stop it; e-commerce turns to US Government (using large bags of money) and asks them to stop it; US Government bans all TCPIP tools except port 80's. Ok, so the last one's going a bit far, but I don't doubt that this series of events can happen. Just as with the question of linking, overly long patent and trademarks, poor patents, and other junk, stuff like this only kills the net for anyone not involved in e-commerce, and even then, may take some lowend e-commerce sites down.
Moral of the story: PLEASE DONT BE A SCRIPT KIDDIE. :-P
Re:Wha? (Score:4)
That's the problem with freedom of speech (supporters? advocates? zealots?). Doing things like DoS against somebody's server just to "prove a point" will only hurt freedom more than help it, in the long run. We need "peaceful" protests -- not disruptive actions. Yes we have to fight for our freedom rights, but doing childish things like ping floods, etc., will only give a very bad image to people outside of our circle, and actually advance the cause of those who want to take away our freedom (they can point at us and say "look at this bunch of childish fanatics, don't listen to them.")
I guess this is a principle we should all learn: whether fighting for freedom of speech, advocating Linux, or whatever the noble cause may be. "Promoting" Linux by flaming MS doesn't do any good at all, as most of us know very well. Similarly, DoS'ing etoys.com just to "show them" we don't like their actions won't do much except confirm, in the minds of the unknowing, that we are just a bunch of fanatics that should be ignored. What we need is to protest in a non-disruptive way. If enough of us drop a (polite!) note to etoys.com or to a congressman or whoever's in the position to take action, or raise some legal funds, and take some other means of non-disruptive action against this trend, we might actually make an effect.
Remember, if we lower ourselves to the opponent's level, we lose. Unfortunately it only takes a small percentage of us to behave in a childish way and people jump to the conclusion we're all like that.
Right vs. Wrong (Score:5)
I recieved one of RTMark's e-mails; they clearly got my e-mail address off of /. because I responded to the earlier story [slashdot.org] about this. So, since I piped in with support of etoy (my post included simply options of other toy retailers to use, and my angle was that these other options are actually cheaper than eToys)
So, let's see... RTMark takes it upon themselves to harvest my e-mail address, send me Spam, and tries to enlist the spam's recipients to engage in an illegal DOS attack against eToys -- and they're the good guys?
The news article may not have been complete, (gee, Slashdot's never done that...) but they did get it right: this is an illegal attack that does nothing except make legitimate advocates for etoy look bad.
Re:Oh no! They're using Linux! (Score:3)
No wonder they have such excellent availability!
etoy.com a bunch of script kiddies? (Score:4)
Not to mention they mention the "unix-based" Tribal Flood Network. As if they are trying to group anyone that uses a non-MS OS into the "script kiddie" catagory that trys to take down "legit" e-commerce sites like etoys.com.
Which makes me wonder if Ted Turner has some sort of interest in etoys.com. I've seen CNN spin the hell out of other stories that were against a Turner company. Turner uses CNN to promote all of his ideas. It's not called the Clinton News Netowrk for nothing.
Just my $.02, but NEVER rely on CNN when they put too much of a negative spin on one thing and positive spin on another in the same story. CNN projects it's financial and politcal ideas in it's "unbiased" stories more then any other news organization I've seen.
I know what really happened. Other news groups reported on what really happened. I take CNN at face value, so the story didn't really surprise me.
Re:Let's just /. them (Score:3)
At it's peak, Slashdot would probably only add a few percentage points of volume to eToy's site. For your average, low-budget, low-availability server, this results in a temporary loss of responsiveness, AKA "Slashdot Effect."
For a redundant, possibly clustered dedicated site with fine-tuned web servers, this will have no perceivable impact at all.
Contacting the author (Score:3)
Please, no flames.
Ellen Messmer
Senior Editor, Enterprise Applications
emessmer@nww.com
(202) 879-6752
Fax: (202) 347-2365
Network World
1331 Pennsylvania Ave., Suite 505
Washington, DC 20004
1st Law of Mass Media / How the Grinch Stole eToys (Score:3)
The 1st Law of Mass Media is "Give the people what they want." It appears CNN is doing exactly that... after all, it is Christmas, and (by the way, this has nothing to do with my opinion on the subject [I support eToy], just my perception of how CNN is handling it):
There may be other parallels, these were just readily apparent. Remember what ESR likes to talk about with regard to technology in the media: people only pay attention to tech stories with protagonists. In this case, they've got a protagonist (the Whos down at eToys) and a story that they more-or-less already know (or at least think they do)... what more could John Q. Public ask for?
This is my opinion and my opinion only. Incidentally, IANAL.
Hello Kettle... (Score:3)
Not surprising, just annoying (Score:3)
There are many, many things that annoyed me about this CNN article. Here's a short list:
1) They did not mention that etoy.com was registered two YEARS before eToys.com. The wording makes it sound like etoy.com was just playing off the popularity of eToys.com, which is not the case.
2) CRACKERS, not HACKERS! For crying out loud! How many times can they get this wrong? Isn't there something we could do to get these reporters a clue? crackers Crackers CRACKERS!
3) OK, so someone posted eToys.com's IP address on the web. Oh nooo, Mr. Bill! God FORBID anyone should do that! As we all know, nameservers don't do that kind of thing every day. IPs are not meant to be seen by the general public! All them thar numbers and dots, those could mean *anything*!
Oh, and as for those "proprietary" defenses being used by eToys: why am I not surprised that these people would take from the Open Source community and then not even be willing to disclose new (if they are new) ways of warding off attackers? Yeah, OK, I understand that this might make them more vulnerable, but then again.... well, we all know the good arguments for sharing information, so I won't rehash those.
All in all, it's no more than I expected from CNN - but I would like to see the bar raised on these types of "mainstream technical" articles.
What the News is All About (Score:4)
It exists to sell your eyeballs to advertisers.
The more eyeballs, the more dollars revenue.
Facts just scare the audience away.
Adopt this cynical (and realistic) understanding of the news media, and it'll serve you well.
Pleeeeze? (Score:4)
I am usually not in favor of incitement to riots, but this position goes a bit too far the other way. Peaceful and non-disruptive protests make sense only when the imbalance of power between the two sides isn't too great. If your position on the totem pole is several feet below its bottom, then all the non-disruptive protests in the world aren't going to do you and your cause any good. At best you'll politely told to fuck off and not bother important gentlemen busy with their important matters.
The proper criterion for protest is not how disruptive it is, but rather how effective it is in achieving its aims. Sometimes the best way is to be very, very polite. Other times, being polite is useless but being obnoxious and irritating works wonders. It all depends.
I am not in favor of ping-flooding etoys' servers -- this attack is ineffective and is not likely to make etoys see the light. The management will just tell their tech people to fix it, and fix it they will, it's not hard at all. On the other hand, I am also not in favor of wringing one's hand lamenting the horrible state of affairs and writing whiny letters to congresscritters. If you want to do something, do something effective instead of pissing in the wind.
Kaa
Re:Pleeeeze? (Score:3)
> disruptive it is, but rather how effective it is
> in achieving its aims.
Definitly agreed
> I am not in favor of ping-flooding etoys'
> servers -- this attack is ineffective
Again agreed. The proper way to protest is to
be disruptive. Be disruptive to their bottom line.
This is best done by getting the word out and
convincing people to vote with their dollars.
If you flood the server and make it impossible for
people to go there...thats just as bad as etoys
themselves. To be an effective protester you DO
have to be "Better than them".
They should fight this thing tooth and nail. They
need to get the attention of the media and get
positive press. Make the entire incident a PR
disaster for etoys, and don't stop until they
fold.
like this: (Score:3)
/sbin/ipchains -A input -i eth0 -p icmp --icmp-type ping -d 0.0.0.0/0 -j DENY
using -j DENY over -j REJECT means that the packet is just dropped by the kernel like it never existed. It means that a reply is never sent. It takes a lot less cpu time and bandwidth this way, as a reply packet does not have to be sent.
Metaphor with seattle (Score:3)
Here is what I saw in Seattle, as a legal observer, a protestor, and a member of Food Not Bombs (a significant non-destructive Seattle anarchist group):
The "black bloc" who broke windows numbered at least 40-50. Not all of these people broke windows, but all were collaborating in this action. In terms of "provoking government over-reaction" - it may have been intended that way but the tear gas had been used at least an hour prior to the first broken window. (It's my belief that government overreaction, which despite the chaos on Tuesday really kicked in on Wednesday, was more a factor of Clinton's presence; the Secret Service's "if things go bad Wednesday, we have to have crushing superiority and readiness for ruthless tactics" philosophy became a self-fulfilling prophecy.)
The Etoy thing is not about provoking overreaction though. To my mind the more pertinent aspect of the metaphor is the black bloc's belief that their actions were necessary to get media coverage, and that even negative coverage served to spread their message. I'm sure that some script kiddies feel the same way. And when major media gets the story totally wrong, as in this case, it only fuels their attitude. "Their gonna twist the story anyway, at least this way they won't ignore it." IMO a counter-productive attitude, but certainly one I can sympathize with.
(Wouldn't it be nice if etoys sued CNN for indirectly encouraging the DoS attacks through their biased coverage?
Re:Let's just /. them (Score:3)
The DoS attacks against eToys coming from
Not all of the carriers on the European end of things have blocked traffic, but 80% of traffic, including HTTP, is going into a BGP4 black hole before it clogs the networks. With a little work I can get to eToys, but they are effectively shut out of Europe for now, and will stay that way until the end of the law suit against etoy.
I also can tell there are some tier 1 carriers in the US blocking traffic to eToys, so this DoS is having a wider effect than just a few ping floods and TFN. It is not just the 2% loss of business now, but a potential 50% or more. eToys actions in court are having an effect on ISPs, so ISPs consider their actions to be a type of attack on the internet, and are blocking their users from the evil eToys.
/.ers should remember to also write a letter to NSI, complaining about how the loss of etoy.com is hurting you personally, and how eToys are the new interloper causing havoc on the internet.
the AC