Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re: Exactly what we need (Score 1) 63

These attacks rely on security shortcomings of said devices. Whether they can make one or a million requests per second doesn't change the game, the problem is that there are many such compromised devices, not that a single one of them is causing a lot of traffic.

The problem is actually less the amount of traffic. That amount did increase, yes, but until the IoT became a part of the attack, most of the high volume attacks were reflected DNS attacks or similar that could easily be filtered at scrubbers. You simply run your traffic through a scrubber with a fat pipe, it filters all the DNS replies and presto, instant solution. Doesn't work anymore now that these devices are not reflecting, they actually are numerous enough to run attacks that look like genuine http(s) requests. No chance to filter that. And it doesn't matter whether this single device can be limited to X requests. The problem is the number of compromised devices.

So unless you're willing to cripple the devices to the point where they become essentially useless, this is the wrong approach.

The right approach is to disable the more damaging properties of the device until they are properly set up. The very least this must consist of is a change of the default password. The current batch of attacks is mostly relying on IoT devices connected to the internet with the default password still valid. Most of them because the users never bothered to change it, but sadly there are even devices where "changing" the default password only adds another valid password to the list and the default credentials remain valid.

This is the core of the current problem.

Comment Re:Hmm (Score 1) 847

In 1941 Russia actually had a few contracts going with Nazi Germany. Molotov-Ribbentrop pact rings a bell? Division of Poland? They had quite a few ties and political cooperation running. And until the end, right up until Germany invaded Russia, Russia upheld every single clause of that contract to letter and spirit.

That was, by the way, also the reason that the German army could advance so quickly in the first few months. Stalin simply didn't believe that they did that. They had contracts, they had pacts, they had agreements, they had basically agreed on a division of Europe. You get this, we get that.

Having something so intricate and complex simply ignored by who you thought of as your partner and being back stabbed does leave a mark. Russia was absolutely not prepared for this attack, and they will never, ever, be caught again with their pants down. Since that day Russia has never entered a contract without at least pondering what to do should the other side break it.

That's the reason for this. Once you understand that trauma, these things start to make sense, and I wouldn't put too much thought into it. They simply don't trust anyone anymore.

Comment Re:Hmm (Score 1) 847

Actually, it was more like the USSR guaranteeing our freedoms. As silly as it may sound, but as long as the USSR was around, our politicians had to behave and act like the good guys. I mean, think about it: Domestic spying? Detention without trial? Cutting down on civil liberties? When did that happen before 1990?

Ok. After Hoover.

Hell, if McCarthy existed today, he'd have free reign. There would be nobody who'd stop him, just replace "communist" with "terrorist" in that bastard's speeches and you're set.

Slashdot Top Deals

When you are working hard, get up and retch every so often.