Quantcast

«

»

Feb 09 2014

Someone was bored tonight

If you’re wondering what happened to FtB, starting at about a quarter to eight tonight, we got hit with a distributed denial of service (DDOS) attack. Also, at the same time, Skepchick got DDOSed. Also, at the same time, Feminist Frequency got DDOSed.

I can’t imagine what those three sites have in common, or what they would be promoting that would rouse the furious ire of some tedious nerd somewhere.

82 comments

Skip to comment form

  1. 1
    anuran

    Why, it’s a sign from God. FtB, Skepchick and Feminist Frequency make Baby Jesus and Real Christian Men cry.

  2. 2
    Charles Insandiego

    Chrome just gave me a weird screen before loading FtB. It vanished before I could grok it, but the term “DDoS” was there.

  3. 3
    Great American Satan

    As Miri pointed out on fb, this is clearly a victory for Freeze Peach Warriorz (my phrasing). Anyhoo, the DDoS protection worked well enough for me to get in! Nice. :-)

  4. 4
    Great American Satan

    Charles- I read it. Basically it held you up long enough to check your browser. If you were accessing the page in a DDoS style, you wouldn’t have been passed along. (/knows zero about computarz)

  5. 5
    Jacob Schmidt

    I can’t imagine what those three sites have in common, or what they would be promoting that would rouse the furious ire of some tedious nerd somewhere.

    I think it’s ’cause y’all are a bunch of poopyheads.

  6. 6
    hjhornbeck

    Eeeenteresting. I hope I wasn’t the trigger. I see my video is starting to make the rounds, though… :P

  7. 7
    Great American Satan

    Ooh, anything that would inspire this has to be good. Link it up, my good hjornbeck.

  8. 8
    hjhornbeck

    Ooh, anything that would inspire this has to be good. Link it up, my good hjornbeck.

    Weird, I figured this was common knowledge by now. *shrug* I see it just made the Roosh V forum, and I’ve been dancing with Slyme for the last week. There’s no shortage of people interested in DDoSing feminists, though, and no shortage of reasons to DDoS some feminist-aligned websites, so I’m not drawing any stronger conclusions than “huh.”

    Besides, I don’t want Brayton to send me the bandwidth bill…

  9. 9
    nyarlathotep

    Re: Charles Insandiego, Great American Satan, hjhornbeck, et al:

    Either the old DDoS powers are not what they used to be, or those currently interested in DDoS are not well connected at all.

  10. 10
    theoreticalgrrrl

    I’m not allowed to post?

  11. 11
    jaredcormier

    nyarlathotep: it’s a combination of those and mitigation technology has improved. DDoS attacks aren’t exactly a money-making operation

  12. 12
    vaiyt

    Freeze peaches for me, and not for thee. Typical.

  13. 13
    nyarlathotep

    jaredcormier@11

    DDoS mitigation could certainly be a part of it, but you’re implying making money was ever a part of organized DDoS attacks. I do not remember DDoS attacks from 7 or so years ago as a part of money-making effort. The recent DDoS attacks on the e-sports organization TeamLiquid (to my knowledge at least) did not seem to be based in finances.

  14. 14
    nyarlathotep

    I apologize for the double post and mostly irrelevancy, but it occurs to me that I’m unsure whether the e-sports organization was TeamLiquid or EvilGeniuses.

  15. 15
    vaiyt

    I do not remember DDoS attacks from 7 or so years ago as a part of money-making effort.

    That’s the point.

  16. 16
    JohnnieCanuck

    CloudFlare put up the checking browser/ddos page that I saw. Presumably FtB is using them to amongst other things, protect against DDoS.

  17. 17
    nyarlathotep

    vaiyt@15
    I understand and agree. I also understand how poorly I can come across in my most recent comments and as such will cease commenting in this thread.

  18. 18
    unclefrogy

    would this be connected in any way to the inability to get new pages yesterday and have to be content with a cash page fro weeks ago.? (biblical slavery)
    I thought it might have been the result of bad weather.
    there was a header by same cloud services said here is a cashed post they could not resolve the sight or something.
    I do not remember it all and just waited.. The sight had been a little sluggish for me lately I had thought it was just me.

    uncle frogy

  19. 19
    Konradius

    Also, at the same time, Feminist Frequency got DDOSed.

    Oh, I didn’t know that one yet. Sounds interesting.

  20. 20
    Giliell, professional cynic -Ilk-

    I guess the Freeze Peach #braveheroes are all up and supporting the three sites against this attack, right? Right? RIGHT? Fuck, I’m turning blue in the face….

  21. 21
    zenlike

    Giliell, nah, most will see it as ‘getting their comeuppance’, because bringing down someone else’s website is totes the same as limiting commenting on your own site.

  22. 22
    alexanderz

    From what country are the attacks coming? Is it US or Russia?
    When I saw that Pharyngula got DDoSed I suspected that it was because of the Sochi post, since Russians are well known for cyber warfare. But a simultaneous attack on Skepchick and Feminist Frequency marks this as the work of MRAs.

  23. 23
    Al Dente

    alexanderz @22

    But a simultaneous attack on Skepchick and Feminist Frequency marks this as the work of MRAs.

    It’s quite obvious what motivated the attacker to play silly games with these three particular websites. A Brave Hero™ in action.

  24. 24
    Holms

    Clearly, brave internet heroes are doing this in the name of freedom from FTBorg oppression who clearly don’t know the meaning of hypocrisy. God speed, virile warriors of justice.

  25. 25
    Crip Dyke, Right Reverend Feminist FuckToy of Death & Her Handmaiden

    Coward/s.

    Show up here and defend the ethics of your DDoS. I fucking dare you.

  26. 26
    dutchdelight

    Actually DDoS’s have pretty much always been about money or at least power.

    Maybe “in the beginning” they were mostly used for channel wars on the IRC networks or to kick players you didn’t like from game servers, but the jump from that, to DDoS attacks towards commercial parties is extremely small and business owners are quick to panic when their online shops stop making money. Gambling sites quickly became favorites of organized crime and were among the first in the industry seriously investing in DDoS mitigation technologies.

    The source of a DDoS attack are zombie pc’s and servers all over the internet that are wholly unrelated to the attacker and victims. That’s why cloudflare implements a gateway page that checks that you are not a zombie bot, but a real browser with functions and behaviour that zombies (usually) do not have. That way the cloudflare network happily takes on the huge amount of traffic generated by the DDoS attack, and still manages to pass real visitors on to the FTB servers.

  27. 27
    vexorian

    Chrome just gave me a weird screen before loading FtB. It vanished before I could grok it, but the term “DDoS” was there.

    That’s FTB’s DDoS protection , doing its job (screening your browser before letting you in).

  28. 28
    chigau (違う)

    Well.
    I guess they showed us.

  29. 29
    damien75

    Saturday night: classic boredom night, as everyone knows.

  30. 30
    tsig

    Shutting down opinions you disagree with, how American-not.

  31. 31
    dutchdelight

    Everytime they resort to trying to defend their gods like this, they just shine a huge spotlight on the fact that they are on their own, their deity always seems completely uninterested in taking any action, just as every other day in history ever. How they are able to miss that fact can only require weapons grade cognitive dissonance. In a world where theology made any sense and gods were real, any god-toting terrorist would get convicted for pretending to know better then their god.

    This is a reason why i have a hard time conversing with believers in person, it always ends up with me feeling bad for their pathetic arguments to such a degree that i find it too embarrassing for them to continue such converstations.

  32. 32
    saukko

    Crip Dyke @25

    Martin Wagner of Atheist Experience was having conversation on twitter with one:

    https://twitter.com/wagnerfilm/status/432370204304093184

    His twitter name says it all.

  33. 33
    Gregory Greenwood

    Continuing the style of Holms @ 24:-

    *Snark

    We salute you, brave heroes of the internet – no sense of personal integrity stays your righteous DDoS attack.

    You permit no lingering trace of self-awareness to cause your clear hypocrisy to give you pause.

    And most of all, you allow no tattered remnants of responsibility for your actions to lead you to openly declare that it was you who did this thing, and are prepared to publicly defend the ethical character of your actions.

    You are indeed the ultimate champions of freeze peach, but only for those other brave heroes whom you think deserve it. What better way to uphold a general principle of free expression than to selectively seek to deny it to people whom you don’t like, after all…?

    */Snark

  34. 34
    Marcus Ranum

    They hate us for our freedom!

  35. 35
    mykroft

    Interesting. One of the favorite tactics for DDoS is called a SYN attack. Normally when your browser connects to a server they do what’s called a three way handshake. The browser sends a packet with the sync flag set (SYN), opening the connection. The server sends a packet back with the SYN and ACK (acknowledge) flags set, and the browser responds with an ACK packet. At this point, the connection is fully established. In a SYN attack, many computers repeatedly send only the first packet (SYN), leaving the server to try to track all these half-open connections. Eventually it runs out of memory and/or crashes unless some mitigation protocol is used.

    Therefore this must be the work of MRAs, because the religious nuts would never use SYN to attack atheists. An elementary deduction, you might say.

  36. 36
    zenlike

    What is your point Mycroft? That we can’t know that it is the MRA’s and not religious nuts?

    Look at those targets: FTB, Skepchick, Feminist Frequency. That last one isn’t even a secular/atheist website. And there doesn’t seem to be non-feminist atheist websites being targeted.

    It’s very clear the targets are feminist websites. Which makes the very likely suspects the MRA crowd.

  37. 37
    zenlike

    OK sorry Mycroft, I now get the joke. My apologies.

  38. 38
    mykroft

    zenlike @ 36
    Sorry, forgot to set the /pun flag.

  39. 39
    dutchdelight

    It does look like the MRA crowd yes, considering the twitter conversation with Martin, and the list of targets. However, it’s trivial to add a site to your attacklist just to confuse.

    In any case, this attack is breaking a bunch of laws, and the internet isn’t even a fraction as anonymous as most people seem to think. I wonder if an MRA could get even more bitter if he finds himself locked up due to DDoS’ing FTB.

    It’s quite commmon for people on game forums to covertly infiltrate other groups opposed to them, so i’d imagine it would be easy to make your way through the MRA ranks and gather evidence of criminal conduct. Assuming people aren’t doing so right now already…

  40. 40
    playonwords

    As of now Skepchick is still very patchy.

  41. 41
    Louis

    Oh you wilfully blind fools! It is clearly the nefarious work of the Evil One, Rebecca Watson. She is self/Ally DDOSing in order to make people feel sorry for her, after which she will TAKE OVER THE WORLD AND CUTS OFF MEN’S BALLS!!!!eleventy!!!

    WAKE UP SHEEPLE!!!!

    {falls over, dribbling}

    Louis

  42. 42
    Irène Delse, on dry land among seabirds

    @ Marcus Ranum #34:

    They hate us for our freedom!

    Beautiful! :-D

  43. 43
    Jackie

    What an underhanded thing to do.

    Good to see everything back up and running.

  44. 44
    Markita Lynda—threadrupt

    Maybe you could tell http://feministfrequency.com how to deploy the CloudFlare protection because they are still unavailable.

  45. 45
    frankb

    Marcus Ranum #34
    LOL

    Several minutes ago I hit Submit Comment on another thread and got a big notice about switching me to another browser. I hit the back arrow and was successful a second time. Strange things. I wonder if it is connected.

  46. 46
    csue

    Skepchick is still down for us.

  47. 47
    razzlefrog

    I’m not even surprised this type of immaturity has hit us. I’m just annoyed how brogrammers/tech geeks have an unusually high number of assbrains in their group. The evidence just keeps piling up.

  48. 48
    Ogvorbis: Still failing at being human.

    Jackie:

    What an underhanded thing to do.

    But they are trying to shut down sites that preach the heretical idea that women are people which violates their Freeze Peach rights to demean, insult, and degrade women. How is shutting down web sites to protest Freeze Peach underhanded?

  49. 49
    dutchdelight

    I’m not even surprised this type of immaturity has hit us. I’m just annoyed how brogrammers/tech geeks have an unusually high number of assbrains in their group. The evidence just keeps piling up.

    Very sorry about that, I have somewhat of a similar background unfortunately. These types usually seem think that because they´ve learned what an ip address is, they are some type of god among mere mortals. All while leaking evidence of their criminal actions left and right.

    Is there any plan by FTB to involve the authorities here? I don’t have legal experience in the US with this sort of thing, but as an employee of affected businesses in the EU I’ve helped track down perpetrators and seen them get convicted multiple times. It’s hardly useless to take action in my experience.

  50. 50
    Avicenna

    Hey! I object! I am a tedious nerd with nothing better to do! That’s why I write here! *Shakes fist*

    Dutchdelight – It’s still going on. Skepchic and Feminist Frequency are both down at the moment too. If it’s a concerted attack on this scale it’s more than one person and honestly? It’s up to the three parties (AKA the owners) to make the call. It may simply not be worth it or nothing can be done.

  51. 51
    hjhornbeck

    dutchdelight @49:

    Is there any plan by FTB to involve the authorities here?

    Unfortunately, it’s ridiculously easy to launch a DDoS, and you may not know you’re part of an attack (which also provides a convenient excuse if you do know and someone tracks you down).

    Unless the perp openly declares they did it, and publicly reveals enough evidence to prove it, there’s no chance of legal prosecution. You could maybe hand the source info off to the controlling ISP and have them cut off service, but if there’s enough people participating even that is too time-consuming to be worthwhile, nor does it stop them merely hopping onto another network.

    If anyone is bored today, Wikipedia has a pretty comprehensive write-up on DDoS.

  52. 52
    hjhornbeck

    … and holy shit, that comment didn’t get hung up in moderation?

    [Note to self: can properly footnote here.]

  53. 53
    infraredeyes

    Tedious Nerd is my Radiohead cover band.

    Glad to see you’re up and running.

  54. 54
    mightybigcar

    I’m still unable to access the FTB RSS feeds using either Feedly or Akregator. As you are the All-Powerful FTB Overlord And Supreme Dictator For Life, please dispatch your armies of flying code monkeys to correct this.

  55. 55
    ck

    I expect the Slymers and MRAs to simultaneously claim it’s a just reward for these sites, and also claim that FtB/Skepchick/FeministFreq are inflicting the attack upon themselves to earn sympathy. You know, just like every other fucking time something bad has happened to any of these sites.

  56. 56
    Bronze Dog

    I saw enough of the message to start making guesses before the page loaded up proper. This definitely struck me as something some MRA individual or group would do. In my experience, religious nuts tend to prefer flooding, hit-and-run comments, sockpuppetry, complaining to supposed authority figures, and email death threats. They’re usually more interested in patting themselves on the back for proselytizing. MRAs generally seem more interested in maintaining the silence that permits them to think they’re okay people. There’s also the nasty side of the tech culture that’s being exposed, so MRAs likely have a higher proportion with the requisite skills to consider and set up a DDoS attack.

    Of course, the two categories have a significant overlap, so we might very well be dealing with religious MRAs.

  57. 57
    What a Maroon, oblivious

    Denial of service strikes me as a Catholic approach to dealing with vocal supporters of abortion rights and marriage equality.

  58. 58
    octopod

    Hahahaha. Hey, maybe it was Woody Allen!

  59. 59
    MrFancyPants

    Bronze Dog @ 56:

    Absolutely no skills are required. Commercial DDoS “services” are proliferating–for the price of a couple of beers you can get tens or hundreds of gigabits/sec flooding someone’s network connection in a matter of minutes. Some of these operations don’t even bother with the charade of pretending to offer “stressor” services: they say outright that they will take anyone or any website you (dis)like offline. They even provide convenient web-based comannd/control pages to allow you to track the progress of the attack, and clever pricing/packaging e.g. “Bronze”, “Silver”, and “Gold” ‘punishment packages’ to help you “maximize the pain.”

  60. 60
    unclefrogy

    if it is as easy as Mrfancypants says then timing might be significant.
    just guessing here I do not have any facts to go on other than I have had difficulty getting here lately

    uncle frogy

  61. 61
    Jason

    Imagine that. An MRA shitbag neckbeard flooding us with his man tears? Color me shocked.

  62. 62
    aaronpound

    It may or may not be connected, but three days ago I noticed someone with the twitter handle “saygoodbyeanita” harassing Anita Sarkeesian on Twitter claiming that “Anonymous” was in their corner and would help “shut her up” (using a fairly amatuerish video to back up their claim). I looked today and “saygoodbyeanita” has been suspended from Twitter. This attack may be from the same person.

  63. 63
    Ken Keenan

    Screw these guys. I’ve donated to all three of you. Which, in fairness, I ought to have done years ago, but the bro-rocracy just gave me the shove I needed.

  64. 64
    Andrew T.

    Someone (or no-one) might be interested to know that I can’t get through the CloudFlare DDoS protection screen with Opera 10.10. It prompts a “Please turn JavaScript on” message even with JavaScript enabled.

  65. 65
    dutchdelight

    Lol, anon on their side… what are these guys on? As i recall anon was quite instrumental in a few recent abuse cases that were getting buried MRA style.

    Anyway, i hope there will be some sharing of the technical details of what was attempted.

  66. 66
    davehooke

    antievolution.org is down too. Perhaps that is why.

  67. 67
    Nerd of Redhead, Dances OM Trolls

    I’ve been shut out from about 10:30 am to just now, when I finally got through. Funny how Freeze Speech folks like to shut down the speech of those who criticize their bigotry….

  68. 68
    hjhornbeck

    Hmmm, looks like the main target was Feminist Frequency. From what I’ve been able to scape up on Google:

    @saygoodbyeanita : @femfreq Can u live with 20/30/40 years of this abuse? Cause we will never give up and now we have the backing of Anonymous
    01:13 PM February 06, 2014

    Anonymous
    ‏@AnonyOps
    : @VaheTenclub @femfreq No idea what this is about. No one behind this account is involved.

    Feminist Frequency @femfreq : Yet another DDoS attack in progress. Feminist Frequency site is temporally down. We are working on it.

    Based on the resulting laughter, it looks like they took offense and fired the cannon. That goes nowhere in explaining why FtB and SkepChick were added to the list, though, nor why the DDoS happened now.

  69. 69
    hjhornbeck

    Looks like it’s over, or at least mitigated.

    We owe a huge thanks to FTB for giving us the info we needed to stop the attack and get back online. We also owe a huge thanks to the attackers, who drove a lot of people to like us on Facebook and follow us on Twitter to keep getting their Skepchick fix while the site was down.

  70. 70
    Thumper: Who Presents Boxes Which Are Not Opened

    Oooooh, this is why cloudflare is checking my browser to see if I’m a DDoS. I wondered if it was something like this, but I was initially confused.

  71. 71
    dutchdelight

    Maybe the MRA’s just decided to do some guerilla marketing for FtB/FF/Skepchick?

    It’s hard to figure out what they think they were achieving tbh, but considering the level of maturity we seem to be dealing with… somewhere on the internets, there’s got to be an idiot openly bragging about it.

  72. 72
    Nerd of Redhead, Dances OM Trolls

    I’m still having trouble getting here from home, but from work, after the DDoS check screen, stable connection. At home, I can’t even get the DDoS check screen, or if I do, it just hangs and doesn’t transfer. Any suggestions?

  73. 73
    Daz: Experiencing A Slight Gravitas Shortfall

    Nerd, my first guess would be that it’s a java and/or browser problem. Pending further info, I’d suggest:

    1) Disable any script-blocker you may have running, and see if that makes a difference.
    2) Check that your java is up to date.
    3) Try a different browser.

  74. 74
    acroyear

    one problem with the DDOS checker screen is that it has (for now) broken RSS feed readers like Feedly.com.

  75. 75
    medivh

    Daz: Java isn’t the problem. Firefox blocks JVMs from installing unless you jump through hoops to override – I’m on firefox without a JVM and I’m fairly fine.

    I’d take a stab at javascript (or ECMAscript as it’s more rightly called these days) being off or some feature of the DDoS screening being blocked by an ad blocker.

    Acroyear: I’d imagine that most bloggers would consider that to be a feature, not a bug. RSS feed readers eliminate ad revenue, to a small degree.

  76. 76
    Daz: Experiencing A Slight Gravitas Shortfall

    medivh,

    I’ve had similar problems solved by updating Java before. Thinking on it, it’s the only “make sure [whatever] is up to date” advice I’ve taken which has worked. (I’m no expert—it could’ve been coincidence.)

  77. 77
    Isaac

    For some reason, I can’t view the site when using Iceweasel (a Firefox fork which is great), but I am able to get in with the Konqueror (some KDE browser).

    Figured it out: I typically have cookies blocked for most sites in Iceweasel, since I usually lurk as opposed to post. Creating an exception for this site seemed to work.

  78. 78
    michael kellymiecielica

    Hey,

    Is anybody having problems with the mobile site? I couldn’t read my morning FtB on my phone. Note: I know nothing about computers. I don’t even know what a DDOS attack means outside of “it shuts down the website.”

    Thanks!

  79. 79
    Nerd of Redhead, Dances OM Trolls

    Interesting. I got on with Firefox for a while after work, and now it it “locked out”; doesn’t even try the cloud test window. Safari gives a 303 error prior to the cloud test window. Opera puked, and Chrome gets me here every time. At work, I have IE. Doesn’t make sense to me.

  80. 80
    Nerd of Redhead, Dances OM Trolls

    Oh, and I have a iMac with up-to-date everything (except maybe Chrome and Opera, which I got new for my FIL last summer).

  81. 81
    Aaron

    medivh: It’s not a feature if it keeps people (like me) from coming to the site at all because we don’t know when there is content.

  82. 82
    Pteryxx

    At home, I can’t even get the DDoS check screen, or if I do, it just hangs and doesn’t transfer. Any suggestions?

    Nerd: try purging cookies and/or cache, especially of anything Cloudflare left. In my experience the Cloudflare redirect page sometimes gets sticky and refuses to let go. A purge and browser restart usually fixes it.

Comments have been disabled.