Someone was bored tonight

If you’re wondering what happened to FtB, starting at about a quarter to eight tonight, we got hit with a distributed denial of service (DDOS) attack. Also, at the same time, Skepchick got DDOSed. Also, at the same time, Feminist Frequency got DDOSed.

I can’t imagine what those three sites have in common, or what they would be promoting that would rouse the furious ire of some tedious nerd somewhere.


  1. anuran says

    Why, it’s a sign from God. FtB, Skepchick and Feminist Frequency make Baby Jesus and Real Christian Men cry.

  2. Charles Insandiego says

    Chrome just gave me a weird screen before loading FtB. It vanished before I could grok it, but the term “DDoS” was there.

  3. Great American Satan says

    As Miri pointed out on fb, this is clearly a victory for Freeze Peach Warriorz (my phrasing). Anyhoo, the DDoS protection worked well enough for me to get in! Nice. :-)

  4. Great American Satan says

    Charles- I read it. Basically it held you up long enough to check your browser. If you were accessing the page in a DDoS style, you wouldn’t have been passed along. (/knows zero about computarz)

  5. Jacob Schmidt says

    I can’t imagine what those three sites have in common, or what they would be promoting that would rouse the furious ire of some tedious nerd somewhere.

    I think it’s ’cause y’all are a bunch of poopyheads.

  6. hjhornbeck says

    Eeeenteresting. I hope I wasn’t the trigger. I see my video is starting to make the rounds, though… :P

  7. Great American Satan says

    Ooh, anything that would inspire this has to be good. Link it up, my good hjornbeck.

  8. hjhornbeck says

    Ooh, anything that would inspire this has to be good. Link it up, my good hjornbeck.

    Weird, I figured this was common knowledge by now. *shrug* I see it just made the Roosh V forum, and I’ve been dancing with Slyme for the last week. There’s no shortage of people interested in DDoSing feminists, though, and no shortage of reasons to DDoS some feminist-aligned websites, so I’m not drawing any stronger conclusions than “huh.”

    Besides, I don’t want Brayton to send me the bandwidth bill…

  9. nyarlathotep says

    Re: Charles Insandiego, Great American Satan, hjhornbeck, et al:

    Either the old DDoS powers are not what they used to be, or those currently interested in DDoS are not well connected at all.

  10. jaredcormier says

    nyarlathotep: it’s a combination of those and mitigation technology has improved. DDoS attacks aren’t exactly a money-making operation

  11. nyarlathotep says


    DDoS mitigation could certainly be a part of it, but you’re implying making money was ever a part of organized DDoS attacks. I do not remember DDoS attacks from 7 or so years ago as a part of money-making effort. The recent DDoS attacks on the e-sports organization TeamLiquid (to my knowledge at least) did not seem to be based in finances.

  12. nyarlathotep says

    I apologize for the double post and mostly irrelevancy, but it occurs to me that I’m unsure whether the e-sports organization was TeamLiquid or EvilGeniuses.

  13. vaiyt says

    I do not remember DDoS attacks from 7 or so years ago as a part of money-making effort.

    That’s the point.

  14. JohnnieCanuck says

    CloudFlare put up the checking browser/ddos page that I saw. Presumably FtB is using them to amongst other things, protect against DDoS.

  15. nyarlathotep says

    I understand and agree. I also understand how poorly I can come across in my most recent comments and as such will cease commenting in this thread.

  16. unclefrogy says

    would this be connected in any way to the inability to get new pages yesterday and have to be content with a cash page fro weeks ago.? (biblical slavery)
    I thought it might have been the result of bad weather.
    there was a header by same cloud services said here is a cashed post they could not resolve the sight or something.
    I do not remember it all and just waited.. The sight had been a little sluggish for me lately I had thought it was just me.

    uncle frogy

  17. Konradius says

    Also, at the same time, Feminist Frequency got DDOSed.

    Oh, I didn’t know that one yet. Sounds interesting.

  18. zenlike says

    Giliell, nah, most will see it as ‘getting their comeuppance’, because bringing down someone else’s website is totes the same as limiting commenting on your own site.

  19. alexanderz says

    From what country are the attacks coming? Is it US or Russia?
    When I saw that Pharyngula got DDoSed I suspected that it was because of the Sochi post, since Russians are well known for cyber warfare. But a simultaneous attack on Skepchick and Feminist Frequency marks this as the work of MRAs.

  20. Al Dente says

    alexanderz @22

    But a simultaneous attack on Skepchick and Feminist Frequency marks this as the work of MRAs.

    It’s quite obvious what motivated the attacker to play silly games with these three particular websites. A Brave Hero™ in action.

  21. Holms says

    Clearly, brave internet heroes are doing this in the name of freedom from FTBorg oppression who clearly don’t know the meaning of hypocrisy. God speed, virile warriors of justice.

  22. Crip Dyke, Right Reverend Feminist FuckToy of Death & Her Handmaiden says


    Show up here and defend the ethics of your DDoS. I fucking dare you.

  23. dutchdelight says

    Actually DDoS’s have pretty much always been about money or at least power.

    Maybe “in the beginning” they were mostly used for channel wars on the IRC networks or to kick players you didn’t like from game servers, but the jump from that, to DDoS attacks towards commercial parties is extremely small and business owners are quick to panic when their online shops stop making money. Gambling sites quickly became favorites of organized crime and were among the first in the industry seriously investing in DDoS mitigation technologies.

    The source of a DDoS attack are zombie pc’s and servers all over the internet that are wholly unrelated to the attacker and victims. That’s why cloudflare implements a gateway page that checks that you are not a zombie bot, but a real browser with functions and behaviour that zombies (usually) do not have. That way the cloudflare network happily takes on the huge amount of traffic generated by the DDoS attack, and still manages to pass real visitors on to the FTB servers.

  24. says

    Chrome just gave me a weird screen before loading FtB. It vanished before I could grok it, but the term “DDoS” was there.

    That’s FTB’s DDoS protection , doing its job (screening your browser before letting you in).

  25. dutchdelight says

    Everytime they resort to trying to defend their gods like this, they just shine a huge spotlight on the fact that they are on their own, their deity always seems completely uninterested in taking any action, just as every other day in history ever. How they are able to miss that fact can only require weapons grade cognitive dissonance. In a world where theology made any sense and gods were real, any god-toting terrorist would get convicted for pretending to know better then their god.

    This is a reason why i have a hard time conversing with believers in person, it always ends up with me feeling bad for their pathetic arguments to such a degree that i find it too embarrassing for them to continue such converstations.

  26. Gregory Greenwood says

    Continuing the style of Holms @ 24:-


    We salute you, brave heroes of the internet – no sense of personal integrity stays your righteous DDoS attack.

    You permit no lingering trace of self-awareness to cause your clear hypocrisy to give you pause.

    And most of all, you allow no tattered remnants of responsibility for your actions to lead you to openly declare that it was you who did this thing, and are prepared to publicly defend the ethical character of your actions.

    You are indeed the ultimate champions of freeze peach, but only for those other brave heroes whom you think deserve it. What better way to uphold a general principle of free expression than to selectively seek to deny it to people whom you don’t like, after all…?


  27. mykroft says

    Interesting. One of the favorite tactics for DDoS is called a SYN attack. Normally when your browser connects to a server they do what’s called a three way handshake. The browser sends a packet with the sync flag set (SYN), opening the connection. The server sends a packet back with the SYN and ACK (acknowledge) flags set, and the browser responds with an ACK packet. At this point, the connection is fully established. In a SYN attack, many computers repeatedly send only the first packet (SYN), leaving the server to try to track all these half-open connections. Eventually it runs out of memory and/or crashes unless some mitigation protocol is used.

    Therefore this must be the work of MRAs, because the religious nuts would never use SYN to attack atheists. An elementary deduction, you might say.

  28. zenlike says

    What is your point Mycroft? That we can’t know that it is the MRA’s and not religious nuts?

    Look at those targets: FTB, Skepchick, Feminist Frequency. That last one isn’t even a secular/atheist website. And there doesn’t seem to be non-feminist atheist websites being targeted.

    It’s very clear the targets are feminist websites. Which makes the very likely suspects the MRA crowd.

  29. dutchdelight says

    It does look like the MRA crowd yes, considering the twitter conversation with Martin, and the list of targets. However, it’s trivial to add a site to your attacklist just to confuse.

    In any case, this attack is breaking a bunch of laws, and the internet isn’t even a fraction as anonymous as most people seem to think. I wonder if an MRA could get even more bitter if he finds himself locked up due to DDoS’ing FTB.

    It’s quite commmon for people on game forums to covertly infiltrate other groups opposed to them, so i’d imagine it would be easy to make your way through the MRA ranks and gather evidence of criminal conduct. Assuming people aren’t doing so right now already…

  30. Louis says

    Oh you wilfully blind fools! It is clearly the nefarious work of the Evil One, Rebecca Watson. She is self/Ally DDOSing in order to make people feel sorry for her, after which she will TAKE OVER THE WORLD AND CUTS OFF MEN’S BALLS!!!!eleventy!!!


    {falls over, dribbling}


  31. Jackie, all dressed in black says

    What an underhanded thing to do.

    Good to see everything back up and running.

  32. frankb says

    Marcus Ranum #34

    Several minutes ago I hit Submit Comment on another thread and got a big notice about switching me to another browser. I hit the back arrow and was successful a second time. Strange things. I wonder if it is connected.

  33. razzlefrog says

    I’m not even surprised this type of immaturity has hit us. I’m just annoyed how brogrammers/tech geeks have an unusually high number of assbrains in their group. The evidence just keeps piling up.

  34. Ogvorbis: Still failing at being human. says


    What an underhanded thing to do.

    But they are trying to shut down sites that preach the heretical idea that women are people which violates their Freeze Peach rights to demean, insult, and degrade women. How is shutting down web sites to protest Freeze Peach underhanded?

  35. dutchdelight says

    I’m not even surprised this type of immaturity has hit us. I’m just annoyed how brogrammers/tech geeks have an unusually high number of assbrains in their group. The evidence just keeps piling up.

    Very sorry about that, I have somewhat of a similar background unfortunately. These types usually seem think that because they´ve learned what an ip address is, they are some type of god among mere mortals. All while leaking evidence of their criminal actions left and right.

    Is there any plan by FTB to involve the authorities here? I don’t have legal experience in the US with this sort of thing, but as an employee of affected businesses in the EU I’ve helped track down perpetrators and seen them get convicted multiple times. It’s hardly useless to take action in my experience.

  36. says

    Hey! I object! I am a tedious nerd with nothing better to do! That’s why I write here! *Shakes fist*

    Dutchdelight – It’s still going on. Skepchic and Feminist Frequency are both down at the moment too. If it’s a concerted attack on this scale it’s more than one person and honestly? It’s up to the three parties (AKA the owners) to make the call. It may simply not be worth it or nothing can be done.

  37. hjhornbeck says

    dutchdelight @49:

    Is there any plan by FTB to involve the authorities here?

    Unfortunately, it’s ridiculously easy to launch a DDoS, and you may not know you’re part of an attack (which also provides a convenient excuse if you do know and someone tracks you down).

    Unless the perp openly declares they did it, and publicly reveals enough evidence to prove it, there’s no chance of legal prosecution. You could maybe hand the source info off to the controlling ISP and have them cut off service, but if there’s enough people participating even that is too time-consuming to be worthwhile, nor does it stop them merely hopping onto another network.

    If anyone is bored today, Wikipedia has a pretty comprehensive write-up on DDoS.

  38. hjhornbeck says

    … and holy shit, that comment didn’t get hung up in moderation?

    [Note to self: can properly footnote here.]

  39. mightybigcar says

    I’m still unable to access the FTB RSS feeds using either Feedly or Akregator. As you are the All-Powerful FTB Overlord And Supreme Dictator For Life, please dispatch your armies of flying code monkeys to correct this.

  40. ck says

    I expect the Slymers and MRAs to simultaneously claim it’s a just reward for these sites, and also claim that FtB/Skepchick/FeministFreq are inflicting the attack upon themselves to earn sympathy. You know, just like every other fucking time something bad has happened to any of these sites.

  41. says

    I saw enough of the message to start making guesses before the page loaded up proper. This definitely struck me as something some MRA individual or group would do. In my experience, religious nuts tend to prefer flooding, hit-and-run comments, sockpuppetry, complaining to supposed authority figures, and email death threats. They’re usually more interested in patting themselves on the back for proselytizing. MRAs generally seem more interested in maintaining the silence that permits them to think they’re okay people. There’s also the nasty side of the tech culture that’s being exposed, so MRAs likely have a higher proportion with the requisite skills to consider and set up a DDoS attack.

    Of course, the two categories have a significant overlap, so we might very well be dealing with religious MRAs.

  42. What a Maroon, el papa ateo says

    Denial of service strikes me as a Catholic approach to dealing with vocal supporters of abortion rights and marriage equality.

  43. says

    Bronze Dog @ 56:

    Absolutely no skills are required. Commercial DDoS “services” are proliferating–for the price of a couple of beers you can get tens or hundreds of gigabits/sec flooding someone’s network connection in a matter of minutes. Some of these operations don’t even bother with the charade of pretending to offer “stressor” services: they say outright that they will take anyone or any website you (dis)like offline. They even provide convenient web-based comannd/control pages to allow you to track the progress of the attack, and clever pricing/packaging e.g. “Bronze”, “Silver”, and “Gold” ‘punishment packages’ to help you “maximize the pain.”

  44. unclefrogy says

    if it is as easy as Mrfancypants says then timing might be significant.
    just guessing here I do not have any facts to go on other than I have had difficulty getting here lately

    uncle frogy

  45. says

    It may or may not be connected, but three days ago I noticed someone with the twitter handle “saygoodbyeanita” harassing Anita Sarkeesian on Twitter claiming that “Anonymous” was in their corner and would help “shut her up” (using a fairly amatuerish video to back up their claim). I looked today and “saygoodbyeanita” has been suspended from Twitter. This attack may be from the same person.

  46. says

    Screw these guys. I’ve donated to all three of you. Which, in fairness, I ought to have done years ago, but the bro-rocracy just gave me the shove I needed.

  47. says

    Someone (or no-one) might be interested to know that I can’t get through the CloudFlare DDoS protection screen with Opera 10.10. It prompts a “Please turn JavaScript on” message even with JavaScript enabled.

  48. dutchdelight says

    Lol, anon on their side… what are these guys on? As i recall anon was quite instrumental in a few recent abuse cases that were getting buried MRA style.

    Anyway, i hope there will be some sharing of the technical details of what was attempted.

  49. Nerd of Redhead, Dances OM Trolls says

    I’ve been shut out from about 10:30 am to just now, when I finally got through. Funny how Freeze Speech folks like to shut down the speech of those who criticize their bigotry….

  50. hjhornbeck says

    Hmmm, looks like the main target was Feminist Frequency. From what I’ve been able to scape up on Google:

    @saygoodbyeanita : @femfreq Can u live with 20/30/40 years of this abuse? Cause we will never give up and now we have the backing of Anonymous
    01:13 PM February 06, 2014

    : @VaheTenclub @femfreq No idea what this is about. No one behind this account is involved.

    Feminist Frequency @femfreq : Yet another DDoS attack in progress. Feminist Frequency site is temporally down. We are working on it.

    Based on the resulting laughter, it looks like they took offense and fired the cannon. That goes nowhere in explaining why FtB and SkepChick were added to the list, though, nor why the DDoS happened now.

  51. hjhornbeck says

    Looks like it’s over, or at least mitigated.

    We owe a huge thanks to FTB for giving us the info we needed to stop the attack and get back online. We also owe a huge thanks to the attackers, who drove a lot of people to like us on Facebook and follow us on Twitter to keep getting their Skepchick fix while the site was down.

  52. Thumper: Token Breeder says

    Oooooh, this is why cloudflare is checking my browser to see if I’m a DDoS. I wondered if it was something like this, but I was initially confused.

  53. dutchdelight says

    Maybe the MRA’s just decided to do some guerilla marketing for FtB/FF/Skepchick?

    It’s hard to figure out what they think they were achieving tbh, but considering the level of maturity we seem to be dealing with… somewhere on the internets, there’s got to be an idiot openly bragging about it.

  54. Nerd of Redhead, Dances OM Trolls says

    I’m still having trouble getting here from home, but from work, after the DDoS check screen, stable connection. At home, I can’t even get the DDoS check screen, or if I do, it just hangs and doesn’t transfer. Any suggestions?

  55. acroyear says

    one problem with the DDOS checker screen is that it has (for now) broken RSS feed readers like

  56. medivh says

    Daz: Java isn’t the problem. Firefox blocks JVMs from installing unless you jump through hoops to override – I’m on firefox without a JVM and I’m fairly fine.

    I’d take a stab at javascript (or ECMAscript as it’s more rightly called these days) being off or some feature of the DDoS screening being blocked by an ad blocker.

    Acroyear: I’d imagine that most bloggers would consider that to be a feature, not a bug. RSS feed readers eliminate ad revenue, to a small degree.

  57. says

    For some reason, I can’t view the site when using Iceweasel (a Firefox fork which is great), but I am able to get in with the Konqueror (some KDE browser).

    Figured it out: I typically have cookies blocked for most sites in Iceweasel, since I usually lurk as opposed to post. Creating an exception for this site seemed to work.

  58. says


    Is anybody having problems with the mobile site? I couldn’t read my morning FtB on my phone. Note: I know nothing about computers. I don’t even know what a DDOS attack means outside of “it shuts down the website.”


  59. Nerd of Redhead, Dances OM Trolls says

    Interesting. I got on with Firefox for a while after work, and now it it “locked out”; doesn’t even try the cloud test window. Safari gives a 303 error prior to the cloud test window. Opera puked, and Chrome gets me here every time. At work, I have IE. Doesn’t make sense to me.

  60. Nerd of Redhead, Dances OM Trolls says

    Oh, and I have a iMac with up-to-date everything (except maybe Chrome and Opera, which I got new for my FIL last summer).

  61. Aaron says

    medivh: It’s not a feature if it keeps people (like me) from coming to the site at all because we don’t know when there is content.

  62. Pteryxx says

    At home, I can’t even get the DDoS check screen, or if I do, it just hangs and doesn’t transfer. Any suggestions?

    Nerd: try purging cookies and/or cache, especially of anything Cloudflare left. In my experience the Cloudflare redirect page sometimes gets sticky and refuses to let go. A purge and browser restart usually fixes it.