This Just In (Twitter) | Twitter Is Down

Welcome! Please comment and leave me a note telling me what you like and what you'd like to see more of. Sign up to my RSS Feed!

 

The good-morning application currently everyone’s favorite is down.  This started today at 9:13AM PDT, and was acknowldged by the company shortly thereafter.  

Site is down 18 minutes ago

We are determining the cause and will provide an update shortly.

 

So what are people to do?

 

The resultant rush to Facebook has slowed down, and in some cased broke, that site.   AJAX error and network errors are multiplying….

And of course… Flickr has slowed down substanitally, and IM networks, especially Yahoo! IM has slowed down.   I wonder what it does to "real" phone lines – cellular or otherwise.

More on this as it develops….

 

UPDATE at 11:15 EDT:

 

Twitter is officially under a DDoS:

 

Site is down 1 hour ago

We are determining the cause and will provide an update shortly.

Update: we are defending against a denial-of-service attack.

 

In a related note:  Amazon’s cluster in Washington State and the San Jose Verio Cluster are both much slower than usual.  I wonder what that means to AWS Cloud users

 

Update:  11:20 AM… A friend just asked me if it is Cyberwar.   No.  It is Cyberbull.  (TM)

 

Update: 11:42 AM  Twitter is up.  Slow, but up.

Update: 17:00 OM… I just saw the New York Times publishing an article suggesting that the attack on Twitter et al was from Russia and a part of last year’s conflict with Georgia.

HOGWASH.

 

Show me the proof.

 

I am just waiting to see someone blaming IRAN for it, as a pay back for Twitter’s role.

 

 ————-

 

10:03 PM EDT Update:  The Register’s Dan Gooding, a fantastic righter that I enjoy, put out this article advancing the theory that the attacks were a) Russian in nature and b)  well… I will let you see his words:

"This was not like a botnet-style DDoS," Woodcock told The Register. "This was a joejob where people were just clicking on links in email and the people clicking on the links were not malefactors. They were just the sort of idiots that click on links in email without knowing what they are."

While, in theory, that is possible, I find it so unlikely as to be laughable.   Imagine all those poor Russian hitting links at the very same time and generating attacks.   Roll eyes.

In addition, to claim that the Internet is fragile enough to allow attacks on the mention of ONE INDIVIDUAL’s blog to bring down some of the biggest bandwidth sites on the web is….. what’s the word…. foolish.

 

I could be wrong, but since I am already disagreeing with Evgeny (here), I feel fairly certain I am correct.

 

10:47  It seems to be happening AGAIN.  Both Twitter and LiveJournal are down.   And please none of that cyberbull about Russians getting busy again.

 

Permalink

 

Time for a Cyber NonProliferation Treaty?

 

The "news" that Russia and other countries is seeking to create a treaty, and potentially an enforcement agency, to prevent, mitigate and control cybercrime and cyberwars is not that new.

Since at least 1995 Russia has attempted to create a formal framework to control and prevent such activity and  is implying that US resistance to such work is a proof that the US encourages and fosters such attacks and crime.

Nothing can be further from the truth.

While it is certainly understood why a government for a country which is not leading in a specific area – for example here – computer technology, would push other states to put a muzzle on their utilization and in such doing, prevent a perceived benefit from being capitalized on, some may not understand what would cause the US to be against such a move.

Allow me to suggest a few reasons why the notion is both ludicrous and abhorrent to a free society.

 

Firstly, unlike the case when referring to Nuclear and to Chemical nonproliferation, there is nothing to "have" or to "store". In contrast to the need to process, create, and securely store ordnance or dual-use items, where the case is Cyber warfare, any and every computer can be, and sometime is, an "instrument of war". Only in very controlled societies, such as Russia or Iran, can access to computing infrastructure be so restricted as to carefully control who, when, where, and how has access to a desktop.

 

Secondly, the definition of war is far from being universal. Some innocent action, automatically performed by routers, for example, might be seen as "offensive" while some, clearly suspicious in nature, such as network-mapping may have completely civilian reasons and need.

Thirdly, as is the case with nearly all cyber-activity, national borders have no meaning, or very little meaning, in this regard. Who would be the aggressor if the activity resulted from a server owned by a Danish company, hosted in the US, traveling over Japanese-owned bandwidth, and controlled by a Romanian? What laws of war have been broken here?

Fourthly, and despite the fact I expect a disagreement over this point, there is a lack of a definition of what constitutes an attack. Would 100,000 pings be one attack or 100,000? Would one attack by 50,000 zombies be one action or 50,000? What if those 50,000 were in 12 different countries? What if they were controlled by an individual from the victim country itself? Would that still be "war"?

The next point is something that can be, and indeed has, been defined successfully Russia demands that we would

…ban a country from secretly embedding malicious codes or circuitry that could be later activated from afar in the event of war.

As I said, this is not new. For over forty years, Dr. Colonel Roger Schell (USAF, Retired) has called for the use of more secure (up to A1 classified) systems in order to counter the threat of Subversion. Dr. Schell certainly knows what he is talking about, and has seen instances of other countries sponsoring such subversion activities – in code or hardware – in devices used in the US. For a country such as Russia, and to a lesser extent, the US, reliance on imported circuitry is de rigueur. The only reason that the US is less reliant on such technologies is that the US military has a specific rule disallowing the use of certain items and code in many sensitive systems. While Russia has similar rules, its industrial base has not fully been able to provide 100% answer to the in-county manufacturing of all needed circuitry, so far. This fact has caused Russia, which is certainly top-notch in its mathematical thinking capacity, to be more dependant on circuitry made elsewhere for some of its critical systems – especially those that have dual-use, i.e. not just military, purpose – such as SCADA networks throughout the country.

Russia is indeed speaking out of both sides of its mouth when it argues that the European convention of cybercrime allows investigation into a case without first informing local authorities – while all the while demanding such super-sovereign ideas be included in a global treaty.

 

Let’s face it. Cyber activity is the reason why 1984 – like scenarios do not work. I am proud to live in a country that understands that the Internet is a Genie which can not be re-bottled.

 


Permalink