Once crude and unsophisticated, DDoSes are now on par with those by nation-states.
Kresten
link
fedilink
51Y

It’s a sad development, but inevitable. Eventually you can’t discern malicious traffic and real user traffic, I’m pretty curious as to what will happen then

Proof of work “toll” for each request or session seems like a good option.

Kresten
link
fedilink
11Y

You’re probably right

realslef
link
fedilink
41Y

For everything except energy efficiency

Compromised devices can do work too, and it slows down everyone. Not sure it’s the right solution.

I kinda like how tor has done a proof of work before a request is acceptable

flatbield
link
fedilink
131Y

Seems overblown. They said crypto, gaming, gambling, advertising, and marketing sites were the biggest targets. Not exactly critical stuff.

As far as botnets… Let orgs or agencies either patch the devices or disconnect them. Seems like there should be an agency that scans for problematic devices and takes action automatically.

Good news, there are agencies which looks for these vulnerabilities and report the issues to manufacturers! But, usually the person who makes the botnet patches the vuln. after they infect the device so no one else can take control of it. So, unless the owner of the device apart of the botnet updates software after a fix is implemented and factory resets, nothing can be done to ‘remove’ the device from the botnet.

flatbield
link
fedilink
11Y

Not exactly true. Upstream could just disconnect the user for example at the ISP. One could also just disconnect whole countries if needed. We just do not take these these things seriously.

Similarly white hats could be scanning for vunerabilities and patching them when found before they could be exploited.

Similarly one could require all internet facing stuff to have an auto update feature.

Just saying many things could be done.

Start blacklisting the devices then. People will learn quick that their device is infected if everything stops working for them lol.

@Hirom@beehaw.org
link
fedilink
2
edit-2
1Y

That’s the way.

Finding out the person behind an online device then explain the importance of doing a reset+patch is hard enough for one person. It would have to be done for many thousandd of device on a regular basis. And many devices are setup and forgot, no one manages them.

A block may be an easier and better insentive. It would require an explicit error message. Eg “Connection blocked because malicious activity, likely from compromised device. Here are details about the compromised device model and how to patch…”

Create a post

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

  • 1 user online
  • 56 users / day
  • 167 users / week
  • 618 users / month
  • 2.31K users / 6 months
  • 1 subscriber
  • 3.28K Posts
  • 67K Comments
  • Modlog