
How a weapon against war became a weapon against the web - jgrahamc
https://www.theverge.com/2017/4/14/15293538/electronic-disturbance-theater-zapatista-tactical-floodnet-sit-in
======
z3t4
i speculate, putting kidz in jail for hacking, made room for the criminals.
But hacking is still childs play. it was a long time since i saw "hacked by"
on a web site, now the hacks are silent, and the servers are used as drones by
criminals to make money.

------
dorianm
I would be curious what a decentralized Cloudflare would look like. Right now
it seems like they are the main player against attackers online

~~~
smokeyj
The closest us probably IPFS or Storj at the moment. I'm sure there's other
players.

------
mirimir
So FloodNet was the ancestor of LOIC?

~~~
Neliquat
Id say ping floods were first, although I had good results cating executables
thru the modem and getting interesting crashes. I guess that is more like
ghetto fuzzing.

~~~
dhimes
+1 ghetto fuzzing

------
BuuQu9hu
DDoS continues to look like an economic problem; we should not have grown used
to the idea that small amounts of bandwidth are effectively a free good.

~~~
the8472
Or the lack of distributed networks. If available bandwidth for serving
content scaled with demand for it it would be more difficult to attack it.

~~~
x1798DE
How would that work for malicious nodes in a distributed network? A torrent
will be DoSed if there are 10,000 leechers for every seeder.

~~~
the8472
you are assuming that torrents only work when there are seeders, but that's
not true at all. Seeders simply provide surplus bandwidth, allowing a torrent
to operate on altruism. In the worst case where almost everyone is downloading
it degrades into tit-for-tat behavior where everyone gets as much as others
are willing to provide based on their current contribution, which still scales
with the number of downloaders.

Maybe I should have mentioned one other condition. The network must be
distributed and consist of nodes with symmetric bandwidth. If you have
symmetric bandwidth you can upload as fast as you download and thus on average
the network won't need altruistic nodes to saturate everyone's downlink.

We could go even further and demand ISP-local source-specific multicast, then
you would have massive bandwidth multiplication for uploaders, making it
trivial to replicate popular content. Alas, that seems to be a pipe dream.

~~~
x1798DE
> you are assuming that torrents only work when there are seeders, but that's
> not true at all.

No, I'm saying that if someone is trying to DDoS your torrent, the bandwidth
doesn't scale with the number of downloaders because all the malicious nodes
are using download bandwidth but (deliberately) not providing upload
bandwidth. I was playing a bit fast and loose with the term "leecher" (I meant
someone downloading but <i>not uploading at all</i>, as opposed to active
participants in the swarm), but I thought that was understood. Even if you had
a system where people were prioritized based on how much they were sharing,
there are a lot of ways to get around that protocol with a big enough botnet.

Don't get me wrong, the built-in scaling features of things like torrents are
great, I'm just saying I don't see an easy way for it to solve DDoS because it
relies on cooperation from the participants.

~~~
the8472
Well, that depends on what kind of ddos we're talking about. The primitive
ones simply pick a server and flood it with some kind of request. The
distributed part makes it harder to block and provides more bandwidth than
most single points can take

If you make your content distributed it can be mirrored by many more nodes
than are needed to satisfy demand, removing some of the asymmetry while also
making it more difficult for the attacker to pick his targets. Note that p2p
networks can also respond to demand. E.g. in torrents clients don't seed all
the content they have all the time, they first check statistics which swarms
could use the bandwidth most. So if there were some content under attack by
fake downloaders it would look like a swarm in need of extra bandwidth and
thus more real nodes would join it to serve content, thus making the attack
more costly.

> Even if you had a system where people were prioritized based on how much
> they were sharing, there are a lot of ways to get around that protocol with
> a big enough botnet.

With a big enough botnet you can also take out any ddos protection service.

