
How LulzSec kept itself safe during the summer of 'lulz' - jgrahamc
http://www.newscientist.com/article/dn21524-how-lulzsec-kept-itself-safe-during-the-summer-of-lulz.html
======
georgemcbay
Very interesting headline followed by a total content-less fluffy press
release masquerading as a news story.

I am, as they say, disappoint.

~~~
dmix
I found this pretty interesting:

> "but we also saw very specific attacks targeted at vulnerabilities in the
> routers we used on our network. That's pretty clever; you would have to
> spend quite a bit of time investigating the topology in order to figure out
> what routers we were using."

~~~
Dylan16807
If only that had gone on for more than a sentence, especially with asking
permission to talk about the situation.

------
victork2
Nice ad Cloudfare... Wait, was it a legit article ?

NewScientist took a hit in my heart in terms of credibility with this article.

~~~
marshray
Yes, it was a vendor interview piece with a linkbait-and-switch title.
(Cloudfare didn't keep Lulzsec "safe", they kept their website up.)

But NewScientist's primary audience is not web hosting specialists. So for
their audience I expect it was mildly educational.

~~~
functionform
If I remember correctly some guy posted lulzsec member identities online after
simply following them in irc..

~~~
AndyJPartridge
Indeed, but none of them led to the arrests.

It's very likely that they were false IDs created for diversion.

------
gmig
How LulzSec kept -- their website -- safe during the summer of 'lulz'

~~~
redthrowaway
Yes, they didn't do a particularly good job of keeping themselves safe, did
they?

------
Tossrock
My bullshit detector went off somewhere around here: "CloudFlare provides
performance and security for any website online.We handle more traffic through
our network now than Amazon, Wikipedia, Twitter, Zynga and Aol combined."

Considering Wiki, Twitter and Amazon are all top 10 global sites, I'm having a
hard time imagining someone doing more traffic than all of them put together,
even disregarding the rounding errors of Zynga/AOL. Anyone have more concrete
statistics to confirm/deny this?

~~~
jgrahamc
Here's our internal data on this. Based on page view data (values below are
page views) and using the statistics from Google DoubleClick Ad Planner
(<http://www.google.com/adplanner/static/top1000/>) we have the following for
the last 30 days:

    
    
        Wikipedia.org    6,000,000,000
        Twitter.com      5,900,000,000
        Amazon.com       4,900,000,000
        Aol.com          5,400,000,000
        Zynga.com          460,000,000
        Total           22,660,000,000
    

Then looking at our own internal network for the last 30 days we see:

    
    
        CloudFlare      27,066,719,054	﻿	﻿	﻿	﻿	﻿	﻿	﻿	
    

So we did about 4.4B more page views than the combined sites above which would
actually leave us room to add LinkedIn﻿ and Flickr to the list.

~~~
rictic
Are you confident that you're comparing apples to apples there, and not e.g.
pageviews to http requests?

~~~
jgrahamc
Yes. We have detailed stats on page views, hits, bandwidth, cache hits, etc.
etc. Looking at the most recent data which I get daily I see in the trailing
30 days: 27B page views and 162B hits.

------
DanBlake
My understanding of cloud flare is that they null route you if any major
attack comes in- Seems a little bit unfair they didnt do this for lulzsec just
to get the press. If you are some boring website that gets the same attack
lulzsec does, they will just disconnect/nullroute you.

Correct me if any of this inaccurate, but last I checked it was not.

~~~
damoncloudflare
Hi,

We only force a site direct if the attack is too large & starts to impact
other customers as well. If the attack doesn't impact other customers, then we
won't force the site direct (we generally only force a few sites direct per
week & these are monster attacks).

~~~
mr-ron
How was it that the Lulzsec attacks were not as large? What qualifies a
sufficient size attack?

------
zachbeane
Nice press hit.

------
patrickxb
does anyone have experience with cloudflare? good service?

~~~
bcl
I tried them out for a bit, mostly because of their always-on claim but it
didn't work for my sites for some reason so I switched to Amazon.

Their interface is nice, but I don't like the fact that you have to switch
your DNS over to them and then re-enter data like MX records. With amazon I
just point the parts of my domains I want to use to them and the rest remains
with my primary DNS hosting.

~~~
blibble
if you email them you can get onto the private CNAME beta!

------
drzaiusapelord
Is router/server fingerprinting really that "clever." Looks like 5 minutes
with nmap and nessus.

------
drcube
How is someone trying to take down a website they don't like a "white hat"
hacker?

