zlacker

[parent] [thread] 10 comments
1. charci+(OP)[view] [source] 2023-07-01 21:34:38
It's not a self ddos if twitter isn't going down. You can see in the video twitter is properly handling the load and is returning HTTP 429 when the client is sending too many requests. Hitting the rate limiter or requesting a post is light weight. It's not like it's spamming login requests which require a lot of resources due to key stretching.
replies(3): >>thakop+F >>simonw+S1 >>hn9272+Zm
2. thakop+F[view] [source] 2023-07-01 21:38:24
>>charci+(OP)
2 Nines is sufficient at scale?
replies(2): >>charci+m1 >>notqui+p1
◧◩
3. charci+m1[view] [source] [discussion] 2023-07-01 21:43:18
>>thakop+F
For a consumer facing surface. Yes.
◧◩
4. notqui+p1[view] [source] [discussion] 2023-07-01 21:43:40
>>thakop+F
It’s Twitter. A nine is more than enough for their most critical workloads.
replies(1): >>8organ+ue
5. simonw+S1[view] [source] 2023-07-01 21:46:35
>>charci+(OP)
The theory here is that this JavaScript bug caused the huge increase in requests which is why Twitter introduced strict limits on how many tweets users could access.

So the result wasn't an outage, it was a radical reduction in functionality.

I think that still qualifies as a self-ddos.

◧◩◪
6. 8organ+ue[view] [source] [discussion] 2023-07-01 23:22:55
>>notqui+p1
One nine allows 10% downtime. That's 36 days per year. I doubt that.
replies(1): >>klawed+Sf1
7. hn9272+Zm[view] [source] 2023-07-02 00:38:57
>>charci+(OP)
> It's not a self ddos

Maybe not

> if twitter isn't going down

I disagree. Ddos is a type of attack, not the result of an attack. If they're hitting their services way too many times in a distributed fashion, it's a ddos regardless of how it was handled.

Similarly, would you say this[0] wasn't a ddos because it was mitigated? I think not.

[0] https://blog.cloudflare.com/26m-rps-ddos/

replies(1): >>charci+pu
◧◩
8. charci+pu[view] [source] [discussion] 2023-07-02 01:50:38
>>hn9272+Zm
Self ddos is more fuzzy because there is no intent. If I wget all pages from a site's site map is that a dos? If it was architecture to handle that kind If load the site would be unaffected and if wasn't it could potentially cause availability problems. If after starting my download script I noticed the server couldn't handle my requests then I would recognize I am dosing them.
replies(1): >>hn9272+Dtf
◧◩◪◨
9. klawed+Sf1[view] [source] [discussion] 2023-07-02 11:09:35
>>8organ+ue
Wouldn’t 1 nine be 9%?
replies(1): >>8organ+sA1
◧◩◪◨⬒
10. 8organ+sA1[view] [source] [discussion] 2023-07-02 14:06:06
>>klawed+Sf1
One nine is atleast 90.0%.

Two nines is atleast 99.0%.

Three nines is atleast 99.9%.

and so on.

◧◩◪
11. hn9272+Dtf[view] [source] [discussion] 2023-07-06 12:51:52
>>charci+pu
> more fuzzy because there is no intent

I agree. DoS is an attack, so without intent it is fuzzy. But I think it is pretty descriptive, so it's okay. I know exactly what self-ddos means instantly (flooding your own service, without malicious intent).

I think it's kind of a limitation with English or the term ddos. If it really is only used it for intent to attack, it becomes less useful of a word IMO.

[go to top]