Hang on a sec...
Haven't they sold about a million Pi's...?
The charity behind the tiny Brit computer Raspberry Pi apparently came under fire from a million-strong botnet army last night. Zombie machines were instructed by unknown assailants to launch a massive denial-of-service attack on the Raspberry Pi Foundation's website. The organisation warned the world that its online home was …
Haven't they sold about a million Pi's...?
Self-aware RPI botnet... save yourselves!
I'm suprised that "Being a complete prick" wasn't higher up the list.
I'd have guesstimated that 100% of DDoS was down to pure twattery.
Yes, that goes without saying, since we all know that's the primary reason for all DDoSes, we are not looking for and care only about the reason said "twats" pick the targets they do.
Is this the most up-voted post ever?
Hah, probably RM, who do anything they can to take down anyone supplying tech to education while comitting the unforgivable crime of not being them and their shoddy, overpriced wares. Usually they just run crying to goverment to prop up their anti-competitive ways, or carry out dodgy business deals, but maybe botnets are cheaper than w(h)ining and dining government aides :D
(OK, realistically, probably just something really boring like blackmail from some butthurt teen who is pissed that he didn't get free kit on demand, but the above is probably a more exciting theory)
I unpacked "RM" as "Russian Mafia". What the hell do they have to do with education?
Does the pi foundation use shared hosting? They may simply be in the crossfire.
RM - Research Machines... a long term supplier to the educational sector (at least the school part)
RM - Research Machines... a long term
supplier tofleecer of the educational sector (at least the school part)
OK, british thing, gotcha. Thanks for the explanation!
Never heard of that particular company. In light of the above comments, are they big enough to kick the moderators into action?
Almost worth it being RM for the picture of an endless warehouse with a million RML-380z in their black cases - all DDOSing their little z80s out
I kinda parsed RM as "Royal Marines".
Flog the same old rebadged Chinese kit at x times the price, hold secret meetings with school SLT to which network managers were not invited, then falsely allege sabotage to push out employed technicians and sell the managed service.
I remember playing with the school 380z a very long time ago. It was one the only computer the school had until the BBC Model B and a 48K Spectrum turned up.
Those were the days. I remember giving the physics teacher (who had responsibility for the computers dumped on him) tutorials on it. I had to teach him how to use CP/M and code in BASIC and Pascal (which I'd been learning for O level computer science at an FE college 'cos my school couldn't teach it) .
It is simply the irresponsible doing the indefensable.
Or the indefensible doing the irresponsible depending on your perspective.
...would be placated by hitting technology-education charities. Nor what an extortionist could hope to achieve. It just sounds like random, mindless vandalism to me.
Perhaps Anonymous might like to try to winnow out who was responsible, and give them the Good News instead. It's the sort of thing the Anons are good at...and it would certainly fit /their/ ideology to do that.
As an AC further up pointed out, that guy who contacted them asking for a free sample and wouldn't take "no" for an answer might have the motive.
It would be a bit stupid though, if he's widely identified himself previously.
"Nor what an extortionist could hope to achieve. It just sounds like random, mindless vandalism to me."
I suspect that they'll be sending the blackmail/extortion demand soon enough. A few grand or they'll do it again, etc.
The standard Internet whackjob.
Probably because Pi is using the 'wrong' Linux variant or something equally heinous.
It's not impossible, but I don't think your average distro fundamentalist is going to be the type of person who sets up or rents a million host botnet.
It's hard to think of any reason behind this, most likely because there is no sane reason for it. Most attacks of this type aren't done for "fun" anymore, they're done to extort money out of the target to get you to stop, or to crash a competitor (I understand this is a common pattern for attacks on porn, spam, and gambling sites).
Since the folks at pi have no cash to speak of, and wouldn't be considered to be in competition by anyone with two brain cells to rub together, I think it's most likely a case of collateral damage from attacking a different target.
*Adopts R. Stallman beard*
GNU/Linux! Get it right, please.
I bet almost all of them originated from MSFT in some way or form.
They're trying to kill linux as they see it as a cancer.
Ryan Giggs tried to shut down the internet, now MSFT are trying to kill linux.
Thanks. You just gave me the idea to set up busybox on one of my Pi SD cards instead.
And what better way to Kill Linux than by supporting it on your hypervisor, producing integration tools and making software for Android... Err, wait..
wouldn't be considered to be in competition
Other dev board / mini PC / media centre manufacturers? Particularly Chinese ones?
Embrace, extend, extinguish.
Please... a beard is for life, not just for christmas.
Maybe just the original supplier who lost out when production got repatriated to Sony in Wales
Maybe my age is showing but I can recall numerous cases where MS "supported" something in a way that made the supported product appear to perform worse than MS's half-assed knock off or not function at all. The Linux tools are probably a combination of Microsoft's "innovation" culture (as in "he steals, you copy, I innovate") and "Embrace and Extend" (http://en.wikipedia.org/wiki/Embrace,_extend_and_extinguish). The only reason MS supports Linux right now is that no halfway competent IT dept on anything less than an unlimited budget is going to let go of their Linux backends and appliances so their inability to play nice was not-so-slowly squeezing them out of the NOC.
The attack temporarily took the servers off line for a while and now it's up again. Hardly seems worth the effort bothering at all.
Most hosts have some kind of DDOS hardening now, it's not always a thing you need dedicated infrastructure for anymore. It may be that the attacks had an easily-filterable pattern, or maybe the asshats realized they were targeting the wrong people and went back to attacking a "pharmacy" somewhere.
We'll probably never know the details - I don't think attacking the raspberry pi foundation gets you credibility in the black hat world - even thieves can think other thieves are dicks.
Just what kind of feckless twazzock launches a DDOS on a registered charity? Especially a tech charity, unless the botty lord (presumably that's what you call the controller) is scared of future kids out scripting them.
Dear feckless twazzocks,
There are a multitude of web ne'er-do-wells that deserve a jolly good spanking with a DDOS, but the pi foundation isn't one of them. Can I suggest that you take heed that bigger boys won't think you are big or clever.
Now feck off the interwebs!
UKgnome and friends!
I second Botty Lord for the wazzocks behind botnets!
Or Botti Boi...
Brilliant! Now added to my vocabulary.
Wrote :- "Just what kind of feckless twazzock launches a DDOS on a registered charity? ... There are a multitude of web ne'er-do-wells that deserve a jolly good spanking with a DDOS "
I think you are making the assumption that people who make DDOS attacks are (or should be) some kind of hero, like internet Robin Hoods. I expect they attacked Pi simply because Pi is in the tech news a lot lately.
I don't have that assumption, but not many people amass a million strong zombie hoard just to piss off a charity. It's a soft target and there is nothing to gain.
I forget the rates, but isn't a 100 computers something like $10 so for a million it would be $10000 although you would probably get a discount. Even if it was $1 it would still be an expensive waste of time. The only way this makes sense is if this was a demonstration of power. And even then, that only makes sense if you are a feckless twazzock botty lord!
Occasionally I'm reminded of the meaning of the word 'wankers'.
Me too, but it does get increasingly infrequent as one gets older.
Where's the Eadon post blaming Microsoft?
Shagbag already has that angle covered.
All thing fuss and not one mention of a piece of tree hanging fruit
I always wonder why DDoS are carried out. They can only last for a short while, and so all you do is wait it out and back comes your website. Yes, some organizations like banks might lose some custom during that period and their customers will be a bit upset, but they are few in number. There are very few organizations that only use the internet for interaction and will lose lots of money from even the shortest period of DDoS.
I'm quite surprised that no one's mentioned this, but often DDOS attacks are launched as a distraction, to allow someone to infiltrate the network whilst the admins are looking the other way. A major example of this recently was, unless I'm mistaking, the huge Sony/PSN hack.
It was probaby me. I was just trying to get my new $5 Chinese made wifi stick working with my Raspberry Pi. It was acting a bit weird and my kidiots were complaining that the Internet was plugged up solid. I didn't realize it was phoning home from all over the 'net. Sorry.
"The explosion of inexpensive and readily-accessible attack tools is enabling almost anybody to carry out DDoS attacks."
Erm, No. You could have all the tools in the world, but if people actually had secure a OS and anti-malware running on their machines you'd have to find 999,999 like-minded idiots with a common agreed enemy to mount an attack like this. No chance of that happening!
Crap internet security on the average PC is what is enabling almost anybody to carry out DDoS attacks.
Biting the hand that feeds IT © 1998–2017