On 09/25/2016 01:11 AM, Steve Kinney wrote:
Maybe I'm going all Chicken Little here, maybe not. But I think this development may be the closest thing to an Internet Armageddon we are likely to see in our lifetimes.
http://arstechnica.com/security/2016/09/why-the-silencing-of-krebsonsecu rity-opens-a-troubling-chapter-for-the-net/
=or=
How does thee patch that which is Unpatchable? DDOS now includes the death of a million ankle biters: Not just unpatchable, but massively distributed, with a continuing profit motive and no liability for the manufacturers, paid for and plugged in by hundreds of millions of "regular folks" throughout the so-called Developed Nations.
So far every mitigation strategy relevant to "normal" users and use cases that occurs to me would be worse than the original problem.
Yes, it's for sure a hard problem. Any entity resourceful enough to withstand Tbps DDoS is likely a huge privacy risk :( On the other hand, Krebs has been totally asking for it, for years ;) He's been going after major cybercriminals, who perhaps have major connections with global TLAs. And he's often been a jerk about it. Hugely self-righteous, and humorless. So meh ;)
:o/