Premier Rock Forum

anyone here has an invite to waffles.fm?

Sebastian J. wrote:anyone here has an invite to waffles.fm?

i'd like one too please.

eephour wrote:

Sebastian J. wrote:anyone here has an invite to waffles.fm?

i'd like one too please.

me three.

Me four

The site's been getting DDOS'd for a while now, don't hold your breath. I am genuinely curious whether this is the RIAA finally stepping up their game or what.

stmusic.org is still running though, and improving daily.

I doubt it would be RIAA. DoS attacks are illegal, and very easy to trace unless you own a very large multi-national covert botnet.

I suppose they could be channeling the packets through a large worldwide anonymous proxy network like Tor or something...

DDOS attacks are actually impossible to trace, which is what is happening to the site. The key is the first "D," which stands for "distributed." In essence, someone DOES in fact own (or 'pwn' if you like) a very large (multi-national?) botnet and they are using it to attack the site.

edit: the board crashed before I could fix this. DDoS attacks are actually not impossible to trace, but because of their distributed nature they are nontrivially difficult to mitigate. You end up having to filter about half the internet, maybe more.

Considering that the RIAA has no trouble suing old ladies who've never even used a computer for filesharing, I'd hardly put this past them. Perhaps they have a covert ops dept that contracts cyber nerds or something to do their bidding now. Who knows!

MrFood wrote:

katie, a douchebag wrote:Go to the fucking record store, cunts. Mail-order goes everywhere now, pricks. Buy music, fucking twats.

Oh Jeez! I didnae think of that!

Wow!

Ok - now if you could just post a link to the mailorder site that is currently carrying a copy of the Table album or the 'Smashed Guitars And Sunn Amps' record by Earth, that'd be great!

Thanks,

Barry.

http://www.hmv.co.uk/hmvweb/displayProd ... sku=769424

The last time I ordered something from HMV that was listed as 'on order from supplier' I waited nearly two months before being told that the item was no longer available. Just saying.

Also: better late than never...

http://blogs.guardian.co.uk/technology/ ... _oink.html

ironyengine wrote:DDOS attacks are actually impossible to trace, which is what is happening to the site. The key is the first "D," which stands for "distributed." In essence, someone DOES in fact own (or 'pwn' if you like) a very large (multi-national?) botnet and they are using it to attack the site.

edit: the board crashed before I could fix this. DDoS attacks are actually not impossible to trace, but because of their distributed nature they are nontrivially difficult to mitigate. You end up having to filter about half the internet, maybe more.

Considering that the RIAA has no trouble suing old ladies who've never even used a computer for filesharing, I'd hardly put this past them. Perhaps they have a covert ops dept that contracts cyber nerds or something to do their bidding now. Who knows!

Distributed DoS attacks are not impossible to trace, but they can be nearly impossible to trace if they're pulled off well. Pulling off a untraceable DDoS attack requires remote access to machines spread out over a very wide area, like all over the US or (preferably) all over the world. Merely gaining access to a single large network (say at a university, huge corporation or ISP, for instance) would greatly compound the risk of getting caught because the organization that owns the network could likely identify the single attack vector that initially compromised their network, and then the investigation would naturally proceed along those lines. That's generally how most virus mongers get busted.

The kind of DDoS attacks that are virtually untraceable are ones involving thousands of machines running hidden processes (a.k.a. "bots") that are remotely controlled in real-time via IRC or another relay-type network.

My point was that "owning" that many boxes would require that the attacker(s) work as a very large, semi-organized group to manually hack lots of 3rd-party PCs to do their dirty work (like in the case of the huge DDoS attack that was orchestrated against the US by Chinese hackers back in the spring of 2001) or else they prepare for weeks in advance spreading some sort of auto-replicating trojan horse worm to accumulate a bot army all over the globe.

Without a doubt, the RIAA uses underhanded legal maneuvers and often sues innocent people. But being the high-profile organization that they are, I doubt they'd want to incur the risk of a Federal case for violation of the Computer Fraud and Abuse Act involving the invasion of thousands of computers all over the world. If they were implicated in such a case--attacking thousands of innocent people's machines--it would probably hurt their credibility to the point where they would be unable to win court cases. It just doesn't seem consistent with their M.O. up to this point. However, I don't doubt that it could be the work of some other "hacktivist" group(s) who are sympathetic to their cause.