|
|
|
|
|
|
by cheald
3530 days ago
|
|
|
I certainly expect it to become an increasingly-significant problem, as well. I don't mean to downplay the significance of the attack. But the lesson here isn't "welp, the bad guys have won, the internet is dead", it's "don't use one DNS provider, go redundant on it just like you do on every other piece of the stack". Yeah, it's annoying, but it's not an unsolvable problem. The reporting on this has really annoyed me because the writers writing about it have pretty consistently said that GitHub, Twitter, PayPal, etc have all been knocked offline, which is just untrue. They have unresolvable names - resolve their names and they're working just fine. The fix is improved resilience in name resolution, and it's not a terribly hard fix. Someone in the other thread noted that PornHub is managing just fine despite using Dyn DNS - because they also route half their DNS traffic to UltraDNS. Attacks like this are certainly a big problem, and are going to become a bigger problem, but IMO, the Chicken Little sky-is-falling hysteria is unwarranted and unuseful. |
|
|
I've been really selective with the reporting I checked, and so most everything I've seen has been either BBC-bloodless ("these sites are inaccessible, because a DDoS attack happened"), or TheRegister-sophisticated (assumes the reader knows what DNS is). A quick look at what other people have been running explains your general sentiment. This isn't the end of the world, and running stories saying "IoT WILL KILL US ALL" isn't making anything better.
So fair enough: I think this is a serious issue, and today's events revealed that people haven't been properly prepared. But pitching it as something totally unpredictable is downright dishonest.