[liberationtech] Avaaz, is this for real?

Sky (Jim Schuyler) sky at cyberspark.net
Fri May 4 13:42:47 PDT 2012 

Yeah, maybe that's a plausible scenario, but then they need to rethink how they handle corporate communications. The information and appeals sound paranoid and hysterical. Perhaps "unbelievable" is an even better word.

Look, we're all speculating...so until someone at Avaaz is willing to talk about facts, figures and timing, we won't know.

That said, in my experience prudent security folks would not trumpet an attack to the world so early in the process -- they would take the time to monitor and investigate, and then report the facts, if they chose to do that at all. Certain types of attacks (and penetrations particularly) you would report, but it serves no purpose to report DDoS's that are successfully thwarted. And attribution, if possible at all, lies in wait a long distance down the trail. In this case the speculation came first and was used to amp up the fundraising. That doesn't sound naïve to me -- it sounds purposeful and also "odd" They should know better.

I see things happening all the time that would "look like" a DDoS to inexperienced people, when in fact they are just  "a bad weather day on the net."  So I also agree with others that if the attack was as massive as they say, it would have caused a disruption in the force that other people would have noticed.

-Sky


On May 4, 2012, at 12:48 PM, Sahar Massachi wrote:

> I'm a bit concerned about all the muttering about Avaaz's sensationalism. 
> 
> Please correct me if I'm misunderstanding something, but the following scenario seems pretty plausible to me: 
> 
> The Avaaz site comes under some sort of attack. The tech team at Avaaz gives a quick "idiots guide" to what's going on to their communications team, and then goes back to trying to deal with the problem. The communications team has a partially confused understanding of exactly what's going on, but tries to deal with the situation as best they can. When technically minded journalists want to talk to Avaaz, the communications staff doesn't want to bother their still-hard-at-work tech team, so they give unsatisfying, vague, and unhelpful replies to these journalists". 
> 
> Am I missing something?
> 
> On Fri, May 4, 2012 at 3:24 PM, Miles Fidelman <mfidelman at meetinghouse.net> wrote:
> Steve Weis wrote:
> "...globally-distributed botnet of thousands of computers..."
> 
> Someone could rent thousands of botnet agents for two days for a couple hundred dollars:
> http://www.zdnet.com/blog/security/study-finds-the-average-price-for-renting-a-botnet/6528
> 
> "Avaaz does not have any further information about who is behind it..."
> 
> They were claiming that this was an attack so sophisticated and massive that it could have only been perpetrated by a nation state or large corporation, yet they have no further information about who was behind it? I think they hyped it up to drive fundraising.
> 
> 
> Particularly since nothing about it has shown up on any of the usual system admin, network admin, or security related lists.
> 
> -- 
> In theory, there is no difference between theory and practice.
> In practice, there is.   .... Yogi Berra
> 
> 
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
> 
> 
> 
> -- 
> Sahar Massachi
> 
> c: (585) 313-6649
> t: twitter.com/sayhar
> w: saharmassachi.com
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120504/7a5925aa/attachment.html>

More information about the liberationtech mailing list