Quotulatiousness

August 6, 2009

Twitter under DOS attack

Filed under: Americas, Technology — Tags: , , , , — Nicholas @ 13:58

Twitter users have been unable to access the site for most of Thursday morning, due to a Denial-of-Service (DOS) attack:

The extended silence in a normally noisy Twitterworld began around 9 a.m. Twitter later posted a note to its status update page saying the site had been slowed to a standstill by an attack.

In a denial-of-service attack, hackers typically direct a “botnet,” often made up of thousands of malware-infected home PCs, toward a target site in an effort to flood it with junk traffic. With the site overwhelmed, legitimate visitors cannot access the service.

“On this otherwise happy Thursday morning, Twitter is the target of a denial-of-service attack. Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users,” co-founder Biz Stone said in a blog post. “We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate.”

Update: Service is back, intermittantly. More background on the attack here.

July 30, 2009

Latest threat to world civilization

Filed under: Technology — Tags: , , — Nicholas @ 07:25

OMG! Everybody panic!

It’s bad enough that the iPhone can, according to Apple itself, be used to crash cell towers, but apparently they can be very easily hijacked, too:

If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly.

That small cipher will likely be your only warning that someone has taken advantage of a bug that Miller and his fellow cybersecurity researcher Collin Mulliner plan to publicize Thursday at the Black Hat cybersecurity conference in Las Vegas. Using a flaw they’ve found in the iPhone’s handling of text messages, the researchers say they’ll demonstrate how to send a series of mostly invisible SMS bursts that can give a hacker complete power over any of the smart phone’s functions. That includes dialing the phone, visiting Web sites, turning on the device’s camera and microphone and, most importantly, sending more text messages to further propagate a mass-gadget hijacking.

The researchers say they’ve notified Apple about the vulnerability, but that Apple had not provided a fix.

Everybody sing: “It’s the end of the world as we know it, it’s the end of the world as we know it . . .”

Update, 31 July: Apple has announced that it will be releasing a fix to this problem on August 1st.

Update, the second, 31 July: The folks on the Apple-iPhone mailing list say the fix has escaped and is now available through iTunes. I’ll be downloading the update as soon as I get home . . .

« Newer Posts

Powered by WordPress