Join 3,513 readers in helping fund MetaFilter (Hide)


The World Has No Room for Cowards
March 16, 2013 7:55 AM   Subscribe

It’s not often that one has the opportunity to be the target of a cyber and kinetic attack at the same time. But that is exactly what’s happened to me and my Web site over the past 24 hours. On Thursday afternoon, my site was the target of a fairly massive denial of service attack. That attack was punctuated by a visit from a heavily armed local police unit that was tricked into responding to a 911 call spoofed to look like it came from my home. Well, as one gamer enthusiast who follows me on Twitter remarked, I guess I’ve now “unlocked that level.” ~ KrebsonSecurity
posted by infini (56 comments total) 15 users marked this as a favorite

 
I would prefer that this not happen to me.
posted by cmoj at 8:12 AM on March 16, 2013 [4 favorites]


It‘s like every cheesy 90‘s hacker movie ever...
posted by Jughead at 8:24 AM on March 16, 2013 [1 favorite]


The cop that took the report from me after the incident said someone had called 911 using a Caller ID number that matched my mobile phone number

I do not understand why this is possible. I mean, I understand how it is possible, but what completely baffles me is why law enforcement / emergency services do not have the ability to tell what number a call is actually coming from, rather than simply where it says it's coming from. (Or, if it is coming from an IP address rather than an actual phone, to identify that). I mean, surely this technology exists?
posted by dersins at 8:26 AM on March 16, 2013 [3 favorites]


Wikipedia: caller ID spoofing. It seems to at least be illegal in the U.S. now.

(That article doesn't really explain why it's possible, though)
posted by XMLicious at 8:36 AM on March 16, 2013


It's sort of upsetting to hear there are police officers who have never heard of SWATing. That should have been a huge, infamous scandal in the "business" the very first time it happened.

...what completely baffles me is why law enforcement / emergency services do not have the ability to tell what number a call is actually coming from, rather than simply where it says it's coming from.

Every time there's a proposal to increase the level of tracking, recording, eavesdropping, and surveillance that the police are allowed to do on an oversight-free, speculative basis, security experts make the point that the systems involved can be turned against their 'owners', and they are always ignored, as if the suggestion is a wild-eyed sci-fi fantasy. The systems are then built, often with very little in the way of defenses to protect them from this sort of tampering.

The cynic in me says that such problems might be addressed pretty rapidly -- if there were a rash of SWATing attacks on police and FBI families.
posted by Western Infidels at 8:39 AM on March 16, 2013 [14 favorites]


Wikipedia: caller ID spoofing. It seems to at least be illegal in the U.S. now.

It's illegal? That will indeed stop this issue in its tracks.

I read about this earlier, it seems horrible that this sort of thing can happen.

but what completely baffles me is why law enforcement / emergency services do not have the ability to tell what number a call is actually coming from, rather than simply where it says it's coming from.

I don't know about the US, but in Australia, the 000 system occasionally gets so broken that a person calling for help in Mount Barker, South Australia, will find their aid going to Mt Barker, WA.
I'm not sure how many thousands of kilometres those two centres are out, but it suggests there are some issues with the tel-co systems even without spoofing.
posted by Mezentian at 8:59 AM on March 16, 2013 [1 favorite]


What's particularly horrifying to me about SWATting is that it's a good way to get somebody's dog shot. Doesn't matter if the dog is small, large, friendly -- police might shoot it. Even if there's no dogs in the house, the occupants might be brutalized for hours if the cops aren't the listening type and won't hear about any possible explanation. In that regard, this guy was lucky.
posted by Countess Elena at 9:11 AM on March 16, 2013 [6 favorites]


Wikipedia: caller ID spoofing. It seems to at least be illegal in the U.S. now.

The thing is that cops should *not* be getting CNID (Caller ID), they should be getting ANI (Automatic Number Identification), which can't be blocked or spoofed like CNID can.

Being able to alter CNID is part of the design. Example usage. You are $LARGE_COMPANY, with lots of phone lines. You want all of them not to report the exact dial in number, but to report the round-robin number you would dial into. So, CNID is changed so all those lines report back that number and the company name -- which is probably a toll-free number.
posted by eriko at 9:12 AM on March 16, 2013 [34 favorites]


If you've ever set up a soft PBX, it's pretty obvious that CallerID isn't a reliable form of identification, verification or authentication. I can tell my PBX to pass whatever string of digits I please, as long as it's within the acceptable format. Then it's up to my VOIP carrier to give a shit or not give a shit. Typically they don't -- note that you don't have to have your incoming (termination) and outgoing (origination) service from the same company in the VOIP world. So often the company originating your call on the PSTN has no idea what your incoming number "should" be, and will trust you to pass correct information.

As mentioned above, ANI is different.
posted by snuffleupagus at 9:12 AM on March 16, 2013 [5 favorites]


Caller ID spoofing.... wow. I know of a case where the local police got a 911 hang up call, and it was justification for entry of the house to at least look under the beds or in the closets for someone in distress... and of course there was contraband in plain view . . . *clink*
posted by swlabr at 9:15 AM on March 16, 2013 [2 favorites]


William Gibson called, he wants his fiction back
posted by C.A.S. at 9:18 AM on March 16, 2013


What's particularly horrifying to me about SWATting is that it's a good way to get somebody's dog shot. Doesn't matter if the dog is small, large, friendly -- police might shoot it.

There's no might, they will shoot it. They consider dogs to be weapons, and shooting a criminal's dog when they have opportunity to be the same as confiscating a gun. They will shoot puppies that are running away from them.
posted by 445supermag at 9:24 AM on March 16, 2013 [5 favorites]


Just for the record, ANI can be spoofed/blocked as well.
posted by enamon at 9:25 AM on March 16, 2013


[I know people have concerns about police violence and the dog shooting case brings up a lot of strong feelings, but let's not derail into that topic here. Thanks.]
posted by LobsterMitten at 9:28 AM on March 16, 2013 [2 favorites]


Some of the peripheral stuff to this incident is interesting. Ars wrote an article about it and was promptly DDoS:ed as well. And the booter.tw logs seem to indicate that the same person hit barackobama.com at some point too.

The girlfriend of someone I know was SWATted a while back as part of an ongoing online feud. The 911 transcripts show that someone impersonating her daughter called saying she and her sister were home alone, that she was hiding under a bed from heavily armed men with explosives, that her sister had been shot and was bleeding, and that they were being held hostage. It was pure luck that the three of them were out in the open in a car when police arrived, so that the mistake could be quickly corrected. But they still had to experience having police with guns drawn on them at their house, and it could have gone really badly if they had been inside. That's so beyond the "celebrity prank" motive for SWATting, it's ridiculous.

And as Brian found out, even warning your local police that you might be a target isn't really helping. I'm not sure what can be done, to be honest. It's not like police can choose not respond to a call like that. Fixing ANI spoofing would help, though I don't know enough about it to say if that's possible.
posted by gemmy at 9:31 AM on March 16, 2013 [2 favorites]


If you give 911 a physical address, that's where they will go. If you call in on a cell phone and say "I'm at 123 Fake Street, there are armed intruders in the house!" then a police response will show up at 123 Fake Street.

I can't think of any way to prevent that system from being abused without making critical sacrifices to the whole purpose of 911, except having severe penalties for abuse (which might be difficult to enforce if the hoaxers are in Russia or China).
posted by justkevin at 9:34 AM on March 16, 2013 [2 favorites]


eriko: The thing is that cops should *not* be getting CNID (Caller ID), they should be getting ANI (Automatic Number Identification), which can't be blocked or spoofed like CNID can.
Can't be spoofed? That's a pretty strong statement. I don't know anything about it, but -- has phone cloning become extremely difficult or impossible in the last few years or so?
posted by Western Infidels at 9:35 AM on March 16, 2013


ANI can certainly be spoofed. That's why SWATing has been so successful.

The cops get a call saying people are getting shot RIGHT NOW from a call with a spoofed ANI. Since many people (including you, apparently) think ANI cannot tell a lie, they roll out expecting a gunfight.
posted by sideshow at 9:45 AM on March 16, 2013 [2 favorites]


mess with the best die like the rest
posted by cmoj at 9:50 AM on March 16, 2013 [1 favorite]


Real life /= a game.
posted by spitbull at 9:56 AM on March 16, 2013 [1 favorite]


CNID vs. ANI is a red herring here - security is most easily advanced by removing the low-hanging fruit (Caller ID spoofing). I don't know enough about ANI spoofing to speak directly on the topic, but it's a moot point if we're discussing an attack on Brian Krebs, because his adversaries are more sophisticated than a bunch of script kiddies. (I read eriko's comment as "the same methods used to spoof CNID are not the same as those used to spoof ANI") Brian Krebs has plenty of enemies that are making serious money by doing some very shady shit, and I hope he continues to expose their practices.

Besides, these amateurs didn't even have the common decency to send over a bunch of pizzas during the raid!
posted by antonymous at 9:59 AM on March 16, 2013 [1 favorite]


Can't be spoofed? That's a pretty strong statement.

Can't be spoofed like ANI -- that is, from the calling end. You can theoretically hack ANI, but you have to do so from the phone company's switches, because ANI doesn't derive info from the calling station, it derives it from the telco switches themselves -- the inbound port on the switch, in particular.

Far more important than just the number is the two number source code. If you have a source of 00, that's generated by a POTS line termination point, via a physical wire. Spoofing that is very hard, because you basically need to know exactly what switch to spoof it from.

This is why 911 systems love POTS and hate cells. If they get an ANI 00+Number, they don't even need to ask your address. Indeed, before this became commonly known and cell phones were common, this was the #1 tell of a hoax call. The response was to send police both to the requested address and the calling address. If there wasn't a problem at the requested address, well, there was one at the calling address.

One simple check that should be implemented is that you should be able to physical track the call to the cell. You won't know where in the cell, but the 911 operator should get a message saying "This mobile is connected to a cel in zip code 99901" or similar, and if it's saying that the mobile is in Chicago and is requesting a call at home in Chicago...

All of this can be hacked *if* you get into the telco switches themselves, but that's much harder. The early phone hackers were attacking systems that were designed to be presented to the public phones. These systems are not.

ANI can certainly be spoofed. That's why SWATing has been so successful.

No, SWATing is so successful because if you call 911 and say you're at 123 Foo Street and you're under attack, the police will come. Period. For one thing, imagine the press reaction if they say "no, that's just someone spoofing us" and it's a real attack and people die who might have been saved. The fact that they're counting on CNID, which *by design* allows subscribers to change their transmitted ID, is dumb. That's not even spoofing, in my book, if the system is built to let you say whatever you want.

And ANI is *not* Caller ID. CNID is Caller ID. They do a similar thing, but ANI takes no information from the terminal. The reason it was built was for toll free calling, and since the owner of the toll free number is the one who pays for the call, they would be given the actual number calling, so they could audit the bill. Another use was the telco test number, which you'd dial and it would read back the number you dialed from -- very handy for linemen, who'd use it to confirm they'd punched down the line correctly so that your number rang the phone in your house.
posted by eriko at 10:06 AM on March 16, 2013 [14 favorites]


CNID vs. ANI is a red herring here

The FCC doesn't think so.

From the FCC's 2011 report on this:


E. Emergency Calling
15. An important type of caller identification service involves emergency calls to 9-1-1 services. As a general matter, calls that are placed to emergency services by dialing 9-1-1 are not highly ulnerable to spoofing. Emergency 9-1-1 calls do not rely on the CPN information used by Caller ID services described above either for routing or for retrieving the caller’s location information. Instead, emergency 9-1-1 calling relies on a second number in the SS7 call setup information, generally referred to as the Automatic Number Identification (ANI). Although the CPN and the ANI will typically be the same for residential, 9-1-1 calls are routed much differently from ordinary calls. Although interconnected VoIP technology allows the ANI to be manipulated as easily as the CPN, it is in general difficult to get a call from the Internet with a spoofed ANI properly routed to a Public Safety Answering Point (PSAP) over the current Wireline E911 Network.

16. A malicious actor can, however, spoof a call directly to other phone lines operated by emergency service providers, such as a police department or fire department administration number. This case of emergency services being vulnerable to caller ID spoofing is particularly important in the small remaining areas of the United States where subscribers cannot reach emergency services by dialing 9-1-1 because the local telephone switching equipment does not recognize and handle the 9-1-1 dial sequence. In those few localities, the PSAPs may rely on the PSTN and consumer-grade Caller ID service described above, and thus may be subjected to the same caller ID spoofing associated with that service.


However, discussions of SWATing disagree:
In all these cases the suspect used a VoIP telephone line, and one or more techniques to spoof a phony telephone number and address to the comm center, which is then displayed as ANI/ALI information to the calltaker. At the PSAP, the call appears to be routine (often on a non-emergency telephone line), and indeed it is--the call appears to have originated locally, and the ANI/ALI displays a proper telephone number and address.

The victims are either known to the suspect in some manner, usually casually through Internet games or chat rooms, or they are complete strangers, selected randomly (although the suspect may actually have some type of criteria in mind when he/she picks the person or house).

as does this promo blog in 2011, sans specifics
Caller ID Spoofing: How big of a problem is it?
Yes… ANI CAN be spoofed!
They stand behind that, apparently: Request Bank Access: TrustID ANI Spoofing Tool
posted by snuffleupagus at 10:06 AM on March 16, 2013 [3 favorites]


The real solution to SWATing is to stop SWAT being the default police response.
posted by srboisvert at 10:13 AM on March 16, 2013 [14 favorites]


So whatever the ANI spoofing situation, an additional problem is that your MPOE is usually unsecured, and trivial to plug a phone into. If someone wants my hypothetical dog shot, all they have to do is to walk up beside my house, plug in a handset, and dial 911.

Presumably they'd watch my lights to see if I was asleep, and do this in the early morning or somesuch.

Which supports srboisvert's suggestion: Paramilitary style police forces are not the way to do policing. When we heavily arm and armor police, we're creating the wrong relationship between citizens and law enforcement.
posted by straw at 10:28 AM on March 16, 2013 [7 favorites]


I woke up early one morning to police officers, guns drawn, beating on my door. My dog had walked across my phone lying next to me on the bed, claw-dialed 911 and made lots of heavy breathing and yapping sounds as he layed on top of it. Not a good way to wake up.
posted by double block and bleed at 10:29 AM on March 16, 2013 [3 favorites]


The real solution to SWATing is to stop SWAT being the default police response.

If the report is of a home invasion, with one family member dead, and a rape in progress, what should the default response be?
posted by tyllwin at 10:32 AM on March 16, 2013 [10 favorites]


Is SWATing only possible in the US? (curious)
posted by infini at 10:45 AM on March 16, 2013


tyllwin, I think we have to dig up real crime statistics if I'm going to answer that question. Which is a reminder that I should dig further.
posted by straw at 10:47 AM on March 16, 2013


Countess Elena:
What's particularly horrifying to me about SWATting is that it's a good way to get somebody's dog shot. Doesn't matter if the dog is small, large, friendly -- police might shoot it. Even if there's no dogs in the house, the occupants might be brutalized for hours if the cops aren't the listening type and won't hear about any possible explanation. In that regard, this guy was lucky.
SWATting is a good way to get somebody shot. The militarization of local police departments (Balko's book on issues like this) means this will happen more and more. Though if you want to read more about dogs being killed by cops, the term Balko uses is puppycide.
posted by Brian Puccio at 10:52 AM on March 16, 2013 [30 favorites]


To be clear: I'm usually all to the other side in thinking that police use too much force in entering homes. Shooting dogs and people in the middle of the night looking for crack and meth, for example.

But this is a very different scenario than a police-initiated search for drugs. They're being deliberately gamed here, told that there are lives in immediate danger, and I'm not sure what the right answer is. You can't simply assume the report is false and ignore it. And if you're responding to a report like that at all, a polite knock doesn't seem sensible either.
posted by tyllwin at 10:56 AM on March 16, 2013 [4 favorites]


This is why 911 systems love POTS and hate cells. If they get an ANI 00+Number, they don't even need to ask your address.

I cannot emphasize this enough. I answer 911 calls for a state agency. Cellular 911 defaults to us if the local agency won't take it or if there is no clear choice. The number one thing I do at work is interrogate people about where they are.
posted by ericales at 11:01 AM on March 16, 2013 [3 favorites]


Real life /= a game.

Don't tell that to fans of gamification. With gamification, anything can be a game!
posted by filthy light thief at 11:01 AM on March 16, 2013


Yeah, so this was actually a plot point in a William Gibson novel. In Virtual Light a character works at a private security company, gets a call that a home has been invaded, but it actually it was spoofed.
Wikipedia: caller ID spoofing. It seems to at least be illegal in the U.S. now.

(That article doesn't really explain why it's possible, though)
I guess SIM card spoofing might be one way to do it. If you have a phone with a SIM card, just dropping the SIM in a new phone will move your number to that phone. So, if you can clone a SIM card, you should be able to spoof the number.

I'm sure there are other ways as well.
posted by delmoi at 11:18 AM on March 16, 2013


911 is supposed to get your phone's GPS, but faking that is pretty easy as well. The cell tower thing might help, but if you were really hard core you could drop a proxy phone nearby someone's house.
The real solution to SWATing is to stop SWAT being the default police response.
Except, this wasn't a drug raid - they got a call saying Russian mobsters were in the guy's house and had already shot his wife.

What response would you expect the police to have if that situation was real?
Doing SWAT raids on the basis of "hot tips" about drug dealers is obviously insane.
posted by delmoi at 11:47 AM on March 16, 2013 [2 favorites]


Agreed. At least they did call the guy first to see what was up.
posted by msalt at 12:08 PM on March 16, 2013


William Gibson called, he wants his fiction back

Actually, that was me. I just spoofed William Gibson's #.
posted by weston at 12:10 PM on March 16, 2013 [16 favorites]


they got a call saying Russian mobsters were in the guy's house

And look how easy it is for Russian mobsters to place a spoofed call that results in armed men being sent to someone's home! It's the next best thing.
posted by RobotVoodooPower at 12:29 PM on March 16, 2013 [1 favorite]


Well, somewhat related (and not bad) -

For a while I worked overnights at a Circle K. (Sadly, strange things were almost never afoot.)
One morning, one of the cops I regularly gave free coffee to came in asking if I had seen anything and if it had been a quiet night. I assured him it was and offered him a cuppa, as I had just made fresh java. He declined and bailed out the door at some speed. His car then pulled out with some alacrity.

The next day, one of my regulars that had been in the earlier night came in and clarified what had happened. He had accidentally butt dialed 911 (which is easy, seeing as many phones have a feature where holding down a key like 9 sends an emergency call) when he had been in the night before whilst in the parking lot getting back in his car.

So, no SWAT team and no bad news, but interesting nonetheless, at least to me.
posted by Samizdata at 12:47 PM on March 16, 2013 [1 favorite]


delmoi: What response would you expect the police to have if that situation was real?

"Krebs said Fairfax County police surrounded his house, pointed guns at him and handcuffed him before he was able to explain to them that they were all the victims of a hoax."

Off the top of my head: send two plainclothes officers to the door to attempt to make contact with the home owner, if Mr. Krebs answers and provides positive ID, stop and have a chat with him to make sure everything is OK, if someone other than Mr. Krebs answers play it off like the cops are Jehovah's witnesses try to get a little intel on people in the house, etc. then retreat and come back with SWAT if things seem fishy. You could even have SWAT waiting a block or two off.

Also, I've heard on numerous occasions US Marshalls using surreptitious calls to their targets or their landlines just before raids to assess if the subject is at home/who's with them/etc. They appear to've used this strategy here, but seemed prepared to conduct a full raid despite only getting a neutral result from the phone probe. Indeed in this case conducting several phone calls beforehand could've been useful.

Either of these strategies could be well augmented by simultaneous surveillance of target address with patrol cars or helicopter.

I could go on and on with alternative strategies. The point is that regardless of how dire a situation is described to be, a minimum of strategic surveillance before raiding a location is sure to reduce casualties of officers, criminals and civilians alike.

Sure, terrifying if Mr. Krebs is actually in the scenario the caller described even so the name of the game is "minimizing casualties".
posted by Matt Oneiros at 2:37 PM on March 16, 2013


The comments on that site are interesting (unlike most of the tired police arguments here). Apparently krebs intitially misidentified the hacker by name, misreading the database, and someone with that handle showed up in the comments to discuss it.
posted by Potomac Avenue at 3:25 PM on March 16, 2013 [2 favorites]


With gamification, anything can be a game!
life is a game that no one wins
posted by This, of course, alludes to you at 4:09 PM on March 16, 2013 [1 favorite]


"/=" != "!=" !
posted by w0mbat at 4:44 PM on March 16, 2013 [5 favorites]


Off the top of my head: send two plainclothes officers to the door to attempt to make contact with the home owner, if Mr. Krebs answers and provides positive ID, stop and have a chat with him to make sure everything is OK
Remember, the call was Russian mobsters had burst into his house and shot his wife. If that scenario was true, what would have happened if two plain-clothes officers had come to the door and attempted to contact the home owner?
if someone other than Mr. Krebs answers play it off like the cops are Jehovah's witnesses try to get a little intel on people
Because, you know, they've already shot someone to death I'm sure they'll be totally unperturbed that a couple of Jehovah's witnesses showed up in the middle of their murder/rape fest and just send them on their way - and not pull their guns on them and take them in as hostages/witnesses.
posted by delmoi at 5:13 PM on March 16, 2013 [1 favorite]


Stepping on the third (de)rail here, I'm all for calling SWAT raids based on "hot tips" (whatever that means) about the presence of drugs to be typical WoD overreaction. My local PD, as I've discussed before and in AskMe, may be unusually professional (one wouldn't hope it's unusual) but generally doesn't go in for that sort of thing. But when you have a claim of a lives-in-jeopardy kind of thing I don't see why they shouldn't take all precautions, especially given the crazy gun laws we've been bequeathed by the NRA.

Madison, WI had a tragedy a few years ago when a dropped 911 call failed to be logged or followed up on (which is the policy), and a young woman was murdered, apparently by a stranger, who has never been identified. Clearly, the default policy should be to investigate 911 calls as potentially dangerous situations. The 911 center may be able to see indications that a 911 call is a "mistake" or "hoax" as surmised above, but physical confirmation with the subject is still necessary.

The real solution to SWATing is to stop SWAT being the default police response.

See, I'd love that, but the real solution would be an end to our crazy gun laws and a widespread expectation that a criminal incident could involve high-powered weapons.
posted by dhartung at 5:55 PM on March 16, 2013 [3 favorites]


(BTW, Krebs is a great read, along with Schneier, much of the time. If you aren't an information security person, but want to follow the business, you could do worse than read their blogs. And maybe Fallows, too, for some leavening.)
posted by wenestvedt at 7:54 PM on March 16, 2013


Krebs has been one of my RSS feeds for a while.
posted by Samizdata at 8:46 PM on March 16, 2013


The real solution to SWATing is to stop SWAT being the default police response.

If they tell the cops they're being held by dozens of armed men, SWAT is going to get there.
posted by Ironmouth at 8:51 PM on March 16, 2013


Off the top of my head: send two plainclothes officers to the door to attempt to make contact with the home owner, if Mr. Krebs answers and provides positive ID, stop and have a chat with him to make sure everything is OK, if someone other than Mr. Krebs answers play it off like the cops are Jehovah's witnesses try to get a little intel on people in the house, etc. then retreat and come back with SWAT if things seem fishy. You could even have SWAT waiting a block or two off.

We don't actually know what the police were going to do because Mr. Krebs stepped out of his home before contact was initiated by the police. We do not know what approach would have been taken.
posted by Ironmouth at 8:59 PM on March 16, 2013 [1 favorite]


The interesting thing is that the police remembered his warning about SWAtting and recognized he was the guy who warned him about it.
One of the officers asked if it was okay to enter my house, and I said sure. Then an officer who was dressed more like a supervisor approached me and asked if I was the guy who had filed a police report about this eventuality about six months earlier. When I responded in the affirmative, he spoke into his handheld radio, and the police began stowing their rifles and the cuffs were removed from my wrists. He explained that they’d tried to call me on the phone number that had called them (my mobile), but that there was no answer.
So, they knew it was a possibility - also the way SWAT would respond to a situation like this would, hopefully, be different then the way they do a drug raid. In a situation like this, they know there might be 'innocents' - and that randomly shooting people would be a terrible idea.

On the other hand, it sounds like in some cases relating to drugs, they just assume everyone in the house is a "bad guy" and just go nuts.

The professionalism of the local police force probably plays a huge role as well.
posted by delmoi at 11:06 PM on March 16, 2013


Its still a horrible thing to happen. Especially when the virtual and IRL are blended. I'd never trust anything unless I had way more data than just text alone or voice alone or some such, in the final reckoning. I've heard that even voice modulation can be used to impersonate someone else on the phone these days...
posted by infini at 2:48 PM on March 18, 2013


Brian posted an update.
posted by gemmy at 3:11 PM on March 18, 2013 [1 favorite]


"The Obscurest Epoch is Today"?

This guy really has a thing for grandiose blog titles.
posted by delmoi at 6:24 PM on March 18, 2013


Wow, this Phobia kid is an idiot.

And this all came about as the result of kids who were buying stolen SSN's so they could steal xbox live accounts!? And they posted videos of themselves doing it to youtube?
posted by delmoi at 8:16 PM on March 18, 2013


Details on the denial of service attack that targeted Ars Technica
posted by homunculus at 2:07 PM on March 19, 2013


I have a website hosted on Network Solutions. About a week ago it was down for nearly a full day, and their excuse was DDOS attack. Did anyone hear about this, or is just the webhost version of "the dog ate my homework"?
posted by msalt at 8:29 PM on March 19, 2013


« Older The Most Dangerous Equation...  |  The reporter, his foreign-mini... Newer »


This thread has been archived and is closed to new comments