In my eyes they dealed pretty well for the first time of such a problem. Don’t be rude just because it was not as perfect as a fully experienced anti-DDoS-team would have handled this.
Here’s where I was looking initially: News and Events – Purism
It seemed to be up throughout the whole event but never contained an update.
Another option is good old email. I understand that people don’t want to get spammed but …
I’m not sure whether RSS is an option. That is, I don’t know whether it’s hosted off one of the servers that was being DDoSed.
I also had a look in reddit (venturing in amongst the haters). There were enquiries posted - so at least I knew that it was “not just me” - but no response from anyone from Purism.
That’s impressive.
My personal server was DDoSed a few weeks ago (yeah, completely pointless - I guess someone was bored) but that was only a few hundred IP addresses (specifically attacking the SMTP server). Interestingly, there seemed to be a preponderance of IP addresses that belong to mobile service providers i.e. most of them would be CGNAT IP addresses (so possibly a mobile device botnet).
actually i tried to post on librem one but was experiencing issues posting there as well (couldnt post to , sometimes it worked sometimes it didnt, post edits i found out arent yet supported by librem one’s matrix implementation, glad the forum is back!
one observation i have is that 10000 requests a minute should be manageable by the website without any IP blocking (imagine releasing a new product and 10,000 people accessing the site at the same time to buy it -sounds reasonable), simply expanding the server capacity to handle say 100000 requests a minute, wouldnt that also reduce risk of DoSA shutdowns (bot nets would need to be bigger to pull off the attack)?
Twitter
X
Fixed that for you.
- 10,000 requests per minute is not a heavy attack.
- The forums were actually working, as in the main page was loading but the static resources it referenced (css and javascript, which live on the same server) could not be accessed.
- To me this actually indicates the server was more than likely compromised compromised as the actual behavior of the website is not consistent with DOS / DDOS attack.
EDIT: I got a different theory now. Every thread about the Louis Rossman thing is gone. That’s not a coincidence and given how damaging his reporting was, far more so than my own back in 2019, I suspect Todd and crew either took this opportunity to wipe the thread off their forums or manufactured the opportunity so they could need to “restore from a backup” (which makes no sense as a DDOS likely wouldn’t require one to do that) and delete the offending thread(s) in the process.
EDIT 2: Ignore the previous edit… I’m an idiot. The rest still stands.
still there so your theory doesn’t hold
Fair enough. Thanks for pointing that out. I guess it just fell off the front page? In any event I’ll strike thru it.
In any event, the explanation reeks of something else.
YMMV
So your theory, is that we had a large part of our infrastructure down for a few days including;
- Our webshop, which meant a few days of zero income
- gitlab affected so; no software development no CI/CD working
- pureos.net down which meant; users cannot install packages, update systems, download images to reflash pureos.
So that we could remove a thread that we could have closed, or deleted from the forum admin panel.
And that users can create a new post with the same links to the same videos. (And yes, post them again)
Are you serious?
LOL coming from a guy working for a company that has actively been scamming nerds for years - that’s absolutely priceless.
Apologies for the half-baked theory my man. I’m a bit stoned and laughing my ass off at Purism’s problems. I love to watch bad things happen to Purism. It’s the least this dumpster fire of a company deserves after fucking over so many people with so many lies for so long.
Enjoy your upcoming future on the unemployment line
EDIT: Here’s some free advice. Before you reply, take a moment to realize whom you are replying to. I am not here to be convinced by the likes of you, a Purism employee. I have been calling out this scam with the help of ex-Purism employees since late 2019.
Yeah, I know you do.
This actually improves my opinion of you.
Yes, you already mentioned in the previous paragraph that you are just high can came here for a laugh, and to see “bad things” happen to us. Repetition tends to happen.
A troll that came here to trigger people and for a laugh.
Let’s make a deal. Y’all deliver refunds to everybody who asked for them and I’ll trade you the sweet sound of my silence.
That sounds pretty fair to me. Get to work.
My RSS application displayed a red “x” on the forum comments feed the whole time, indicating that it couldn’t retrieve. The main site feed was operative, but of course there were no posts during that time.
I found out what was going on thanks to @linmob’s post here:
I had no idea how to find “matrix channels,” though.
where can I find purism matrix channel?
Mine (T’bird) didn’t for the blog post feed.
This page has a list of channels, though you need an invite to get in: https://developer.puri.sm/Librem5/Contact/Community.html#matrix-chat-rooms
You have already been silent on the Purism forums for two years, so your offer is not much of a bargain to begin with. If you seriously want to make a deal, you will need to build up some social credibility first.
got it, thanks
They are actors that can become attackers silently, without anyone ever knowing. When you use them, you need to root your trust in them, because they break your end-to-end communication by sitting in the middle of it. We decided it’s important to not force our community to trust a large third party, even if it means we have to learn to protect our services ourselves.
curious is there server monitoring software that can be deployed without third party access- like machine AI type autonomous monitoring of traffic without any logging, that detects and alerts on these attacks in the early phases? that way mitigation could be more effective. Or is it just normal traffic after a minute non normal traffic so nothing that can be alerted on?
I appreciate you and the rest of the Purism team having our best interest at heart.
It may be worth considering deploying a Tor hidden service to mirror the Purism websites.