Visit Your Local PBS Station PBS Home PBS Home Programs A-Z TV Schedules Watch Video Donate Shop PBS Search PBS
I, Cringely - The Survival of the Nerdiest with Robert X. Cringely
Search I,Cringely:

The Pulpit
The Pulpit

<< [ The (Super) Bowl is Half Empty ]   |  Service Denied  |   [ The Plot Thickens ] >>

Weekly Column

Service Denied: There are Worse Things Than Being Knocked Off eBay for an Hour

Status: [CLOSED]
By Robert X. Cringely
bob@cringely.com

Is the sky falling? That's what it felt like this week as we endured not only a rash of high-profile Denial of Service attacks on major Internet sites, but also the resultant and often stupid second-guessing of these events by my buddies in the press. Why do we feel the need to make things appear far worse than they really are?

I ran an informal poll in the hallways of Oregon Public Broadcasting in Portland, where I was working this week. I could not find anyone in this sample of about 20 people who had been personally affected by these Denial of Service attacks. Many people were unaware they had even happened. Then I followed the inevitable line of tabloid questioning, but with a twist.

As a result of these attacks, I asked, are you worried about the security of your data on the Internet? As a result of these attacks, are you concerned about the overall reliability of Internet services? Those are the logical, "Are you scared?" questions. These two questions are at the heart of probably a third of the follow-up stories on these incidents. But unlike every other journalist in America, I asked those who did express some fear a follow-up question: Were you concerned about these things before I asked, or as a result of my question?

Every person who expressed concern told me that concern was prompted by my question. They weren't sitting in their cubicles, quaking at the prospect of not being able to make an eBay bid on those Star Wars action figures. But if I asked about such fear, many respondents were willing to express it. I believe they were doing so to please me. They sensed that I wanted fear, so they gave it to me. Welcome to the news business, where this phenomenon is mined every day, often creating "news" where it didn't exist before.

Moving beyond the sensational aspects of this story, I am amazed how we seem to feel the need to set such a higher standard for Internet services than we do for those in the physical world. My postman seems to deliver my U.S. mail anytime between 2-6 p.m. I wish he would be there always at 2 p.m., though 10 a.m. would be even better, but I don't feel betrayed if he is a little late. Blizzards happen, water mains break, the power goes off and businesses open late or not at all as a result. But if we can't get to our Yahoo Mail for 90 minutes, it is the end of the world.

I say have another cup of coffee.

The nature of these Distributed Denial of Service attacks is that they are intermittent and temporary. The perpetrators are childish people who feel the need to show the world how smart they are by causing trouble this way. They probably chose this week for their attacks specifically because of the Internet security meeting taking place in San Jose. Getting all the experts in one place made it harder for those experts to assist in a defense of the Net, and it also created an appreciative if reluctant audience for the hackers.

But for all their disruption, no data was compromised or corrupted and no services affected for more than a few hours. Sure, that represents tens or hundreds of thousands in lost revenue to the affected sites, but my point is that these attacks are at most digital strafing runs. They simply can't work on an ongoing basis. No bad guy is taking out Yahoo for the month of February. And just as surviving an earthquake teaches us how to make our buildings more secure for the next temblor, this week taught the world how to respond to a Distributed Denial of Service.

For individual users, there ought to be some solace in the knowledge that if you can't bid or buy as the result of a Denial of Service attack on an e-commerce site, it is unlikely that anyone else can bid or buy, either. Those action figures will be waiting for you. Alas, the same can't be said for that buying opportunity at E*TRADE, whose users were probably hurt the most by these attacks. But there are probably work-arounds for those who need guaranteed access to web e-mail. Since these services are both free and plentiful, it is possible to have an alternate account with another service with automatic forwarding from your primary mail provider. Just don't make the mistake of forwarding both sites to the other, creating a pair of infinite loops.

The bigger concern might be the very technique of the Distributed Denial of Service attack since it most likely involves some code running on thousands of PCs without the knowledge of their owners. This sounds like a virus to me, yet we have been so obsessed with the big-system side of this caper that I haven't heard any speculation about other possible dirty work that might be accomplished on the client end. Reformatted hard disks, anyone?And speaking of hard disks, last week I had my first-ever true hard disk crash in more than 20 years of personal computing. It was my own fault in more ways than one. Not only did I create the circumstances that made the crash inevitable, I was also the doofus whose poor planning made necessary a particularly expensive data recovery.

Do not under any circumstances use me as an example of good computer management. The failed unit was an external SCSI drive that I had not only converted into a footstool under my desk, but its data somehow escaped my normal backups. Of course, this was the drive holding all my financial records. My big feet had pushed it into a position where the cooling air exit path was blocked, so the sucker overheated so badly that its rubber feet were melted. The electronics were shot, as was the motor, and some of the heads had welded themselves to the platters, making necessary a clean room recovery. Fourteen hundred dollars later, I had three CDs containing 9,000 files, and the knowledge that I am in good company. The disk recovery place was plastered with autographed pictures of famous customers, including President Gerald Ford and actor Sean Connery.

I guess data recovery wasn't in Q's job description.

Comments from the Tribe

Status: [CLOSED] read all comments (0)