Skip to main content

Family Tech: DOS attack reminds us to be prepared - October 28, 2016

I hate it when the world mocks a recent column. Two weeks ago I extolled the virtues of the Internet of Things devices. This week, they helped cripple large parts of the Internet for the better part of a day.

On Friday the 21st, users were unable to reach sites like Twitter, Pinterest, CNN and many others. These sites all used the DYN Corporation to manage their DNS services.

When you type in an Internet address, like InsideNova.com, the request is first routed to a Digital Name Service server. There the name is found in a database, and a number is returned to your browser. That number tells your browser where to find the actual InsideNova web server on the net.

If that DNS server is down, then your browser will not find the content you are seeking.  

 DYN manages the DNS servers for the companies that became unreachable Friday. DYN was attacked by an unknown entity using a denial of service attack, or DOS for short.

In a DOS attack a site is flooded with traffic, overwhelming its servers so they cannot do their job. Think of a million mailmen all trying to put mail into your mailbox at the same time. Not all of them could stuff mail at the same time, and the little box would be overwhelmed.

Friday’s DOS came in two separate attacks from an astonishing tens of millions of Internet addresses. By attacking this one site, the attacker was able to hobble many sites instead of just the one they were attacking.

If just one computer tried to flood another in a DOS attack, it would be easy to know where the attack was coming from and block it. To avoid detection DOS attackers created botnets to infect PCs. They might trick you into opening an email attachment that would install the botnet or sneak it onto a PC another way.

A lot of times when your computer is infected by a virus, that virus did not harm your PC or even copy information from it to another PC. Instead it became partially under the control of a bad actor. When they wanted to mount a DOS attack, they could order their army of botnets on PCs like yours and mine all over the world to begin flooding the target site with traffic.  If you and I were alert, we might notice our outgoing internet traffic was higher than it ought to be, but few of us would notice.

This is where Internet of Things devices enter the picture. When we began adding home automation hubs, internet connected lights, thermostats, sensors etc., the manufacturers did not pay as much attention as they should have to the security of those devices.


Read the rest at FamilyTechOnline.com


Comments

Popular posts from this blog

Recording your own notes with Google Voice

Note :   April 2016:  Frankly I don't know if this works anymore.  It is 7 years old.

I stopped using this when Google Now became useful on my phone, and I could dictate reminders using it.



I found a way a while ago to use Google Voice to record a personal note, transcribe it, and email it to me. A recent Lifehacker post "Five Things We'd Like to See in Google Voice" lists that need as their #5 request, so I realized what I'd figured out is not common knowledge.

In GV's Contacts, create a Group "Special Transcription"

To avoid listening to my standard voice mail when I call, I recorded a short voice mail greeting for this group simply saying "Record note now"

I added a contact with my own cell phone number as the only number, and made it the sole member of this group.

In GV's phone settings, I edited the settings for my cell phone. In the section "Direct access to voicemail when calling your Google number from this phone?" I se…

Planning for a post Evernote era - Part 1

The Evernote world is aflutter this week after Tech Crunch said that following the departure of several key high level people, Evernote might be in a "death spiral".

While I hope that does not happen, even if they do survive, we should all plan for their demise.  No app and no company is forever.  Indeed, for every piece of software we use, we should ask ourselves, "Is any of the data managed by this program something I would need if this program no longer was being updated?"  And in the case of software like Evernote, if its back end servers were turned off forever.

If the data is required, we need to figure out how to get the data out of the program, and readable without the program. One should actually ask and answer the question before they begin using a new piece of software and loading our precious data into it.

I'll be writing more about this topic and Evernote. For now, know that even if Evernote shut off its servers tomorrow, your data remains in your…

Google could let any developer make the next Evernote

After trying loads of Task apps over the years, I have settled for now on a combination of Taskary and Google Tasks.  What they have in common is they both use Google Tasks to save the tasks.

If a new task app catches my eye tomorrow, it likely will not receive room on my phone or desktop unless it too uses Google Tasks to store its tasks.  That way I do not need to re-enter my tasks for the new app.

This is possible because Google has an API for Google Tasks.  An API or Application Programming Interface lets an app send tasks to Google, and get tasks from them.

Google has a huge collection of APIs into their services.  I just wish they had one more.

I wish for an API for a note taking application.  They may or may not let it be part of Google Keep.  Even if they did not have an app themselves using the API, it would be nice to have an API any programmer could use to develop their own image of what a note taking app looks like.

The data would count against your Google storage. With th…