Search Mailing List Archives
[liberationtech] Avaaz, is this for real?
andrew_couts at yahoo.com
Fri May 4 10:34:04 PDT 2012
I just got this statement from Avaaz communications director Sam Barratt. It's still highly inadequate:
Sorry for the delay in getting back to you - the attack was for real I can assure you. Below is a short statement
we have issued, we are still looking into this and I will let you know
when we can share more on what went on.
Avaaz statement on the attack on the site
attack on Avaaz’s website from a globally-distributed botnet of
thousands of computers ended yesterday (Thursday 3rd May). Avaaz does
not have any further information about who is behind it but the FBI have
been notified about this incident.
The DDOS attack lasted for 44
hours and finally ended on Thursday 3rd May which experts say "was a
large and substantive attack."
The site was down for 14 minutes on Wednesday 2nd May and our ability to
send out global campaigns to our membership was affected during the
attack. In response, Avaaz has launched a fundraising campaign in order to create a defence fund to take its security to the next level.
acouts at digitaltrends.com
From: Steve Weis <steveweis at gmail.com>
To: Andrew Couts <andrew_couts at yahoo.com>
Cc: "liberationtech at lists.stanford.edu" <liberationtech at lists.stanford.edu>
Sent: Friday, May 4, 2012 1:00 PM
Subject: Re: [liberationtech] Avaaz, is this for real?
Hello Andrew. Your article asserts that this attack is happening as fact, yet you say that Avaaz did not provide any additional information. Which sources and evidence did you base your article on besides Avaaz's own press release?
Claims of a "massive attack" are easy to confirm. Avaaz should be able to provide detailed logs of the attack, which can be verified by an independent security professional and corroborated by their hosting providers.
If this does turn out to be a targeted denial of service attack, that certainly doesn't take real expertise or significant resources -- it's cheap to rent a botnet. It's a big leap to claim that a state actor or large corporation must be behind it.
On Fri, May 4, 2012 at 9:18 AM, Andrew Couts <andrew_couts at yahoo.com> wrote:
Hi - I'm the author of that Digital Trends article. I have repeatedly asked Avaaz for more information about the attack, and they have either said "We'll know more soon," or completely ignored me. I believe there is simply not enough information available yet to make accusations of fraud in the press. But I am doing my best to get answers about exactly this. I'll send out an update if they respond.
liberationtech mailing list
liberationtech at lists.stanford.edu
Should you need to change your subscription options, please go to:
If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Should you need immediate assistance, please contact the list moderator.
Please don't forget to follow us on http://twitter.com/#!/Liberationtech
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the liberationtech