Twitter is Down. What's a "Distributed Denial of Service Attack"?

You may have heard that Twitter, the popular social message-sharing service, was down for several hours this morning as it fell victim to a DDoS attack, or Distributed Denial of Service attack. Let's dig into what that means, from a technical perspective.

Denial of Service: It's Like Dialing the Same Phone Number Over and Over

Let's start with the basics. The simple concept behind a "Denial of Service" attack (note we're not talking distributed yet) is to overuse the service in question (for example, Twitter) to the point where it becomes unavailable to others. Think of this metaphor: if I call your home telephone over and over again, and you lack call waiting, other callers can't get through. As long as I keep calling, I'm denying service to others, thus implementing a "Denial of Service" (or DoS) attack. Now, in practice this is close to impossible with an internet service like Twitter, because, not to stretch the metaphor too far, they have a lot of phone lines. There's no way one computer could use the Twitter service so heavily that it would affect other users.

There's also the little matter that a single-line Denial of Service attack is pretty easy to defend against: you just block the offending computer (or caller, in our analogy). But things are about to get more complicated.

Let's Get Distributed

So if a standard Denial of Service attack isn't going to shut down the site, let's imagine what would happen if millions of computers began to pound on Twitter.

If a very large number of computers started hitting the service repeatedly, it could get to the point where the service became unavailable to others. When you distribute the attack among a number of attacking computers, that's called a Distributed Denial of Service Attack. That's what's happening right now. Most distributed attacks happen from computers on different networks all around the world, which makes it harder to isolate and block them. They also may look, to the server, much like normal traffic -- so it's hard to know what to block and what to let through.

But Wait...Don't Millions of People Use Twitter Every Day Anyway?

Well, yes. Twitter is designed for millions of people to constantly hit its servers, posting updates, reading others' updates, and so on. So how can it collapse under the strain of a DDoS? Well, the short answer is that a DDoS provides way more traffic than Twitter usually receives, and it's likely to be targeted on the most resource-intensive operations on the site (for example, the computers performing the attack may be constantly trying to create new accounts, reset passwords, download long lists of tweets, post new tweets over and over, or other operations that require the server to do a bit of real work).

A DDoS attack requires a lot of computers to be effective. Generally these days attackers use "botnets," or virtual armies of computers controlled by a virus, that are then centrally commanded to do something nasty -- like all hit Twitter at once. The owners of the computers generally don't even know that their computers are part of the botnet, since the virus operates invisibly in the background. The biggest botnets may well contain millions of computers, although it's hard to measure these things because the computers' owners don't know they're infected.

It's impossible to tell at this early stage who is behind the DDoS -- whether it's a prankster, an organized crime ring (these things do happen -- malicious groups have been known to threaten to DDoS a major site and hold off only when paid protection money), or even a politically-motivated group. (Can you think of an international political cause that has been linked to Twitter lately? Exactly.)

What Does Twitter Say About the Attack?

Twitter's status page contains this information (as of 10am Pacific, Thursday, August 6, 2009):

Ongoing denial-of-service attack

We are defending against a denial-of-service attack, and will update status again shortly.

Update: the site is back up, but we are continuing to defend against and recover from this attack.

Update (9:46a): As we recover, users will experience some longer load times and slowness. This includes timeouts to API clients. We're working to get back to 100% as quickly as we can.

As I type this, Twitter appears to be bouncing between "totally normal" and "bizarrely broken." Let's hope they're back and tweeting as soon as possible! For more on DDoS attacks, check out Wikipedia's Denial-of-service attack page or Understanding and surviving DDoS attacks.

You can also follow me on Twitter for more technical information, jokes, and Portland updates. Assuming Twitter is up.

Tips For Baking Perfect Cookies

Perfect cookies are within your grasp. Just grab your measuring cups and get started. Special thanks to the Institute of Culinary Education.

Netflix's Most-Binged Shows of 2017, Ranked

Netflix might know your TV habits better than you do. Recently, the entertainment company's normally tight-lipped number-crunchers looked at user data collected between November 1, 2016 and November 1, 2017 to see which series people were powering through and which ones they were digesting more slowly. By analyzing members’ average daily viewing habits, they were able to determine which programs were more likely to be “binged” (or watched for more than two hours per day) and which were more often “savored” (or watched for less than two hours per day) by viewers.

They found that the highest number of Netflix bingers glutted themselves on the true crime parody American Vandal, followed by the Brazilian sci-fi series 3%, and the drama-mystery 13 Reasons Why. Other shows that had viewers glued to the couch in 2017 included Anne with an E, the Canadian series based on L. M. Montgomery's 1908 novel Anne of Green Gables, and the live-action Archie comics-inspired Riverdale.

In contrast, TV shows that viewers enjoyed more slowly included the Emmy-winning drama The Crown, followed by Big Mouth, Neo Yokio, A Series of Unfortunate Events, GLOW, Friends from College, and Ozark.

There's a dark side to this data, though: While the company isn't around to judge your sweatpants and the chip crumbs stuck to your couch, Netflix is privy to even your most embarrassing viewing habits. The company recently used this info to publicly call out a small group of users who turned their binges into full-fledged benders:

Oh, and if you're the one person in Antarctica binging Shameless, the streaming giant just outed you, too.

Netflix broke down their full findings in the infographic below and, Big Brother vibes aside, the data is pretty fascinating. It even includes survey data on which shows prompted viewers to “Netflix cheat” on their significant others and which shows were enjoyed by the entire family.

Netflix infographic "The Year in Bingeing"


More from mental floss studios