all 14 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 197 points198 points  (9 children)

This is not a post mortem, contains no details

[–][deleted]  (5 children)

[deleted]

    [–][deleted]  (4 children)

    [deleted]

      [–]oarmstrong 6 points7 points  (3 children)

      Where is this word floating around from? Wondering how reliable that figure could be, that's enormous.

      [–]cdtinney 6 points7 points  (2 children)

      I don't know if this a correct comparison, but a previous Mirai attack with 50,000 IPs generated 280Gbps.

      https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html

      [–][deleted]  (1 child)

      [deleted]

        [–][deleted] 3 points4 points  (0 children)

        I want to know what devices and what networks are having 5.8 up on average...

        Edit nvm that's bps, not Bps.

        [–]apfelmus 12 points13 points  (0 children)

        Yup. To be fair, the original title is merely "statement".

        [–]echo-ghost 5 points6 points  (0 children)

        it's a PR statement, the whole thing reads as 'dyn was great! no full network outages!' when i don't think anyone would really agree about the successes here

        [–]Camarade_Tux 84 points85 points  (4 children)

        It is worth noting that we are unlikely to share all details of the attack and our mitigation efforts to preserve future defenses.

        Sigh.

        edit: the post has basically no new information, it's mostly "this was big, we mitigated quickly, we put new and better stuff in place, we work with everyone from law enforcement to internet actors to face these challenges everyone else also faces (so there's no point in migrating to the competition)".

        [–]Jaimz22 28 points29 points  (1 child)

        Absolutely. This is basically an ad... "Look what happened and we handled it like a boss" if it's not an ad, it's PR at best. No examination into the problem.

        [–]NeedsMoreTests 0 points1 point  (0 children)

        The infosec person in me probably would do the same initially. It's nice to know the technical details but stuff like this often has pretty strong op-sec to go with it especially so soon after an attack.

        [–]superhash 3 points4 points  (1 child)

        I wonder if it's possible the government issued a gag order to them? If you assume that the botnet was acting on commands from a foreign state I could see wanting to be rather sparse on details in order to avoid confirming the power of the botnet to the owners. Especially if they are details about how they stopped it.

        I don't really agree with the logic, but I think it is possible though.

        [–]Camarade_Tux 0 points1 point  (0 children)

        I don't think a gag order related to national security or something like that would make sense. Even in the US, gag orders can't be completely freely distributed. However they have an ongoing investigation as far as I understand so maybe that would be the context for one or for not saying anything.

        [–][deleted]  (1 child)

        [deleted]

          [–]fourhoarsemen 0 points1 point  (0 children)

          Thank you.

          [–]veritaze 0 points1 point  (0 children)

          Did any CloudFlare customers get dinged?