Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Hey, how about just disconnecting the critical machines from the network when under such an attack?



Our DDOS recovery plan is to just shut everything off and admit defeat. Brilliant.


That seems infinitely better than catastrophic loss of customer funds.


@fleitz A million dollars difference, seems to me.


You mean in addition to being technically incompetent the team was also too stupid to buy insurance?


I would imagine insurance for an online bitcoin wallet is somewhere between "prohibitively expensive" and "not possible to buy"


Given recorded history, why would anybody sell insurance to bitcoin companies?


What company sells insurance against bitcoin being stolen?

Its so easy to steal your own bitcoin from yourself. How could a company profit from insuring against that?


Do they have insurance for being stupid?


There's no difference as if you shut your site down everytime someone DDoS then you'll have no customers anyway.


mmm i think at this point in the Bitcoin community, stating that practice on your homepage would actually get you more customers.

"In the event of an obvious attack, we disconnect from the network and begin diagnostics after __ minutes of sustained activity."


ddos can run over a rather long period of time and come and go fairly quick. cutting the internet connection just is no viable solution for an online service.


"If we keep closing our retail store every time there's a riot inside of it, we'll never have any customers."

No, you shut the thing down, you post a page that explains what is going on and what you're doing about it, then you open again when it's clear.


Your analogy is wrong. A riot inside your store would be a compromised server. What you want to do is to close your store every time someone who looks like a burglar walks by, in front of your store. After no time the competing store on the other side of the street will hire an actor to walk by your store and shut you down just with walking in front of your store.

It's super easy for every competitor to get you out of business forever if you just shut down. DDoS is not like something especially hard or expensive to set up (depending on your service of course), but again, shutting down is not an option as a standard countermeasure.


The idea that airgapping during DDoS attacks will prevent intrusions is laughable.


For those of us who aren't laughing, how does the intruder bridge the air gap?


> For those of us who aren't laughing, how does the intruder bridge the air gap?

Waits until you plug it back in.

Chances are they have more time than you do to play the game of attrition.


How would an attacker exploit a service while it was inaccessible because they're DDoSing it? Why would someone draw attention to themselves like that?

Maybe the attacker stole the coins and then DDoS'd the site?

It's all speculation, we're pretty light on details, but the whole DDoS-as-a-distraction thing seems a little out there to me.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: