 |
|
| FriendFeed is the easiest way to share online. Learn more » |
Kelby › Comments
Twitter saved this babys life - http://www.examiner.com/x-1210-...
Great story about how Twitter saved a baby!
- Kelby
Intelligent First Aid - A Discussion in Safety {& a Giveaway} | Blissfully Domestic - http://blissfullydomestic.com/2009...
I love it! A talking first aid kit, what a clever idea... From the page: "Did you know that in 95 percent of all emergencies, bystanders are the first people available to help on the scene? At home or out and about, a first aid emergency can be a highly stressful event."
- Kelby
Traveling Over Christmas: Deciding to Go on Vacation During the Christmas Holidays | Suite101.com - http://familytravel.suite101.com/article...
From the page: "Christmas is typically family time, which can make it challenging to go on a Christmas vacation away from relatives. Here are tips on deciding and explaining why."
- Kelby
Been saying for months people should move to FriendFeed, but did they listen? :-) Posting to Twitter, wonder if it'll get through? #Jericho
CarolAnnB, Jason Pollock and Paul Monaco liked this
Friendfeed is also starting to time out for some of us. FYI
- Melissa Pierce
Even FF is single point of failure. Roll ur own http://tr.im/lifestream need somthn closer 2 encrypted P2P Wave-based Global Cognition Grid
- michael silverton
from PeopleBrowsr
that'd be a novel idea.: A P2P microblogging network.
- WoollyMittens
Been thinking (even posting a bit) about a "people's network" where we actually own the thing... I don't trust the owners of Twitter, Facebook, et. al. In fact they sort of rub me the wrong way most of the time... :-)
- Robert Morrison
Didn't we call that "IRC"?
- WoollyMittens
This is the best FF PR... a combo Twitter/FB crash.
- Kelby
I'm seeing a lot of people re-evaluating FF in their social networking strategy. I know I am for my personal as well as accounts I manage. Will bring this topic up at PodcampBoston 4 this weekend #PCB4
- Paul Monaco
Well, I hope that now my Twitter contacts will finally get over to FriendFeed and return my subscription, I'm following thousands of them here after "importing" them (for lack of a better word) a while back...
- Robert Morrison
On this day in 2009, Twitter went down for the second time in less than a week, and ominously right after FriendFeed was acquired by Facebook. #twitterfailsagain
- Robert Morrison
I'm here!
- Jason Pollock
Win $10,000 and Show Off our Mom Genius - http://www.typeamom.net/win-100...
We, the community of Type-A Moms, are competing to win $10,000 by sharing our great ideas. I know we can win this. Who accomplishes more and is more resourceful than a mom? And we type-As take even that up a notch.
- Kelby
Working With Lifetime - http://www.tothinkistocreate.com/2009...
This is so cool! Arianne and some of my other friends are Lifetime moms. So excited! Congrats Ari!
- Kelby
This is all sooo true!
- Kelby
There is no defense against Denial of Service (DOS) attacks. The bad guys can always throw more bandwidth at the attack than you can.
Kevin Brew, Rui Pereira, Daniel Rowley and 66 other people liked this
Can a DoS attack be traced?
- Dave "Freedom 35"
The datacenter really needs to handle this in their routers and packet filtering. Expecting web sites to deal DDOS attacks won't work.
- Todd Hoff
Just tuning in right now - is Twitter down from a DOS attack?
- Dean "Karnatos" Michaud
Twitter (web) is back up.
- Dave "Freedom 35"
A DOS is very hard to trace since it's typically done with a zombie network. And you can't route your way out of a DOS attack.
- Scoble, Alex Scoble
from IM
There are ways to defend against DDOS attacks. Generally, you run out of CPU before you run out of bandwidth.
- Wirehead
No, there really isn't any way to defend against a DOS these days.
- Scoble, Alex Scoble
from IM
A lot are accomplished with broadcast and other techniques that can be stopped at the router.
- Todd Hoff
That's crazy!
- Kelby
And as pointed out by Mashable - the trending topics on twitter were "Tweet Created" and "Twitter Zombies"
- guruvan (Rob Nelson)
they are just shutdown their system to make us talk about them.
- abdellah
DoS attacks can be traced, but are rarely used, Distributed DoS attacks originate from so many different points there is no point in tracing the sources
- guruvan (Rob Nelson)
Well, you want to see how good your DOS defenses are? Put up a website saying "Our systems are able to withstand a DOS attack so do your best" and see what happens. :)
- Scoble, Alex Scoble
from IM
Entities having large zombie nets are difficult to defeat in a DDoS attack. Unless you're the ISP, they have more than you do.
- guruvan (Rob Nelson)
Google is probably very DDOS resistant because of how distributed their stuff is, but most places can't duplicate that defense. And it's possible for a zombie net to be able to chew up more bandwidth than an ISP has
- Scoble, Alex Scoble
from IM
And I guarantee you that friendfeed is just as vulnerable to a DOS attack as Twitter is.
- Scoble, Alex Scoble
from IM
And you'll notice that I'm not differentiating between DOS and DDOS, because a DDOS is a DOS and is now the most common type of DOS.
- Scoble, Alex Scoble
from IM
Alex - that worries me the most about FF. :)
- phil baumann
Depends on the class of DOS, but bandwidth exhaustion DDOS attacks are certainly one of the hardest to defend one's self from.
- ax0n
I suggest you all take the time to tour the rest of the Internet! Remember there's more than AOL...I mean Twitter out there!
- ‘-.-’ Tutivillus Grift
Yeah, ax0n, that's what I'm saying. :)
- Scoble, Alex Scoble
from IM
I don't give two poos about Twitter being down - but broadly speaking, can't good IPSes doing packet inspection mitigate this shit (if the attack is not too high-octane in its own available bandwidth, that is.) Although as Wirehead said, you'll be melting CPUs before anything else, I'd think.
- Anthony Citrano
Here is some research. http://nms.lcs.mit.edu/papers... I'm not fond of words such as impossible, or technical discussion that lacks technical detail.
- Jason Wehmhoener
Well, let's just say it's a lot harder for a service provider to make it impossible to do a DDOS than it is for an attacker to make it impossible to use your service. :)
- Scoble, Alex Scoble
from IM
I can't post a new thread on FF - ERROR!
- Liza + = ?
But yes, the title of this thread should be "For most of the world, there is no defense..." Large organizations like Google can do some things to defend against DOS attacks, like run behind distributed server farms...but 99.9% of the world is not Google.
- Scoble, Alex Scoble
from IM
Then again, this is probably why a lot of people are interested in cloud computing. If distributed systems are the best defense for a DOS, then cloud computing would be a great way to run public web based services.
- Scoble, Alex Scoble
from IM
If these DDOSes are coming from zombie machines, those machines are probably prone to infection, which means you need your own botnet to attack the zombies and install your own botnet software on them. Whoever makes a botnet that uses DDOSes as a way to find more machines will eventually grow the biggest botnet out there. ;)
- Amit Patel
Heh yeah, and you are starting to see more sophisticated zombie attacks that harden the zombies that they take over to make it harder for other zombie attackers to take over their zombie nets.
- Scoble, Alex Scoble
just boot your machine in safe mode with networking and run Spybot Search & Destroy, Malwarebytes Anti-Malware, and your anti-virus scans - if it's not cleaned out by that then you might as well re-install windows (which is a good idea from the start since you never really know if you got rid of any rootkits) sometimes it's quicker to reinstall windows than to go through all that
- Chris Heath
Yeah, that doesn't defend you from a DDOS attack though. That just cleans out malware if your PC has become a zombie and is part of a DDOS attack. :)
- Scoble, Alex Scoble
from IM
Actually there are companies that sell protection against DDoS. It works.
- Leo Laporte
Agree with @Jason here is another link to share for DDoS Attack/Defense Taxonomies http://www.lasr.cs.ucla.edu/ddos.... I think the key to remember is that the DDoS attacks evolve over time. I can see even clouds being vulnerable in that conceivably one can use linked clouds to launch large enough attacks to overwhelm a single vendors ability to scale. Has not happened yet but possible.
- Altan Khendup
There is tremendous vulnerability if they can take Twitter down.
- rob
Twitter just isn't that large, or that distributed. I'm impressed if they can take down Facebook, or Google. (it seems that Facebook was suffering at the same time, and my suspicion is from the same attack - but maybe not)
- guruvan (Rob Nelson)
Does anyone know at this point who is responsible for the attack? This would require a huge bot-net and some serious bandwidth.
- Angus Burton
Great FF conversation here about outages, cause, impacts, etc. ----> http://ff.im/6fF0t
- Susan Beebe
Yeah, Alex... I was commenting in reference to the hardening of the zombies
- Chris Heath
There is a defense, employing a network element which can route around obstacles: carrier pigeons. http://crankypm.com/2009...
- DGentry
There's a denial of service attack that can be used against pigeons...requires a shotgun and someone who knows how to use it :)
- Scoble, Alex Scoble
from IM
DGentry: There's a follow up to that IP over Carrier Pigeon, IP over Tanks. Paint the 0s and 1s on the side of a tank turret, and such. Helps to defeat Alex's DoS attack on the pigeons. At least to DoS it you need a bigger gun ;)
- guruvan (Rob Nelson)
Chris Heath: more simple way of defeating rootkits: Run the machine as a Virtual Machine, and always roll back to a clean snapshot on reboot. I've employed that method for a long time. Defeats rootkits, viruses, stupid users, and all that. Works for any OS you can run in the VM.
- guruvan (Rob Nelson)
Still not 100% effective. There are ways to take control of the host machine that is running a VM.
- Scoble, Alex Scoble
from IM
Nothing is 100% effective, short of sealing the machine 1 mile underground in a concrete-filled missle silo.
- guruvan (Rob Nelson)
And FWIW: I have not yet heard any significant news of bare-metal hypervisors (which replace the host OS and which I was referring to above) being compromised (but it will come, or is here already and quiet)
- guruvan (Rob Nelson)
Which breaks rule #1 Must meet business needs
- Scoble, Alex Scoble
from IM
Ahh, sorry, when you say VM I think of the more traditional VMs running on a traditional OS
- Scoble, Alex Scoble
from IM
LOL. Yes - but it does make the point of what must be done to truly secure a machine. There is no such thing as 100% security with any remaining functionality
- guruvan (Rob Nelson)
I mostly meant things like VMWare ESXi (which doesn't even use a traditional OS for management purposes any more. (ESX is a bare-metal hyper visor, but uses a RH variant as a management box)
- guruvan (Rob Nelson)
Yeah, that stuff is pretty sweet.
- Scoble, Alex Scoble
from IM
And ESXi is free I believe. If the virtual hardware would just run a video game, I'd run everything like that ;)
- guruvan (Rob Nelson)
Great point Rob (bringing up virtualization) -- and for anyone interested in this stuff, Hak.5 has done a lot of virtualization in season 5 http://www.hak5.org/categor... They get into ESX and ESXi in the later half of the season but virtualization is often a topic for one of their segments.
- Chris Heath
@guruvan (Rob Nelson): there is the alleged Blue Pill hypervisor root kit. http://bit.ly/JCmmP
- Nick Lothian
Not to mention the experimental (allegedly) work of installing viruses on things like graphics controllers
- Scoble, Alex Scoble
from IM
I wouldn't doubt if it was completely real, Alex. You read about the Apple keyboard bit?
- Matthew Horton
No, I missed that one...got a link?
- Scoble, Alex Scoble
from IM
Granted it's not done remotely yet - http://www.engadget.com/2009...
- Matthew Horton
@Alex Scoble: most DDOS attacks aren't designed to use up your bandwidth - they generally hit others limits a long time before that. The most common type of attack opens up lots and lots of connections to your website at once. That makes your webservers fall over. For added variety some hold the connections open, so they appear just like a slow web browser, making it harder to detect.
- Nick Lothian
Yep, but if an attacker so chooses, they may rent out a botnet from various individuals and jam your internet connections as well.
- Scoble, Alex Scoble
from IM
And Matthew, that keyboard hack is crazy awesome.
- Scoble, Alex Scoble
from IM
The biggest mistake that any designer, engineer or programmer can make is to forget about layer zero in the OSI model...the user layer.
- Scoble, Alex Scoble
from IM
My bad...I meant layer eight.
- Scoble, Alex Scoble
from IM
If you ever hear a designer/developer/programmer/engineer say "a user would never do that", fire them on the spot.
- Scoble, Alex Scoble
from IM
Alex, why is it that CERT website dont get DoS'ed ?
- Peter Dawson
Alex - if the virus that's designed to hit the graphics controller doesn't have access to the correct host OS, it's going to write to the VMs graphics controller. Which just won't do much.
- guruvan (Rob Nelson)
Nick: The Blue Pill is an attack on a Windows machine that has virtualization in the processor - it converts the running Windows into a VM and becomes the bare-metal hypervisor on the fly. Using an actual hypervisor defeats that. (though it is a pretty impressive attack)
- guruvan (Rob Nelson)
@guruvan (Rob Nelson): I'm not sure. http://www.zdnetasia.com/news... says "The researchers claimed Xen hypervisors could be subverted by compromising flaws in Xen software to gain access to Domain 0, Xen's privileged administrative domain. Once that administrative domain is compromised, the virtual system controlled by the hypervisor is compromised."
- Nick Lothian
At least now we're getting a better idea of what happened Thursday. Though it's intriguing how it was aimed at just one person who had different services each of which were affected.
- George Hall (Australia)
i'm not following george... did I miss something?
- Chris Heath
Yep, Chris...the fact there's a pro-Georgian blogger who wrote on all the affected services. Seems all his pages were targetted. A bit more of the Russian/Georgian cyberwar. There's at least a few articles/posts about that across the net. Though, I summarized it at http://geehall1.posterous.com
- George Hall (Australia)
Twitter, Facebook, LiveJournal, YouTube, Google attack was not a botnet, just tons of people manually clicking spam ... related to pro-Abkhazia activist blogger Cyxymu. This is the theory of Bill Woodcock, research director of Packet Clearing House, a nonprofit that helps network operators when they come under attack. CNET (4:32 pm PDT) seems to be the main source of this story, which...
more...
- Mitchell Tsai
erro not so you can block the suspisious ip addresses / country
- Maurice Walshe
Alex, I when I said CERT I meant this site http://www.us-cert.gov
- Peter Dawson
You _can_protect your site against DoS attacks. Tier 1 ISPs offer DDoS protection using CiscoGuard appliances (see http://www.cisco.com/en...) + BGP + GRE tunnels. They deflect extortion attempts every week for banks and other sites.
- Paul Lindner
Very interesting stuff, Paul. Thanks for the link. I wonder how long it will be before the bad guys find a way to shut those Cisco boxes down and make them cry to mama. It's like a grand game of cat and mouse.
- Scoble, Alex Scoble
from IM
eh Paul, some of em systems are also vectors for DNS posioning and route hijacking.. ant that a DoS too ?
- Peter Dawson
Peter: Yes, DNS poisoning can be a DoS attack, as well as route hijacking. Typically those are done to deny users access to a given site or service. Occasionally those are used to hijack a service, which has the effect of DoS, but not the primary intention (the primary intention is often to change the message that web site visitors would see, or perhaps to collect sensitive data such as passwords or financial information )
- guruvan (Rob Nelson)
@GuruVan, " change the message " is more like "man-in-the-middle", thats a totally different vector !!
- Peter Dawson
Not quite Peter. MiTM is usually executed differently than a straight hijacking. (though the data collection I mentioned is usually a MiTM attack)
- guruvan (Rob Nelson)
off course, MiTM is executed differently !! Hey, anyway feel free to jump onto my FF bandwagon.. http://friendfeed.com/cloud-d... f:)-
- Peter Dawson
I may be simplistic but couldn't these hackers just doing something worthwhile with their talent?
- Kevin J Hatton
They are often affilliated with elements of organized crime in various countries
- Scoble, Alex Scoble
from IM
Or affiliated with seedy people who don't like ketchup on burgers
- Jeff (Team マクダジ )
yeah but remember, in some countries they (hackers) have to protect their young sisters from being sold - so they (hackerS) use their talents to keep the family together. Its an't always what you think it is !
- Peter Dawson
Okay, but are those guys 'hackers' or 'crackers'? AFAIK they're crackers.. no?
- Thierry R. Andriamirado
from email
They are both. :) A cracker is a black hat hacker.
- Scoble, Alex Scoble
from IM
Or h4XX0r$ ;) ( or god forbid, the evil and feared script kiddies )
- guruvan (Rob Nelson)
Interesting analysis of Twitter's network: http://www.blyon.com/blog...
- Todd Hoff
HAHHHHHHHHHHHH!!!!!!!!!!!!!!!!
- Kelby
why is twitter acting weird today? #Failwhale
You are getting a fail whale? So lucky! Not even loading for me.
- Kelby
Yes its down... http://www.techcrunch.com/2009...
- chad engle
The fact you're getting something is a good sign, though!
- Sarah Whinnem
guys try tweetdeck, the web interface is ahving problems but tweetdeck is still working but with lags
- cheth
ZOMG, Twitter is down, time to get a life!
Kelby liked this
is wondering if it's even possible both Twitter and FB are down at the same time. Sign of the Apocalypse?
Tofu De la Moore, Sheena Tatum and Chris liked this
I am wondering the same thing, this is so very strange
- Toni
So very, very strange. How can they both be down at the same time?
- Jennifer James
And the Underdog FriendFeed is alive and well! At least I know who my back up is and/or maybe my primary one day! LOL
- Paul Monaco
The day Twitter and Facebook died and FriendFeed became king.
- Mommie Daze
I think it is the end....but at least we have friendfeed hahaha :))
- Chris
FriendFeed has been in and out for me... It's probably surviving because it isn't mainstream... so it isn't getting bombarded like FB probably was when twitter went down.
- Kelby
sky's falling!
- Tofu De la Moore
from BuddyFeed
Twitter's back!!!
I keep seeing people are back on Twitter, but I can't get on yet. *frowns*
- Jennifer James
it's still pretty slow!
- Sheena Tatum
Great! Now everyone hops back on and crashes it! lol
- Kelby
Still down for me.
- Jared Smith
gah, it's down again!!!
- Sheena Tatum
Who Broke Twitter?
Sorry... my bad. And hey! You are posting from FACEBOOK? You are sooo lucky!
- Kelby
Yeah, yeah... Twitter is down. Facebook is belching and farting as well. And the entire country just spun up in a whir of productivity to levels that we haven't seen in nearly 2 years.
Marco Castellani, Imabug, Morton Fox and 2 other people liked this
Not really... because now I am wasting time on FF seeing what people are saying about it... and reading posts about it. *sigh*
- Kelby
I won't be surprised if the DOW and S&P make dramatic jumps up today.
- Paul Reynolds
Who needs another Twitter guide, LOL?! >> http://mashable.com/2009...
sadly... lots of people.
- Kelby
PENSIEVE: Blog Hop 09 - http://www.pensieve.me/blog-ho...
 |
Can't go to BlogHer? Here is a great virtual party for those stuck at home!
- Kelby
'I Blog With the Sisterhood,' TSP's Contest With Type-A Mom â The Sister Project - http://thesisterproject.com/i-blog-...
 |
"BLOGGING CAN BE A SISTERHOOD, and TSP is all about the S word. With that in mind, we're sponsoring a contest with Kelby Carr and our other friends at her Type-A Mom network, with the top prize a scholarship to their upcoming blogging conference, where 300 women who blog will enjoy a September weekend of learning and networking in beautiful Asheville, N.C.
- Kelby
Tips on visiting Asheville with kids!
- Kelby
You're My Butterfly | To Think Is To Create - http://www.tothinkistocreate.com/2009...
 |
What amazing pictures! Small boys and butterflies... who knew the two shall mix?
- Kelby
Tour de France 2009 - http://gofrance.about.com/od...
 |
From the page: "Tour de France 2009 runs July 4 to Sunday July 26, 2009, with 21 stages covering a total distance of 2,174 miles (or 3,500 kilometers). See the daily blog coverage, map, stage list, top Tour de France merchandise, a list of teams and riders, and find out more about planning a visit to the tour stops along the route."
- Kelby
This is a great new blog from a mompreneur who sells cool mom-invented products (her blanket bag is on shelves at Target right now!). She talks about motherhood, running a small business, and the so-called "glamorous life."
- Kelby
Healthy Summer Snacks for Kids | Gather - http://www.gather.com/viewArt...
 |
Summer vacation is here, and now moms like me are all trying to figure out how to come up with snacks for the kids that are healthy and help them keep up their energy for outside play, swimming and other fun summer activities. With my daughter home now, plus 3-year-old twins, I need a lot of snacks to keep those little ones going throughout the day.
- Kelby
PENSIEVE: Saturday Shorts &Shout Outs - http://www.pensieve.me/2009...
 |
Nice post about Paula Deen's rental and, oh, right... the Type-A Mom Conference. LOL.
- Kelby
Here is a mom seeking a sponsorship to the Type-A Mom Conference.
- Kelby
Type-A Mom Conference - http://typeamomconference.com
 |
From the page: "Type-A Mom Conference is a unique mom blogging conference designed to help you take it to the next level. The conference will feature some of the most influential, admired and insightful mom bloggers talking about topics like power social networking, branding, blogging, finding your voice, and turning your passion for blogging into a real paycheck. "
- Kelby
Free Foodie Printables from Martha & Edible Crafts @ CraftGossip - http://ediblecrafts.craftgossip.com/free-fo...
 |
This is way too cool!
- Kelby
When the Thrill of Blogging Is Gone ... - NYTimes.com - http://www.nytimes.com/2009...
 |
From the page: "Richard Jalichandra, chief executive of Technorati, said that at any given time there are 7 million to 10 million active blogs on the Internet, but âÂoeitâÂs probably between 50,000 and 100,000 blogs that are generating most of the page views.â He added, âÂoeThereâÂs a joke within the blogging community that most blogs have an audience of one.â "
- Kelby
My Feminist Icon is⦠at Writing Roads - http://writingroads.com/blog...
 |
From the page: "Is this a joke? Who decided that she triumphed and who the hell called it wholesome? I think what she did was horrid and unforgivable. IâÂve never caught her face on the front of the tabloids and thought anything but, âÂEw.â She did something wrong. She hurt at least one person, badly. And because the media decided to spin it one particular way, she triumphed? Naomi, you say it yourself: Maddox was photographed playing squeaky clean football with Brad Pitt, the father figure, and by Annie Liebovitz loving his mother. This was not a triumph - but a well-played, well-moneyed PR stunt."
- Kelby
Mommy Gossip: I Am Thankful for... Food, Glorious Food! - http://mommygossip.blogspot.com/2008...
 |
Yum!!!
- Kelby
Other ways to read this feed:
