The most crazy tech story since the HP pretexting scandal
Maybe temporary insanity will serve as a defense strategy but the emerging story of the weekend denial-of-service attack against Revision3 boggles the imagination.
This is one of the more bizarre stories to hit the tech world since the Hewlett-Packard pretexting scandal.
Check out the postfrom Revision3 CEO Jim Louderback detailing the inside story of the denial-of-service attack which crippled his company's servers over the Memorial Day weekend.
Revision3 tracked the attack back to an Internet address belonging to a subsidiary of Artist Direct, called MediaDefender. And it admitted as much when confronted with the evidence. I'll let Jim take it from here:
So I picked up the phone and tried to get in touch with ArtistDirect interim CEO Dimitri Villard. I eventually had a fascinating phone call with both Dimitri Villard and Ben Grodsky, vice president of operations at Media Defender.
First, they willingly admitted to abusing Revision3's network, over a period of months, by injecting a broad array of torrents into our tracking server. They were able to do this because we configured the server to track hashes only--to improve performance and stability. That, in turn, opened up a back door which allowed their networking experts to exploit its capabilities for their own personal profit.
Second, and here's where the chain of events come into focus, although not the motive. We'd noticed some unauthorized use of our tracking server, and took steps to de-authorize torrents pointing to non-Revision3 files. That, as it turns out, was exactly the wrong thing to do. MediaDefender's servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server. And that torrential cascade of "Hi"s brought down our network.
Grodsky admits that his computers sent those SYN packets to Revision3, but claims that their servers were each only trying to contact us every three hours. Our own logs show upwards of 8,000 packets a second.
"Media Defender did not do anything specific, targeted at Revision3″, claims Grodsky. "We didn't do anything to increase the traffic"--beyond what they'd normally be sending us due to the fact that Revision3 was hosting thousands of MediaDefender torrents improperly injected into our corporate server. His claim: that once we turned off MediaDefender's back-door access to the server, "traffic piled up (to Revision3 from MediaDefender servers because) it didn't get any acknowledgment back."
I've never heard of Grodsky but the man's brass obviously has served him well professionally. MediaDefender "did not do anything specific, targeted at Revision3?" Other than borrow Revision3's servers without permission and for its own profit, that is. (Here is where everyone can exclaim in concert, "WTF?"
At this point, Revision3 says it's not planning to file a lawsuit. Not because it doesn't have a case but pursuing a court remedy would likely cost a lot of money. But here's an opportunity for a public-regarding watchdog like the Electronic Frontier Foundation to get involved. Maybe temporary insanity will serve as a defense strategy because the emerging story boggles the imagination. And now you have to wonder whether Revision3 is the only victim or whether there are others.
Call me a cynic but MediaDefender's actions have already spoken volumes about its ethics. The only way to root out the full story is to get these folks in front of a magistrate.