I just got this statement from Avaaz communications director Sam Barratt. It's
still highly inadequate:
Hi Andrew
Sorry for the delay in getting back to you - the attack was for real I can
assure you. Below is a short statement
we have issued, we are still looking into this and I will let you know
when we can share more on what went on.
Cheers
Sam
Avaaz statement on the attack on the site
An
attack on Avaaz’s website from a globally-distributed botnet of
thousands of computers ended yesterday (Thursday 3rd May). Avaaz does
not have any further information about who is behind it but the FBI have
been notified about this incident.
The DDOS attack lasted for 44
hours and finally ended on Thursday 3rd May which experts say "was a
large and substantive attack."
The site was down for 14 minutes on Wednesday 2nd May and our ability to
send out global campaigns to our membership was affected during the
attack. In response, Avaaz has launched a fundraising campaign in order to
create a defence fund to take its security to the next level.
Andrew Couts
Staff Writer
Digital Trends
[email protected]
Twitter: @andrewcouts
www.digitaltrends.com
________________________________
From: Steve Weis <[email protected]>
To: Andrew Couts <[email protected]>
Cc: "[email protected]" <[email protected]>
Sent: Friday, May 4, 2012 1:00 PM
Subject: Re: [liberationtech] Avaaz, is this for real?
Hello Andrew. Your article asserts that this attack is happening as fact, yet
you say that Avaaz did not provide any additional information. Which sources
and evidence did you base your article on besides Avaaz's own press release?
Claims of a "massive attack" are easy to confirm. Avaaz should be able to
provide detailed logs of the attack, which can be verified by an independent
security professional and corroborated by their hosting providers.
If this does turn out to be a targeted denial of service attack, that certainly
doesn't take real expertise or significant resources -- it's cheap to rent a
botnet. It's a big leap to claim that a state actor or large corporation must
be behind it.
On Fri, May 4, 2012 at 9:18 AM, Andrew Couts <[email protected]> wrote:
Hi - I'm the author of that Digital Trends article. I have repeatedly asked
Avaaz for more information about the attack, and they have either said "We'll
know more soon," or completely ignored me. I believe there is simply not enough
information available yet to make accusations of fraud in the press. But I am
doing my best to get answers about exactly this. I'll send out an update if
they respond.
>
>
_______________________________________________
liberationtech mailing list
[email protected]
Should you need to change your subscription options, please go to:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
If you would like to receive a daily digest, click "yes" (once you click above)
next to "would you like to receive list mail batched in a daily digest?"
You will need the user name and password you receive from the list moderator in
monthly reminders. You may ask for a reminder here:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
Should you need immediate assistance, please contact the list moderator.
Please don't forget to follow us on http://twitter.com/#!/Liberationtech
_______________________________________________
liberationtech mailing list
[email protected]
Should you need to change your subscription options, please go to:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
If you would like to receive a daily digest, click "yes" (once you click above)
next to "would you like to receive list mail batched in a daily digest?"
You will need the user name and password you receive from the list moderator in
monthly reminders. You may ask for a reminder here:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
Should you need immediate assistance, please contact the list moderator.
Please don't forget to follow us on http://twitter.com/#!/Liberationtech
