Thanks for the communication - this is good.  Just curious - with entire
businesses being put out of place, and rumors that the Russian Gov't may be
behind such attacks, is Twitter communicating with Homeland Security about
this?  To me this seems like a matter of national security even more than it
is a Twitter issue.  The US economy is being attacked because of this.
Not to sound too radical - I'm just genuinely curious when the Government is
going to get involved.  (and thank you for doing what you can - I'm sure I
speak for all when I say we feel your pain)


On Fri, Aug 7, 2009 at 2:05 PM, Ryan Sarver <> wrote:

> I wanted to send everyone an update to let you know what has been
> happening, the known issues, some suggestions on how to resolve them and
> some idea of how to move forward.
> *Whats been happening*
> As you know all too well Twitter, among other services, has been getting
> hit pretty hard with a DDoS attack over the past 24+ hours. Yesterday we saw
> the attack come in a number of waves and from a number of different vectors
> increasing in intensity along the way. We were able to stabilize our own
> service for a bit, hence Biz's post saying all was 
> well<>,
> but that didn't mean the attacks had ceased. In fact, at around 3am PST
> today the attacks intensified to almost 10x of what it was yesterday. In
> order for us to defend from the attack we have had to put a number of
> services in place and we know that some of you have gotten caught in the
> crossfire. Please know we are as frustrated as you are and wish there was
> more we could have communicated along the way.
> *Known Issues*
> * - HTTP 300 response codes* - One of the measures in thwarting the
> onslaught requires that all traffic respect HTTP 30x response codes. This
> will help us identify the good traffic from the bad.
> * - General throttling* - Try to throttle your services back as much as
> possible for you to continue operating. We are working on our end to better
> understand the logic used in throttling traffic on the edge of the network
> and will communicate what we can, but the best idea is to just throttle back
> as much as you can in the mean time.
> * - Streaming API* - as part of the edge throttling we know requests to
> the Streaming API with lists of keywords or uses are getting dropped because
> the request is too large. We are working to get this filter removed and will
> update the list when we know more.
> - *Unexpected HTTP response codes* - we know people are seeing a lot of
> other weirdness and we aren't exactly sure what to attribute the various
> issues to, but know that you aren't alone.
> As the attacks change our tactics for defense will likely need to change as
> well, so stay active on the list and let us know what problems you are
> seeing and we will do our best to help guide you along.
> *Moving forward *
> We will try to communicate as much as we can so you guys are up to speed as
> things change and progress. I personally apologize for not communicating
> more in the mean time but there hasn't been much guidance we have been able
> to give other than hold tight with us. We fully appreciate all the long
> hours you are putting in to keep your apps running and supporting your users
> and know we are frustrated with you. Continue to watch this list,
> and @twitterapi for updates
> Thanks for your patience, Ryan
> PM, Platform Team
> @rsarver <>

Reply via email to