I'm sure they would let you know first...
Get real.
Sent from my iPhone
On 07.08.2009, at 21:02, Jesse Stay <[email protected]> wrote:
Thanks for the communication - this is good. Just curious - with
entire businesses being put out of place, and rumors that the
Russian Gov't may be behind such attacks, is Twitter communicating
with Homeland Security about this? To me this seems like a matter
of national security even more than it is a Twitter issue. The US
economy is being attacked because of this.
Not to sound too radical - I'm just genuinely curious when the
Government is going to get involved. (and thank you for doing what
you can - I'm sure I speak for all when I say we feel your pain)
Jesse
On Fri, Aug 7, 2009 at 2:05 PM, Ryan Sarver <[email protected]>
wrote:
I wanted to send everyone an update to let you know what has been
happening, the known issues, some suggestions on how to resolve them
and some idea of how to move forward.
Whats been happening
As you know all too well Twitter, among other services, has been
getting hit pretty hard with a DDoS attack over the past 24+ hours.
Yesterday we saw the attack come in a number of waves and from a
number of different vectors increasing in intensity along the way.
We were able to stabilize our own service for a bit, hence Biz's
post saying all was well, but that didn't mean the attacks had
ceased. In fact, at around 3am PST today the attacks intensified to
almost 10x of what it was yesterday. In order for us to defend from
the attack we have had to put a number of services in place and we
know that some of you have gotten caught in the crossfire. Please
know we are as frustrated as you are and wish there was more we
could have communicated along the way.
Known Issues
- HTTP 300 response codes - One of the measures in thwarting the
onslaught requires that all traffic respect HTTP 30x response codes.
This will help us identify the good traffic from the bad.
- General throttling - Try to throttle your services back as much
as possible for you to continue operating. We are working on our end
to better understand the logic used in throttling traffic on the
edge of the network and will communicate what we can, but the best
idea is to just throttle back as much as you can in the mean time.
- Streaming API - as part of the edge throttling we know requests
to the Streaming API with lists of keywords or uses are getting
dropped because the request is too large. We are working to get this
filter removed and will update the list when we know more.
- Unexpected HTTP response codes - we know people are seeing a lot
of other weirdness and we aren't exactly sure what to attribute the
various issues to, but know that you aren't alone.
As the attacks change our tactics for defense will likely need to
change as well, so stay active on the list and let us know what
problems you are seeing and we will do our best to help guide you
along.
Moving forward
We will try to communicate as much as we can so you guys are up to
speed as things change and progress. I personally apologize for not
communicating more in the mean time but there hasn't been much
guidance we have been able to give other than hold tight with us. We
fully appreciate all the long hours you are putting in to keep your
apps running and supporting your users and know we are frustrated
with you. Continue to watch this list, status.twitter.com and
@twitterapi for updates
Thanks for your patience, Ryan
PM, Platform Team
@rsarver
