Nick, Yes, they have very competent people. My criticism is not leveled against the API team. They are not the ones responsible for the edge defenses.
But this thing has happened every single time so far. Twitter comes under attack, and the response is to simply swing the machine gun in a 360 degree arc. That's probably what I would do, but I am a lone guy, I do not have a company full of super competent and smart people. And the after the first time, I would make damn certain that I don't do it again, and I would make a list of who not to shoot the next time around. Dewald On Aug 8, 10:41 pm, Nick Arnett <nick.arn...@gmail.com> wrote: > On Sat, Aug 8, 2009 at 5:40 PM, Dewald Pretorius <dpr...@gmail.com> wrote: > > > Twitter needs to realize that our apps are NOT still down because of > > the ongoing denial-of-service attack. That's a cop-out to blame the > > attack. > > > Our apps are still down because they cannot allow known, white-listed > > IP addresses through the defenses. > > > And that is why I am getting frustrated, because I have asked multiple > > times months ago that they distinguish between friend and foe, and not > > kill everyone on sight when they are attacked. > > What make you think that they can? What if the DDoS attacks are spoofing > white-listed IP addresses sometimes? That would totally fit with using 302s > as a response. > > It's not a good idea to make assumptions about what they can and cannot do. > For Twitter to have grown as large as it is, I assume that they have some > very competent IT people, who surely are doing the best they can. Even > though Twitter isn't taking a direct revenue hit on this, I'm sure that they > know that the damage to their reputation could cost them more and more as > this continues. > > Hmmm... now does the idea of publishing tweetstreams as distributed RSS > feeds sound more attractive? If there's a criticism to be leveled, seems to > me it should be at the dependence on a single point of failure, not their > inability to cope with the inevitable sophisticated attack. DDoS and such > would have a far harder time causing this kind of trouble on a distributed > system. > > As I've said before, this isn't really a criticism of Twitter - what they've > created shows the demand for this kind of service. But imagine if right now > all the dead applications could fall back to reading RSS-published > twitterstreams instead of depending entirely on Twitter for them? > > Hope that doesn't sound like I'm taking advantage of a bad situation, but I > really think this points out the serious limitations of their architecture, > not the competence of their IT people. And no, those aren't the same > things. > > Nick