That's something I like to keep in mind, when I'm reacting to someone being ... less than friendly ... By reacting badly, I then make it all right for them to justify doing it again, to someone else. I've found that I can defend myself, without becoming a foaming-at-the-mouth maniac. We can enforce our boundaries with water pistols, most of the time. We don't need nukes.
Everything is connected. This chap may be naive, but he's actually trying to set good connections in motion. I applaud that.
It takes real effort to do that in a positive way with a society built around surfacing negativity.
I’ve always really enjoyed building up, but it’s definitely not the easiest path.
I have managed to make a couple of mid-sized splashes, but many folks have no idea that I was behind them, which is fine with me.
Speaking as a reformed 'teen who wanted to watch the world burn', for some it isn't simple omnidirectional malice, but rather a deep and confusing sense that the world is out to get you (spoiler; in some ways it absolutely is) and an instinct to throw a haymaker just so you feel you didn't go down without a fight.
Once this kind of person begins investigating the causes of their discontent - I myself have come to the conclusion that outdated institutions and capitalism are prime suspects - you can do quite a bit more to focus down that energy on the deserving. If you're young and/or dumb enough to not know the difference between the mynoise guy and 'the system' it's almost a forgivable mistake.
That said, from a practical standpoint, yes. Some people just kinda suck real bad. The why isn't always going to get you closer to a cure.
— From Doctor Glas (1905) by Hjalmar Söderberg
I'm not sure that it's even malicious. I think many hackers look at a website or a service as a game to play. They aren't thinking so far as the person that this action affects, just as far as "I wonder if I could get all the data off that site?" or something similar. And on top of that, some view the rate-limiting as a challenge.
I think it's the same thing that drives the excessive snark or cruelty in comments. They don't think of the person on the other end as a person, they think of them as an endpoint.
Hacking, these days, isn’t just for the lulz. Hackers have a purpose, and that’s usually monetary or military (sometimes both).
Hacking crews, these days, run professional organizations that would make a lot of SV C-Suiters green with envy.
If someone wants to take you DOWN they will. And not by downloading a bunch of a files a heap.
As the internet grows, so grows the number of such people on it. In days gone, these people would've been rightly shunned from society, and their ability to cause harm to others was severely limited, unless they were willing to resort to more... extreme methods that would usually come with serious consequences. But the internet has given them a new outlet, a new way to ruin things for people from across the world that would've been far, far beyond their reach before, usually without any risk of punishment.
But naive in a way that most people (?) would like the world to be.
But ultimately, unfortunately, unrealistic.
Building has always been the kind of difficult that, had you known at the beginning then maybe you wouldn't have started. And still quickly and easily destroyed.
Keep creating and building, otherwise there's nothing else to do. Love the obstacles for challenge of defeating them, don't hate them for their existence. To build X you often have to build A, B, and C (and sometimes all the rest of the alphabet) just to have the right setup to maximise the success of X. It can grind, but focus on the benefits of X.
Which sounds like the position they've taken, thankfully.
(Where X represents "anything" and is specifically not the <whatever it's classified as> platform formally known as Twitter).
The melancholy will return, just ride it out each time. It gets easier, gradually.
"The wise act with a reverse clause--meaning that they not only consider what might go wrong, but they are prepared for that to be exactly what they want to happen--it is an opportunity for excellence and virtue.
it’s unbelievable to me that anyone would do this to him.
are you familiar with what he’s done? the amount of work he’s put into helping people?
you should dig a little bit more into the story before badmouthing someone.
There are people in the world who are profoundly nihilistic [0]. They will do mean shit for no reasons, and move on without caring.
This has always been true throughout human history.
"Father, forgive them, for they know not what they do"
0: often without actually knowing what that word means
Want to know why? Because major websites have to do is no matter what so figure minor websites getting screwed doesn't matter.
Sorry to hear about the annoying hack…
And what I find especially nice, when I'm on a spotty connection, is that once you load up your preferred noise it runs locally in your browser, so when your connection craps out it keeps playing seamlessly.
mynoise is one of the best things on the net.
We see this in abusive behavior towards open source maintainers. It saps their will. And 100 thanks < 1 savage attack.
About a year ago the site I worked on had a hacking attempt. I’m not sure why, it was a site that provided online genetic tools for researchers. We had no financials, or even logins. I felt bad in a similar way as when someone broke into my car years ago, or when I had a package go missing.
Move forward/ move on is how I handled it.
I also have 100+ open source projects on github. A few with ~1000 stars. Same thing, few if any thanks.
I wish there was some way to make it easier to thank. I'm just as guilty of not thanking all the open source projects I use except for the few I donate to.
It would still suck to get attacked but it would be motivating to get thanked as well.
I don't know which projects are yours, but a big thank you to you and everyone else who is helping others either through opensource or otherwise!
the one silver lining is that it seems to have strengthened your resolve, to keep planting and keep building instead of just letting chaos and destruction stop you in your tracks. so in that way maybe you haven’t lost after all and maybe this isn’t even a bad thing, it helped clarify the things you find important in life and even inspire others (me included). thank you!
When someone attacks you, it is additionally traumatic in that it undermines your trust in people. In this way, it can breed trauma if it makes you become more defensive/distrustful and/or offensive/trust-violating to others. This is not an excuse to the attacker, but if I were asked how we can end this vicious circle I would probably say it’s about long-term mental health (across generations).
Then I created a iOs shortcut that sent a templated email to my landlord each time I told Siri "Loud neighbors." I was surprised at the effectiveness of 3 - 4 emails a week. I suspect it is one thing to shoosh someone while ushering them out of your office. It's another to have to respond to an email every other day.
Of course, your situation may not be a amenable to this strategy. Either way, I feel you brother/sister, and I wish you peace and quiet.
I lived in a situation with a noisy tenant previously. It was loud bang noises of something falling in the middle of the night, with very thin floors. In my infinite wisdom I decided to move instead of sorting it out, and traded that at least potentially negotiable situation for an inflexible yearly tenancy contract on an apartment that cost 3x more to rent with what turned to be a noisy lift that building management could not care less about despite complaints. (Silver lining, at least noise EQs more easily to cover the constant rumble.)
I also wish you all peace and quiet.
I was "stuck" (someone dropped me off and someone else was supposed to pick me up, but they were late so..) on a highway/motorway in <country> (edit: I wrote it and then deleted it for privacy) some weeks back. The weather was great! Sun was shining, a cool 24 degrees, I was wearing my hoodie, it was windy. I got bored on waiting by the highway/motorway.
No village/coffee place anywhere near, so I decided to take a vertical small road and walk by a green field. And it was windy. And I could see the bushes and leaves from the trees swinging back and forth. And it was windy and very calming (to my soul) so I stood there gazing at the wonderful nature. And I was thinking, why the fuck do we live in cement boxes in cities? I could buy "a few sqm, build something with glass/brick/steel, no deep foundations, and smaller 25sqm "hut" as my office right next to the "house" and live next to a field and have a great life...
Anyway, my friend arrived, picked me up and we continued driving.
I was thinking that the cost of remote land/house/'office' would be 50% on the cost of a 100sqm flat in (most), with the pro of the calmness and the con of being alone in the middle of nowhere.
But there is always the option...
If you are in top N% then yes, you probably just do not have to worry about noise. However, at this point we are just arguing about the definition of “the poor”. If you mean anyone who lacks cash to forfeit the tenancy agreement like it was nothing, then yes.
The attacks are painful, I hope the creator can attract some competent help from here or elsewhere to mitigate this problem.
But I’ve made a choice. I’ll keep planting trees. I’ll keep making sounds. I’ll keep helping baby pigeons.
Look around and you will see every piece of cybersecurity knowledge assumes your porch will be inhabited by bad actors and there is nothing to stop them, so you absolutely need to harden your server as if you are a bank. Have you ever lived somewhere you genuinely don’t need to lock your front door to feel safe? I have, it was amazing, and it depresses me to no end to see the polar opposite to be what is expected on the internet. We were promised a world of peace and unity and total freedom of information but instead we got the tyranny of the petty cyberdelinquent, with no way to enforce prosocial values as we ought to do in a sane society. “On the internet no one knows you are a dog” was a warning, but we would be in a much better world if it’s only dogs we have to share an internet with. When humans get low they can get way lower than the worst dogs ever born.
We are already seeing a Brazilification of the internet. Crime is rampant, so you live in a gated community with private security if you can afford it. On the internet the name of this private security operation is Cloudflare. I hate one private company becoming the de facto gatekeeper of the internet but I cannot blame any individual website (including the one in the article) for using Cloudflare. It’s the thin orange line between a somewhat usable service and getting knocked off the internet by smart fridges every other day because some kid somewhere on the planet got bored.
How will this end? I honestly don’t know.
I get similar "attacks" on daily basis, but find out it’s just a bot crawling the certificate transparency logs. Inspecting site certificates, and it’s issued by Let’s Encrypt CAs. Script kiddies, at best, trying to pick off the low hanging fruit.
Hope he doesn’t take these "attacks" too personally going forward. Seems like a good guy overall, maybe too good for this world.
One solution might be to gather them all up and send them to another planet were they can live as they please without bothering the good ones - and some might suggest that this is exactly what they did and here we are :)
Has been tried before, they started with telephone sanitizers, hairdressers, and advertising account executives
Sounds like we're the bad ones here.
It’s worth noting that the “zip bomb” was at a resource location specified in the Disallow section of robots.txt, meaning the server specifically told the bot not to go there and it did anyway.
(Not that the parent commenter seems confused, just that it hadn’t been noted.)
2. Some kind of rate limiter is becoming essential for servers. Scanning/probing is worse than rude but there's plenty of obnoxious out there.
Fail2ban can easily be configured to handle simple login or vulnerability scans.
If there's not something similar for web servers, it wouldn't be hard to write one. Anyone know of fail2ban or rate-limiters for webservers?
FWIF if you are looking for a decent alternative take a look at ModSecurity project by OWASP.
SSL added and removed here :)
My main problem with it is that we put all websites behind a single point of failure. One with large corporate interests. It is the antithesis of the free and open web.
Also I dislike it from a technical standpoint. It makes response times from the server much worse. And I spend a lot of time improving the performance of my sites, to throw that all away because I’m afraid of hackers seems like the wrong solution to me personally.
I run a similar audio-heavy site [1] that's reached the front page of HN, also behind Cloudflare - the traffic spiking to terabytes a day is a bit of a shock at first but if everything's configured properly CF works well
> myNoise is now running on a Virtual Private Server (VPS) hosted at One, with audio assets served via a CDN through Cloudflare ...
Also, sharks weren't made by ethically-questionable hackers.
I don't see why you need to dismiss this person's legitimate trauma, seems awfully boorish of you to do so.
You don't know that.
Casual racism and bigotry are common, "You probably need to calm down a bit" is dismissive and condescending.
Exploit scanners are common, they are not someone attacking you personally.
I'd be surprised if the mass download and the exploit scanner were even related. Much more likely they weren't and somebody just messed up some bot they were building and fetched everything in a loop.
It's annoying, yes, but it's not personal. Nobody is attacking him personally. Feeding into that understanding of the situation isn't helpful, just like you shouldn't encourage people who believe they are the victims of gang stalking because they've seen 5 red cars this morning.
The author seems to be taking it a bit personally but they don't seem to be implying an attack targeted to them exclusively as much as an attack that they experienced personally but it could be either i suppose.
The blog post was, "this is a thing that happened, followed by another thing i think was related, i am upset, here is why"
Your response was "this is common, suck it up"
The post itself doesn't mention any sort of persecution or targeted attack.
What you said was dismissive and condescending, being technically correct about things that are unrelated doesn't negate that.
The author definitely saw it as a targeted attack that, when it failed, caused the attacker to switch tactics to intentionally cause harm.
And it's not "this is common, suck it up", it's "this is common, it's not about you personally, nobody is out to get YOU". It's like when you first receive spam mails and didn't know what that was. It's easy to think it's just someone messing with you, trying to annoy you. But it's really not, it's lots of people sending out millions of messages, and some of those finding their way into your mailbox.
It helps classify what happens. It's a very different situation when your car has been keyed and you know that it happened to every car on your street (super likely to be random vandalism) vs that is happened to only your car (much more likely that somebody is out to get you). Your behavior changes in response to whether something is random vs intentional.
That's why it's important to help people understand when things aren't intentional (as in "they targeted _that_ website specifically" vs "they target all the sites, and today their scanner arrived at domains starting with myno"; of course they still intentionally ran that script).
Saying "someone or something" is generic and also accurate it doesn't explicitly imply a specific person or targeting, though I'll concede it could be interpreted that way.
As interesting a side conversation as this is it isn't my original point.
As i said in my original reply:
> It being common doesn't mean it's OK, it also doesn't mean people aren't allowed to be upset by it.
> "You probably need to calm down a bit" is dismissive and condescending.
It's entirely possible to explain context to someone without being dismissive of their feelings on the subject.
Where?
The latest app redesign has been fantastic.
It's worth a small donation just to get access to the huge library he built.
Note that the vast majority of his content is stuff he, personally, recorded on site, mixed, and sliced into equalizer bands. That includes an Irish coastline, an underground waterway, and several forests.
As for denial of service issues, because it's free I've mostly hidden behind cloudflare in the hope of not having to personally deal with those kinds of issues on my own stuff.
It's always annoying to me the hacker attitude of "it's your fault if I can break your stuff. You should have implemented it better". Well, I can break your windows, your door, your body and it wouldn't be an excuse that it's your fault because it's possible. Still, I know it's impossible to get rid of the assholes so ...
I’m a big guy, 6’3’’ 260, multiple Ironman, sport, climbing, lifting and hunting brush with a bit of combat training over the years. Most people in my life I imagine I could kill with my bare hands. But I don’t, because like you said that isn’t how life works.
Yet people apply it to anything they want recklessly. Cars, phones, or like above peoples projects. I wonder how they would feel if I beat the shit out of them and laughed, telling them their mom should have fucked someone bigger.
Anyway, I agree it sucks.
We are nothing more than temporary meatbags, fragilely broken. Take care of yourself, each other.
¢¢
People refer to this as having "no choice", assuming most people understand "standing there and watching them repeatedly stab my infant with a fork" is not a choice anyone would make. It's an idiom.
Thank you.
Thank you for using your brain.
Tip: bare-handed, watch out for teeth — the will to live is strong.
You don't, not because you are such a great guy, but because society's protection of physical systems is rigorous through thousands (millions?) of years of evolution. If you assault someone in the modern day, you will probably get thrown in jail or you will get shot.
Our information systems (such as the internet) are systemically weak. They are poorly designed and have not gone through the same evolution. I think it is good to exploit these weak information systems so that they can evolve.
Weird.
And polar opposite from what he said.
It's not weird it's just uncomfortable for you to grapple with directly, that discomfort being a product of the same evolutionary pressure.
What I'm saying doesn't oppose what they're saying. That poster was just boasting about his ability to kill others, re-framed in a way to suit slave morality and make himself look like a "good" person.
Based on my understanding, Genghis Khan was himself a lawful force…just not the same laws as other groups. I believe this followed the usual pattern of human history: in-group gets favourable laws, while out-groups get their own laws ignored whilst unfavourable laws are pressed upon them.
Perhaps you meant the natural human capacity for violence? If so, it is a non-sequitur to suggest that only laws provide an evolutionary pressure against this.
The laws are put in place for the small minority that are not good people.
It's good to know that modern laws are a deterrent for you.
When you hook up a weak information system to a global network where anyone can interact with it, and someone finds a way to break it, perhaps it is worth looking into the systemic weaknesses instead of getting angry about a given attacker.
Seems to me, a vandal has learned how their less than worthy craft is done virtually.
A few years back someone set fire to our land and our home just to see what it would look like on fire.
Vast destruction, hundreds of hectares reduced to ash, wildlife displaced, us displaced, thousands of man-hours of firefighter time used, millions of euro of aviation costs for firefighting aircraft, years of rebuilding now behind us, years of restoring the land ahead of us.
The individuals concerned faced no consequences, as extradition was refused, and our insurer refused coverage as they don’t cover arson.
This is just the way things are. Some people just want to watch the world burn, and there’s nothing you can do about it.
mnky9800n•7mo ago