Since I am a student on summer break until next week, I have way too much time on my hands, and I like numbers (famous last words) so I did some analysis of modular systems attack on iheartanime.com.
I think the amount of data involved has been understated in many discussions I've seen so far, so I'll show my work, but long story short: 4.2 terrabytes of data transfer are involved with this attack (2.1 tb up and 2.1 tb down). I used the screen cap from the following URL to find exactly what was downloaded every time somebody logged in with the emerald viewer during this attack: http://alphavilleherald.com/images/2010/08/modular-bing.jpg I used Google Chrome's inspect element feature to find the sizes of the files downloaded (right click, inspect element - resources - size). This is what I came up with: http://iheartanime.com/griffblog.php?article=omnomnomnomnom 163.20k times 20 loads is 3264k http://iheartanime.com/images/emerald-explore-sounds.png 50.03k http://iheartanime.com/images/emerald-windows-disclosure.png 55.09kb http://iheartanime.com/images/emerald-mac-disclosure.png 66.90kb http://iheartanime.com/images/emerald-linux-disclosure.png 67.32kb http://iheartanime.com/images/imgsearch-v0.0.2.png 152.37k http://iheartanime.com/images/FRIENDLY%20GREETINGS.jpg 77.32k http://iheartanime.com/images/inertia-test.jpg 113.51k http://iheartanime.com/images/inertia-login.jpg ` 25.78k http://iheartanime.com/images/inuyertia.jpg 153.68k http://iheartanime.com/images/neillife.jpg 102.22k http://iheartanime.com/images/background-v2.png 130.64k http://iheartanime.com/images/background.png 77.40k Total size: 4336.26kb, or 4.33626mb per emerald login. According to the alphaville herald article, "Gazov told the Herald he saw 16,541,673 page hits referred by the Emerald login pages over three days". I'm sure he has the server logs to back him up, so lets see what happens if we take him at his word (which I would do, as he seems pretty honest to me). link: http://alphavilleherald.com/2010/08/emerald-viewer-login-screen-sneak-ddos-attack.html I count 32 page hits per login, so we divide 16541673 by 32 to get the number of emerald logins during the attack. 16541673 hits / 32 page loads = 516927.28125 logins from emerald Since it's not an even number, Hazim's numbers must be off a bit. That is no surprise, since his server was under such strain. Lets round it up to 516928 logins from emerald during the attack. 510678 logins during the attack * 4.33626mb requested per login = 2214432.58428mb requested from iheartanime.com I used an online calculator at the following link to translate that into terrabytes: http://www.matisse.net/bitcalc/ It works out to 2.11184748104095 Terrabytes of bandwidth stolen from Hazim in 3 days! As we all know, this bandwidth was not just stolen from Hazim. It was also stolen from Emerald users, so if we multiply that by two we get a grand total of 4.22369496154786 terrabyts stolen in three days. To make this more concrete, that's over 4.2 tb of transfer. If you'll pardon the archaic reference, the library of congress, if compressed, could fit into 4.2 tb almost two times. That's a lot of data. Citation for LOC measurement: http://bit.ly/9TRWUX The crazy part is that modular systems shows absolutely no remorse at all for stealing Hazim's bandwidth. Most hosts give unlimited bandwidth, but some do not. If, for example, his hosting was at nextpoint.net, their hosting plans all come with 2000gb of transfer, so he would have gone over by 162.53182058594gb. They charge $4.50 per gb for overage, so that would have worked out to $731.39 in damages to Hazim, not counting his regular traffic. Aren't there laws against this kind of thing? Nextpoint.net reference: http://www.nexpoint.net/support/policies/billing.cfm Video of the emerald team talking about how ridiculous it would be to apologize to Hazim, among other things: http://www.youtube.com/watch?v=rwmVj9u7C3U Somebody in the video (I'm assuming the person is Arabella Steadham) said, "I'm not going to apologize to Hazim, I mean, why would I?," as others agree that they could care less about him. They also said that their users take their account names and passwords too seriously. I don't see how the third party directory can retain any respectability at all if they don't remove Emerald. I'd be happy if each and every member of Modular Systems was banned from SL, but I know there are politics involved, so that probably won't happen. Anyway, I'm sorry if I distracted this list from more important things going on with snowstorm. Given the discussion going on in this thread, I thought some people on this list might find these numbers interesting. I can't wait to see what you guys come up with for snowstorm at the end of the first sprint. Cheers! ~Bubblesort Triskaidekaphobia _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
