Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Genuinely interested: who the hell pays to DDoS services like Sourcehut and Codeberg? :/


Gitea! /s

In all seriousness though, the reason why services end up under DDoS attacks are wide and sometimes complex.

There is a likelihood that someone is simply upset at these services, or that there was a coordinated effort against source control programs more generally but its only succeeding against these two (that we're aware of), but not say, GitLab / GitHub.

Another example: they may be targeted simply due to traffic and volume, and this is an attempt to "dry run" DDoS techniques that may be used against bigger sites down the road too.

There's alot of room for why these things happen. I've learned that motivations and execution is very wide.


Another reason is hosted content that someone really wants gone from the internet.

Of course the efficacy of attacking a service with lots of content is questionable, but the plan is to put on so much pressure that the service removes the content.


I know of some projects that were on Github and received cease and desist letters. So they moved their project to one of these other repos. It is entirely possible but of course only speculation.


The Venn diagram is of “entities that pay lawyers to send cease and desist letters” and “entities that launch DDoS attacks” is pretty non-overlapping.


You would think so, but then I just read about eBay executives sending cockroaches & spiders, funeral/grieving-related items and a bloody pig mask to a couple that wrote some not-so-positive reviews about that company…

https://www.theguardian.com/technology/2024/jan/11/ebay-fine...


You should be using a phase diagram rather than a venn diagram here. It depends on persistence or tenacity of the adversary. Legal and administrative measures is the first phase. If that fails to deter adversary, non-traditional and perhaps extrajudicial measures can be employed.


Github has already been DDoSed by state actors not willing to see something being distributed, such as anti-censorship tools: https://en.wikipedia.org/wiki/Censorship_of_GitHub#DDoS_atta...

Same state actors might do the same here


HN's provider was DDoSed yesterday [0], I wonder if the popular website being targeted was HN itself. Either way, I do wonder if there is any relation.

[0]: https://news.ycombinator.com/item?id=38939559


Maybe someone who doesn't like Sourcehut or Drew for some reason.


But why also Codeberg?


status.sr.ht (sourcehut's status page) is hosted on codeberg.


More likely Drew. Lol


The Christian calculators are finally biting back.


This is some reference I don't get.


Drew is an antagonistic atheist, which is part of a good handful of reasons he was banned from Omnimaga, a calculator forum.


It would be epic if the DDoS was from a swarm of KnightOS infected calculators. Even more if they were able to do it because Drew made a workable network stack. lol


Subversion hold outs


That is just what RCS-ians want you to think maaaaaan!

tightens tinfoil hat


sourcehut supports svn repositories too doesn't it?


No. Mercurial.


Probably someone seeking a ransom.


Both sites run on donations. That would be trying to squeeze water from a stone.


I think it's true they are not rich but I pay sourcehut for a commercial service not charity.


What if some OSS hosted on one of these sites was compromised, and now that they are offline it will be harder to discover. Perhaps builds or binaries have already been distributed.


Like the infamous Linux kernel backdoor. If BitKeeper had been DDOS'd it would have been harder to detect the difference between the version with the backdoor that "appeared" in CVS.


Cloudflare :^)


You joke, but in the DDoS mitigation service industry it’s not unheard of as a high pressure sales tactic. Packeteering, as a friend called it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: