Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Ubuntu servers taken offline by "sustained, cross-border attack"(arstechnica.com)
76 points by RattlesnakeJake 3 hours ago | 13 comments
sdoering 2 hours ago | parent | next [-]

Dupe. More comments here: https://news.ycombinator.com/item?id=47972213

strenholme 2 hours ago | parent | prev | next [-]

Maybe they’re trying to block access to this URL: https://ubuntu.com/security/CVE-2026-31431

To address that, here is how to disable that local root access in Ubuntu 24.04:

https://news.ycombinator.com/item?id=47957409

306bobby an hour ago | parent [-]

Well at least for now that page loads for me

tcp_handshaker 3 hours ago | parent | prev | next [-]

It seems Ubuntu infra is hosted at cloud provider? All have the mechanisms to protect from these types of attacks. Is this an architecure design failure?

loloquwowndueo 2 hours ago | parent | next [-]

Which cloud provider? Unless things have changed, Canonical runs their own servers by leasing racks in data centres. Since one of their main offerings is managed Openstack, they favor running things on their in-house openstack deployment instead of using a public cloud (AWS etc).

esseph 3 hours ago | parent | prev [-]

If the DDoS is from residential proxies and high volume it becomes a real problem to shut down.

_DeadFred_ 3 hours ago | parent | prev | next [-]

dupe https://news.ycombinator.com/item?id=47975729

tonymet 2 hours ago | parent | prev | next [-]

When asked for ransom terms, the attackers said, “no more systemd”

throw1234567891 33 minutes ago | parent | next [-]

Systemd is fine. Maybe you mean “no more snaps”.

2ndorderthought 32 minutes ago | parent | prev [-]

I'm scratching my head on this one too. What is there to even gain? Kids these days

scorpioxy 3 hours ago | parent | prev [-]

cross-border attack? The internet doesn't have borders. The title of the article has nothing to do with the title submitted here.

edit: I should probably add more context as some commenters didn't understand. The DDOS attack is likely coming from compromised IoT devices. Most, if not all, of the big ones in the last few years(decades?) were that. Unless all the devices are located within a specific country and non are within the US then I think it is silly to use that term to imply that this is some sort of war from across the border. The reporting is fine for what they know so far, the submitted title is not.

nomel 3 hours ago | parent | next [-]

> The internet doesn't have borders.

The overwhelming majority of internet connected devices have an internet connection that's physically connected, for 99.9??% of the distance, with wires or fiber cables, to every other user in the world, with a very nearby wireless hop at the ends. If the cables weren't so fragile, you could pull on your wifi AP and they would see their wifi AP (or maybe nearby cell tower) move.

The tiny fraction of the rest is passed by shining RF transmitters to some distant receiver, separated by some physical distance, to some base station sitting on the ground within a border.

dirasieb 3 hours ago | parent | prev [-]

the real world (the place where ubuntu servers are hosted) does have borders, singing kumbaya won’t stop terrorists from attacking western infrastructure

also, “cross-border attack” is a direct quotation from canonical by ars technica, take it up with them