Thursday, November 19, 2015

Was Triad City Beat Really Hacked?

Or is Brian Clarey making it all up?

In Triad City Beat's The Weekender: The Hacker Edition,  Brian Clarey posts:

"Our server maintenance crew confirmed a distributed denial of service attack on Monday — just 15 minutes after we broke a big story — that shut down our site for hours. We’ve made upgrades to our system since then to prevent future stoppages, but the question remains: What kind of loser would do such a thing?

The kind of loser who doesn’t read the Weekender, that’s who."

I took a screen grab, Brian.

Now what big story would that be, Brian? I noticed you didn't take the time to tell us what you've written that is so important that anyone would want to go through all the trouble of arranging a "distributed denial of service attack" on your servers.

And then there's the timing. DDS attacks require the use of thousands of 3rd party computers-- 15 minutes doesn't seem like much time to gather thousands of other people's computers and put them to work for you.
Are you feeling like a stupid grandstanding dope, Brian? Don't worry, before you finish reading this you will be. And a moron too.

So I decided to do a few minutes of investigative journalism-- you know, the kind Clarey and Company claim to be trained to do and use a few of the tools easily available to me or anyone else to try and verify Brian's claims. I began by checking to see who owns the domain name Brian will be happy to know it is still his. That is, until the slander and liable suits start coming in because of some of TCBs most recent stunts: 

Are you feeling like a stupid grandstanding dope, Brian? Don't worry, I'm not done yet.

I then went on to find out who Brian and company uses to host their website as Brian and company don't really have an in-house "server maintenance crew."

Wow, Singlehop, that's a cloud server, right Brian? Cloud servers rarely have problems with distributed denial of service attacks, do they Brian? As a matter of fact, here's what Jordan Jacobs, SingleHop’s VP of Products had to say about DDoS attacks in October of 2015:
DDoS mitigation is no longer an optional service. With bandwidth becoming more available and at lower cost, every company, no matter the size, has become a target. The challenge with mitigation is that not only do you need to have the capability, you have to have the needed bandwidth to handle the increase in traffic.”

So Brian are you sure it was a DDoS attack or could it simply have been a case of so much promotion on the part of the Triad City Beat staff in the effort to undermine a certain competitor that you literally contributed to the crashing of your own website? Could it be that a story that you and your staff set out full speed ahead to promote on Wednesday the 11th actually reached critical mass sometime on Monday and exceeded the bandwith you were paying for? Here's your sales dude pitching your story to me on Wednesday the 11th, not Monday the 16th.

When Brian writes, "We’ve made upgrades to our system since then to prevent future stoppages," does he really mean TCB has bought more bandwidth so his hosting company won't shut them down for exceeding their limits?

You see, Brian, I haven't always used free hosting and when I paid for hosting I actually managed to drive up my traffic to the point that I crashed my own site. But I didn't claim to get hacked. If we can't trust TCB to tell us the truth about your own website then what can we trust you to tell us the truth about.

Are you feeling like a stupid grandstanding dope, Brian? I told you, you would.

And folks, this site is hosted for free by Blogger which is owned by Google-- share all you like as it won't cost me or a thing.

Please continue reading  Was Triad City Beat Really Hacked? Part 2