Twitter DoS and single points of failure

Twitter went down today at the hand of a denial of service attack (alongside Facebook and Livejournal; the latter has also reported an attack). In the old days, you’d shrug it off and go and look at something else. Today, Twitter is such an integral part of the landscape, and some people’s businesses, that it made BBC News and was commented on all over the Internet.

The headlines are highly strung to say the least:

The stress of it all made TechCrunch come over all Mr Humphries:

Meanwhile, away from the hilarity, Dave Winer’s developing rssCloud and people are beginning to talk about The only model that makes sense is a distributed one: it’s a fundamentally harder problem to bring down a decentralized network, because there isn’t a single point of failure. So far, for example, DNS has remained pretty robust. As regular readers will know, I strongly believe there are very solid business and development reasons for going decentralized, too.

The web is becoming social, and those conversations are becoming more and more important. A malicious user or group shouldn’t be able to take down our conversation platform – or have the ability to dictate its direction. It’s time to think about a better way to build the social web.

9 responses to “Twitter DoS and single points of failure”

  1. Wave.

    if FB, Twitter, livejournal (maybe?) build on the Wave *protocol* then we not only get decentralisation, but also interoperability.

    that’s why google opensourced it, because it’s too big an idea for one company to take responsibility for. quite rightly so, when taking into account identity management, digital rights, content ownership etc..

    mark my words! 🙂

  2. There’s no question we need a layer underneath Twitter – to support public micro-messaging as a medium. There’s also the PubSubHubBub stuff. No one has services that have been proven yet to scale to the network-grade capacity we will need as this medium grows. It’s a tough problem but not one that can’t be solved (e.g. telecoms and financial services have network-grade systems).

    This medium has the potential as most accessible, participatory public medium in history. What underpins it needs to support that and be held in the interests of the people that use it. While I love the initial efforts of the, SMOB, OpenMicroBlogging, and PubSubHubbub folks – I’d love a more weighty, dedicated effort that came to this from the perspective of it as a public medium.

    And really, what better investment could their be for public benefit? With what little has gone into Twitter we’ve seen some incredible impacts in reporting, transparency, and disaster response. If the state department is willing to ask Twitter to stay live and treat it effectively like an essential public infrastructure, why wouldn’t a couple of leading foundations (Knight, Shuttleworth, for example) step up and support this. It would undoubtedly be the best ‘investment’ in public benefit they could ever make.

  3. Have you had a look at where people are taking web hooks? Beyond the push content concept inPubSubHubbub to distributed loosely coupled applications which act on information and call other applications.

    For a social network application all I need is for my callback/publisher url to be my openID server and we have some protocols around privacy e.g many to many encryption so I don’t need to trust intermediate hubs, and hope someone funds commodity hubs to handle the traffic.

  4. We are working with Jaikuengine team and also pubsubhubbub team to bring a functionality where user’s tweets can flow into and also users xPressions from move to twitter or subscribed to any system. We are using pubsubhubbub to speed up the ATOM and RSS feeds.

    We are running this on Cloud (Google Appengine) Our aim is to build open, decentralized microblogging system.

    Any suggested use cases to buid more open, federated system?

    Srini Vemula

  5. I’ve been trying to encapsulate the argument for this issue, because a decent phrase can make the difference in a discussion. I’ve come down to this.

    The best defense against Distributed Denial of Service is Distributed Delivery of Service.

    The web of services can be resilient in ways that no single site can.

Leave a Reply

Your email address will not be published. Required fields are marked *