Full Disclosure: Re: Ubisoft DDoS

[Rohit Patnaik <quanticle () gmail com>]

Well, we don't know exactly how the servers were configured.  There might
have been some kind of issue with the coding or the configuration of the DRM
servers that wasn't noticed during testing.  After all, these sorts of
big-budget games sell millions of copies in the opening weekend.  Even
simulating that kind of load is an expensive proposition.  There might have
been some issue with the server that only became visible when there were
millions of simultaneous clients all trying to authenticate themselves
simultaneously.  Remember what happened with AT&T's iPhone activation
fiasco?  Who's to say that something similar didn't happen here?

-- Rohit Patnaik

On Tue, Mar 9, 2010 at 3:59 PM, Jan Schejbal <
jan.mailinglisten () googlemail com> wrote:

> Am 09.03.2010 21:11, schrieb James Matthews:
> > I don't see why they didn't just block the attack. It must be more then
> > this.
> If the attack behaved like LOTS of legitimate clients, it might have
> been hard to lock out the bots while not locking out players.
>
> The option that the attack is just made up as an excuse for too few
> resources to support all the players should also not be forgotten,
> although I consider that improbable.
>
> Sincerely,
> Jan
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/