Because Human Nature Often Leads Us To Ignore These Things--

[caras_galadhon]

Hopefully everyone is heeding the little blue banner warning plastered across LJ pages today that says: "There is currently an attack which will attempt to mislead you into providing your username & password to a third party. More detailsPlease do follow the "More details" link, which explains the nature of the attack, and how it manifests itself.

Comments

[alex_quine]

I'd spotted this warning and clicked on it to have a look. I know that if I have my attention on something else I may do stuff on autopilot and I need to make myself stop and think twice when things pop up. Hopefully I'm developing the necessary degree of online suspicion, but having to be suspicious annoys me too! Grrr! Thanks for the extra nudge.

[caras_galadhon]

Yeah, especially when the URL displayed is so very close to the real one, it's easy to read it wrong, and then BAM, instant phishing. *sigh* (A good rule of thumb, at least with LJ, is that it will never ask you for your password in a popup. ^_^)

My pleasure! I talked to at least one person today who had been on LJ but had completely missed the warning, so it seemed like a good idea to underline it a little. *G*

[chelseagirl]

Hey, do you know of an archive or just good posts/sources on the POS attacks on LJ? I'm doing a course on global censorship in the spring and want to include LJ along with more obvious/popular targets, especially since the attacks are specifically Russia-focused.

[caras_galadhon]

I think I'm being a little dense here, but I'm failing to parse POS correctly. Do you mean DOS, or am I missing the vital first word in what I'm assuming is "[something] of service attack"?

(Which is to say yeah, I think I can rustle up some links, but I want to make sure I'm looking for the right thing for you first.)

[chelseagirl]

Isn't that what people have been calling it? Apparently I'm the dense one as I am not tremendously knowledgeable about internet terms.

[caras_galadhon]

I'm familiar with it as as "Distributed Denial of Service attack," or a "Denial of Service attack"? But that doesn't mean it doesn't go by POS too, mind you. Anyway, either way, the point is to get you sources on what's up. ^_^

I don't have an archive of info on the attacks, but there are numerous news articles about this one (and previous ones), if that works?

- Russian bloggers fume over pre-election cyber attacks - A general overview, plus a quick reference to April's attacks

- Russian voters in the dark as cyber attack hits blog - Information on the importance of the recent vote, and how this relates to LJ being attacked.

- Russia: Election Day DDoS-alypse - Has a timeline of the heaviest part of this most recent attack, including other sites targeted.

- Critical websites hacked, down on election day - Some (unsupported) conjecture on what triggered the attack.

- Kremlin accused of crackdown on Russians' access to western media - Exactly what it sounds like: an article laying the DDoS directly on the Kremlin's doorstep

[roh_wyn]

I saw the warning last night, and am now properly warned. But it's true that these things are easy to ignore, so thanks for the heads-up.

[caras_galadhon]

It's so easy to just let one's eyes glide over these things, I find. ^_^ My pleasure!