WingNews logo WingNews
top | item 36555643

(no title)

avl999 | 2 years ago

I am not disagreeing with you but self-ddos is not entirely uncommon. When I worked at Amazon this would happen a few times a year. Not on the main amazon.com website but on supporting services often initiated by but not limited to kindle devices. Having something like this slip through the cracks of even experienced engineers isn't uncommon.

discuss

order

lamontcg|2 years ago

Yeah it happened when I worked at Amazon as well. I also more recently worked pretty closely with people at Facebook and knew something about the issues they would occasionally have (which didn't match what the headline speculations were at all). But twitter is repeatedly having these kinds of issues.

dcunit3d|2 years ago

I tried to point this out below. It's not even a DDoS, it's fake news.

https://news.ycombinator.com/item?id=36561808

it's a 429 error, so the developer who posted this is an idiot. they're not even wrong. the 429 doesn't even touch twitter's infrastructure. the HTTPS TLS terminates at a Google VM, which gets relayed depending on the VIP used to hit it, but the traffic never gets past that Google VM. This is literally /HOW/ companies deal with DDOS.

https://blog.twitter.com/engineering/en_us/topics/infrastruc...

it's unbelievable that my median salary for the past decade is $3,000 after several years of "Startup" followed by "How to Start a Reboot of My Life"

fdsa

Tade0|2 years ago

But in such cases surely there's some kind of rate limiter in place?

I mean, if I'm reading that screenshot correctly this is 700+ requests a minute.

I've tripped the rate limiter with less on other sites.

avl999|2 years ago

> But in such cases surely there's some kind of rate limiter in place?

Not really, our team maintained a reverse-proxy that fronted all requests that came into amazon. And whenever we would have a self-ddos event, we'd get a request from the backend team whose service was getting self-ddos'd to shed traffic before it reached their service hosts to prevent it from browning out. In many case ddos's were coming from kindle devices which were not even easy to update so deploying a "fix" wasn't even always an option.