How Cloudflare blocked a monumental 7.3 Tbps DDoS attack

Dodgy IoT devices will be the end of us all.

It's wild to think with the proliferation of 1gbps fiber internet, even a modern pi board or old desktop is a potential 1gbps bot host.

When your IP is found to have been part of a botnet, I think ISPs should just limit you to like 20Mbps for at least a year, so you think twice about buying that 10$ wifi baby monitor next time.

That's quite harsh. Good thing you're not in charge of making decisions.

When you get caught speeding on the road or being a nuisance otherwise you can and will get punished by the courts, including temporary restrictions on your driver license. When you money mule for others, even if you don't know that you actually fell victim to a scam, you get punished as well. When you litter in Singapore, you can get ordered to work community service.

I see no issue in handing out similar punishments in the digital space. The Internet is a shared medium, everyone who connects to it has a responsibility to not be a nuisance to others.

On the road you could have killed someone. Your 20$ baby monitor bought from an authorized store you know... whatever happens, it's not gonna kill anyone very directly ...

The main ingredient of crime is intent, whatever you say. A smaller ingredient can be recklessness, but maybe it's the ISPs sending all those millions of empty packets to a single server that should start feeling some heat ?

> Your 20$ baby monitor bought from an authorized store you know... whatever happens, it's not gonna kill anyone very directly ...

Yeah, not kill, but participating in a DDoS against a heavily frequented commercial site that makes hundreds of thousands of dollars of revenue a minute, that's still some substantial damage.

In the end it should boil down to the ability of holding the seller of the product with security issues accountable for the damages, and the seller in turn can hold the manufacturer accountable. Maybe that will lead to some substantial change.