Who has a DDOS attack story they want to share ? Dyn put up the good fight today... DDOS attacks can be incredibly difficult to deal with ... Internet of Things devices makes this an even more complicated situation. Outside of calling Prolexic, any vets have some good stories ?

I just found a new WhatsApp Crash Exploit. Full denial of service right there. An attacker could send a message to a Chat (be it private Chat or group Chat) and everyone who receives the message has no chance of starting WhatsApp again. It crashes and won't restart.
Tested on latest version on Samsung Galaxy S6 and S8. Don't know if it works on other versions but I am pretty sure it does. (It's midnight here, noone online to test)

The fun thing is, I knew this Bug for a long time but when I last tested it, nothing happened. Which means this Crash is only possible because someone at WhatsApp programmed a new Feature...

Old unused military satellite to make international calls free. Local tv station to leak episodes. 4500 hosts zombie net with autoreplicant bots that scans for vulnerability to populate the net to do distributed denial of service attacks. Jumper on the neighborhood cabin to redirect the school's call for being absent, an older friend pretended to be my father.

Oooh I have quite a few,
My favourite: accidently left a log. Debug("bollocks") in a try catch this made it through testing and does (still) occasionally go into production log files.

Worst: wrote an interceptor for jboss with the intent of checking cache for some lookup data. I picked the wrong one of two similarly named methods and instead queried the database, I effectively wrote a denial of service utility into our app

I once had to write an http interceptor for a distributed api. The interceptor needed to use the request context and the user profile to work out if a particular type of content had previously been accessed. Anyway there were two methods to get the user profile getUserC and getUserD, turns out C stood for cache D stood for database. Of course I called getUserD I effectively wrote a database distributed denial of service tool into our app 😬 we got a call from our customer complaining that their exadata servers where grinding to a complete halt