• January DDoS Attack: SourceHut and Codeberg faced a DDoS attack in January, making the author worry about the future of small, independent Internet services not relying on large hosting providers. DDoS attacks involve attackers controlling multiple computers to send traffic to target servers, knocking them offline.
• Impact on Small Services: If a service is attacked, it has to seek shelter behind a large enterprise with the resources to absorb the attack. Bigger attacks require larger providers, and some providers have economies of scale for DDoS protection while others charge exorbitantly.
• Big Cloud Providers: The heads of big cloud providers are not elected, and their terms of service are not written by the people. The only real mitigation against DDoS attacks is to hide behind a big expensive server run by these providers.
• Using Cloudflare/Akamai/Fastly: These providers use proprietary algorithms to differentiate "good" and "bad" traffic and drop "bad" traffic and block senders. But false-positives are common and can have devasting consequences, and we don't know the false-positive rates.
• Current Solutions: There is no clear solution for DDoS attacks. Some proposed solutions like forcing clients to do proof-of-work or DDoS Open Threat Signaling (DOTS) have drawbacks. An off-the-cuff solution might be an extension to DOTS to set max flow rates.
• Alternative Anti-DDoS Companies: After an edit, some smaller alternative anti-DDoS companies were provided such as Voxility, Path.net, Reblaze, and Deflect. SCION is also mentioned as a project with DDoS mitigation in its design.