Blog What we do Support Community
Login Sign up

Turning "I'm Under Attack" into "I'm Doing Some Good"

by John Graham-Cumming.

CloudFlare's I'm Under Attack mode allows our customers to, at the click of a button, tell us that they are experiencing an attack and enable automatic protection. It works by slowing down visits to the web site that's under attack and performing extra work to identify malicious visitors. When enabled, visitors to the site suffering an attack see a web page like this:

Turning

These checks take about 5 seconds to perform, and during that time the visitor's (or attacker's) web browser could be performing other work. Part of the verification takes the form of JavaScript that CloudFlare delivers to the browser. Currently, that JavaScript only performs the verification checks, but it could do more. After the checks the visitor is forwarded on to the web site.

In the past, many distributed computing efforts have harnessed the power of machines across the Internet to do collaborative work. The SETI@Home project looks for extraterrestrial life, Folding@Home looks at protein folding to help research into drugs and diseases, and GIMPS is looking for particular prime numbers. Wikipedia has a long list of such projects.

We think that I'm Under Attack mode version 2.0 could be an "I'm Doing Some Good" mode by including a distributed computation in the JavaScript that's delivered as part of dealing with attacks. The project would need to be able to broken down into chunks that run 5 seconds at a time, and be written in JavaScript. It could be run across all web sites that are under attack and in the browsers of legitimate and attacking users potentially using the resources of evil doers for a good purpose.

The end users wouldn't see any difference from the way I'm Under Attack Mode works today, but a little bit of compute power that's not being used while checks for malicious behavior are made could be put to good use. Put together, many thousands of machines could be working on a distributed computing project without any effort on the part of end users. And without any extra impact on web site owners.

The hard question to answer is... which project?

Rather than come up with our own ideas we'd like to throw this open to the community for suggestions. The best (and most implementable) solution will be picked by CloudFlare and implemented to start turning a bad situation into a good one.

Make suggestions in the comments below.

comments powered by Disqus