Canonical partners with organizations like the U.S. Air Force (USAF) and Platform One to provide secure software and AI/ML capabilities. They have an entire DOD team.
Almost certainly a target of opportunity. The UK has really made a point of staying out of this fight, but is also seen as a close ally of the US. Perhaps the calculus is:
- Iran was able to attack Ubuntu.com
- Iran sees it in its interests to stress the UK / US relationship (albeit in a small way)
UK has been trying to thread the needle of staying out of what is obviously a complete cluster** of a war while also not annoying the US too much, but US bombers are taking off from air force bases in the UK to bomb Iran all the time.
Because of that and the general ingrained hostility of the permanent UK security state to Iran, they view us as a legitimate target albeit not a particularly important one because we’re just not that powerful anymore
An actual answer because all you've received so far is complete nonsense: because they want press attention as they're using these attacks to advertise their DDoS-as-a-Service tool. Literally every single statement they release (on Telegram) includes text saying that their attacks are "100% powered by $websiteEndingWithDotSu".
They also attacked the likes of Vrbo, Expedia and eBay, but they get more press by targeting Mastodon, Bluesky, Ubuntu and the likes, so they go after those now. People are desperately trying to somehow tie those victims to some ideological nonsense, but it's just advertising.
It's a well(ish) known org with well known product, and they seem to have been vulnerable. If they had attacked a deli in Newark, would we be having this conversation?
I'm not sure dismissing the people who invented the term "checkmate" as a bunch of irrational terrorists really works. They stared down Saddam Hussein, so how hard can it be to stare down Donald Trump?
Bombing Iran is like nuking an asteroid. Now, instead of one giant asteroid on a collision course with Earth, there are a half-dozen medium-sized radioactive asteroids on a collision course with Earth.
Canonical is a UK company, so its a symbolic attack against a Western agent. Ubuntu is used by a lot of tech companies so they knew this attack would get a lot of visibility in the tech community. I'm assuming they think this will garner support from the tech community as well.
Still it feels quite odd that from all western tech companies (and several more influential than Canonical) they chose precisely one that is highly involved with open source
You should have seen so many lies about Iran by now to justify the neocolonial war against them: so why do you assume every time some newly reported "fact" about them to be true? Rather, you should assume the opposite.
Its so weird to have this stone age regime have such modern attack vectors, i guess the survival hunger games of rhe sanctions tought them this lesson.
Bluesky and mastodon both strike me as easy targets, they expose protocol level integration points that are probably reasonably expensive to serve and reasonably difficult to detect malicious actors on and/or throttle without significantly degrading the service.
I could see low budget attackers deciding that they were the most (not very much) bang for the (also not very much) buck that they could get...
Ubuntu.com doesn't fit that narrative though. I would have thought canonical would have the servers and skill to weather quite a large attack (on the other hand it did go down...)
That's just because everybody is checking if it is down.
I bet a fair number of websites would collapse under the curiosity load if it were published in major news outlets they they were down. When was the last time you went to nissan.com? But you'd probably go check if you heard it was down.
> Why the group is targeting London-based Canonical remains unclear and no reason was given via its Telegram channel. It is presumably because Ubuntu is one of the most popular Linux distros.
Okay... so? I do not understand the connection between Linux and the US/Israel. You'd think Iran would be very pro-Linux since Windows is a very obvious liability for them.
Is there any reason to believe this attack even has anything to do with Iran? They could simply want money and they just happen to also be pro-Iran.
Systemd was NOT Canonical’s “fault”. They pushed upstart until Debian chose systemd, at that point it made no sense to resist assimilation like all other distros.
It's not Linux, it's Ubuntu. Which is developed by Canonical. Which is a military contractor that has a permanent DoD team and works with the USAF. Which is bombing their country.
> I do not understand the connection between Linux and the US/Israel. You'd think Iran would be very pro-Linux since Windows is a very obvious liability for them
Canonical is a British company and the employees are westerners. That makes them targets in the eyes of Iran.
People are forgetting that the Iranian government detests Israel and the entirety of the West. The core principal of the revolution is reversing westoxification (Gharbzadegi) and returning to the norms of the Imam Husayn (Velayat-e Faghih). That's the whole crux of the Islamic Revolution and why the Islamic Revolutionary Guard Corp (IRGC) exists.
Open source and anti-war westerners are viewed opportunistically but with disdain.
Does anyone know why Ubuntu would be targeted by pro-Iranian activists? I'm perplexed by the connection.
Canonical partners with organizations like the U.S. Air Force (USAF) and Platform One to provide secure software and AI/ML capabilities. They have an entire DOD team.
I can't find much info about that (especially with their website down). Is Canonical's work with the DOD more like Raytheon or Pizza Hut?
Raytheon: providing products specifically for the DOD
Pizza Hut: selling their usual product to the DOD
Almost certainly a target of opportunity. The UK has really made a point of staying out of this fight, but is also seen as a close ally of the US. Perhaps the calculus is:
- Iran was able to attack Ubuntu.com
- Iran sees it in its interests to stress the UK / US relationship (albeit in a small way)
UK has been trying to thread the needle of staying out of what is obviously a complete cluster** of a war while also not annoying the US too much, but US bombers are taking off from air force bases in the UK to bomb Iran all the time.
Because of that and the general ingrained hostility of the permanent UK security state to Iran, they view us as a legitimate target albeit not a particularly important one because we’re just not that powerful anymore
Why would Ubuntu problems cause stress in the US/UK relationship?
2 replies →
An actual answer because all you've received so far is complete nonsense: because they want press attention as they're using these attacks to advertise their DDoS-as-a-Service tool. Literally every single statement they release (on Telegram) includes text saying that their attacks are "100% powered by $websiteEndingWithDotSu".
They also attacked the likes of Vrbo, Expedia and eBay, but they get more press by targeting Mastodon, Bluesky, Ubuntu and the likes, so they go after those now. People are desperately trying to somehow tie those victims to some ideological nonsense, but it's just advertising.
It's a well(ish) known org with well known product, and they seem to have been vulnerable. If they had attacked a deli in Newark, would we be having this conversation?
Canonical literally has a DOD team. They are a military contractor
They work with US military.
Terrorists will generally target anything of opportunity.
It was also perplexing when Iran was shooting missiles at their allies, until you realize they aren't rational humans.
> they aren't rational humans.
Would you be able to point to any rational humans?
3 replies →
Which allies are you talking about? Gulf nations with US bases actively being used to kill their children?
2 replies →
I'm not sure dismissing the people who invented the term "checkmate" as a bunch of irrational terrorists really works. They stared down Saddam Hussein, so how hard can it be to stare down Donald Trump?
Bombing Iran is like nuking an asteroid. Now, instead of one giant asteroid on a collision course with Earth, there are a half-dozen medium-sized radioactive asteroids on a collision course with Earth.
Canonical is a UK company, so its a symbolic attack against a Western agent. Ubuntu is used by a lot of tech companies so they knew this attack would get a lot of visibility in the tech community. I'm assuming they think this will garner support from the tech community as well.
Exactly as described in "how to win friends and influence people". Break their stuff and extort money.
> I'm assuming they think this will garner support from the tech community as well.
I don't understand their thinking if this is the case. DDoSing widely used project is going to turn people against you, not generate support.
Still it feels quite odd that from all western tech companies (and several more influential than Canonical) they chose precisely one that is highly involved with open source
4 replies →
[flagged]
You should have seen so many lies about Iran by now to justify the neocolonial war against them: so why do you assume every time some newly reported "fact" about them to be true? Rather, you should assume the opposite.
There is such a thing as being too open-minded to form an accurate perception of reality.
2 replies →
Its so weird to have this stone age regime have such modern attack vectors, i guess the survival hunger games of rhe sanctions tought them this lesson.
Sounds like they're picking on easy targets rather than relevant ones. Lame.
Ubuntu.com seems to be fine right now. A bit slow, maybe. Ubuntu 26.04.LTS is out.
313 Team runs arch btw
I'd have guessed Mint.
Related:
Canonical/Ubuntu have been under DDoS for more than 15h
https://news.ycombinator.com/item?id=47972213
That says resolved, but I had a hell of a time trying to run apt update still...
This is really a weird target, as the article notes. Bluesky and Mastodon (?!) also had alleged attacks.
The companies that fund Trump's ballroom might like these targets.
Bluesky and mastodon both strike me as easy targets, they expose protocol level integration points that are probably reasonably expensive to serve and reasonably difficult to detect malicious actors on and/or throttle without significantly degrading the service.
I could see low budget attackers deciding that they were the most (not very much) bang for the (also not very much) buck that they could get...
Ubuntu.com doesn't fit that narrative though. I would have thought canonical would have the servers and skill to weather quite a large attack (on the other hand it did go down...)
... but https://ubuntu.com/ is up?
Been down most of the day for me, as well as a bunch of related domains. Canonical's status page has them linked
Not for me, I'm not getting any response from it.
Loads for me, but not particularly quickly
It's loading, but very slowly.
That's just because everybody is checking if it is down.
I bet a fair number of websites would collapse under the curiosity load if it were published in major news outlets they they were down. When was the last time you went to nissan.com? But you'd probably go check if you heard it was down.
Not loading for me right now.
dead here
just now:
Tangent, but I hate snap with the fury of a thousand suns. That single handedly pushed me to pop, then mint.
> Why the group is targeting London-based Canonical remains unclear and no reason was given via its Telegram channel. It is presumably because Ubuntu is one of the most popular Linux distros.
Okay... so? I do not understand the connection between Linux and the US/Israel. You'd think Iran would be very pro-Linux since Windows is a very obvious liability for them.
Is there any reason to believe this attack even has anything to do with Iran? They could simply want money and they just happen to also be pro-Iran.
Maybe they're still mad about systemd.
Systemd was NOT Canonical’s “fault”. They pushed upstart until Debian chose systemd, at that point it made no sense to resist assimilation like all other distros.
It's not Linux, it's Ubuntu. Which is developed by Canonical. Which is a military contractor that has a permanent DoD team and works with the USAF. Which is bombing their country.
> I do not understand the connection between Linux and the US/Israel. You'd think Iran would be very pro-Linux since Windows is a very obvious liability for them
Canonical is a British company and the employees are westerners. That makes them targets in the eyes of Iran.
People are forgetting that the Iranian government detests Israel and the entirety of the West. The core principal of the revolution is reversing westoxification (Gharbzadegi) and returning to the norms of the Imam Husayn (Velayat-e Faghih). That's the whole crux of the Islamic Revolution and why the Islamic Revolutionary Guard Corp (IRGC) exists.
Open source and anti-war westerners are viewed opportunistically but with disdain.
[dead]