Hey Reddit, I am Dr. Liz Borowsky (), SVP of Intelligent Edge Engineering at Akamai (). My job is to keep the internet running smoothly. Here’s a bit .

Proof:

Before joining Akamai, I worked as an Assistant Professor of Computer Science at Boston College. I’ve written about Distributed Theory, Algorithms, and Distributed Storage. I also won the Edsger W. Dijkstra Prize in Distributed Computing for a paper about why a generalization of the classic distributed consensus problem is impossible. Ask me what that means (or why), or about anything else!

Traffic on the internet this past year reached record levels with much of the world staying at home, engaging in remote work or school, streaming TV and movies (maybe while in remote work or school), and downloading and playing video games. My team is responsible for maintaining the performance and integrity of the , which helps traffic flow smoothly and securely across the internet. A big reason we can do that is because 85% of the world’s population is within one “network hop” of an Akamai server.

Let’s talk about when I helped upgrade the internet to IPv6, why the internet didn’t “break” at the start of the pandemic, keeping ahead of capacity demands, pursuing a career in STEM, quilting, pottery, keeping an aquarium, the perils of trying to “balance it all,” and what happens behind-the-scenes when you stream a movie or game. I’m happy to share insights from my career or answer general questions about how the internet works and where it is headed, or whatever! Ask me anything!

#################

EDIT [12PM ET]: Thanks so much for all of your great questions! Sorry I couldn't get to all of them. I answered as many as I could but have to get back to the day job now. For more on how Akamai is helping to keep the internet running smoothly, check out our blog .

Edit: Thanks for the awards folks, but BUY AMC!

Edit 2: Some folks saying this is foolish DD. If you read it, I make no claims that Citadel is behind this, I simply show that they own debt and point out that folks have a right to be suspicious. The evidence is inconclusive, but there are undeniable connections. We know that many companies have had their debt leveraged by Citadel in destructive ways. I'm sharing what I've found to keep it in perspective and create a foundation to find more evidence. Be curious, not a conspiracy theorist. If you disagree, ok, but it's not a conspiracy theory if there are obvious connections being researched. Showing what something is not is just as important as showing what something is.

Edit 3: Some folks indicating that it's a stretch that this outage was as widespread to brokerages as I make it seem, so here is a single source for the doubters, however, there are other sources: . Importantly, many users were reporting on social media as early as 11:56 that they couldn't use trading applications. If we go back to 11:56am EST, we can see that is approximately when share price started its initial descent. It suggest that there is a negative price action associated with how the darkpool is being used.

So what the fuck happened?

So earlier today, most of us became aware that . This service essentially routes users to Akamai's servers and then routes them back to the origin domain. Sounds stupid, right? Well the point partly is to prevent DDoS (Directed Denial of Service) attacks against a company. This redirect allows Akamai to handle the malicious traffic and allows good traffic to flow through, thus keeping the service online even in the midst of an attack. Initially, no one knew what the fuck was going on -- lots of tinfoil hats going batshit crazy with speculation.

As a software engineer, to temper some of the FUD in this community, which got me called a shill and a criminal. Understandably, it is super fucking annoying for basically anyone who was trading. Akamai is so ubiquitous that it affected almost every brokerage and definitely prevented users who switched to non-PFOF brokerages from logging in to purchase shares (this is important because it is largely believed, based on the available evidence (i.e. darkpool volume, average block size, etc.) the darkpool sources volume from PFOF brokerages and both directs and delays buys.

OK...So what is the fucking connection?

Well, asked an astute, wrinkled-brained fucking question: does shitadel own any of Akamai? I initially thought, probably a little, but did the DD and found this interesting factoid.

CITADEL OWNS 80 MILLION SHARES? That's 45% of AKAMAI???!?! But that's wrong... Let's clear some things up. if you go to their 13-F and SEC filings, you will find that they own around 1M shares or .006% of the company's stock.

But still, where does that 80M number come from? Well, let's have a look at their 13-F. I went to the source of stockzoa and found the SEC filings they're referencing here, and there are not 80M shares. .

Citadel, however, is the second largest holder of AKAMAI TECHNOLOGIES INC NOTE 0.375% 9/0:

Does Citadel broker power over Akamai?

Probably not, but Citadel Advisors is a large holder of Akamai debt. Yahoo! had an interesting article in mid-July indicating that many hedge funds are turning bearish on Akamai, so maybe Citadel could have used this increasing position of influence as a debt holder to broker power.

But is it enough power to pull sway on some fabricated outages that affect numerous companies? I think it's a stretch, but these outages undoubtedly did have an impact on share price today.

SO HOW THE FUCK DOES THE DARKPOOL FIT IN?

Whether Citadel somehow coerced Akamai into fabricating a service outage that affect hundreds of companies is unknown, but is definitely suspect. One thing is for sure -- the outage did have an affect on share price. The outage was reported at 16:09UTC (12:09 EST) by Akamai. If you look at the darkpool data, you can see that from 12:09EST to 12:18EST darkpool volume slowly crept up to 91%.

The corresponding price action in the stock is apparent - 1.5%. This about about the time it took for folks who couldn't sell on their brokerage to find out that they could trade over the phone:

Maybe some APEs with more wrinkles than me can add to this DD, but I for one am greatly annoyed as usual. As eventful as this was though, we at least got to see some of the affect that darkpool activity has on share price. We know that when virtually all retail traders are locked out of their brokerage (substantially impairing trading activity), we can see that this has a negative affect on share price. Not sideways trading, but a negative impact.

Report

Hello Everyone, I found a way to bypass these WAF systems, they way to bypass them is to get the real IP from the server

So this is before:

This is after:

The fundamentals to get the real IP is to send HTTP request to every possible IP until the real server responses back.
The full report is here:

you will need to have Go installed on your systems, here its is the code:

Btw, this is my first time making reports like this , so be kind.
I'm probably not following any good design pattern, also I don't have enogh experience teaching, so probably the videos won't have a good audio, or good teaching practices.

This is not just for "hacking" but it's also to create web scrappers using the real IP from the host

Hi Reddit! I’m Dr. Robert Blumofe () Executive Vice President and Chief Technology Officer at Akamai (), former UT Professor, and MIT and Brown University graduate. But most people call me Bobby. This is my first AMA and I’d be happy to take you behind the curtain of what we do at Akamai, how I started my career, how a kid growing up in a show- biz family became a nerd, or even my hobbies (I’m a juggler, water-skier, former pilot, and novice musician).

If you’re not familiar, Akamai powers and protects life online. Global companies trust us to deliver and secure digital experiences — helping billions to live, work, and play online. With the world’s largest and most trusted edge platform, Akamai keeps apps, code, and experiences closer to users — and threats farther away.

I’ve been at Akamai since 1999 and previously I’ve been responsible for developing and operating the distributed system underlying all Akamai products and services. Today, I lead Akamai’s technology strategy and represent Akamai’s technology vision in the marketplace.

Ask me about Zero Trust, why I hate that moniker, why I think that all access should be remote access, and why I think there is no such thing as a secure network. And on a personal level, how to do a three-ball cascade, my favorite drummers, growing up in Beverly Hills, or anything about my grandfather, comedian Jack Benny!

#########

EDIT [1 p.m. ET] Thank you for the great discussion and questions today, ! Sorry, I couldn’t get to all of them, but I must step away and tackle a few day job items. I’ll try and circle back to answer a few remaining questions. Stay tuned for more from Akamai and follow me on and !

Posting on behalf of :

Hey Reddit, I am Andy Ellis (), Chief Security Officer at Akamai, an MIT graduate, and former officer in the United States Air Force with the 609th Information Warfare Squadron. Here’s a brief bio - ()

Proof: -

I’ve been the senior security professional at Akamai for the last 20 years, and run the Information Security team and program. I’ve been awarded two patents, the Spirit of Disneyland Award, the Air Force Commendation Medal, the Wine Spectator’s Award of Excellence (as the Arlington Inn), and the CSO Compass Award from CSO Magazine.

I’m joined today by my senior staff, who may provide additional color in the commentary. They are (alphabetically by last name): - Eric Kobrin, Senior Director, Security Intelligence - Kathryn Kun, XO, Office of the CSO - Fadi Saba, Senior Director, Assurance - Brian Sniffen, Fellow, System Safety and Resilience

Akamai operates more than 300,000 servers in more than 130 countries, powering everything from banking and retail to on-demand video and gaming services. We’re the largest distributed platform operating at the edge of the internet, providing data storage as well as processing, while securing customers from malware, phishing, data exfiltration, DDoS, and other advanced attacks.

Since the COVID-19 outbreak, we've seen huge spikes in traffic and, like most companies, Akamai customers have been forced to adapt to a new way of working online. We’re about to kick off a whole conference focused on how Akamai’s edge technologies can help companies to adapt more readily, and stay more secure, as the world continues to change at breakneck pace. (Register for free here: )

Ask me anything about being a CSO, running a security team, protecting a planetary-scale CDN, or, really, anything. I am happy to share lessons learned, offer advice to those seeking it, or answer general questions.

Edit - Thanks so much for all of the great questions! I'm signing off now but you've made the internet suck less for me today and I hope my answers have returned the favor.

Saw this bullshit coming, figured it was just a matter of time.

"As we expand our cloud product portfolio and work to improve the resiliency and reach of our network, we face the same challenges as many of our customers: a tough financial climate with growing costs for data center space, energy usage, and newer hardware. We have resisted making changes to our offerings for as long as possible, and we understand this may not be the news you wish to hear from us, but we are announcing price changes for certain compute services effective April 1, 2023.

On April 1st, you will see the following changes to our pricing model:

Shared and Dedicated CPU plan prices will increase by 20%. The price of additional IPv4 addresses beyond 1 will increase from $1 to $2 each, per month across all of our existing core data center locations. Transfer (egress) fees are being reduced from $0.01 to $0.005 per GB* up to 1PB per month across all of our existing core data center locations."

I figure they'll just sell out to EIG in a year or two and complete the cycle.

Hey everyone,

I'm curious about the inner workings of cloud providers like AWS, DigitalOcean, and Akamai (Linode) when it comes to creating virtual machines. Specifically, when a user selects options like an Ubuntu OS, a $5 plan with 4GB of RAM, and a 20GB SSD, what exactly happens behind the scenes?

I'm particularly interested in whether technologies like QEMU and KVM are utilized in this process. Can anyone shed some light on this? It would be great to understand the underlying technologies that power the creation and management of virtual machines in these popular cloud platforms.

Thanks in advance for any insights!

Hey everyone,

Take off your tinfoil hats, the issue with the internet today is Akamai Edge DNS having problems, and are being looked into.

Vanguard and Blackrock are largest holders, yeah, I looked. ;)

This is what happens when internet providers are huge and primary services, like DNS, are concentrated. No different than AWS going down.

Buy. Hodl.

Hello all,

I was actually working on a client comission (a Nike purchase bot), first time I've worked on anything like this. I came across, of course, Akamai bot protection. There were two routes I could go down, generating cookies and mimicing human activity or finding an algorithm which mimics human activity and fools Akamai, I chose the latter. To my surprise, this was a very big challenge, however I eventually, with hours and hours of reverse engineering and decoding managed to develop my own algorithm.

Has anyone else come across this problem? How have you dealt with it in the past? Let me know!

I may be selling this, let me know if you may be interested in this!

I spent a few hours trying to figure out a way to log my web application traffic through Burp. The web application is running behind an Akamai firewall and when I try to send my browser's traffic to burp, somehow Akamai can detect that and ban my request throwing an access denied page (403) although I'm just passively intercepting the traffic through Burp. Accessing the web application with Firefox or Chrome works just fine. What am I missing?

Hi all,

This week, we are hosting an AMA session to discuss Steve Winterfeld’s role in and the importance of cybersecurity on both enterprise and home users to aid cybersecurity professionals in evaluating their defense posture and understanding attack methodologies to best protect companies and consumers.

: Steve previously served as CISO for Nordstrom Bank, Managing Director of IR and TI at Charles Schwab, and Senior Technical Director Cybersecurity & Group CTO at Northrop Grumman. Steve focuses on collaborating with Akamai’s customers to make sure they are successful in defending themselves and their customers.

Steve will be answering questions until April 12.

Steve is available to answer questions about Akamai’s latest State of The Internet (SOTI) Report on malicious DNS traffic, which can

lead to system compromise, stolen information, or financial losses. We found 23-27% of organizations have experienced at least one instance when C2 traffic was observed traveling out of their network in any given quarter, indicating the possibility of an attack in progress. In the DNS data analysis, they also identified an outbreak of FluBot (an Android-based malware) spreading across the world, and discovered attacks on home networks are also seeking to abuse mobile phones and the Internet of Things (IoT) alongside traditional computers.

These insights are vital for cybersecurity professionals to ensure their companies are up to date on the latest attack techniques and prepared with the right tools and processes in place to mitigate the risks posed by cybercriminal groups and multistage attacks.

Let’s get started! Ask anything about Akamai’s latest SOTI report insights, resources for cybersecurity professionals, or how Steve got to where he is today.

Apparently there is a system in my household that is attacking CMS's(login.php brute force attacks ). I have been working with Akamai but they are just not helpful at all. The best they were able to do is check for logs as I shut down the systems I have but the can takes days to get back to me.

" on the 9th we logged malicious attacks from this IP on only 3 time windows: around 04:00 AM, around 07:00 AM and 02:00 PM." -- Ok guys great but its the 11th now...

I run about 15 device that could be doing this. Every single device in my household goes thru a linux box before it hits the outside. The linux box has two nic's, so I would think this could be something I could detect and resolve. I looked at many UFW logs but nothing seems to mach the attacks logs they have. I use wireshark but I see so many HTTP(S) lines that I have no idea what could be malicious. From what I read the CMS login attack are pretty common and I would think a foot print is being made. Can anyone point in me a direction here? Are there any scan tools for linux that will show what IP is attacking? Maybe an online scanner? If not and I must resort to logs, what do I look for?

This all started when I found out some page were access denied. After a lot of work I found it is was a service Akamai these sites were using. So I contacted Akamai and they pretty much said, yes you are hacking CMS stop it or we will report you. They were kind enough to provide me with loose details.

Adding my corresponded with Alamai

Thank you for contacting Akamai Technologies.

Following our investigation into your request, we can share with you that based on our logs, IP ******** is sending several requests daily, in an attempt to brute force login pages across several different open source CMS applications.

Based on our experience with other end users, such an activity could be a result of a malicious software which might infected one of your machines. In order to try and assist you with finding that machine we can also share that based on our logs this activity has started on the 09th of February and we can still track it.

Once this activity will stop, and the compromised machine will be clean, you will be able to access sites protected by Akamai.

Regards, Akamai Threat Operations Team

Saw this bullshit coming, figured it was just a matter of time.

"As we expand our cloud product portfolio and work to improve the resiliency and reach of our network, we face the same challenges as many of our customers: a tough financial climate with growing costs for data center space, energy usage, and newer hardware. We have resisted making changes to our offerings for as long as possible, and we understand this may not be the news you wish to hear from us, but we are announcing price changes for certain compute services effective April 1, 2023.

On April 1st, you will see the following changes to our pricing model:

Shared and Dedicated CPU plan prices will increase by 20%. The price of additional IPv4 addresses beyond 1 will increase from $1 to $2 each, per month across all of our existing core data center locations. Transfer (egress) fees are being reduced from $0.01 to $0.005 per GB* up to 1PB per month across all of our existing core data center locations."

I figure they'll just sell out to EIG in a year or two and complete the cycle.