At least now I've got the issues off my chest and documented them so I can begin to address them...
"Dr Mark Gregory from RMIT University this morning said more proof was needed over the government’s claim that an overseas attack had taken place.
“A denial of service attack is when they get millions of computers trying to access their systems at the same time,” he told ABC Breakfast.
“You are overwhelming their computing power by doing that. Interestingly enough, the system, as we have learnt, was built to handle about a million transactions in an hour. A million people doing their return in an hour. Now, my understanding is that most Australians have dinner, sit down, try and do the census. If you had five or six million households trying to do their census at the same time, that’s similar to a denial of service attack.
“We need some proof this was from outside Australia and not just simply Australians trying to do the census.”"
Given that ABS has been saying there was "anomalous traffic and a router failure" it kind of sounds like DDOS traffic, or at least an unexpected type of traffic coming from a large number of clients that they couldn't handle.
This makes sense, since whenever I tried to access the site I couldn't even get to the frontpage of the census site or the ABS site, both of which are presumably static and appear to be served out of different locations.
The only interactions you'd need to handle would be the check to see if the login number was valid and when users saved progress or submitted at the end of the form.
If we have 10 million users an hour, and we assume that each user (on average) needs to check their login number twice (one typo attempt) and save results twice, that's ~12,000 requests per second (on average).
Assuming you are using some kind of distributed key pair data store (for data and sessions), web servers to handle both of these types of transactions could scale horizontally, so we'll assume load balancing between many web server is easy (it's never that easy, but it should be possible).
So 12k requests per second, if each request is 50KB, that's ~550MB per second. Which is a lot, but easily possible with a single 10GbE port.
This seems pretty manageable, so my guess is that the site itself (which had been load tested) actually held up, but DDOS traffic took the network down, other weird traffic showed up, the ABS wasn't sure what was happening, panicked a bit and shut the site down to regroup and be able to be sure the DDOS attack wasn't a diversion for a more sinister attack that was stealing Census data.
It would be quite cool to actually find out the technical details of what hardware they were using and what happened, but I guess we probably never will.
Even cooler would be if they let us build the next one :-)
I'm just this guy, you know?
I am a family man, father of three lovely boys. Happily married for 15 years, currently living in Hobart, Tasmania. I play musical instruments (Trombone/Timpani/Traps) and I hold a 2nd Dan ("black belt") in Taekwondo. I like Open Architecture computers, Open Source software, and Open Crown hats. Akubra, of course :D
On a professional level, I am a Computer Applications Support Engineer, focusing on the application of technology to business functions in finance and government, and bridging between the Developer, BA/QA and Systems worlds, which I've been doing since before there was a "DevOps" movement. I have worked with major I.T. firms as well as a government owned forest management organisation. I am an experienced cat herder and specialize in fitting round pegs to square holes. Handy in a tight squeeze to help get that late project of yours over the line.
Humble School's Out Book Bundle presented by No Starch Press
Pay what you want for books about computer science, programming, and LEGO and support charity
The Sound Apprentice: Cheap Tweaks: Shure SRH840 Headphone Mods
How to Mod Your Shure SRH840 Headphones for Better Comfort. If you love the sound but hate the feel of these headphones, there are a couple
Google Plus - Dark Style - Themes and Skins for Google -
Customize your google experience with this user style.
The World's Best Photos of cube and modular - Flickr Hive Mind
Do you work at Google? Do you enjoy and value the user experience of Flickr Hive Mind? Flickr Hive Mind depends on limited advertising to pa
prosthetic knowledge — Depth Blur Webapps A couple of projects that...
Depth Blur Webapps A couple of projects that explore your photos taken with the recently updated Android camera app and it’s Depth Blur feat
SSH Can Do That? Productivity Tips for Working with Remote Servers | Smy...
SSH has many features which are helpful when working regularly with files on remote servers; together they can give a vast increase in produ
How to duplicate an existing tab? | Firefox Support Forum | Mozilla Support
Ctrl-click or middle-click the Reload button to open the current page in a new tab. Ctrl-click or middle-click items in the history of the B