Depending on who you believe, the week long Spamhaus-Cyberbunker cyberattack we covered Wednesday was either a threat to the Internet itself or hyped up by an overzealous security vendor. Either way, it was still serious business.

While much of the Internet disruption may have in fact been localized to Europe, and also potentially caused by tampering with underwater telecom cables in the Mediterranean, big DDoS attacks — that is, distributed denial-of-service assaults that aim to knock target computers off the Internet — are real, and have been on the rise since 2010. 

Dan Holden, the director of ASERT, Arbor Networks' security engineering and response team, has been monitoring DDoS attacks for more than 12 years. In 2012 his company released a Worldwide Infrastructure Report that reports attack sizes have been peaking at around 100Gbps (check out this detailed look at the report here). This week's attack was more than 300Gbps — way above the norm, in other words. 

That's because the attackers actually co-opted part of the Internet's basic infrastructure -- the Domain Name System, or DNS -- in such a way as to greatly amplify the firehose stream of data they were directing at target computers.

Here's how they work, according to Carlos Morales, Arbor Networks' vice president of global sales engineering and operations:

Attackers send DNS queries to a [DNS server] on the Internet but use the victim address as the source of the query. When the response goes back, a response that is usually multiple times the size of the initial query, the response goes to the victim. Multiple this by hundreds of thousands of requests from bots on the Internet spoofing the one victim address and you get a very large flood of traffic to the victim machine.

Holden says DNS is becoming an increasingly popular target for DDoS. As many as 27 million DNS servers across the Internet are "open" in a way that allows them to be hijacked this way. 

That means that while this week's attack may not have knocked us Americans off of the Web, the amount of localized disruption overseas was definitely large enough to cause serious reverberations. This may not have been the Web's D-Day, but these could definitely be the opening salvo of a hacker blitzkrieg. Let's hope the ISPs and powers that be don't Neville Chamberlain it. 

Photo courtesy of Shutterstock

Online dating is weird as hell. You'd think this wouldn't be the case. After all, the algorithms that connect people on dating sites aren't theoretically all that different from the ones that power search engines and generate billions in revenue. So why is online dating still such a thoroughly imperfect experience? 

Amy Webb, like so many others, learned just how flawed the science of online dating is by going on a series of comically awkward dates with some pretty unbelievable characters. In her book, Data, A Love Story: How I Gamed Online Dating to Meet My Match, the digital media consultant and former journalist outlines how she "reverse engineered" online dating, reevaluated her strategy and met her future husband. 

This being the week of Valentine's Day and all, we thought it would be an opportune time to talk with Webb about her process and share some of the lessons she learned with you, oh lonely denizens of the Internet. Trust me, this is way more interesting than the romance-themed infographics we've been getting pitched all week.   

Decide What You're Looking For

Most people approach online dating like they approach joining any other social network: Set up a profile, upload a few photos that happen to be sitting on your hard drive, and fill out some personal info. The difference, of course, is that dating sites have an objective far more specific than an aimless timesuck like Facebook. 

Webb kicked off her digital quest for a mate by listing 72 traits she wanted her future partner to possess, which is how she recommends online dating newbies get started. Her initial brainstorm included everything from personal habits and marital history to work ethic and Mac vs. PC preference (Hint: John Hodgman would not have made the cut). 

The exact number of traits isn't all that crucial, as long as the list is as exhaustive as possible. "The most important thing is to sit down and write out a list," says Webb. 

Rank Your Top Traits By Priority 

Next, she broke her 72-point list into tiers: Using a combination of personal preferences and past experience, she narrowed down the ten most important characteristics and listed them as "top tier" traits. These were, in her book, the absolute deal-breakers. They were then ranked 1-10 in terms of importance. From there, she chose another 15 "second tier" traits. Not deal breakers, but still very important.

"I was looking for patterns to analyze," says Webb. "For example, there was a lot of crossover in my list when it came to family, religion and attitude towards work. When I noticed a pattern, I tried to distill from it the most important aspect of that data point."  

This approach helped her sort and tag her list and ultimately rank everything by priority. 

Come Up With A Grading System

Once her tiered list was complete, Webb assigned a total number of points to each item. Her top-tier traits were each given a total potential score: 100 for her top trait (intelligence) and 91 for her least-critical item in her top ten list (No history of cheating). The second-tier traits were all assigned a weight of 50 or fewer points, depending on their overall importance to her. 

The result was a 1000-point scale that would allow her to grade - and subsequently reevaluate - the men she dated based on the most meaningful data points. She set a threshold: Based on her initial online interactions, nobody scoring below a 700 would be worthy of an in-person date.  

It all might sound a bit obsessive, but as Webb quickly realized, this formula could have saved her the agony of going on karaoke dates with high-fiving cheapskates just a few weeks prior. 

Size Up The Competition

This is where things get interesting. Before setting up her new profile, Webb decided to evaluate the competition. The way most online dating sites work, there's no easy way to do this from your own account. So using her 1000-point grading system, Webb created two profiles of imaginary dream guys. That's right: She masqueraded not just as a man, but as multiple men, in order to see what kinds of ladies would be vying for the attention of the men she would find most desirable. In the end, she had created 10 fake profiles and interacted with 96 different women. 

This wasn't just an exercise in digital creepiness. It was a data-mining experiment of enormous value. During this phase of her quest, Webb unlocked insight into many aspects of the online dating universe, some of them more predictable than others. What correlations exist between profile popularity and hair color? What about the vocabulary used in people's profiles? How much did successful online daters refer to their career goals? What kind of photos performed the best? 

Using spreadsheets, TextWrangler and "other kludged-together applications," Webb analyzed all of this and more, manually collecting data as she went. She paid attention to things like which gender initiated conversations most and made data visualizations of the most commonly used words in the profiles of popular women. 

"If I was in another setting – like a bar, or party or work – and found someone attractive, I'd immediately look around at my competition," Webb explains. While some sites do allow you to take a look at the competition (which would save you most of the trouble here in step four), JDate does not, so Webb had to game the system in order to see the big picture. 

In the process, she discovered that the LinkedIn-esque approach she had used to build her original profile was way off-base. 

Build Your Data-Fueled Super-Profile

Armed with these new insights, Webb set out to create what she calls her "super-profile." It was concise, used positive language and wasn't as fixated on work. She focused more on her desire to travel the world than on her HTML chops. She also realized that the photos she happened to have on her laptop weren't cutting it, so she uploaded new ones based on everything she had learned by looking at the more popular users.

She showed a little more skin and scaled back on attempts at humor, which can often get lost in the context of a social profile. In short, she optimized her profile, not unlike a product page - an analogy that isn't far off from how Webb encourages people to think about their presence on Match.com or OKCupid. 

"We SEO websites all the time to ensure that they get seen first in the vast catalogue that is Google," Webb says. "Why should online dating be any different?" 

Add Twitter to the list of this week's high profile hacks. Friday afternoon Twitter joined the ranks of recently compromised sites like The New York Times and The Wall Street Journal, disclosing that as many as a quarter of a million Twitter accounts may have been compromised in the intrusion. In a blog post, Twitter describes the breach:

We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users.

Affected users can expect to receive an email from Twitter, though the company encourages all users to use this week as a reminder to practice good "password hygiene" by tweaking their Twitter password if it isn't up to snuff (or making a new one even if it is). It's always a good idea to mix things up, so be sure to sprinkle in a generous dose of alt-caps, numbers and symbols if you've been betting the farm on "Password123" all this time. 

"This attack was not the work of amateurs, and we do not believe it was an isolated incident," Twitter said in the blog post. "The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked."

While Twitter is remaining mum for the time being on the specifics of the hack, it alluded to a known vulnerability in Java and instructed users to disable Java immediately. We'd suggest you do the same. 

It was Tuesday afternoon. Nine minutes after 3pm. I was standing on the corner waiting at a red light on Grand Avenue in Downtown L.A after just meeting a PR rep from New York. Head in a twirl over the mountain of work that awaited me at my office and thinking about the potential stories the pretty New Yorker pitched. 

That's when it happened.

My phone vibrated. I pulled it out and saw the message. 

"Direct from @MaryKnabben: OMG they said he died...Did he? http://t.co?BQ7zvZ6"

(READER WARNING - DO NOT CLICK ON THIS LINK OR SUFFER THE SAME FATE AS ME!!)

Who died I wondered? I didn't click the link then. I let it linger. I had a 5pm appointment, three traffic-filled blocks to traverse and emails to send.

Did I Miss Something?

But as I stood waiting for the light to change I wondered if I had missed a major passing. It wouldn't be the first time. I often get alerted to news by direct messages and Twitter friends. Nothing new there. The language in the message was, though. OMG. Not very journalistic or the type of lingo you'd expect an adult to write when a luminary passes. Still, I figured it must have been the writing of someone who was stunned.

At first I figured this was the case, but in my gut, I knew something seemed weird about the tone of the note. As the light turned green I walked, slung my phone back in my pocket and kept moving. 

When I got back to the office, overlooking some of the priciest data centers in Los Angeles if not the nation, I scanned the wires and social media, but I couldn't find anything. Hmmm. My antennae were buzzing. Had I missed it? Did she have a scoop? 

Before I could dive into my detective mode, 5pm came and I was thrust back into reality. By 6:30 it was over but then then I had to meet a friend at The Standard a few blocks away. By the time I got home I was exhausted and I showered and went to bed without checking further. 

I Couldn't Resist Clicking

The next morning I opened up my Hootsuite and looked at the link. There it was, just waiting to be clicked.

I checked out @MaryKnabben's Twitter stream. A fellow journalist from Brazil, we had met at Social Media Week a few weeks earlier when I spoke on a panel on journalism and social media. I liked her. She seemed professional. Her tweets looked normal. Nothing seemed (ph)ishy. So despite a nagging feeling of doubt, I clicked on the link. It took me to a strange site. A pseudo-news site called News 3. But a few seconds of scanning the site, I realized it wasn't news. It was a pay-per-click factory with an attractive young woman at the top of the page and promises of weight loss. What the hell? 

I exited the window, thinking nothing of it. Must have been a wrong link. I should have known better. I should have known right away something was up. But I didn't. 

Uh, Oh. Trouble!

A few hours later, after a break for lunch, I reopened my Hootsuite account. And there it was. Staring at me. A new tweet on my timeline.

A tweet that I. Did. Not. Send. 

"Losing weight is easy." I'm 6 feet tall and 160 lbs. I don't need to lose weight. And I didn't send that tweet. There was a link at the end of it. I clicked on it. It was the same site. 

"Please don't let my Twitter account be hacked," I pleaded to the powers that be. "Please, please, please. No, no, no."

It was Halloween. And for the first time on this candy holiday I was scared. 

Panic Mode

I deleted the tweet in a heartbeat and immediately changed my password. To my surprise none of my followers replied to the strange tweet. Perhaps that's because I deleted it so fast.  Phew.

At that point I wasn't sure what the hell happened, but I knew someone had caught me with my pants down. I racked my brain. What happened? I've always been so careful... hadn't I?  Could it be one of the hundreds of applications with read and write access to my Twitter account? I know I didn't always read the fine print, but I knew right away that this was a long shoot. No, it couldn't have been Goodreads or Digg. No way. No way...

Then I realized just how un-careful I had been. I realized what it was and who the culprit was, too.

@maryknabben yup...the message came from your account...

— Adam Popescu (@adampopescu) November 1, 2012

Apparently Mary was hacked. She told me she didn't see any changes in her account except for auto-DMing everyone who follows her that "shady link."

I had heard the horror stories. Now I was in one. I got phished. I clicked a funny link.

Stupid. So, so stupid. I couldn't believe it.

Emergency Cleaning

I knew what I had to. I deleted all of my cookies, went through the process of changing my main online passwords (email, banking, social media), ran a virus scan and restarted my computer. I have so many online passwords I knew I couldn't change them all, but the important ones I changed immediately. If someone wants access to my Friendster account, go ahead. It was Halloween night and I had a party to go to. 

After more than an hour of dreaming up new password combos, I waited for my virus status like a patient expecting a STD results phone call from the doctor. No trojan horses popped up. Thankfully. I breathed a sigh of relief.

But I knew I had dodged a bullet. Exhausted and mad at myself, I signed out of my browser still steaming, swearing I would never make this mistake again.

I hope.