Ubuntu infrastructure has been down for more than a day
Source: Ars Technica
Affected URLs
According to a moderator on AskUbuntu.com, the following services have remained unavailable:
security.ubuntu.comjaas.aiarchive.ubuntu.comcanonical.commaas.ioblog.ubuntu.comdeveloper.ubuntu.com- Ubuntu Security API – CVEs
- Ubuntu Security API – Notices
academy.canonical.comubuntu.comportal.canonical.comassets.ubuntu.com
Incident Overview
Ubuntu and Canonical infrastructure went down shortly after researchers released a potent exploit that allowed untrusted users in data centers, university settings, and elsewhere to gain root control of servers running virtually all Linux distributions, including Ubuntu. The outage has limited Ubuntu’s ability to communicate security guidance to affected users. As noted earlier, updates remain available from mirror sites.
Stressor (Booter) Sites
Stressor sites, also known as booter sites, have operated for decades. The DDoS‑as‑a‑service operators have drawn the attention of law enforcement in multiple countries, but attempts to shut down this scourge have never succeeded. See an overview of the phenomenon in an Ars Technica article.
Current Status
It remains unclear why the infrastructure has stayed unavailable for so long, especially given the availability of numerous DDoS protection services—some of which are free.