Ubuntu's DDoS Knocked Out Snap Installs...

Added: 2026-05-12

[00:00:00]Today on Switch to Linux, Ubuntu was DDoS'd and it took installing your snap software offline.

[00:00:07]Let's talk about this briefly.

[00:00:14]Thanks for checking out this video by Switch Linux. If you like this type of content, subscribe to the channel if you've not already done so. Leave us a like and a comment down below.

[00:00:22]And of course this last week, if you haven't seen the news, Ubuntu was DDoS'd or you know, at least they didn't confirm it was DDoS'd. It's just somebody engaged in a coordinated attack against their servers and uh it overwhelmed their servers and their servers stopped working. Yeah, that's a DDoS.

[00:00:37]Okay. Now, why would somebody DDoS Ubuntu? I don't know. I didn't look into it, but it's stupid to do so. If you don't like something, just don't use it.

[00:00:45]Okay? Uh Ubuntu is not my favorite distro these days, but Ubuntu does a lot of wonderful things in the Linux world and it deserves to, you know, not be attacked by morons. So, leave Ubuntu alone.

[00:00:59]But one of the things I've always talked about on this channel is snaps and I am not a fan of snaps. Now, will I never ever ever ever ever use them? No. I mean, I will when some software is the best choice and I have no other option.

[00:01:14]I don't mind using a snaps. I don't think I have snap support enabled on any of my computers right now, but I'm not so 100% fundamentally against them I will not use them. I just will not use them when there are other choices and options available. Of course, snap is one of the ways that you have a Linux package which can package its own dependencies, which means it will continue to work.

[00:01:39]Um they are good in that they tend to work well uh better than some dependency software as versions change and and dependencies change and things like that. The downsides is and the biggest downside is well, the snaps themselves are open source, the distribution method is central and proprietary.

[00:02:02]And that is two systems that I'm not a huge fan of. Now, the proprietary part we've talked about a lot on this channel. We're not going to spend a lot of time talking about that. I would love it if they open source that and if they did as Flatpak does, there is a central flat hub, but anybody can publish flat packs to a number of different flat pack repositories and so it's not centralized. And if Ubuntu made it so that you could run your own snap store or have a variety of different snap stores available and you can choose where your come from and the distribution method wasn't proprietary, I would like them a little bit better.

[00:02:40]But let's talk about that central distribution.

[00:02:44]Because snaps are centralized on Ubuntu servers, there is only one place they all come from. So, if you happen to be using a computer with a lot of snaps on it and there was a major security vulnerability found and your computer needs to update or wants to and snaps auto update, guess what? Your system is not going to be able to properly work now. That is a a very interesting thing because the software cannot update itself.

[00:03:19]It can't.

[00:03:21]The DDoS took out the servers that were serving the snaps, people could not update their software because it's centralized.

[00:03:33]One point of attack knocked out Snapcraft.

[00:03:37]Nobody was able to update their snaps.

[00:03:39]If there was an active vulnerability in a snap package, it could have continued to be exploited because you couldn't update it. If you needed to install some new software, you couldn't do it because there's only one place you can get those software packages from and it was blocked blocked.

[00:03:56]This is a fundamental problem that Ubuntu has had that I have mentioned to several times before. In fact, if I dig back through my video archive long enough, I might actually find videos where I would say, "Hey, guess what? The centralized method of putting together the snap packages is a major vulnerability because if there's one single source, then that one single source can be overwhelmed. So, let's have a brief look at an OMG! Ubuntu article here. Attack knocks Ubuntu websites and services and snap store offline.

[00:04:30]So, obviously the website went down.

[00:04:32]Now, you could still run apt. Why could you still install software on your apt system rather than uh not? Because your computer, you can go and set your mirror a number of different places. If your apt was pointed directly to Ubuntu, they couldn't be accessible. You just go into the software sources application, you click the button to change your mirrors and you simply change the mirrors to something else because it is not centralized. But Ubuntu pushes snap first.

[00:05:04]So, the installation packages are all centrally proprietary.

[00:05:09]And that is where the problem comes into play.

[00:05:13]So, if you're having trouble accessing the Ubuntu website, the snap store or launchpad, you're not alone. Their website is currently facing a quote sustained cross-border attack, end quote. Um so the company says it's working to address the attack, will provide more details. Websites and services have been affected since around 6:00 p.m. on um April 30th and I will say as of right now, this is all resolved. So, uh last time I checked, the Ubuntu site is working. They say in the article here this is working. This is not like news, "Hey, Ubuntu site's down." Hey, you're like, "No, no, no." I'm talking about the fundamental problem Ubuntu has that they have central sourced snap.

[00:05:48]That's what we're talking about today.

[00:05:51]So, what is and is not? So, the apt repos are not offline because they are mirrored across multiple locations, countries and servers. The main archive, archive.ubuntu.com, was offline during the attack at the time of the writing and it's still possible to download the OS images because there are a number of different distributed places where those are mirrored to. So, distribution, non-centralization and mirroring is exactly what we wanted to see. That is what stops uh stops silence whether from a government or from a a bad actor, which in this case it looks like a bad actor.

[00:06:28]So, website services are offline. Uh the live patch API is impacted as is landscape, the mass uh m a a s.io website, launchpad.net, Canonical's own website along with some subdomain services like contracts.canonical.com, portal.canonical.com, but not all.

[00:06:50]They don't They They don't call it. Do not call it.

[00:06:54]Don't call it.

[00:06:55]Editor, please.

[00:06:56]They don't call it Canonical don't call it. CANONICAL DON'T CALL IT, YO.

[00:07:01]Canonical don't call it DDoS.

[00:07:03]But they do say it's sustained.

[00:07:05]Uh so, this is the um that points to some sort of volumetric onslaught of potentially affecting availability.

[00:07:12]As George Carlin says, "Stop with the euphemisms." That's a DDoS.

[00:07:17]The who and how and and importantly why is unknown. A hacktivist group has reportedly claimed um but Canonical has not confirmed that.

[00:07:28]And uh effectively what went on here that I wanted to talk about is the fact that snaps, since they are allowing you only one place to install software on your computer, that only one place is what's causing the fundamental challenge. This is one of the many reasons I do not like using snap packages on my computer. If there is a need to force an update really fast, I can't do it if it's centralized and that server is overwhelmed. What if it's the most popular snap package in the world? A critical zero-day has been found.

[00:08:05]Everybody needs to update it and the whole world tries to update it all at once. Well, that's not an intentional DDoS. That's just, "Hey, your server went way way too big." And this is a serious impact for business. One of the ed tech startups I worked with, uh we I came on board with them I think at the end of their first year and they had grown three years 300% three years in a row. We hit this mass mass critical infrastructure. So many people signed on to the site so fast, it crashed the whole thing down because we didn't have the scalability inside the back end on the technology and it caused a lot of frustrated people and we were working with students and professors. It caused a lot of frustrated uh college people and it did definitely impact the sales later on. We had to issue some refunds. Some people understood and uh we brought in some other people to uh to fix the scalability issues and it end up going out to be purchased by a big conglomerate who then fired us all because that's the way corporate works.

[00:09:08]But the problem is is that even if it's not a coordinated DDoS attack, if too many people use the system all at once and you have a centralized place of installing software like snaps, that's a fundamental problem. I wanted to point that out to say, "Hey, I've been warning about this." Let me know your thoughts about that that in the comments down below.