Physical blocking

To start with, we could make the office physically inaccessible. We can do it simply by gluing the lock, more effectively by walling up the door, or more brutally by dumping manure in the entrance. Or more permanently by setting the building on fire.

For IT services, the equivalent would be to cut the electrical or network supply to the servers (or the building that houses them), or to set them on fire.

As you might expect, it's very visible and above all illegal² and the authorities will do what's necessary to find you and explain to you that there are many more interesting ways to pass the time (if not for you, for the rest of society).

Let's see other, more subtle approaches³.

Inflating attendance

If you have many friends, you could all go to the same post office together… We come, we enter, we wait our turn, we say hello to the clerk at the counter and we leave. We can then return to the queue for a second round.

In our village, just 5 is enough to fill the office and force the others to stay outside. Then, about thirty accomplices are enough to occupy the alley leading to the post office. Knowing that most users give up if they see more than 5 people in the queue outside. So there's no need to be that many.

Technically, it's not even necessary to go all the way to the counter. Being present in the queue already takes up space and hinders others enough to see an effect. We can also come as a family, children playing take up more space than an adult standing calmly waiting.

For IT services, it consists of sending as much data as possible to a target server. It doesn't matter if it can read the data or not, the goal is to saturate its internet connections so that no other packets can get through.

To help reduce this attendance at the post office, we can imagine a security guard greeting users and asking them the purpose of their visit to direct them more efficiently to the right counter. Let's call him Emery⁴.

In addition to directing customers to the postal workers, Emery can also handle simpler requests which will unload his colleagues and streamline everything. A small band of Emery will be particularly effective in managing a band of scunners who have nothing to do in the post office by showing them the exit.

Specificity of IT over the real world… when the scunners are too numerous, a router can choose to drop packets that look too much like them. In real life, a security guard can fortunately not filter customers who don't have the right face⁵, and still less remove⁶ them.

Occupying their crew

Coming without a goal works for a while, but the security guards will quickly solve the problem. The ideal is to have a request to keep them busy. Because as long as a clerk, or even a security guard, is busy processing our request, they can't take care of other customers.

The first idea is simply to say nothing. When a postal worker (clerk or security guard) asks what we're doing there, we look at them, but we don't respond (and we don't move). The postal worker waits for a response and, while waiting, they can't serve anyone.

Except if we say nothing, the postal worker will lose patience and move on to the next customer thinking they can handle that customer while we remember what we wanted to do. And if they handle another customer, the office continues to function…

The second idea is therefore to speak, but very slowly. One word at a time. With veeery long pauses between words. For example, we wait until the postal worker seems interested in the next customer to continue the sentence. Which prevents them from taking care of other customers⁷.

But Emery and his colleagues aren't stupid, they'll see through the trick and can respond in two complementary ways:

1. Ask to write the request before giving it to the postal worker. While we're writing, they can handle another customer's request. Of course we occupy space in the post office while we're writing but the office can be enlarged (or a canopy set up outside).
2. Point to the exit when their patience has run out.

So we need a real pretext to come to the counter. A Plausible Deniability.

The third idea is to come to the post office with a request that we know will take as much time as possible. Provide a false delivery notice with a parcel number that doesn't exist and let the postal worker search for it in the storage. Then, seeing them come back empty-handed, insist that they check. Or perhaps suggest they call the post offices in neighboring villages in case⁸.

You can also ask questions about pricing (given the size of the binder explaining them, there must be many interesting special cases to discuss at the counter), or about all the other services offered by the post office (since it became a bank and a telephone operator). There's no lack of ideas⁹.

Be careful with too absurd requests. The postal workers will be able to detect them and determine that we're only there to make them waste their time. They can then point us to the exit (but we'll come back) or the direction of an empty counter (we'll waste time understanding that nothing is happening there), or that of Calypso¹⁰ who responds with even more absurd questions to keep us busy.

The only solution for the post office is then to add counters and postal workers. In theory, doubling the number of counters should double the throughput of customers handled. But in practice it creates problems…

1. Resources. To handle heavy traffic, it will be necessary to enlarge the building, add furniture, and hire staff. But if the traffic is temporary, these resources are wasted. We can then imagine an elastic system with mobile teams (e.g. temporary workers).
2. Parallelism. Staff must set up procedures to handle concurrent access (e.g. access to the parcel storage). And if the office is particularly large, the CAP theorem tells us that we cannot provide both always correct answers and always available service¹¹.

Delegating

With its distributed infrastructure, the post office was able to deliver 5.6 billion letters and 2.6 million parcels in 2024¹². We clearly can't compete on that scale… we need help, accomplices. But how to recruit them?

There's no point in truly recruiting accomplices. They might want compensation for their help, ask questions we don't want to answer, or provide clues to investigators who would want to find us. It's more fun effective with innocents.

Instead of going to the post office, we're going to make others do it. They will accept, not because they'll say yes, but because they won't say no. How? It's simple…

We're going to print quite credible false delivery notices from the post office and distribute them in mailboxes. Their owners, receiving this notice, won't see through it and will go to the nearest post office to claim their parcel (which doesn't exist)¹³. The advantages are enormous…

Amplification. If it takes us 30 seconds to distribute a false delivery notice, the owner will occupy the office for several dozen minutes. As they believe they're in the right, it can easily take 30 minutes (that's 60 times our initial investment, not bad¹⁴).

Anonymity (relative). Except by installing surveillance cameras in front of every house (or investigators on stakeout), how do we know who distributed the false notices?

Industrialization. By putting the notice in an envelope, we can even have it distributed by the post office¹⁵. Advertising distribution companies will do it cheaper and it will avoid us writing the addresses.

Faced with the influx of these collateral victims, the postal worker is quite helpless. These are clearly fake requests to make them waste their time but these visitors seem so sincere… By categorizing them as scunners, the postal worker runs the risk of these customers being denied access to other post offices¹⁶.

A new solution for the post office, authenticate the mail (and notices) it distributes. Customers can then verify that the delivery notice actually corresponds to a parcel¹⁷ and won't waste time coming for nothing. Still, customers need to verify these signatures but that's another story…

We must finally consider that once the attack is detected by the post office, it will respond. By deploying security guards and temporary counters first. By communicating about the false delivery notices (the public then isn't fooled). And by filing a complaint to find us.

So even if we managed to block access to a few post offices, it's only temporary and we won't be able to do it again anytime soon.

And after?

As we've seen, a denial of service attack is quite simple to implement but will have, at best, a temporary effect. This is what happens every time a site is the target of this type of attack: it always comes back online. You just need to be patient.

Then, since methods exist to protect against it, a site that falls victim to this type of attack is a security policy choice. The operator judged that the service provided was not important enough to warrant the waste of resources necessary to guarantee its permanent availability. In reality, we can do without these services for a while, their unavailability doesn't have that much impact.

Let's take the more or less recent examples with the French post office website, that of Parcoursup¹⁸, and finally the CNED¹⁹. In all three cases, France didn't stop because these sites were unavailable and we could come back the next day (or the day after) to do our business.

Finally, and this is perhaps the most important to remember, these attacks only make the counter unavailable. Of course the customer didn't get an answer, but the rest of the activity continues to be carried out behind the scenes. The post office continued to deliver mail, the orientation choices of students didn't disappear, and the CNED continued to teach remotely (e.g. via telephone).

Perhaps the problem with Denial of Services is that they send us back to our dependence on instantaneous services, to a form of intolerance to frustration. Perhaps they are the solution?