Reasonable people realize that unforeseen things happen, and might empathize with someone being targeted by a criminal enterprise a bit more than someone who just forgot to pay the electricity bill.
There is an entire movement in Sicily dedicated to highlighting and frequenting businesses that refuse to pay protection money, because in the past, paying was the norm.
Since that's not the kind of society I want to live in, I'd rather stand firm behind a company that refuses to deal with criminals. If companies give in as a matter of convenience to retain customers who turn a blind eye, that will only make the criminals stronger.
Now, certainly, there are measures they can take to mitigate the problem, but with all the things to do in a business, I suppose it's the kind of thing that might not be on the front burner until it happens. There are all kinds of bad, destructive things that could happen in the world, but if you spend all your time worrying about what could happen, you won't have a viable business. It's a tricky balancing act, and I'm willing to cut some slack to someone being targeted by criminals.
I more or less agree with you, but that's kind of a false dichotomy, isn't it? Signing up for cloudflare or using a CDN isn't giving in, it's taking measures to protect yourself (and that's ignoring the other benefits you get). The unfortunate fact is DDOS attacks are becoming a daily occurrence, and if you have something to lose you should probably take measures to counteract any possible threats.
If 37Signals was a bitcoin exchange, aka a known target of DDOS attacks, the mood here would be drastically different... yet we've hit a tipping point where it seems everyone is equally at risk. DDOS attacks have become a sad cost of doing business on the internet, and just because you acknowledge that fact and try to prevent yourself from being a target doesn't mean you're capitulating to the criminal enterprise.
In fact, I don't see a better way of sticking it to the thugs than responding with "Hahaha, do your worst. We'd love to see if the money we're paying X COMPANY is worth it." And then you get to write a totally different blog post, one where you get to brag about your excellent foresight and how you have proven to your customers that the money they pay you buys a top-notch service.
That's a bit naive though. People can always find ways to hurt you - it's a very asymmetric fight. With a complex application such as Basecamp, you can't really put everything behind a cdn.
That's why I actually think that their thrust on pursuing the legal/FBI route is a good one, especially if they achieve any success there. This extortion/racket is indeed criminal and not tolerable. It would be good to catch the racketeers and make an example of them.
There is an entire movement in Sicily dedicated to highlighting and frequenting businesses that refuse to pay protection money, because in the past, paying was the norm.
http://www.addiopizzo.org/
Since that's not the kind of society I want to live in, I'd rather stand firm behind a company that refuses to deal with criminals. If companies give in as a matter of convenience to retain customers who turn a blind eye, that will only make the criminals stronger.
Now, certainly, there are measures they can take to mitigate the problem, but with all the things to do in a business, I suppose it's the kind of thing that might not be on the front burner until it happens. There are all kinds of bad, destructive things that could happen in the world, but if you spend all your time worrying about what could happen, you won't have a viable business. It's a tricky balancing act, and I'm willing to cut some slack to someone being targeted by criminals.