Quote Originally Posted by AlienDiplomat View Post
That is why the focus shouldn't be on trying to track back the source of the attack, but instead on mitigating the effect of any such attack. Companies should forget about trying to track down the culprits. Leave that to law enforcement entities. Instead, distributing load over a cloud network run by a super-provider with automatic route/load balancing would prevent any attack having major impacts on the service, which would eventually eliminate the incentive for losers to continue trying to inflate their flaccid ego by spending money to run fruitless attacks moving forward.

That combined with permanently banning any accounts found to be involved in abusive authentication behaviors would avoid needing to take more drastic measures, like SE needing to spend ridiculous amounts of money multiplying their own server infrastructure, or eliminating free trial accounts altogether.
this is just not smart. you should always try to track the source, because removing the individuals doing this, removes the problem, not only that but they are criminals and need to be trialed as such, we dont know what other major crime they are part of.
cyber criminals can evolve and evade top tier software. you must remove the criminal

can i just add to this
permanently banning any accounts
you have surley got to be joking right? if you get caught ddossing a company a perma banned account is the LEAST of your worries