Then they should have caught this when he came forward to multiple agencies, and was told that no one cared.

Please see my related comment as to why I submitted his AMA to HN. It's to bring to light this egregious lapse in US gov procedures:

https://news.ycombinator.com/item?id=40733355

Disclaimer: I do see the possible benefits for citizen liberty, where all agencies do not share every interaction with citizens. However, when a US citizen volunteers something actionable, there should be a special cross-agency path.

There is no lapse, egregious or otherwise. This kid is playing in a game he doesn't fully understand, and likely just annoying people who have been playing the game a lot longer and at a deeper level than he is.

He thinks being able to DDoS chokepoint routers with $5000 worth of VMs to spam traffic is an amazing discovery. It isn't. That's why no one cares.

The first is that it was already obvious to anyone who has worked with large-scale networks even before firing up traceroute. It was already widely known that North Korea has bad peering, because nobody but China wants to peer with them. The US is where most of the major cloud companies are headquartered (i.e. resources can be commandeered), and the defense budget would support an _enormous_ DDoS attack without even flinching.

Secondly, denial of service attacks are worth much less to governments. They have the capability to physically break infrastructure either obviously with bombs or clandestinely via who knows what. They don't _need_ a DDoS to deny service, and it's certainly not their most effective way to cut off communications.