You’re doing it wrong

I’m not going to say much about Wikileaks myself – I don’t care enough – nor about Mr. Assange, even though you can probably guess my take about him, as you probably all know I have huge problems with “charismatic leaders” and I’m really not happy when the occasional follower compare me to one. But whatever your take about the issue is, DDoS is doing it wrong! And it’s not just me thinking so.

Whether you’re supporting Wikileaks or not, becoming a wannabe cracker is not going to help your cause. From one side, most of those following this “Anonymous” group are looked at as puny angry teenagers, from the other, the results of this whole cr♥♥storm are going to be the exact opposite of what they want. If they wanted openness, it’s likely they are going to get much tighter scrutiny and higher filtering levels.

Let’s be honest: this whole situation “works” because networks are pretty loose on filtering; it has been this way for almost ever, and most of the suggestions for tightening control have been shot down with the neutrality argument: the network is just a carrier. I have noted in passing something about this in the Cyber War book review when it looked like a far-off scenario, but let’s pick a closer example of shooting down the mere idea of this: the Microsoft PC Health Certificate

This idea was easily shot down because it could be easily manipulated by Microsoft for their personal advantage, but will it be so easy to shoot down if they made it even slightly more vendor-neutral, so to encompass most other proprietary and open-but-sponsored solutions, nowadays? Probably not. A solution like this would have been ideal to disconnect users running the LOIC software — an alternative approach, based on router-filtering rather than based on the whole TC thing would be very welcome to me to be honest.

Plus remember that they are not simply running against the big sites they are targeting, they are causing the whole network to be slowed down by adding so many extraneous packets to the routers, that there is too much collateral damage to be something “ethic” and “clean” as they wish you to believe.

Last but not least, there is the risk that people who were convinced to take part in this juvenile retaliation will end up infected with other malware. I have already been sceptic of self-hosting software and I’m even more sceptic here; I’ll leave it to the security firms’ specialists to tell us in a matter of months if the number of infected zombies out there has increased, and whether the amount of spam we’re receiving has done so at the same time. My bet will be on “oh yes”, especially since in the past week I received more uncaught spam than in the month before.

Also remember, that if you publicly praise this stuff, you’re also bringing shame to your associates. Okay?