You’re doing it wrong

I’m not going to say much about Wikileaks myself – I don’t care enough – nor about Mr. Assange, even though you can probably guess my take about him, as you probably all know I have huge problems with “charismatic leaders” and I’m really not happy when the occasional follower compare me to one. But whatever your take about the issue is, DDoS is doing it wrong! And it’s not just me thinking so.

Whether you’re supporting Wikileaks or not, becoming a wannabe cracker is not going to help your cause. From one side, most of those following this “Anonymous” group are looked at as puny angry teenagers, from the other, the results of this whole cr♥♥storm are going to be the exact opposite of what they want. If they wanted openness, it’s likely they are going to get much tighter scrutiny and higher filtering levels.

Let’s be honest: this whole situation “works” because networks are pretty loose on filtering; it has been this way for almost ever, and most of the suggestions for tightening control have been shot down with the neutrality argument: the network is just a carrier. I have noted in passing something about this in the Cyber War book review when it looked like a far-off scenario, but let’s pick a closer example of shooting down the mere idea of this: the Microsoft PC Health Certificate

This idea was easily shot down because it could be easily manipulated by Microsoft for their personal advantage, but will it be so easy to shoot down if they made it even slightly more vendor-neutral, so to encompass most other proprietary and open-but-sponsored solutions, nowadays? Probably not. A solution like this would have been ideal to disconnect users running the LOIC software — an alternative approach, based on router-filtering rather than based on the whole TC thing would be very welcome to me to be honest.

Plus remember that they are not simply running against the big sites they are targeting, they are causing the whole network to be slowed down by adding so many extraneous packages to the routers, that there is too much collateral damage to be something “ethic” and “clean” as they wish you to believe.

Last but not least, there is the risk that people who were convinced to take part in this juvenile retaliation will end up infected with other malware. I have already been sceptic of self-hosting software and I’m even more sceptic here; I’ll leave it to the security firms’ specialists to tell us in a matter of months if the number of infected zombies out there has increased, and whether the amount of spam we’re receiving has done so at the same time. My bet will be on “oh yes”, especially since in the past week I received more uncaught spam than in the month before.

Also remember, that if you publicly praise this stuff, you’re also bringing shame to your associates. Okay?

4 thoughts on “You’re doing it wrong

  1. Well, honestly particularly if those are teenagers I find it hard to blame them. Almost no effort and you can be a bit of a rebel and will be mentioned in all kinds of international newspapers.The “alternatives”, even if they were so massive to seriously damage e.g. PayPal are unlikely to even get a mention (also because no company would admit to losing a lot of customers).Not to disagree with you, but also I consider the outrage some people display at this DDoS (particularly going at the legal angle first) ridiculous when comparing it against the kind of strikes that regularly happen e.g. in France, they affect far more people, have a higher cost and are not as easy to defend against as DDoS (e.g. MasterCard payments being affected was also a result of incredibly idiotic implementation) and probably just as illegal, and those are grown-ups.What makes me really angry is people who think a few teenagers doing a silly DDoS on a few websites for a few days need to be punished harder than a couple of truckers placing their trucks in the middle of a busy motorway blocking it for a day.

    Like

  2. Oh I’m not really saying that they should be struck harder. I have sympathy on strikers, when they block _their own workplace_, causing trouble to their clients, I have _no_ sympathy for truckers.

    Like

  3. Well, I discussed a bit the issue as well.The more sane form of protest would be start a NEW micropayment system and steal all the users from paypal (hi flattr btw).For credit cards I think it’s a bit harder.Still, if a group of people start d-dossing your not so important front-end you shouldn’t have the quite important backend burn because you are stupid.If I were a mastercard client I’d have switched to another service now. (I guess some people are bound to it)

    Like

  4. lu_zero, the alternatives are Visa and Moneybookers. They also blocked funding for wikileaks. So it seems like the best (only?) tool Anonymous has is DDoS.OTOH, they’ve actually helped Amazon by showing how reliable their systems are.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s