×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

'Anonymous' WikiLeaks Proponents Not So Anonymous

timothy posted more than 3 years ago | from the they-see-what-you-did-there dept.

Botnet 390

Giovane Moura writes "For a number of days the websites of MasterCard, Visa, PayPal and others are attacked by a group of WikiLeaks supporters (hacktivists). Although the group calls itself 'Anonymous,' researchers at the DACS group of the University of Twente (UT), the Netherlands, discovered that these hacktivists are easy traceable (PDF), and therefore anything but anonymous. The LOIC (Low Orbit Ion Cannon) software, which is used by the hacktivists, was analyzed by UT researchers, who concluded that the attacks generated by this tool are relatively simple and unveil the identity of the attacker. If hacktivists use this tool directly from their own machines, instead of via anonymization networks such as Tor, the Internet address of the attacker is included in every Internet message being transmitted. In the tools no sophisticated techniques are used, such as IP-spoofing, in which the source address of others is used, or reflected attacks, in which attacks go via third party systems.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

390 comments

Maybe (5, Funny)

mikerubin (449692) | more than 3 years ago | (#34522618)

I should change my WI-FI password?

Obvious research (4, Interesting)

Stellian (673475) | more than 3 years ago | (#34522690)

Since the average internet troll can't IP spoof (he is limited to a /32 block) it's fairly obvious he will reveal his location. No need to use the source for that, Luke.
The idea behind a voluntary botnet is that the damage done by each participant does light damage, and is not effectively ddosing, while at the same time the aggregate damage is effective in delivering the desired mob justice. The legal effectiveness of that defense might vary.

Re:Obvious research (2)

poetmatt (793785) | more than 3 years ago | (#34522816)

uh, actually, it was suspected that everyone who does the LOIC will be IP spoofing, and only the stupid chanop who got arrested actually didn't. It's true that doing it over tor would effectively ddos tor.

I mean why would you join something such as the LOIC without IP spoofing?

Re:Obvious research (5, Insightful)

Anonymous Coward | more than 3 years ago | (#34522840)

Because you heard other people on 4chan are doing it and wanted to be cool too?

Re:Obvious research (5, Funny)

bsDaemon (87307) | more than 3 years ago | (#34522868)

we were loitering in the anonops irc channel at work the past few days, and one of the questions asked of a bona fide participant was "what's the port for http on www.hillaryclinton.com?" ... i mean, seriously? clearly, we're dealing with brilliant hacker minds here. /sarcasm IP spoofing is likely not a concept that most of them can actually get their minds around as possible.

Re:Obvious research (5, Insightful)

Anonymous Coward | more than 3 years ago | (#34522912)

Here's how the process goes:

1. /b/ gets angry at something (only /b/, the other boards do nothing)
2. Some /b/tard creates an image, which contains information in this format:

A quick summary why we're attacking
Where to get the tool
How to use the tool (this part is usually a screenshot of the tool)
When to start

3. Aforementioned /b/tard starts a new thread with the image, with the text saying "GO!" or "do it nao!" (sic), occasionally referring to the alleged sexual preferences of the reader
4. People see the thread, bump it, and do as they're told

The vast majority of the people who use LOIC know nothing about the internet. They're just grunts. The only smart ones are those who create these images and formulate the attacks, and they're behind seven proxies. They might not even use LOIC themselves, knowing how easy it is to get caught.

Re:Obvious research (4, Insightful)

Elbereth (58257) | more than 3 years ago | (#34523148)

Nice summary. Yeah, I wouldn't actually partake in the raid, myself, if I were calling for one. Instigating the raid is bad enough, really, and there's no reason to actually get your hands dirty, if dozens, hundreds, or thousands of grunts are doing it for you.

Of course, you're unlikely to get a personal army just because your girlfriend cheated on you, unless your revenge includes lots of "lulzy" repercussions for her.

Re:Obvious research (4, Insightful)

aurispector (530273) | more than 3 years ago | (#34523026)

It's a surprise that these people are just a bunch of script kiddies? The phrase "useful idiots" comes to mind: these knuckleheads will take the fall, giving the media and legal system someone to chew on while those with some modicum of coding skill avoid attention. I bet it wouldn't take a lot to ID the majority. Their safely is really in numbers, which isn't much safety at all.

Re:Obvious research (1)

bsDaemon (87307) | more than 3 years ago | (#34523096)

its no surprise they're script kiddies, i just sort of figured that the http port would be common knowledge even to skript kiddies. Oh well.

Re:Obvious research (2)

xnpu (963139) | more than 3 years ago | (#34522884)

Suspected by whom? Pretty much everyone knows spoofing is not possible from 99% (if not 100) of residential connections.

You join LOIC because you believe you can get away with it. Same reason millions of people still down copyrighted material on bittorrent without blocklists, ip spoofing or other kinds of protection.

Re:Obvious research (5, Insightful)

chrb (1083577) | more than 3 years ago | (#34522958)

I mean why would you join something such as the LOIC without IP spoofing?

Because many people can't IP spoof? You need to get your broadband router to forward a packet without NATing it, then your ISP has to forward that packet even though the source IP is wrong.

Using TOR? (4, Insightful)

jfiling (844278) | more than 3 years ago | (#34522626)

I was under the impression that running the LOIC through TOR would DDoS the TOR network, not the intended target.

Re:Using TOR? (2, Interesting)

Anonymous Coward | more than 3 years ago | (#34522640)

That was probably the intention of these so-called "researchers" (right, not CIA shills at all...) when they suggested such an alternative.

Re:Using TOR? (4, Funny)

Dexter Herbivore (1322345) | more than 3 years ago | (#34522668)

That was probably the intention of these so-called "researchers" (right, not CIA shills at all...) when they suggested such an alternative.

Soooo.... got any tinfoil hats for sale?

Re:Using TOR? (5, Funny)

Anonymous Coward | more than 3 years ago | (#34522696)

think of it like shooting an RPG at your neighbour through a chain link fence.

You will end up with a still alive neighbour, a destroied fence and look like an idiot.

Re:Using TOR? (3, Interesting)

Opportunist (166417) | more than 3 years ago | (#34522938)

Finally an analogy that at least made me laugh. It's not much more accurate than the average car analogy, but at least I liked the picture it gave me.

Re:Using TOR? (0)

Anonymous Coward | more than 3 years ago | (#34523074)

Chain link fences aren't very effective at stopping RPGs. Common myth.

Re:Using TOR? (5, Insightful)

gilbert644 (1515625) | more than 3 years ago | (#34522790)

Isn't it kinda childish to label everything that isn't pro wikileaks as CIA shills?

Re:Using TOR? (5, Funny)

Anonymous Coward | more than 3 years ago | (#34522818)

Isn't it kinda childish to label everything that isn't pro wikileaks as CIA shills?

You only say that because you're a CIA shill.

Re:Using TOR? (4, Insightful)

horatio (127595) | more than 3 years ago | (#34523168)

Yes, it is. It is also some kind of hubris to scream about Wikileak's "1st amendment rights" to then attack MC, Paypal, ....and Sarah Palin's website? These entities have a right to conduct their business however they want without undue criminal interference. Palin, whether you agree with her or not, certainly has a right to post a dissenting opinion on FB without having her place (website) smashed up by a bunch of thugs.

"More speech for Assange and wikileaks --- but no speech may be heard from, no business may be conducted with anyone who thinks this was a stupid/criminal/illegal/unethical thing to do and chooses to terminate their business relationship with Wikileaks!"

Re:Using TOR? (0)

Anonymous Coward | more than 3 years ago | (#34522664)

I was under the impression that running the LOIC through TOR would DDoS the TOR network, not the intended target.

You know too much, citizen.

Good luck! (2, Funny)

Anonymous Coward | more than 3 years ago | (#34522636)

Good Luck, I'm Behind 0 Proxies!

Give a kiddie a script... (2)

Dexter Herbivore (1322345) | more than 3 years ago | (#34522654)

and he'll be in jail soon. [theregister.co.uk]

Re:Give a kiddie a script... (1, Insightful)

Rakshasa Taisab (244699) | more than 3 years ago | (#34522700)

Yeah, let them go ahead and arrest hundreds of random people... That's sure to make WikiLeaks less popular with The People.

It's like arresting protesters trying to stop a building project... If you throw the law book at them it's going to ruing your public image.

Re:Give a kiddie a script... (4, Insightful)

Ritz_Just_Ritz (883997) | more than 3 years ago | (#34522766)

Not really. These aren't "protesters trying to stop a building project." Like it or not, they're also criminals who are disrupting websites and networks that other folks are paying to use. However, let's humor you and say they're simple protesters. As every person who engages in civil disobedience knows, you've got to be prepared to be arrested/punished. The long arm of the law doesn't always roll their eyes and wait for you to go away.

Best,

Re:Give a kiddie a script... (-1)

Anonymous Coward | more than 3 years ago | (#34522788)

Sorry, but if you try to go after scriptkiddies ddosing a site you will also get involuntary participants that were just trying to accessing the page during the attack.
Just because you claim that someone is criminal doesn't make them so.

Re:Give a kiddie a script... (1)

Lordnerdzrool (884216) | more than 3 years ago | (#34522862)

... Except running these kinds of cyber attacks are actually specified in particular as being against the law in most modern countries like the United States and the UK. UK in particular has had DDoS attacks as being against the law as of 2006.

It really, truly does make them criminals. GP wasn't just saying it to make a point.

Re:Give a kiddie a script... (2)

h4rm0ny (722443) | more than 3 years ago | (#34523010)

Most civil disobedience makes one a criminal, however. Is this civil disobedience? Well, it's done to make a political point and doesn't provide any material reward to the perpetrators, so I suppose it's at least heading in that direction. I'm not sure what would define civil disobedience that would exclude these attacks.

Re:Give a kiddie a script... (0)

Anonymous Coward | more than 3 years ago | (#34523186)

Considering that it is really just a bunch of stupid kids who don't even have all the facts (for example the attack on EasyDNS when EveryDNS was the one that dropped WikiLeaks and the FACT that none of us actually knows the details of what Assange may or may not have done to/with those women) who are striking out at things they heard were bad. It is really just the same dorks who 15 years ago would have been out "tagging" bridges, overpasses, and walls everywhere who now just turn their attention to computer targets instead.

Re:Give a kiddie a script... (0)

Anonymous Coward | more than 3 years ago | (#34523202)

It's only civil disobedience if they willingly accept and carry out the sentence.

The idea is the Christian idea of being morally forced to break the law, or even other moral code(s) : you do this act, which may even be killing, because it must be done. But one is to fully accept both the illegality and immorality of what was done (in response to an immoral act), and fully accept and willingly carry out the consequences (e.g. the bible prescribes that a kill done in the most obvious act of self-defense still merits punishment, no matter how justified or even accidental the kill was).

What are the chances of this guy accepting that attempting a ddos justifies, say, a 2 year jail stint, then carrying it out like a model prisoner, only ever lamenting about the original block by mastercard. Fully accepting that he deserves jail time for doing what he did, regardless of anything mastercard (or visa, or ...) did ?

Your post reads as if "civil disobedience" is a defense in court, like "self-defense" is for example. It is not.

Civil disobedience is getting the courts to convict you, then carrying out whatever punishment doled out gladly, for publicity, for change.

Re:Give a kiddie a script... (0)

Anonymous Coward | more than 3 years ago | (#34523006)

Though I’m pretty sure that they can see the difference between an IP address trying to get to the DDoS’ed site a few times within some minutes and an IP address that have been sending TCP-packets for 2 hours straight.

Re:Give a kiddie a script... (0)

Anonymous Coward | more than 3 years ago | (#34522924)

Criminals? Really?
Ever heard of Gandhi? The guy won a Nobel Peace Prize for using sabotage and now taking down a website for 3 days is called a crime? It's an inconvenience, nothing more.

Re:Give a kiddie a script... (0)

Anonymous Coward | more than 3 years ago | (#34522948)

They're criminals, but they know that they won't be listened to unless they're criminals.

Re:Give a kiddie a script... (5, Insightful)

Opportunist (166417) | more than 3 years ago | (#34522968)

Well, technically, so do normal protesters. They clog streets that I'd like to use, they are noisy which disturbs the other neighbors, they're loitering and maybe even squatting, which may be illegal on its own, depending on your country.

These "internet protests" are not really more or less disruptive to "normal folks" life than ordinary protesters. The difference is that "normal" protesting is protected in most western states and the disruption they cause is something you have to endure because they're executing their right to assemble (peacefully) and protest. Do you think I'm happy to sit in a traffic jam because some students are against chanting in front of our parliament? I hate the jam, but I support their right to protest and to voice their dissent. I consider it important that they may do that, even if I do not agree with their political position and think (for once in a while) that our government is doing a few things right.

But their right to protest and voice their dissent is more important than me being late for my appointment.

Re:Give a kiddie a script... (1)

h4rm0ny (722443) | more than 3 years ago | (#34523022)

I applaud your sentiment. So I guess the question is should something being online make a difference to the right to protest? And if not, is that the only relevant difference between clogging the streets with placards and DDoSing Mastercard or Amazon?

Ya this is not protest (2, Insightful)

Sycraft-fu (314770) | more than 3 years ago | (#34523044)

Protest is things like gathering together peacefully to make your position and numbers known. Protest is writing your elected representatives to let them know that you find something unacceptable and will vote them out if they don't take action. Protest is refusing to shop at a store, and let others know why.

Protest is NOT launching an attack to try and shut down things you don't like. These people aren't protesters. They are like the jackasses at a physical peaceful protest that go and loot stores or burn cars or whatever. They are vandals, pure and simple. They are out to destroy, not to protest.

They aren't even EFFECTIVE vandals at that. Amazon is up and running good as ever, doesn't even seem to be slow. My understanding is that MasterCard was down but it is back up now, however none of that mattered since their site is not at all important, their transaction processing is and that was never affected (credit cards worked fine all last week). They are kids throwing rocks at a window, and missing, because they are angry and can't be bothered to do anything productive.

There isn't any excuse for behaviour like this. It also doesn't help your cause. It makes it seem like the people who support Wikileaks are just immature criminals, who lash out at 3rd parties when they don't get their way. It is real thug like behaviour "Do what I want or I'll hurt you!" That kind of thing does NOT lend itself to respect and support.

Re:Ya this is not protest (0)

Anonymous Coward | more than 3 years ago | (#34523106)

So you're saying a DDoS does not work, but people who do it should still be punished? Right, how perfectly logical...

Also, do you know what a DDoS is? Or did you just read the word "Attack" and decided you suddenly knew all there was to know about this? A DDoS is basically lots of people connecting to a website at the same time. The website can't handle so many people at once and crashes. It really is a gathering of people, like a protest, except they gather in a virtual space rather than a physical space.

As for people not getting support for their cause by resorting to DDoS, speak for yourself. Their cause has gained MY support because their methods have shown me they were willing to take action instead of sitting on their asses all day and complain. The fact that they did nothing worse than take down websites for 3 days (instead of bombing stuff, breaking shop windows or throwing paint at people) also earned them my support.

Re:Ya this is not protest (1)

Barrinmw (1791848) | more than 3 years ago | (#34523178)

What is the difference between what these people are doing and the sit-ins that blacks did for civil rights?

Re:Give a kiddie a script... (1)

cheekyboy (598084) | more than 3 years ago | (#34523054)

I rather consider all of congress and 1000s of politicians criminals than the average joe bloggs.

Seriously, this is WW3, the people in power and in charge get STFU, us young people will outlive you old grey haired assess ok.

You stupid MOFO baby boomers who smoked pot in the 60s, remember you guys were fighting the MAN in the 60s, well, us youngers are now fighting your fat asses now. ok.

Re:Give a kiddie a script... (0)

Anonymous Coward | more than 3 years ago | (#34522770)

These protesters are standing in the street with signs, they're using dynamite to destroy the bulldozers. It doesn't matter if theres 2 or 2000, arrest as many as possible.

Re:Give a kiddie a script... (1)

Anonymous Coward | more than 3 years ago | (#34522810)

Faulty analogy because nothing is being destroyed and there are no bulldozers. A better analogy: the protestors are picketing the entrance to a store. If there are enough protestors it's very hard to get by them...

Re:Give a kiddie a script... (1)

Lordnerdzrool (884216) | more than 3 years ago | (#34522866)

Thus destroying the sales and other business opportunities.

Re:Give a kiddie a script... (2)

Opportunist (166417) | more than 3 years ago | (#34522996)

I dunno about your country, but it would be legal in mine. Of course they must not keep people from entering the store, but if they just sit down in front of the store so people who want to enter it have to step around them (and it's a "legal" demonstration, long legalese story), this is a legal form of protest.

They must not touch one of the potential customers (it's instantly assault if they only try to "attack" someone trying to get in), they must not even directly address one of them (they may chant their slogans but never directly at someone), they basically have to ignore that there are people trying to enter the store, but they may be there and make it impossible to get inside.

Re:Give a kiddie a script... (0)

Anonymous Coward | more than 3 years ago | (#34523142)

The next step in your reasoning: Boycotting is terrorism!

Re:Give a kiddie a script... (0)

Anonymous Coward | more than 3 years ago | (#34523158)

I"m much more willing to sympathize with a hot, scantily-clad eco-protester hipster girl than some stinky grease bucket fat nerd at the end of the terminal.
*looks at mirror*
eek.

"Damn, someone hacked me!" (1)

Anonymous Coward | more than 3 years ago | (#34522658)

"Looks like i will need to change my password on my router"
Problem solved.

What, did you think these people are stupid? Well, some obviously will be, but most won't be, they know DDoSing is illegal against an entity without permission.

That is just a simplified case of what people would probably come up with, some will probably even have left traces of hacking.
Some probably were actually hacked, some probably forgot they had it installed and "signed up to the botnet".
Others probably wrapped the program around some game or other program and sent it around myspace, facebook, bebo, orkut and whatever other social networks you can think of.
After all, social networks are just armies that don't know it yet.

Also, behind 7 proxies, etc.

Re:"Damn, someone hacked me!" (1, Insightful)

devbox (1919724) | more than 3 years ago | (#34522712)

Not really, most people just think they wont get any problems "just" as a part of a large group of people and think it's somehow justified because other people are doing it too. The usual teenage groupthink. But when you're hitting the likes of PayPal, Visa, Mastercard and government websites, well, problems will come.

No shit, sherlock? (4, Insightful)

PseudonymousBraveguy (1857734) | more than 3 years ago | (#34522670)

Sending an IP datagram with your own IP in the header makes you traceable? Inconceiveable!

Why do you have to write a ten page whitepaper for a simple observation that anybody who is able to find out his own IP address and click on two buttons on wireshark could make in about 5 seconds?

Re:No shit, sherlock? (0)

Anonymous Coward | more than 3 years ago | (#34522732)

Because they knew it would end up on Slashdot.

Re:No shit, sherlock? (2)

DarkIye (875062) | more than 3 years ago | (#34522772)

1. For every man on the street who knows what an IP address is (not many), very few would know what Wireshark is.

2. I certainly wasn't bothered to download LOIC and analyse the packets it sent, but its certainly interesting to note it does give away the Tx IP address.

3. It does give impartial background on the tool that I trust more than what Encyclopediadramatica says about it.

Re:No shit, sherlock? (1)

shentino (1139071) | more than 3 years ago | (#34523032)

In theory, using real return addresses would be required to avoid being blocked by egress filtering that would rightly drop martians on grounds of source IP spoofing.

In practice, egress filtering usually sucks balls these days.

One thing that could work well is for LOIC to randomize a configurable number of tail bits on the packets it sends out. Enough to avoid being pinned, but not too much to run afoul of egress filtering.

Re:No shit, sherlock? (0)

Anonymous Coward | more than 3 years ago | (#34522820)

You write a ten page white paper to communicate a thorough argument or explanation to a critical audience. It's what academics do.

Re:No shit, sherlock? (5, Funny)

davidbrit2 (775091) | more than 3 years ago | (#34522880)

Warning! Your computer may be broadcasting an IP address! Click here to learn how to fix it!

Re:No shit, sherlock? (1)

chrb (1083577) | more than 3 years ago | (#34522974)

Sending an IP datagram with your own IP in the header makes you traceable? Inconceiveable!

Indeed. Though there is a slight advantage of a SYN flood attack: deniability. All of those packets could have been spoofed to make it look like they came from your IP, when in fact you had nothing to do with it.

Re:No shit, sherlock? (1)

Opportunist (166417) | more than 3 years ago | (#34523014)

Why do you have to write a ten page whitepaper for a simple observation that anybody who is able to find out his own IP address and click on two buttons on wireshark could make in about 5 seconds?

DUH!

You think anyone would pay you for a three-liner? Or take you serious? You've never been in the academic circus, have you?

You have to produce text on paper. You print, hence you are! The more, the more important you are.

LOL (0)

Anonymous Coward | more than 3 years ago | (#34522676)

HA HAHHAHAHAHAHAHHHAHAAA!
script kids that don't know how their software works (or even came from) used as pawns

Who cares? (0)

Anonymous Coward | more than 3 years ago | (#34522678)

People try to push some kind of ideology onto Anonymous, but the truth is that the only thing that matters is the lulz. When they get bored they will move on to something else. Anonymous is the mischievous kid with ADD whose parents are never around.

Duh (3, Informative)

Anonymous Coward | more than 3 years ago | (#34522682)

Only the fools who think "Anonymous" is an actual group could think that its members were actually anonymous.

The 7 proxies meme exists for a reason, mostly because no one cares enough to actually use a proxy.

Raw sockets and Windows (4, Interesting)

Rijnzael (1294596) | more than 3 years ago | (#34522692)

As I recall, LOIC is for use with Windows machines. If that's the case, the likely reasoning behind not using any identity-concealing techniques is Windows raw socket restrictions [microsoft.com]. They're flooding web servers, and TCP packets can't be sent with raw sockets, so there's not much else to do other than repeatedly open valid connections (from the Windows platform).

Re:Raw sockets and Windows (1)

Rijnzael (1294596) | more than 3 years ago | (#34522714)

I suppose I should also elaborate that raw sockets are required to make non-standard modifications to the IP header (such as spoofing the IP address).

Re:Raw sockets and Windows (2)

Pi1grim (1956208) | more than 3 years ago | (#34522744)

"There's a patch for that." And besides, LOIC now comes in all flavours: windows, linux (qt), MacOsX and cross-platform (Java and JS+HTML type).

Re:Raw sockets and Windows (0)

Anonymous Coward | more than 3 years ago | (#34522746)

There's also JavaLOIC for non-MS systems. Don't know how it works, don't care to know.

Re:Raw sockets and Windows (2)

PseudonymousBraveguy (1857734) | more than 3 years ago | (#34522758)

Forcing an interface to have a forged IP is trivial, so the restrictions do not really inhibit concealing your IP address. With TCP you are basically limited to a SYN flood, however, because you will not be able to finish the 3-way-handshake with a forged sender address.

Re:Raw sockets and Windows (5, Interesting)

Xelios (822510) | more than 3 years ago | (#34522850)

Or a reflected SYN attack [plynt.com], which is a little more potent. But the main problem in concealing your identity by forging the source IP is that most ISP's these days perform egress filtering, meaning those forged packets will simply be dropped before they leave your local network. You have to find the range of IP's allowed through your local network and restrict your spoofing to that range, which in the end doesn't conceal your identity very well anyway.

4chan was actually hit by a reflected SYN attack last year, which forced AT&T to black hole its domain [slashdot.org] for several hours. Apparently there are still some ISP's, particularly in Eastern Bloc countries, that don't bother to filter spoofed packets leaving their networks.

Re:Raw sockets and Windows (1)

jimicus (737525) | more than 3 years ago | (#34522856)

Obviously this doesn't apply to anyone with more than a bit of knowledge, but thinking of the people who are using this tool: spoofing your IP address won't do much good when you're sat behind the NAT'ing router your ISP sent you.

Maybe someone who works for an ISP can confirm this, but I wouldn't imagine it'd be that difficult for your ISP to spot traffic that's coming in on an interface it shouldn't be given its IP address and drop it. Hard at the core of the network, but pretty easy at the edge on other end of the link to the customer. In which case, all you'd be likely to do is piss off your ISP.

Re:Raw sockets and Windows (1)

Anonymous Coward | more than 3 years ago | (#34522888)

Ah, well, the way to send spoofed packets with Windows is you bind your process to a made up interface with a made up ip address, then start sending from that address. The machine routes out the real interface but the packets retain the source address of the dummy interface.

Patent Pending. All rights reserved.

Re:Raw sockets and Windows (3)

Opportunist (166417) | more than 3 years ago | (#34523034)

The main "problem" isn't that it's Windows or the lack of raw sockets, even if raw sockets were trivial to use LOIC would probably not use them. Reason? It was never intended to be a DDoS tool to be used in a real attack. It was developed as a stress testing tool, where it matters preciously little whether the "attacked" machine knows where the attack is from. Why? Because the attacker and the attacked is the same person, it's supposed to be a tool to stress test YOUR OWN machines and networks.

Hiding and spoofing was not really a big issue in the development of this tool.

Hacktivists? (3, Funny)

ThePromenader (878501) | more than 3 years ago | (#34522704)

(Muffled voice emanating from behind a couch from behind which a body and hindquarters are clearly visible) "Hahaha! They'll ~never~ find me!"

But what about wireless? (0)

Anonymous Coward | more than 3 years ago | (#34522734)

Assuming there are still plenty of wireless routers operating with WEP, or without any encryption whatsoever, what's to stop someone from hooking into your family router and leaving the blame for the poor folks? It seems trivial for someone to set up other people by doing that, and if necessary spoofing a MAC address already on the router.

How on earth would you raid a house like that?

Users of this "tool" are Darwin Award Candidates (0)

Anonymous Coward | more than 3 years ago | (#34522756)

I don't know who is worse- The idiots who download and use this tool or the knowing exploiters who distribute it in the naive hope of filling the jails and causing some kind of "Net Revolution" with noob cannon fodder. What a bunch of mindless sheep they all are.

Too much over analysis and hype (4, Insightful)

adosch (1397357) | more than 3 years ago | (#34522762)

Regardless of the amount of 'fight-the-man' fame WIkileaks and Assange and Company have drummed up, I think the bigger thing to take away from this story how vulnerable Big Company still is to online DDoS attacks at any given time and for any sort of reason, inflicted or not. You can argue about the traceability and poor track covering tactics of LOIC all day, but it did it's job and did it well. The time and effort to try and even prosecute any of the thousands and thousands of 'whomever's responsible for that source IP would be staggering and it just won't happen. Like many of the /.'s, I side with the notion, "Who cares" and wait for the next front-page new post.

Re:Too much over analysis and hype (0)

Anonymous Coward | more than 3 years ago | (#34522962)

But I though they only took down some corporate websites people don't use much and saw Amazon as too big a target. So, is DDOS really that effective anymore? Or, has bandwidth, server power, and security out paced it? Honestly curious.

Re:Too much over analysis and hype (1)

Opportunist (166417) | more than 3 years ago | (#34523092)

Up the ante a notch: How about the next DDoS not being executed by a bunch of "willing" participants but a botnet controlling a few hundreds of thousands machines, all of them "unwilling" participants. Even if you could prosecute these people (and under the laws of my country that would be quite hard to do), what would it get you? In the current case, you might even have some sort of deterrent effect, telling people that they probably should not participate in that attack. But the attackers of a botnet are unwilling and unknowing participants. Prosecuting them doesn't solve jack. It might just cause some kind of hysteria.

I've actually been waiting for something like that to happen for a while now. That it would happen with a "voluntary" botnet instead of one comprised of infected computers is something I didn't actually foresee. But THAT this would happen was a given.

Did it? (2)

Sycraft-fu (314770) | more than 3 years ago | (#34523110)

I never noticed Amazon have a single problem, and Mastercard's site is back up and not that important anyhow, it never touched the payment network. Doesn't seem to have been that effective.

As for DDoS vulnerability well ya, the only real defense is massive amounts of bandwidth and lots of server capacity. If someone clogs up your connection, or overloads your server, what are you going to do?

However I don't know that you want to go around advocating for defense against it because an evil one I can think of is just to limit end user upstream severely. Make it so that ISPs can't give out more than 512k or maybe less. If end user connections can't send out many packets, it isn't such a problem. If the per connection upstream is small enough in relation to what big companies have, it'll just take too many systems to mount a DDoS with any effectiveness.

That's also the sort of things that worries me about these asshole tactics. They may lead to the government clamping down on the Internet. If big companies are hit enough and regular people get tired of the assholes, it may well lead to restrictions like small upstreams and more.

Re:Too much over analysis and hype (2)

Taur0 (1634625) | more than 3 years ago | (#34523162)

Except, they don't need to convict everyone. Just a few people. These are a bunch of teenagers who think they're invincible, they see some of their buddies dragged into court and they're going to stop.

Anonymous Coward (0)

Anonymous Coward | more than 3 years ago | (#34522768)

Use Linux: 'sudo hping3 -S --rand-source -i u5000 -p '

Really?? (2)

Nailer235 (1822054) | more than 3 years ago | (#34522800)

You mean to tell me that the free "hacking" tool released to 15 year old kids doesn't take security precautions??

Re:Really?? (2)

Opportunist (166417) | more than 3 years ago | (#34523102)

Again, the fact that it's exactly NOT a hacking tool is what causes problems for those kids. It was never meant to hide and be stealthy because it was developed as a tool to stress test your OWN network. There's preciously little reason to be sneaky and stealthy and hide yourself when the intention of the tool is to test YOURSELF and not to bring down others.

You are broadcasting your IP!!! (3, Funny)

Arancaytar (966377) | more than 3 years ago | (#34522814)

If hacktivists use this tool directly from their own machines, instead of via anonymization networks such as Tor, the Internet address of the attacker is included in every Internet message being transmitted.

OH MY GOD!!! Our webs are down! All of them! They're stealing the internet! Quick, we need to hack all IPs simultaneously!

Anonymous is Everyone. (0)

Anonymous Coward | more than 3 years ago | (#34522864)

Anonymous is Everyone. You cannot arrest everyone and this article is stupid. What kind of research is that? god... idiots.
We are Legion

Yep (0)

Anonymous Coward | more than 3 years ago | (#34522870)

They are definitely NOT sitting with their laptops outside Starbucks/McDonalds/Library. Or logged in to their neighbors network. Or any one of a hundred other simple but devastatingly effective solutions.

Yay for UTwente! (1)

jevring (618916) | more than 3 years ago | (#34522872)

While this is fairly obvious/easy to figure out stuff, it's nice to see my university in the news. It even has my thesis adviser as one of the authors. =)

Consequences (1)

SoVeryTired (967875) | more than 3 years ago | (#34522902)

Sounds like they got back-traced. Consequences will never be the same.

Re:Consequences (0)

Anonymous Coward | more than 3 years ago | (#34522998)

Since I have never paid for internet access, I wonder if they could find me... I use open Wifi, hotel WiFi, coffee shop WiFi, Library WiFi and can hack into WEP/WPA WiFI...

Anyone... (2)

grimdawg (954902) | more than 3 years ago | (#34522904)

...anyone calling themself a 'hactivist' deserves to be locked up as far as I'm concerned.

I mean...fucking hell. Hacktivist.

Re:Anyone... (1)

Opportunist (166417) | more than 3 years ago | (#34523126)

Don't blame them for a buzzword the media tacked on them. Blame them for whatever they do or say, but not for what others do or say onto or about them. It's just not fair.

that's the point of the name "anonymous" (0)

Anonymous Coward | more than 3 years ago | (#34522914)

i think not having to be anonymous while still being anonymous is the whole point of the name of the group.

so their tools are hackish bits of imperfection, people say? outrageous. unconceivable. perfidious. but oh, teh lulz.

.~.

Don't coin dumb and inaccurate words (3, Insightful)

massysett (910130) | more than 3 years ago | (#34523028)

I don't know who started this dumb, inaccurate, and insulting "hacktivist" portmanteau. These people are simple criminals. They are doing nothing to support Wikileaks. To support Wikileaks, give it money. Give it hosting. MIrror its documents. Attacking MasterCard does absolutely nothing to support Wikileaks.

"Hacker" only means bad things to most people, so I give up on that part of this dumb word. But "activist"? That belongs to people like Liu Xiaobo, winner of the Peace Prize who can't even go to his ceremony because he's in jail. It belongs to people who are actually trying to advance good in the world. It doesn't belong to simple criminals who are engaged in the pointless, cowardly, and pseudo-anonymous destruction of commercial websites.

I don't know if "hacktivist" is some attempt to be cute, some attempt to stir sympathy for these criminals, or some attempt to look cool by using some hip new word invented on some blog or in Twitter, but there is a huge difference between activism of any kind and simple, cowardly, criminal vandalism.

Re:Don't coin dumb and inaccurate words (1)

JockTroll (996521) | more than 3 years ago | (#34523036)

""Hacker" only means bad things to most people, so I give up on that part of this dumb word. " If you allow anyone to dictate the way you speak, you allow them to dictate the way you think. Maybe you like it that way, I don't know.

Re:Don't coin dumb and inaccurate words (2, Interesting)

Reziac (43301) | more than 3 years ago | (#34523112)

"Activist" hasn't meant anything positive in a long time, ever since the basic philosophy of too many activist groups became "We'll make your lives miserable until you give in and do what WE want you to do." Thanks to groups like ALF/ELF and the money-making/laundering machines behind many others (see http://www.activistcash.com/ [activistcash.com] ), "activist" has almost become synonymous with "domestic terrorist".

It's the same unfortunate regression of meaning that "hacker" suffers from, for the same reasons -- too many black hats among the white hats.

Hacktivist? (1)

Rydia (556444) | more than 3 years ago | (#34523052)

Even if there is such a thing as a "hacktivist," these kids are not it. Activism is about standing up and making your voice heard and organizing to demand change or raise awareness of something, in a peaceful fashion. "Anonymous" is not organized, isn't really demanding anything so much as lashing out as things that make them angry, and is certainly not peaceful. Imagine if all this effort were put into a website, or marches, or something constructive. The discussion would be a lot different than what can easily (and rightly) be dismissed as a bunch of privileged kids being internet vandals.

Wikileaks is funded by Soros and is CIA-sucker (0)

Anonymous Coward | more than 3 years ago | (#34523144)

I think people fighting for something should first check who they are fighting for!

http://cryptome.org/wikileaks/wikileaks-leak.htm
http://cryptome.org/wikileaks/wikileaks-leak2.htm

Attack started by clicking ... (0)

Anonymous Coward | more than 3 years ago | (#34523160)

the "IMMA CHARGING MAH LAZER” button?

Oh come on, this has to have been written by some 45 year old FBI guy who used to pretend to be an underage girl on chat sites.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...