Slashdot Mirror
MasterCard Hit By WikiLeaks Payback Attacks
An anonymous reader writes "MasterCard's website has been hit by a distributed denial of service attack. Netcraft describes how the attack uses a voluntary botnet of LOIC (low orbit ion cannon) users to swamp sites with traffic. PostFinance, the PayPal blog and Swedish prosecutors have been targeted previously."
Don't target the website, target the servers that do the money-traffic!!!!
And now because of Slashdot linking to MasterCard, their denial of service attack increased even more.
I wonder how they feel being denied due process...
Reminds me of an article I saw on Techdirt the other day pointing out that Visa and Mastercard were getting all high and mighty about morality in regards to Wikileaks but happily fielding transactions for sites like the KKK.
My work here is dung.
Just like people volunteer for Folding@Home. If one believes in a cause strongly enough they could be convinced to lend CPU cycles (well, network packets) to help DDoS a site.
More Twoson than Cupertino
According to the Washington Post, it's all due Mastercard no longer permitting donations via their services to Wikileaks.
However, I doubt the DDOS is going to change their mind.
By denying us the rights to send our money to this great organization they effectively said: we are the bitches of the US and we condemn free speech, the first amendment and hate the truth. That's why.
Just an FYI: you can't take your money elsewhere unless you go completely cash and are picky with ATMs. MC owns a few of the biggest consumer money transfer networks, so even if you pick Visa you'll still often be using MC services.
Developers: We can use your help.
Visa *is* doing the same thing.
Freedom of speech, priceless. For everything else, there's Mastercard.
I keep trying to read the story at http://www.mastercard.com/ but nothings happening.
For some time I hated americans, living in a post communist country, with all it's problems, while americans seemed to cause even more. And then I saw a slogan, used by some americans, I love my country, but I fear the government. That's why, when you make such statements "bitches of the US", be sure to add government. It will make everything better.
You actually make a very interesting point.
For the purposes of elections and raising funds for a political party, monetary donation is considered an exercise of free speech. That is the premise that allowed billions of extra funds from private individuals to go towards the election without any tracking.
Yet, financially supporting an organization deemed "terrorist" by the government is not a function of free speech. Now the lines are becoming even more blurred, given Wikileaks isn't even termed a terrorist organization. They are, however, denying the public the ability to support them financially.
By the same logic of the courts, this should be an issue of free speech. Mastercard et al are impeding free speech.
.
And they both have been exposed: http://www.guardian.co.uk/world/us-embassy-cables-documents/246424
exp(i*pi)+1=0
So what do you want adolescents to do then? Vote?
As it should be!
Apparently, Paypal has admitted to being coerced into smashing the cookie jar.
Living With a Nerd
Note that the latest leaks show that the US Govt put pressure on Russia, to avoid legislation that would level the field for Visa/Mastercard competitors:
http://www.guardian.co.uk/world/2010/dec/08/wikileaks-us-russia-visa-mastercard
Anon DDOS attack? ... Priceless
He who knows best knows how little he knows. - Thomas Jefferson
Except the first amendment only applies to the government. If a company wants to impend your speech they can.
Well, you see, the text of the First Amendment states "Congress shall make no law abridging the freedom of speech". In this case, instead of making a law, they're just suppressing speech by strongly suggesting to the corporations that it would be in their best interest to comply.
With the Wikileaks case, the powers that be have demonstrated quite clearly that they don't give a damn what's legal and what's not legal. They're going to do what they're going to do, and screw the Constitution if it gets in the way.
I am officially gone from
Operation Payback hit ACS Law a second time, knocking out the site. In the process of bringing it back up, someone exposed the server's directory structure through the Web instead of showing the website itself. Those conducting Operation Payback immediately moved in and grabbed a 350MB archive of ACS Law e-mails, then threw the entire mass up on sites like The Pirate Bay. This is more than a matter of mere embarrassment. The UK has tougher data protection laws than the US, and the country's Information Commissioner has already made it clear that ACS Law could be on the hook for hundreds of thousands of pounds. That's because, in addition to his iTunes receipts ("Hooray for iPads. I love mine," Crossley says at one point) and Amazon purchase orders, the e-mails include numerous attachments filled with all manner of private information: names, addresses, payment details, passwords, revenue splits, business deals.
"Act like fucking adolescents?"
This is the modern equivalent of a lunch counter sit-in. No user has had their computer hijacked, they are all participating of their free will. Are they "disrupting business"? Perhaps, but no worse than the lunch counter sit-ins did.
Governments and institutions are the ones which thru with their words and actions are getting discredited. Wikileaks is not saying to do, nor doing the DDoS to those sites, so why it should be discredited?
with websites selling fake viagra.
Last year I got a complaint from a Danish ISP that i was spamming their customers. I requested and got forwarded one of my supposed emails. A little bit of poking around I found that the viagra company was based in Hong Kong. Whois told me the address, names, telephone numbers etc. (you'd thing scum like that would hide their info better).
I phoned and emailed Visa, MC, the spam company, even their service provider. The only response was from that Danish ISP their tech guy if you can call him that was complaining about my continual spamming even after I gave him the proof that the email originated from China not Canada. You would think traceroute and whois are kind of basic tools and any dumbass should be able to use them but this guy didn't even know how to look at email header info.
As for visa MC they would not be bothered even though I gave them all the info (btw they were shipping their product from Texas) Visa and MC told be to get bent.
In America, distributing classified documents is illegal.
Not true. It's illegal to initially leak them if you have clearance. Republishing them is not... note that the New York Times has republished most of the leak; has Mastercard stopped doing business with them?
I don't think they count as zombies when the botnet is voluntary. This is more like a coordinated attack by ninjas and pirates.
which is totally what she said
Its probably going to reenforce their decision, and give anyone else pause if they choose to do business with Wikileaks. This is a really dumb thing to do, look at it this way, why would any payment process ever want to work with wikileaks again if they know their fanboys will attack them if they don't continue to do business with them? Its a no win situation for the payment processor, its better to never do business with wikileaks.
Python
In America, distributing classified documents is illegal. They stopped allowing people to send money to a criminal (in their jurisdiction) company. Case closed. This has nothing to do with 'free speech' and the First Amendment doesn't have anything to do with this.
Your statement is incorrect. Please read the decision of New York Times Co. v. United States.
upon the advice of my lawyer, i have no sig at this time
I would expect that to never come to light honestly. If they admitted how much the DDoS cost them, it would essentially give a 'quantifiable' damage scores (not sure how else to describe it) to anyone who pursued similar attacks in the future. It'd be fascinating to see though; the amount of lost revenue, divided by the number of unique IP's in the DDoS should give you dollars lost on a per-node basis. Then it'd give you cost metrics, and where there's readily available cost metrics, there's business opportunities. Just think - "we'll pay you $.01 to run this program for an hour!" while in the background you're causing 250$ in damage to a target. Sorry, mind is wandering in the dark side now :)
it seems that donations to wikileaks are still being processed by this startup: http://eu.techcrunch.com/2010/12/08/wikileaks-continues-to-fund-itself-via-tech-startup-flattr/
Maybe I'm old fashioned, but I thought you had to actually be convicted to be a criminal - not just accused.
Track your TV Shows with your iPhone - FREE
Really? The government can just threaten companies to get them to stop providing services to people whose speech the government doesn't like? And that's not a free speech issue?
I love how so many people are so unknowledgeable about this issue that they think Visa, Mastercard, and Paypal all suddenly decided to stop provides services for no reason, when both Mastercard and Paypal stated quite bluntly that the government made them do it, and it's probably the same story for Visa.
Remember, folks, the government can't punish you for free speech, but it can threaten everyone who interacts with you so you quickly die homeless and staving in the gutter.
If corporations are people, aren't stockholders guilty of slavery?
Too bad. They're essentially a "common carrier" for funds and should have to act that way.
Also, I don't associate MasterCard with, say, a big box store that royally pisses me off by jerking me around (which is similar to the situation with MC and Wikileaks). The excuse that MC doesn't want to be associated with Wikileaks is B.S.
Modern copyright is theft of culture from everyone and it retards the progress of the useful arts and sciences.
Honestly people refer to anon as adolescents, but I don't think its true. If you look at humans in general, in large groups all of us act like spoiled children. They all want to suck in as much resources as possible, fight to place themselves as high as they can on the social ladder, pee on the beta through omega dogs, and be able to do as they please. Examples: British colonialism treated colonies like second class citizens, extending idiotic laws like the local lord could sleep with peoples wives on their wedding nights, etc. The US constantly interferes with other governments, and after destabilizing them, whines that results aren't in our favor. There's lots of examples. I think Agent Kay put it best, "A person is intelligent. People are dumb, panicky, dangerous animals." Hell, in social psychology there are extensive studies of mob behavior, and they all point towards humans being pretty damn wretched cruel creatures when in groups. Anon is about as principled as any other mob. At least they're predictable insomuch as they always support the first amendment and open information; even if they cast a broad net on who they target.
Well, it hurts their business doesn't it ? It is a payback operation. Turning down a legitimate client without any judgement for political reason was a stupid action. Apparently it is fair to do so. Therefore except more stupid actions, that is what you need to get a political voice nowadays. Politicians don't react to legitimate and rational arguments. They react to fear, to things they don't understand, and mostly to the most stupidly statements made in the most stupid way.
Anonymous will get more media coverage for that than outraged reactions of various moderate group. Do they desserve it ? No, sure. Do they have it ? Hell yes.
This may be a stupid action, but it is the most likely to have an impact.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
I remember back in the day chilling on a mIRC server and there was room that was very ominous thousands of handles were there and me, being a novice, didnt really understand why none of them spoke. Then it was explained to me that they could be aimed at websites to overload them with jargon traffic to knock them offline. When I was educated about this the danger became evident. When I asked who created it they said the original creator was unknown and the net itself wasnt owned by anyone and that the original owner left open instruction on how to control it... with such anonymity and such power (it was further explained that the net grew exponentially at times as the backdoor used to create it spread) that it was fairly intangible, and destroying one bot in the net does nothing to hinder its ability to wreak havok. Not only that but because it can be controlled by anyone who knows the means it can be shifted from server to server which would further hinder peoples ability to disable it.. a botnet is a scary thing when you see it in that light.. Im sure people can counter and offer all kinds of more technical jargon, but for a novice this sufficed enough for me to stay away from these sort of things.
When you dislike the human race as much as I do, Karma:Bad is inevitable lol.
In America, distributing classified documents is illegal.
No it's not, you fucktard.
If corporations are people, aren't stockholders guilty of slavery?
WikiLeaks Founder Says Next Target Is Major US Bank
"Early next year, WikiLeaks will publish tens of thousands of internal documents from a major U.S. bank, exposing the institution's rampant corruption and unethical practices and executives' brazen self-interest, Assange said in an interview with Forbes magazine."
That's a problem. I'm quite willing to drop MasterCard is there's a good alternative. The main requirement is that it needs to be accepted by all web shops. So that restricts my options to PayPal, Visa and MasterCard, I think.
Such stupid actions will only serve to discredit Wikileaks further.
Undoing some moderation here but I must say: BULLSHIT! The only reason the government and these companies are going after Wikileaks is because Wikileaks has dirt on them, and Wikileaks has credibility. Your statement notwithstanding.
Look where all this talking got us, baby.
quite rightly distancing itself from Wikileaks because of some very illegal activities.
What is wikileaks doing that is illegal? And are they distancing themselves from the newspapers that are republishing the leaks? It's not quite right. It is a couple of very large corporations colluding to remove freedom of speech, when the speech in question reflects badly on them.
SJW n. One who posts facts.
Whoever is doing it, such attacks are just plain wrong. Attacking infrastructure may be harmful and amounts to terrorism
Oh for fucks sake, NO, it doesn't!
Terrorism is coercion through FEAR (or, dare I say it, "terror?"). It is NOT embarrassing hypocritical governments. It is NOT interfering with our corporate overlords. It is NOT inconveniencing an ignorant and apathetic populace in their yearly December feeding frenzy.
"Ku-Klux-Klan ja, Wikileaks nein"
"Apoyo a organizaciones racistas"
'Je mag met je Visa- of Mastercard wel geld geven aan de Ku Klux Klan, maar inmiddels geen donaties meer doen aan WikiLeaks.'
"Ku Klux Klan'a bagis var, Wikileaks'e yok" [Sorry for the spelling, but
"[..]- nie ma za to problemów z donacj np. na róne odamy Ku-Klux-Klanu"
Such stupid actions will only serve to discredit Wikileaks further. The best and only response should be: take your own money elsewhere.
CU, Martin
Not sure why this is marked Troll. Here's another perspective - anonymous sends the clear message: "If you support suppressing this information, we will suppress you*. Because when we do it, it is right and good -- and when you do it, it's wrong and evil and must be punished." Here's the problem with that line of thinking: when it's wrong for one party to do it, it's no better when the other party does it.
That barely touches on the overtly childish nature of the behavior. "LA LA LA LA I CAN SHOUT LOUDER THAN YOU CAN, NOBODY CAN HEAR YOU NOW!". Nor does it get into how this affects a large number of third parties (eg Mastercard customers) who have had no part in this decision -- and yet must still pay the price now.
And before somebody compares it to a sit-in on the basis of that last comment, there's a critical difference: a sit-in involves people with names and faces, standing up [or sitting down] for what they believe in - though doing so may cost them reputation, time, and even money. On the other hand, the type of action under discussion involves a bunch of wannabes hiding behind distributed botnets, Tor, and various anonymous proxies pressing a button or running a script.
In addition, when customers show up at a physical place of business to discover a sit-in preventing them from receiving service, they get a clear and immediate understanding of why - thus a message is sent to them as well as to the business they're supporting. They may even learn of practices that weren't aware of, and change their own behavior appropriately. But what do mastercard.com customers find? A web site that doesn't response. There's no message they can receive - they'll just come back later, when the site is back online.
There is no basis for comparison between the two types of actions.
* Help, help, I'm being repressed!"
Indeed. I'm curious as to what sort of liability this is going to open for them in the future. Previously they only refused transactions that the government required them to or in cases where they suspected fraud.
If they're now blocking transactions which the government doesn't require them to and that they have good reason to believe the cardholder consented to, that's got to open up all sorts of liability over their connection with cybercriminals.
Shameless karma whoring:
New York Times Co. v. United States, 403 U.S. 713 (1971)
The unanimous opinion itself is very short; essentially, designating documents as secret and punishing anyone who publishes them is a 'prior restraint' and presumed unconstitutional.
We granted certiorari in these cases in which the United States seeks to enjoin the New York Times and the Washington Post from publishing the contents of a classified study entitled "History of U. S. Decision-Making Process on Viet Nam Policy." Post, pp. 942, 943.
"Any system of prior restraints of expression comes to this Court bearing a heavy presumption against its constitutional validity." Bantam Books, Inc. v. Sullivan, 372 U. S. 58, 70 (1963); see also Near v. Minnesota, 283 U. S. 697 (1931). The Government "thus carries a heavy burden of showing justification for the imposition of such a restraint." Organization for a Better Austin v. Keefe, 402 U. S. 415, 419 (1971). The District Court for the Southern District of New York in the New York Times case and the District Court for the District of Columbia and the Court of Appeals for the District of Columbia Circuit in the Washington Post case held that the Government had not met that burden. We agree.
Please dfferentiate by action:
Wikileaks releases documents with insight into the Iceland bank scandal: + Credibility
Wikileaks releases documents/videos with Insight to Iraq: + Credibility
Wikileaks founder shows unmitigated ego and drives off supporters: - Credibility
Wikileaks releases diplomatic small talk: +/- Credibility
Wikileaks founders handling of dubious rape accusations: - Credibility
Wikileaks hangarounds launch DDOS attacks: -- Credibility
I think there is a strong need for Wikileaks (or something similar). While Julian Assange has done some great services, he is probably not the person to head such an organisation. I am highly critical of the release of the cables. It contained very little information for the damage done. I think the decision to release those cables was because they could release them and not due to the insight they provided. My impression is that ego and publicity had a lot to do with it.
CU, Martin
Many people believe feel this denial of service was caused by government. Paypal has admitted it. I don't know if Mastercard and VISA have admitted it yet, but it's not hard to guess. We're not talking about private action.
If I own the printing press which you rent to print things I consider obnoxious, and then I decide I don't want to be associated with your bullshit anymore and stop letting you use my printing press, then you're right, there's nothing to suggest the government has overstepped its constitutional limits.
If I own the printing press which you rent to print things the government considers obnoxious, so they send goons over to point a gun at my head and explain that I will not let you use my printing press anymore, then the government has overstepped its constitutional limits. And that's what happened here, assuming money==speech.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Consumer action is another tactic. Here's the letter I sent my bank:
Dear Smile.co.uk,
One of the reasons I am a customer of Smile Banking is your commitment to ethical banking.
I do not believe that Visa's recent decision to block payments to Wikileaks is consistent with that ethical stance.
I understand that due to Visa's near-monopoly on card payments and online payments, it is not really practical for either Smile Banking or myself personally to discontinue our use of Visa debit card facilities. However I would like to send a message to Visa that this decision has weakened, not strengthened, their brand reputation to me and, I would assume, others.
To this end:
1. Please would you forward this message to Smile Banking's board of directors
2. Please would Smile Banking collate any similar messages of disapproval regarding Visa's actions from other Smile customers, should they be received, and communicate the aggregate message to Visa
3. Please, so that I can modify my behaviour where possible, would you advise me to what extent the following activities result in income to Visa
a: A debit card payment where I the cardholder am present
b: A cash withdrawal at a high street ATM
c: An online/telephone debit card payment
Many thanks,
Now, I admit that it's pretty funny to see the credit card companies getting screwed for a change. But basically, the Russians tried to f*** over a couple of American businesses, and the U.S. government decided it was necessary to step in and pressure the Russians not to do this. Part of the government's job is to look out for the economic interests of the United States, which includes private corporations. U.S. diplomats are doing their job. Truly shocking indeed.
you're comparing this to anti-segregation protests???
Who needs to get a grip, one who equates one protest with another or one who ridicules such comparisons?
Quite frankly voters can not make informed decisions when they are not informed. Wikileaks is informing voters of what their government is doing.
Falcon
Now as for "informed voters" that is another subject.
Should there be a Law?
this is ammo for those that wish to control the Internet. This can not end well.
DDoS != modern sit-in
Voluntary Botnet == modern sit-in
See the difference?
Where does this leave a DDoS implemented using a voluntary botnet?
Instead of smashing 4chan's servers (which wouldn't stop the attacks and would just make you the next target, and give you an anti-free-speech reputation) why not call up Visa and Mastercard and complain, and ask why Wikileaks' accounts have been shut down while they still process payments for the KKK?
And at 5 grand a day, unless you're running on razor-thin margins with just-in-time production, this shouldn't hurt you too much. Relax. You don't even have any competition AFAIK.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Except that there is no where else to take your money.
Regardless, I'm getting increasingly disenchanted with the "don't like it, don't participate" mentality. First it was the TSA: "don't like it, don't fly." Now it is "don't like what MC is doing, don't use them." Of course Visa and PayPal are doing the exact same things...
How about if instead of asking me to submit I ask THEM to submit?
Yeah, I like that a lot better.
Which of course is not the case in "the land of the free, home of the brave", the Glorious USA, where in the spirit of freedom and competition all credit card transactions are welcomed to be processed by assorted small companies in Russia, Finland and Monaco and are not nearly exclusively dominated by a pair of nasty anti-competitive global US-based cartels like Mastercard or Visa who own all the processing facilities almost everywhere and enjoy protection of bought-and-paid-for politicians!
Oh, wait...
Neither John F. Kennedy nor Nikita Kruschev would have had the support of their governments had their positions been known because of something like a Wikileaks release.
Why would you assume that the public would have chosen nuclear war over bargaining?
and the real hackers come out of the wood work and utterly GARBAGE the usa's websites.
until know i have sat back and watched...do not threaten these youth's...you do so at YOUR PERIL.
WE think of the children unlike you and believe in freedom to the adverse of corporate fascism that you preach.
From how you type you are the child. DDOSing a website? That is amateurish script kiddie BS. You aren't advancing the cause of network neutrality, internet liberty, human rights or anything by taking down websites. The only thing you generate is negative publicity for yourself and for the internet as a whole.
This will result in Lieberman being able to pass the Internet Censorship bill. Don't you see you are a useful idiot? You are being used to help pass this bill which would never be able to pass if Anonymous did not do stupid pointless BS.
> the U.S. government decided it was necessary to step in and pressure the Russians not to do this.
US secretly helps MasterCard And Visa. MasterCard and Visa decide to help the US shut down Wikileaks. Nice to know how it all works. Everybody wins, right?
Please see the case of NEW YORK TIMES CO. v. UNITED STATES which examines this section and the surrounding ones, and found that the New York Times was not guilty under it for publishing classified documents:
http://caselaw.lp.findlaw.com/scripts/getcase.pl?court=us&vol=403&invol=713
I am highly critical of the release of the cables. It contained very little information for the damage done. I think the decision to release those cables was because they could release them and not due to the insight they provided. My impression is that ego and publicity had a lot to do with it.
CU, Martin
On the contrary, the cables contain plenty of evidence of government wrongdoing, although not necessarily by the US government. As a Swede, it is very interesting to know that the us embassy reports that my government prefers to share information about Swedish citizens using a "strong but informal agreement" instead of having a formal agreement, as such an agreement would have to be discussed by the parliament. If the cable is correct, my government is probably violating the Swedish "grundlag", which can loosely be translated as the constitution of Sweden. See http://www.thelocal.se/30654/20101206/