Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Anonymous' WikiLeaks Proponents Not So Anonymous

Posted by timothy on from the they-see-what-you-did-there dept.

Giovane Moura writes "For a number of days the websites of MasterCard, Visa, PayPal and others are attacked by a group of WikiLeaks supporters (hacktivists). Although the group calls itself 'Anonymous,' researchers at the DACS group of the University of Twente (UT), the Netherlands, discovered that these hacktivists are easy traceable (PDF), and therefore anything but anonymous. The LOIC (Low Orbit Ion Cannon) software, which is used by the hacktivists, was analyzed by UT researchers, who concluded that the attacks generated by this tool are relatively simple and unveil the identity of the attacker. If hacktivists use this tool directly from their own machines, instead of via anonymization networks such as Tor, the Internet address of the attacker is included in every Internet message being transmitted. In the tools no sophisticated techniques are used, such as IP-spoofing, in which the source address of others is used, or reflected attacks, in which attacks go via third party systems.

15 of 390 comments (clear)

  1. Maybe by mikerubin · · Score: 5, Funny

    I should change my WI-FI password?

    --
    I sat down to write a new sig tonight and all I did was make the chair warm.
  2. Re:Using TOR? by Anonymous Coward · · Score: 5, Funny

    think of it like shooting an RPG at your neighbour through a chain link fence.

    You will end up with a still alive neighbour, a destroied fence and look like an idiot.

  3. Re:Using TOR? by gilbert644 · · Score: 5, Insightful

    Isn't it kinda childish to label everything that isn't pro wikileaks as CIA shills?

  4. Re:Using TOR? by Anonymous Coward · · Score: 5, Funny

    Isn't it kinda childish to label everything that isn't pro wikileaks as CIA shills?

    You only say that because you're a CIA shill.

  5. Re:Obvious research by Anonymous Coward · · Score: 5, Insightful

    Because you heard other people on 4chan are doing it and wanted to be cool too?

  6. Re:Raw sockets and Windows by Xelios · · Score: 5, Interesting

    Or a reflected SYN attack, which is a little more potent. But the main problem in concealing your identity by forging the source IP is that most ISP's these days perform egress filtering, meaning those forged packets will simply be dropped before they leave your local network. You have to find the range of IP's allowed through your local network and restrict your spoofing to that range, which in the end doesn't conceal your identity very well anyway.

    4chan was actually hit by a reflected SYN attack last year, which forced AT&T to black hole its domain for several hours. Apparently there are still some ISP's, particularly in Eastern Bloc countries, that don't bother to filter spoofed packets leaving their networks.

    --
    Murphey's fighting Occam, and we're in the stands.
  7. Re:Obvious research by bsDaemon · · Score: 5, Funny

    we were loitering in the anonops irc channel at work the past few days, and one of the questions asked of a bona fide participant was "what's the port for http on www.hillaryclinton.com?" ... i mean, seriously? clearly, we're dealing with brilliant hacker minds here. /sarcasm IP spoofing is likely not a concept that most of them can actually get their minds around as possible.

  8. Re:No shit, sherlock? by davidbrit2 · · Score: 5, Funny

    Warning! Your computer may be broadcasting an IP address! Click here to learn how to fix it!

  9. Re:Obvious research by Anonymous Coward · · Score: 5, Insightful

    Here's how the process goes:

    1. /b/ gets angry at something (only /b/, the other boards do nothing)
    2. Some /b/tard creates an image, which contains information in this format:

    A quick summary why we're attacking
    Where to get the tool
    How to use the tool (this part is usually a screenshot of the tool)
    When to start

    3. Aforementioned /b/tard starts a new thread with the image, with the text saying "GO!" or "do it nao!" (sic), occasionally referring to the alleged sexual preferences of the reader
    4. People see the thread, bump it, and do as they're told

    The vast majority of the people who use LOIC know nothing about the internet. They're just grunts. The only smart ones are those who create these images and formulate the attacks, and they're behind seven proxies. They might not even use LOIC themselves, knowing how easy it is to get caught.

  10. Re:Obvious research by chrb · · Score: 5, Insightful

    I mean why would you join something such as the LOIC without IP spoofing?

    Because many people can't IP spoof? You need to get your broadband router to forward a packet without NATing it, then your ISP has to forward that packet even though the source IP is wrong.

  11. Re:Give a kiddie a script... by Opportunist · · Score: 5, Insightful

    Well, technically, so do normal protesters. They clog streets that I'd like to use, they are noisy which disturbs the other neighbors, they're loitering and maybe even squatting, which may be illegal on its own, depending on your country.

    These "internet protests" are not really more or less disruptive to "normal folks" life than ordinary protesters. The difference is that "normal" protesting is protected in most western states and the disruption they cause is something you have to endure because they're executing their right to assemble (peacefully) and protest. Do you think I'm happy to sit in a traffic jam because some students are against chanting in front of our parliament? I hate the jam, but I support their right to protest and to voice their dissent. I consider it important that they may do that, even if I do not agree with their political position and think (for once in a while) that our government is doing a few things right.

    But their right to protest and voice their dissent is more important than me being late for my appointment.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  12. Re:Obvious research by Rysc · · Score: 5, Funny

    You MORORN, The HTTP port is WWW, even my GRANDMOTHER knows that!

    --
    I want my Cowboyneal
  13. Re:Obvious research by mkiwi · · Score: 5, Funny

    It's a surprise that these people are just a bunch of script kiddies? The phrase "useful idiots" comes to mind: these knuckleheads will take the fall, giving the media and legal system someone to chew on while those with some modicum of coding skill avoid attention. I bet it wouldn't take a lot to ID the majority. Their safely is really in numbers, which isn't much safety at all.

    It's not "Script Kiddies" on 4chan. It's "Script Kitties" :-)

  14. Re:Obvious research by arivanov · · Score: 5, Insightful

    Both you and UTwente missed the point.

    It is a different type of attack. It is the "I am Spartacus" attack.

    It requires putting 100000+ people most of which are juveniles in their jurisdiction on trial. No politician today can stomach that one at this point. However, the way things are going and the way we are sliding towards police societies I am not so sure that this will be the case a few years from now.

    --
    Baker's Law: Misery no longer loves company. Nowadays it insists on it
    http://www.sigsegv.cx/
  15. Re:Using TOR? by shaitand · · Score: 5, Insightful

    "It is also some kind of hubris to scream about Wikileak's "1st amendment rights" to then attack MC, Paypal, ....and Sarah Palin's website?"

    Silly rabbit. The bill of rights is for actual humans.*

    * Palin may be human but public figures open themselves to criticism.