Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anonymous Files Petition To Make DDoS Legal Form of Protest

Posted by samzenpus on from the let-us-break-stuff dept.

hypnosec writes "Anonymous has filed a petition with the U.S. Government asking the Obama administration to make Distributed Denial of Service (DDoS) attacks a legal form of protest. Anonymous has argued that because of advancements in internet technology, there is a need for new ways of protest. The hacking collective doesn't consider DDoS as a form of attack and equates it to hitting the 'refresh' button on a webpage. Comparing these attacks to the 'occupy' protests, Anonymous notes that instead of people occupying an area, it is their computers occupying a website for a particular period of time."

22 of 323 comments (clear)

  1. Mannequin Attack by dittbub · · Score: 5, Insightful

    I think I could agree that hitting refresh over and over again on a website would be a valid form of protest. But wouldn't having a program do it for you be like using mannequins to occupy wallstreet?

    1. Re:Mannequin Attack by AK+Marc · · Score: 5, Interesting

      My favorite are the meatspace DDoS attacks. There was one in Dallas where the protesters went to a busy intersection, and walked around in circles around the intersection, obeying traffic laws, but the extra time for walk signals disrupted traffic timing, and everyone got a chance to stop and see the signs. There are lots of things people can do in meatspace that get in people's way that are explicitly legal. We just don't do it because we fear the law.

      --
      Learn to love Alaska
    2. Re:Mannequin Attack by icebike · · Score: 5, Interesting

      if legal, would be dominated by those with money and resources.

      Or the biggest network of other people's compromised machines.

      And lets face it, that is what this is really about: legalizing bot nets as a free speech issue.

      --
      Sig Battery depleted. Reverting to safe mode.
    3. Re:Mannequin Attack by Sentrion · · Score: 5, Interesting

      Your robot comment may have been meant as a joke, but there really is such a thing as a professional protestor. The going rate is reportedly $11/hr. I'm actually developing the website for a company that is booking passenger space on cargo ships to bring over 200-500 men and women with tourist visas from Jakarta, Mumbai, and Abidjan who have agreed to do the job in exchange for free room and board (which might be a tent in Times Square and two bowls of soup each day) until their visas expire. The owner claims that several organizations have signed contracts to employ his services to protest issues ranging from crime and poverty to offshore outsourcing, illegal immigration, and exploitation of workers. How they're going to get back home I have no idea.

    4. Re:Mannequin Attack by arekin · · Score: 5, Funny

      Wait....Did you just say that an overseas company is being hired to protest outsourcing? Define Irony...

      --
      Disagreeing with you does not make me a troll.
    5. Re:Mannequin Attack by Anonymous Coward · · Score: 5, Funny

      Define Irony...

      Like 'silvery' and 'coppery' but with iron.

    6. Re:Mannequin Attack by electron+sponge · · Score: 5, Interesting

      I'm actually developing the website for a company that is booking passenger space on cargo ships to bring over 200-500 men and women with tourist visas from Jakarta, Mumbai, and Abidjan who have agreed to do the job in exchange for free room and board (which might be a tent in Times Square and two bowls of soup each day) until their visas expire.

      This kind of sounds like indentured servitude, which is illegal in the US (INAL, but if you assist, you might be construed as aiding & abetting, even it is via a contract).

      On another note, I'm guessing (let me repeat that: I'm guessing) the sorts that would resort to professional protesters are likely left-wing types trying to inflate their presence. The same types that routinely rail against monetary abuses in politics. If you want to protest fine. Have the balls to do it yourself, in person, instead of hiring a substitute.

      In regards to the petition, no, it's not the same as an in-person protest. A protest is to make yourself & your issue heard. A DDOS does none of that. There is no message with a DDOS. It's impossible to convey a message to those people that are legitimately conducting commerce with the targets. i.e. preventing me from logging into my bank's website to pay my mortgage. In this example, you're not just hurting the institution, you're also hurting private innocent individuals. If anonymous takes down Chase or BofA, you're affecting tens of millions of private citizens trying to pay their bills, credit cards, car loans, mortgages, etc. Missing payments results in penalties, adversely affects credit scores which results in higher borrowing costs down the line. So no, it's not the same as an in-person protest, it's felony vandalism with the potential to cost innocent bystanders millions of dollars as a collective.

      Just after I got out of the US Navy back in the spring of '99, I saw an ad in The Stranger, the local leftist weekly newspaper in the Seattle area. It's a good paper and is well respected in the Pacific Northwest as a decent alternative news source. I don't know if it still is, but it was then... anyway. A group of people put out an ad looking for folks with a military background for a protest against the powers that be. Being just the sort of dude they were looking for, and being completely unemployed, I looked into it. What they were looking for were people who were trained in CBR warfare, and "not that we're asking for it" access to gas masks and replacement filters for the masks. I was extremely uneasy with their general demeanor combined with what they were suggesting, so I turned them down.

      What followed was the "Battle of Seattle", the 1999 WTO riots. After my contact with the bastards who ended up instigating the riot, I took the ferry across the Sound that fateful day with the bleak hope of warning the police that this wasn't just a run-of-the-mill protest, or at the very least seeing what the fuck was about to go down. By the time I got downtown, the unmistakable scent of tear gas was evident. My compatriots and I made our way to the top of a parking garage overlooking a section of downtown Seattle which was particularly populated with folks we recognized as anarchists. We watched them smash windows and cause mayhem. Meanwhile a couple blocks away, people who either truly believed in protesting the WTO or who were paid to sit there with gas masks on were pepper sprayed by the Seattle PD. Those who wore gas masks took a real beating. They took a beating in order to be a distraction to the police, while the anarchists had their way with businesses blocks away.

      The moral to the story is, if you think your protest is organic, and it ends up being huge, it probably isn't organic. It's astroturf. Someone's bankrolling it. Things like the march on Washington lead by MLK are the exception rather than the rule.

      Long story short, nothing is what it seems and the cake is a lie. If you think you are doing a good thing by joining a populist uprising, do your due diligence. Learn who they are and what they intend to do. Most of the time they want you for nothing more than cannon fodder.

    7. Re:Mannequin Attack by bogjobber · · Score: 4, Informative

      The moral to the story is, if you think your protest is organic, and it ends up being huge, it probably isn't organic. It's astroturf. Someone's bankrolling it. Things like the march on Washington lead by MLK are the exception rather than the rule.

      That's actually a really bad example. The march on Washington was organized by the AFL-CIO (it was technically called the March on Washington for *Jobs* and Freedom), the NAACP, CORE, the Southern Christian Leadership Council, and the Urban League.

      In fact, most of the successful protests in the civil rights movement were not as spontaneous as you might imagine from folklore. Rosa Parks' refusal to sit at the back of the bus is often painted as a spur of the moment decision, but it was highly deliberate. Mrs. Parks was an active civil rights leader at the time, serving as secretary of the Montgomery chapter of the NAACP, a group that had long planned a bus boycott to apply political pressure to end discriminatory practices in public services.

      There was actually an incident earlier in the year where a young African American woman refused to give up her seat in exactly the same manner as Mrs. Parks, but the NAACP decided not to use her as the figurehead for the bus boycott because she was a teenager with children out of wedlock. They figured that it would be difficult to rally the community around the girl, and that her illegitimacy would be an easy target for white criticism. Rosa Parks, a well-educated and wholly respectable citizen, was a much more useful figurehead.

      Your advice is very, very sound, though. Mass protests are all organized by *somebody* and you better damn sure know every angle of the who, what, and why of the event you're attending before you jump in. Although sometimes it's difficult. I doubt most of the attendees in the Seattle WTO riots had any idea it was going to turn violent. The large majority of the people there were peaceful and had no idea the police and subversives would turn the whole damn thing into a battle.

    8. Re:Mannequin Attack by silentcoder · · Score: 4, Insightful

      >On another note, I'm guessing (let me repeat that: I'm guessing) the sorts that would resort to professional protesters are likely left-wing types trying to inflate their presence.

      Odd, I would have guessed the exact opposite. Surely none of those people who show up at teabagger protests can actually BELIEVE that insanity !

      --
      Unicode killed the ASCII-art *
  2. No by Anonymous Coward · · Score: 5, Insightful

    I work for a small hosting/cloud provider, and from experience, I can say that this is a form of attack. It can't be controlled is the worst problem, and it starts affecting many other people who are not involved in the 'protest', who just happen to be on the same shared server, cloud, or data center. Also, as for any argument that such an outcome would be the point of a 'protest', to raise awareness, but the problem is that most people affected by it wouldn't know anything about the source of the attack. Overall, a dDoS should not be a protected option in any form or for any reason. It is way too blunt, and as we build more onto the Web, it can become dangerous or even life-threatening to allow these attacks. It could be the same as allowing people to attack power stations or plants, which is certainly a crime(bordering on terrorism in this day).

    1. Re:No by macraig · · Score: 5, Insightful

      What you've described is no different than the collateral social cost of traditional wage strikes and other peaceful denial-of-access protests. Is that collateral social cost so great that it justifies criminalizing the protests? That is what you are advocating.

    2. Re:No by DeSigna · · Score: 5, Insightful

      Consider:

      Striking: a combination of denying your services (and only yours) to an employer with (usually) highly visible protests and PR to get the reasons for the strike out to the general public, thus gaining their support and pressuring politicians. In most locations, it is illegal to actively interfere with the employers' ability to do business beyond withdrawing your own labour and expertise - blocking access to sites, harassing customers, etc will probably attract police attention. If a group of other people decide to do the same, they've done it under their own steam and should not be coerced to do so.

      DDoS: actively suppressing the target's ability to communicate and do business with very little cost or effort, and a high potential for serious collateral damage to the operations of completely unrelated individuals and businesses along the way. In some rare instances individual participants may volunteer their resources to the DDoS, but much more often a lot of traffic is coming from compromised systems. DDoS and systems intrusion are both already criminalised actions.

      I'm 100% for the ability to protest or strike - I've done my share in the past. I'm 100% against bored kids getting their mates together to smash small websites into gravel "for the lulz".

      You can argue that it'll only be used as a responsible form of protest against those that deserve it, at which time my eyebrows will climb my forehead and burrow under my hairline. The amount of effort required to "protest" is much too small, the relative damage against small operations and individuals far out of proportion. If we would like to see spam outfits "protesting" against Spamhaus' DNSBL resolvers, pro-X advocates "protesting" against the blogs of their pro-Y opponents, kids targetting the local donut shop because they're bored and want to give them a huge bandwidth bill, sure, lets allow legal DDoS. Perhaps we could allow governments to set rules on what constitutes "fair protest" to solve this problem? I'm not really warming to that idea either.

  3. DDoS affects comerce by Q-Hack! · · Score: 5, Insightful

    I think Anonymous is missing the concept a bit here. You can protest a business with a sign and megaphone, but you are not allowed to stop people from patronising that business. Very rare is it that a DDoS doesn't affect somebodies business. Most often, it affects somebody not even related to who the attacker is intending. If you want to protest, there are non disruptive methods to use, DDoS shouldn't be one of them.

    --
    Some days I get the sinking feeling Orwell was an optimist.
    1. Re:DDoS affects comerce by davidbrit2 · · Score: 4, Funny

      Distributed Denial of Revenue attack?

  4. Toxic precedent by starfishsystems · · Score: 5, Insightful

    I hope, and expect, that the petition will be denied. What it means is that any entity with sufficient knowledge and resources (individual or corporation) would be permitted to flood the net with DDoS packets.

    If such activity were legalized, by the same principle so would automatically-generated petitions. So would spam. So would noise pollution. It sets an extremely toxic precedent.

    --
    Parity: What to do when the weekend comes.
  5. I like their chances by paiute · · Score: 4, Funny

    I also filed a petition - that I be recognized as the Queen of England. I think mine will be approved just before the one approving DDoSs.

    --
    If Slashdot were chemistry it would look like this:Cadaverine
  6. Abusers by Anonymous Coward · · Score: 5, Insightful

    If you legalize DDOS as protest, is it going to be ok for companies to DDOS their competitors, sites they don't like, sites posting negative stories about them etc?

    DDOS: It lets you censor anyone who spends less on servers than you.

    Sure, its not always corporate folks, but if you let people do something disruptive, big money is going to be spent to abuse it. I may reluctantly go along with money=speech, but money=right to censor others is too far.

    1. Re:Abusers by jakimfett · · Score: 4, Informative

      And we have an AC who hit the nail on the head. Legalizing DDOS attacks as a form of protest will turn the internet into a warzone.

      --
      Bits of code, random ramblings: jakimfett.com
  7. Re:Not going to fly by Anonymous Coward · · Score: 5, Insightful

    The difference is that, things you can effectively protest by physically being in a given space are effective for the reason that your presence blocks *other humans* from doing something. That is to say, there's an equality between what is being blocked and the means used to block it.

    But in the case of pressing a refresh button: there is no human at the other end of the network whose work is blocked by you clicking refresh. Your protest is up against an automated process. When protesting by "occupying" a website, there is no longer a level of equality between the humans doing the protesting and the automated processes they're trying to obstruct. Using automated proceses for the protest levels the playing field.

  8. Re:Not going to fly by phantomfive · · Score: 5, Insightful

    The whole idea of the traditional protest is that people had to stand in a particular area to create problems for wherever they were standing.

    And very often it is not legal, either. The whole point of civil disobedience is that you're willing to break the law and face the consequences rather than comply with something you feel is morally wrong.

    --
    "First they came for the slanderers and i said nothing."
  9. Ya I'm ok with it by Sycraft-fu · · Score: 4, Interesting

    So long as the anon-tards are ok with me blocking them in their houses with a fleet of ROVs. Same basic deal as what they are talking about: Using a ton of automatically controlled systems to deny access. If they aren't ok with it being done to them, in the real world, then why should we be ok with them doing it to others on computers?

    The other thing about DDoS attacks is they almost always involve breaking the law anyhow, by using botnets. Unless you legally have access to 100% of the systems you are using AND the ToS of the providers allows you to generate traffic of the levels you do, then you are already in the wrong. Exploiting systems and using them for a botnet is not legal and it should be extremely obvious why.

    These morons don't want a legit protest, because next to nobody agrees with them and they are lazy. If they went out for a physical protest, they'd get like 20 people to show up for one day and it'd be ignored. So they want to use sleazy, illegal, tactics to try and amplify their voice.

    It also ignores the fundamental point of a protest. A protest is NOT to disrupt activity, particularly not to have just a couple people do so. It is to show large scale support or opposition for something. It is to let the public, and the government, know that a lot of people want something. It is impressive by its size.

    If 250k people show up in a park and protest something, that is impressive, that is something to be noticed, respected. The large number of people makes it noteworthy. If I rent out a shitload of video and sound equipment so I can broadcast myself all over a park, and protest alone, that doesn't make it noteworthy, other than as to what an egomaniac I am.

    They don't want freedom, they want tyranny, where they get to be the tyrants. A large segment of the public refusing to do business with a company because of their policies is freedom in its fullest. A small group of people shutting down a company's ability to do business because they don't like it is not.

  10. Re:Not going to fly by multimediavt · · Score: 4, Insightful

    The difference is that, things you can effectively protest by physically being in a given space are effective for the reason that your presence blocks *other humans* from doing something. That is to say, there's an equality between what is being blocked and the means used to block it.

    But in the case of pressing a refresh button: there is no human at the other end of the network whose work is blocked by you clicking refresh. Your protest is up against an automated process. When protesting by "occupying" a website, there is no longer a level of equality between the humans doing the protesting and the automated processes they're trying to obstruct. Using automated proceses for the protest levels the playing field.

    See, I was wondering how they were going to draw a physical parallel to what they were doing that *WAS* a legal form of protest. The closest I could think of was a union mob blocking the entrance to a business, BUT that is illegal. You cannot legally protest by obstructing right of way (without a permit). Right of way also includes the entrance of a business to a road front in most states, for instance. So blocking where cars and trucks enter a property would be illegal. By blocking all/any IP traffic to a machine connected to the Internet wouldn't you be violating "virtual" rights of way and thereby be acting illegally in the same sense as the union mob?