Slashdot Mirror
Britain's GCHQ Attacked Anonymous Supporters With DDoS
An anonymous reader writes "NBC News reports that, during a 2012 NSA conference called SIGDEV, GCHQ's Joint Threat Research Intelligence Group bragged about using Distributed Denial of Service (DDoS) attacks against members of Anonymous during an operation called Rolling Thunder in 2011 (there is evidence that says it was a SYN flood, so technically it was a simple DoS attack). Regular citizens would face 10 years in prison and enormous fines for committing a DoS / DDoS attack. The same applies if they encouraged or assisted in one. But if you work in the government, it seems like you're an exception to the rule."
...No, I got nothing.
In other news, the UK military can drive tanks, fire missiles & carry weapons - but regular citizens cannot.
It's all about oversight, not an attitude of "why can't we legally do this too?".
Police are allowed to do many things in their duty that non-police aren't allowed to do.
Can it not be argued that GCHQ is also allowed to do many things in their duty that non-GCHQ folk aren't allowed to do.
To the police that is? That government agents (no not only the 007 kind) tend to overstep their authorities and commit crimes from time to time isn't that uncommon or even strange (even a government consists of people after all) but the solution to that is to report the event to police and let the legal system handle it. And hope the guilty are punished, sadly that isn't certain...
It can levy taxes, print money, jail people involuntarily, declare war, kill people , etc.
Who will win in the end? Stay tuned!
The cow says "Moo." The dog says "Woof." The Timothy says "Thanks, valued customer. We appreciate your input."
http://pigs-at-gchq.com/ Do laws matter? When all agree to abide by a law it is called a social contract in English. “An agreement among the members of a society to cooperate for mutual social benefits, by safeguarding individual freedom for state protection.” The Oxford dictionary puts it this way: “Agreement among the members of a society or between a society and its rulers about the rights and duties of each.” The U.K. and the U.S. authorities have broken this agreement so badly in so many different ways that the future is not looking very good. Until they agree to keep within this social contract I will simply tell them at every opportunity to fuck off. Hope you do the same.
. . . I'm totally down with it.
If you live where shooting an armed criminal during the commission of a crime is illegal then you're already in trouble. If you're not trying to change it, then you're part of the problem.
"Yes, you are an exception to the rule if you work for the government."
You have accepted your role as a cog. An unthinking unit of work and obedience to be monitored and vihttp://yro.slashdot.org/story/14/02/05/1318223/britains-gchq-attacked-anonymous-supporters-with-ddos#ewed with suspicion. But what is most worrying is that you did it without so much as a whimper.
I know DDoS attacks against IRC servers aren't uncommon...
But we're talking about an IRC server being DDoS'd by a security agency.
A place where people go to talk (regardless of how affiliated they are with Anonymous or not.)
So I'm guessing this means that Freedom of Speech no longer means shit the fascists in charge.
Yes, they can do this shit and you can't. Get over it.
Would you also say that to the people of North Korea?
At what point do you draw the line?
This was the first DOS attack I ever heard of. Used against Panix (ISP in NY) back in the day. Now most systems (Linux kerel, etc) are hardened against syn floods.
Primitive.
DDoS/DoS CAN be stopped (Microsoft & Amazon are setup PERFECTLY vs. it in fact, read on below on that note)!
---
Microsoft Windows NT-based OS settings vs. DoS:
Protect Against SYN Attacks
FROM -> http://msdn.microsoft.com/en-u...
A SYN attack exploits a vulnerability in the TCP/IP connection establishment mechanism. To mount a SYN flood attack, an attacker uses a program to send a flood of TCP SYN requests to fill the pending connection queue on the server. This prevents other users from establishing network connections.
To protect the network against SYN attacks, follow these generalized steps, explained later in this document:
Enable SYN attack protection
Set SYN protection thresholds
Set additional protections
Enable SYN Attack Protection
---
The named value to enable SYN attack protection is located beneath the registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters.
Value name: SynAttackProtect
Recommended value: 2
Valid values: 0, 1, 2
Description: Causes TCP to adjust retransmission of SYN-ACKS. When you configure this value the connection responses timeout more quickly in the event of a SYN attack. A SYN attack is triggered when the values of TcpMaxHalfOpen or TcpMaxHalfOpenRetried are exceeded.
---
Set SYN Protection Thresholds
The following values determine the thresholds for which SYN protection is triggered. All of the keys and values in this section are under the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters
These keys and values are:
Value name: TcpMaxPortsExhausted
Recommended value: 5
Valid values: 0?65535
Description: Specifies the threshold of TCP connection requests that must be exceeded before SYN flood protection is triggered.
Value name: TcpMaxHalfOpen
Recommended value data: 500
Valid values: 100?65535
Description: When SynAttackProtect is enabled, this value specifies the threshold of TCP connections in the SYN_RCVD state. When SynAttackProtect is exceeded, SYN flood protection is triggered.
Value name: TcpMaxHalfOpenRetried
Recommended value data: 400
Valid values: 80?65535
Description: When SynAttackProtect is enabled, this value specifies the threshold of TCP connections in the SYN_RCVD state for which at least one retransmission has been sent. When SynAttackProtect is exceeded, SYN flood protection is triggered.
---
Set Additional Protections
All the keys and values in this section are located under the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters. These keys and values are:
Value name: TcpMaxConnectResponseRetransmissions
Recommended value data: 2
Valid values: 0?255
Description: Controls how many times a SYN-ACK is retransmitted before canceling the attempt when responding to a SYN request.
Value name: TcpMaxDataRetransmissions
Recommended value data: 2
Valid values: 0?65535
Description: Specifies the number of times that TCP retransmits an individual data segment (not connection request segments) before aborting the connection.
Value name: EnablePMTUDiscovery
Recommended value data: 0
Valid values: 0, 1
Description: Setting this value to 1 (the default) forces TCP to discover the maximum transmission unit or largest packet size over the path to a remote host. An attacker can force packet fragmentation, which overworks the stack.
Specifying 0 forces the MTU of 576 bytes for connections from hosts not on the local subnet.
Value name: KeepAliveTime
Recommended value data: 300000
Valid values: 80?4294967295
Description: Specifies how often T
There is not 'exception to the rule' under UK law. You have to have some 'ok' from the gov to do this. The GCHQ staff understood that when they first collected all calls (domestic too) via their Intelsat efforts in the 1960's.
The Intelligence Services Act of 1994 offers a lot of new legal protections, then the Intelligence and Security Committee, SIGMod (sigint modernisation) followed in mid 2000 with more legal backing. Open court use of material is still under GCHQ veto, most is "passed" to other groups, MI5, ~ Special Branch.
The use of a "packet flood" back up would have been a new step beyond passive logging and longer term infiltrating efforts.
Domestic spying is now "Benign Information Gathering"
Does this have anything to do with why FreeNode IRC was being DoS attacked a couple days ago?
ABOVE THE LAW
-- Brought to you by Carl's JR
Sure, they probably won't go anywhere, but it'll still be good to have it on public record that the government refuses to prosecute its own agency's crimes.
Wasn't just the Anonymous group the attacked ones, but other people that wanted to stay anonymous too, like political dissidents and others. Is not the War on Anonymous, but the war on anonymous, privacy and anonymity is becoming outlawed (except for them, of course)
"License to Kill", Old Chap.
I say.
The three laws of thermodynamics:(1) You can't win. (2) You can't break even. (3) You can't even quit.
License to Kill, my Old Chap.
I say.
The three laws of thermodynamics:(1) You can't win. (2) You can't break even. (3) You can't even quit.
If you disagree with that then you have very fundamental philosophical problems with the way our society is structured.
Why, indeed I do. OTOH, if you agree, then I also have a fundamental philosophical problem with your interpretation of the concept of Reason.
They feared that it could be used to suppress protest or support unpopular rule.
it's only a matter of time before they're used...needed or not.
My God can beat up your God. Just kidding...don't take offense. I know there's no God.
I'm not going near your "old chap."
systemd is Roko's Basilisk.
I suspect most North Koreans would gladly trade the problem of a DDOS attack against them by the government for engaging in DDOS in exchange for their current problems of political prisoners being experimented on and mass starvation due to the government diverting both local food and foreign food aid to the military.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
That's what she said, WOOOOOOOO
*: I did try and warn him about the future but he said he had to rush off to do some shopping..
"If anyone needs me, I'm in the angry dome."
It's illegal in most places for private citizens to lob military grade ordinance around, but not for Governments.
Anonymous factions DoS each other all the time for fun and practice. They are fairly good at working around it.
No, you aren't.
If government agents lobbed military-grade ordinance at innocent civilians in the UK, we'd call that unlawful killing and lock the bastards up. And by the same token, if GCHQ had DoS'd targets belonging to legitimate wartime enemies, we wouldn't be criticizing them.
As a rough rule of thumb, the government isn't allowed to do things to citizens above and beyond what any civilian could do without a court mandate or a valid piece of legislation. Unless GCHQ have such a thing, they did wrong.
That reads like you are suggesting any gov't abuse short of North Korea's track record is okay and should be overlooked because we should feel "lucky" our overlords are not quite as malevolent.
You shouldn't be.
Granted those Anon members might have gotten what they deserved -- but government/police/military etc is never, ever (ever) the appropriate agent for 'vengeance'. Because at the end of the day, it's really quite arbitrary who is offended by what, thus a slippery slope is created.
Example.. one day the police use excessive force against a terrorist or pedophile, and that's applauded -- who's to say they won't then go and use such methods on suspects ranging from ... jaywalkers on up?
Just showing to everybody that they are above the law.
One of the identifying characteristics of a police-state: If the police commits some act of murder, torture, destruction or terrorism, nothing happens. If a citizen does, the hammer is brought down hard.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
POLICE STATE
The GCHQ are the GOOD guys, remember? As such why should they be hamstrung by the rules and laws that criminals follow?
Why wouldn't we want to give them those advantages do we want them to do their jobs or don't we?
Nice screen-spam. Way to make it all the more obvious what cold fjord and his "friends" are tying to do in threads like these.
Hacking stratfor to robin-hood the information on private citizens that they obtained illegally for corporations isn't protest? Ruining HBGary federal, which sought to defame activists on behalf of Bank of America isn't protest? You are so fucking dumb that you think you're convincing anyone. Better have one of yoir sockpuppets downvote me, too, you pussy.
Go look at the link I provided. Do you really think that I somehow persuaded the Leftist journalists at Guardian paper to write bad things about North Korea - 10 years ago? If you do then you are a nitwit, at best.
I can only persuade people open to actual evidence, and some people aren't. You apparently are in that category. What does that say about you? Thoughtless and doctrinaire come to mind, I'm sure more things apply as well. None of them are positive attributes. You should really rethink your life.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
So your preference for the Anonymous members is that instead of suffering a transient DDOS attack having no long term affect on them that they would instead be prosecuted, their PCs confiscated, they be imprisoned and fined for engaging in illegal DDOS attacks - since that is a very possible outcome of the law? It seems to me they got off quite lightly as it was. Instead you wish them far greater punishment and a long term mark against them that could affect their future employment? Do you really think that is wise? Do you hate Anonymous? Or is it something to do with your framework of reasoning?
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
I didn't say it was right or wrong. It just is.
The two Koreas weren't really equal, South Korea was well ahead in terms of building a viable economy for an advanced nation for the purposes of peace and prosperity. You are right in noting that the USSR was involved since it and China were engaged in providing massive aid to prop up North Korea. The North Koreas are responsible for their famine, not the US. They managed to magnify any hardship caused by the weather by means of incompetent and backwards communist inspired agriculture policy. What's worse is that they prioritize the military and direct food there first. They stole food aid for the peasants and sent it to the military as well, which is why so many nations are hesitant to provide them more aid. To top it all off they recently enacted "currency reform" that crushed what little progress their middle class had managed. The cherry on the top is that they ignore Chinese recommendations to implement market reforms, which they recently set back in a huge way. That is before you discuss the many criminal enterprises the North Korean state is engaged in, such as drug dealing and counterfeiting. You are badly confused about the facts.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
I understand your point to some extent, but governments have the power to imprison people they deem to be a hazard. A private citizen cannot imprison another citizen. The government does have special privileges. I do agree these researchers broke the law though, just like a sheriff who arrests someone unreasonably. The question is how bad an infraction it was.
Currently hooked on AMP