http://www.computerworld.com/s/article/9200659/Pro_WikiLeaks_cyber_army_gains_strength_thousands_ join_DDoS_attacks?taxonomyId=82

Pro-WikiLeaks cyber army gains strength; thousands join DDoS attacks
Volunteers download attack tool, organizers recruit hacker botnets, say researchers

Computerworld - The retaliatory attacks by pro-WikiLeaks activists are growing in strength as hackers add botnets and thousands of people download an open-source attack tool, security researchers said today.

In recent days, distributed denial-of-service (DDoS) attacks have been launched against several sites, including those belonging to Amazon, MasterCard, PayPal and the Swiss payment transaction firm PostFinance, after each terminated WikiLeaks accounts or pulled the plug on services.

As of Thursday, WikiLeaks had posted the full text of more than 1,200 leaked U.S. State Department cables from its trove of over 250,000 messages.

Most of those participating in the attacks are using the LOIC (Low Orbit Ion Cannon) DDoS tool, said researchers with Imperva and Sophos.

The open-source tool, which is sometimes classified as a legitimate network- and firewall-stress testing utility, is being downloaded at the rate of about 1,000 copies per hour, said Tal Be'ery, the Web research team lead at Imperva's Application Defense Center.

"Downloads have soared in the last two days," said Be'ery in an interview. As of 4 p.m. ET, more than 44,000 copies of LOIC had been downloaded from GitHub.

LOIC has become the DDoS tool of choice in the pro-WikiLeaks attacks because users can synchronize their copies with a master command-and-control server, which then coordinates and amplifies the attacks.

"If I download [LOIC] and voluntarily set the server information, the command-and-control server can control my copy of LOIC," said Be'ery. "The command-and-control server can then sync the attack, which makes it much more powerful because the DDoS attacks are occurring at the same time and hitting the same target."

Some will still want manually control LOIC, Be'ery said, calling those people "old school guys." But even then, the attacks are being coordinated.

"They're just syncing their attacks to the announcements made on Twitter and IRC (Internet Relay Channel)," Be'ery said, referring to the messages posted by several hacker groups, including Anonymous, which has been in the forefront of what's called "Operation Payback."

In a new step in the campaigns, botnets -- armies of already-compromised computers that hackers control remotely -- are now being recruited for the DDoS attacks, said Beth Jones, a senior threat researcher with Sophos. "Until now, the attacks have been done by volunteers who download LOIC," said Jones. "But now more groups are joining in with their botnets."

Be'ery said that Imperva had seen IRC chatter of at least one 100,000-PC botnet being thrown into the attacks.

"Operators of these attacks have repeatedly asked on IRC if someone can donate botnets," said Be'ery. "It looks like they feel the need for some more horsepower."

The fact that the organizers of Operation Payback are soliciting more firepower is a clue that they're not able to match the defenses erected by the sites they've targeted, said Be'ery. "They're having a bit of a problem. PayPal and others are doing good work to keep their sites alive, so they're after more machines and telling people [participating in the DDoS attacks] to do what they're told and focus on the targeted sites."

There seems to be something to Be'ery's point.

An attack launched earlier Thursday against Amazon.com by Anonymous appears to have fallen flat; the group then dropped Amazon and instead directed its PCs and followers to again hammer a PayPal URL.

But for all the problems that Operation Payback's having, Be'ery doesn't believe the DDoS attacks have peaked. "There doesn't seem to be any decay in the download rate of LOIC," he noted. "I really don't think things will change unless one of the attacked companies tries to take down the main command-and-control server."

There is only one such server currently coordinating the attacks, he added, but the organizers claim that they have a backup on stand-by. "But if the main server falls, it will certainly give them some trouble regrouping," said Be'ery.

Jones of Sophos saw a different end game.

"What's really surprising is that so many people are willing to put themselves on the line legally," she said, pointing out that using a tool like LOIC to attack a site is illegal in most jurisdictions, including the United States.

"A more firm legal response may be helpful," Be'ery agreed. "I'm not even sure that everyone understands that what they're doing is illegal."

On Wednesday, Dutch police arrested a 16-year-old in The Hague for allegedly participating in the attacks against Visa, MasterCard and PayPal. The teen is to be arraigned in Rotterdam on Friday.

"The penny will drop when some of these guys are arrested," predicted Be'ery.

http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=228800075&cid=RSSfeed_IWK_All

Online retailer's EC2 architecture holds strong in face of coordinated DDOS strike by Julian Assange's backers.

Amazon.com's famed EC2 infrastructure was more than a match for WikiLeaks allies who tried to take down the site Thursday.

"Okay, here's the real deal—We can not attack Amazon, currently," said Anonymous, a hacker group that supports WikiLeaks, in a Twitter post. "The previous schedule was to do so, but we don't have enough forces," the group said.

Reports said Anonymous and other hackers attempted to crash Amazon's Web site with a distributed denial of service (DDOS) attack, but gave up after about an hour. Amazon maintains vast reservoirs of excess server capacity so it can handle traffic spikes during key times like Black Friday and Cyber Monday.

Not only does Amazon depend on its EC2 (Elastic Compute Cloud) for its own operations, it also rents space on the architecture to third parties. As virtually all of Amazon's business is on line, even small amounts of down time can cost the company millions in lost revenue.

WikiLeaks allies have been planning to attack Amazon ever since it booted Julian Assange's rogue Web site from its servers earlier this month. They're also upset that Amazon is selling an eBook compilation of documents linked by WikiLeaks, despite its decision to remove WikiLeaks itself from its servers.

Other companies that have irked the WikiLeaks crowd haven't fared as well as Amazon. MasterCard, which is refusing to process credit card donations to WikiLeaks, was knocked off line for several hours Wednesday by a DDOS attack.

Meanwhile, Assange is in jail in London fighting an extradition request by Swedish authorities who have charged him with rape and other sex crimes. Assange has denied the charges, which relate to complaints filed by two Swedish women.

U.S. authorities are also said to be mulling espionage and other charges against Assange who, through WikiLeaks, provided several major newspapers—including the Times, The Guardian, Le Monde, and Der Spiegel—with excerpts from classified diplomatic documents.

The leaked documents revealed serious concerns within the U.S. diplomatic community about the resolve and trustworthiness of several key allies, including Afghanistan and Pakistan, in the war on terror. They also disclosed Saudi Arabia's wish for a U.S. military strike against Iran, and painted unflattering pictures of Western leaders like German Chancellor Angela Merkel and Italian Prime Minister Silvio Berlusconi.

The documents also raise questions about whether British authorities released a prisoner jailed in connection with the Lockerbie bombing in order to preserve oil deals with Libya.

These 'attacks' against Amazon are not justified IMO, since wikileaks is not entitled to their services. However, since Assange's justly acquired funds have been frozen access to (not just the service) by PayPal, I feel that attack may be justified. PayPal is effectively stealing from assange, not just disallowing access to their service.

I feel the attack on Amazon is misguided and *unjust*, but probably justified on PayPal. As for MasterCard and Visa, I'd have to hear the arguments on how that is justified, which I thus far don't believe it is.

Just my opinion.

These 'attacks' against Amazon are not justified IMO, since wikileaks is not entitled to their services. However, since Assange's justly acquired funds have been frozen access to (not just the service) by PayPal, I feel that attack may be justified. PayPal is effectively stealing from assange, not just disallowing access to their service.

I feel the attack on Amazon is misguided and *unjust*, but probably justified on PayPal. As for MasterCard and Visa, I'd have to hear the arguments on how that is justified, which I thus far don't believe it is.

Just my opinion.


Just for the record, the last I heard PayPal has actually released any frozen funds belonging to WikiLeaks, but continues to refuse to provide them any further service.

http://www.google.com/hostednews/afp/article/ALeqM5jbKG4bu6xNVUbpYATnGopwQWca0A?docId=CNG.9aed0 bb42e6143acab5dd7633a8f7fc7.2d1

The justification of attacks on visa or mastercard would be based on the idea that they're run by the banks, and therefore effectively a government entity -- they are funded by forcibly acquired taxpayer money, and equally abusive Fed money.

If paypal has released the frozen funds, I agree that those attacks aren't justified -- nor are the ones on amazon.

PayPal released the funds right after they were attacked.

-t

I'm undecided as to the morality of it all, but find it exciting to see a group of people come together and take major websites down. I find myself cheering for anonymous and find the whole thing fascinating.

It occured to me, why have they only targeted non-governmental websites?

I'm undecided as to the morality of it all, but find it exciting to see a group of people come together and take major websites down. I find myself cheering for anonymous and find the whole thing fascinating.

It occured to me, why have they only targeted non-governmental websites?

They attacked Senate.Gov for a while and had it down for 12 mins or so.

I'm undecided as to the morality of it all, but find it exciting to see a group of people come together and take major websites down. I find myself cheering for anonymous and find the whole thing fascinating.

It occured to me, why have they only targeted non-governmental websites?

the companies they are attacking are usually defending a government that they are recieving special favors from... in that instance, the company and government merger makes it moral to attack the quasi-private company that is defending a tyrant.

I'm undecided as to the morality of it all, but find it exciting to see a group of people come together and take major websites down. I find myself cheering for anonymous and find the whole thing fascinating.

It occured to me, why have they only targeted non-governmental websites?

They went after Lieberman's website--the most legit target so far in the US. Gov't site, though so it wasn't very successful (yet.)

I'd think there will be more if/when Assange is extradited to the US.

the companies they are attacking are usually defending a government that they are recieving special favors from... in that instance, the company and government merger makes it moral to attack the quasi-private company that is defending a tyrant.

This govt collusion thing is such a slippery slope. Do you realize liberals make this same argument when they talk about how everyone benefits from the govt roads? Since we all use the roads then it is ok to take our income away and regulate us.

I can't believe so many people here are going with this Midas Touch approach to govt collusion - once you touch it, we can attack you. Can you attack me because I registered my business as a corporation with the state?

This govt collusion thing is such a slippery slope. Do you realize liberals make this same argument when they talk about how everyone benefits from the govt roads? Since we all use the roads then it is ok to take our income away and regulate us.

Yes, it's a spectrum. But the banks use government force to take people's property, actively lobbying towards those ends. That's very different than driving on a road you've already been forced to pay for.

The liberals you refer to put the cart before the horse. The money was extorted first, then the roads were built using that extorted money. It's effectively stolen property. It's not like the government people contributed their own money to purchase the roads voluntarily, then placed regulations on their use.

This is from yesterday:

Correll said: “We have observed 256 service interruptions and 94 hours of combined downtime since these attacks started on 4th December. We also observed over eight hours of counter-DDoS downtime on the attackers (anonops.net) site.”

The Anonymous group confirmed the counterattacks initially on Monday evening when it said it was ‘currently under heavy DDoS attack', with just under two hours of downtime and 23 service interruptions recorded since the pro-WikiLeaks attacks started that morning.

http://www.scmagazineuk.com/mastercard-and-websites-of-joe-lieberman-and-sarah-palin-latest-to-be-hit-by-anonymous-ddos-attacks-in-support-of-wikileaks/article/192392/

Looks like Anonymous is winning!

-t

Yes, it's a spectrum. But the banks use government force to take people's property, actively lobbying towards those ends. That's very different than driving on a road you've already been forced to pay for.

The liberals you refer to put the cart before the horse. The money was extorted first, then the roads were built using that extorted money. It's effectively stolen property. It's not like the government people contributed their own money to purchase the roads voluntarily, then placed regulations on their use.

I don't think the horse/cart argument completely turns the tables, but I see your point. I would probably be more with you if we were talking about the big banks suckling off the central banks.

I'm starting to feel like people are forgetting some recent history here. Paypal is one of the small guys that grew up to battle the big boys and take a market share. Paypal isn't even a bank. Unless something has changed they aren't FDIC insured, and aren't generally recognized as a bank. Isn't Paypal a good example of a company that soared above the clouds of regulation and satisfied the market's needs?

This govt collusion thing is such a slippery slope. Do you realize liberals make this same argument when they talk about how everyone benefits from the govt roads? Since we all use the roads then it is ok to take our income away and regulate us.

I can't believe so many people here are going with this Midas Touch approach to govt collusion - once you touch it, we can attack you. Can you attack me because I registered my business as a corporation with the state?

^^This - is exactly why I'm not supporting the attacks. And now that I've heard that Assange's funds have been released to him by payPal, I wouldn't advocate further attacks on PayPal as just neither.

I don't buy the argument that it's *just* to attack them since they have been threatened by the government in whatever way, or even the idea that because the have some connection to government favor that they deserve *attacks*. Like mentioned above, that would justify attacks on anyone getting any favor by the government, including those who are unemployed, or anyone even using roads or registering their corporation.

Such things are important to take into consideration (the extent to which 'private' companies get State favor / public funds) when considering *true* privatization (a la Rothbard), but not in situations like this.

*If* there should be any DDoS attacks on anyone, the attacks should be on the appropriate government agencies / websites for bullying these companies (and I'm sure they are all being bullied by the govt one way or another) and threatening private property and free speech, not on the companies themselves.

http://pandalabs.pandasecurity.com/tis-the-season-of-ddos-wikileaks-editio/

Update – 12/8/2010 – 3:17 AM

The Internet hosting provider (space2u.com) of the Lawyer representing the 2 girls who were allegedly raped/assaulted by Julian Assange has voluntarily suspended the ADVBYRA.SE website indefinitely.

Here is a snip of the conversation taken from the chat:

This marks the first time a website has been voluntarily removed by an ISP as a direct result of “Operation Avenge Assange.”

Update – 12/8/2010 – 9:00 PM

If you have been following our blog post today, then you may know that we were under a constant and steady DDoS attack throughout the day. In the spirit of this post, I’ll go ahead and announce that the PandaLabs blog sustained 139 service interruptions and over 5 hours of downtime today. It’s still unclear as to who exactly is to blame for the attack, but it’s obvious that they did not want these attacks documented for the general public.

People have been asking me all day if there is some sort of “patriot response” to Operation Payback and there is no doubt in my mind that an initiative does exist, but no one besides @Th3J35t3r has publicly “attacked back” and he/they still haven’t said anything about these latest attacks.

So, what makes me think that there is some sort of underground patriot response? Well, let’s take a look at the statistics….

The Operation Payback website has sustained a series of DDoS attacks despite being hosted on a “bulletproof” server specializing in anti-ddos and hosted in Russia.

-t

Another big problem I have with DDOS attacks: for the attackers to do this (one method, anyways) don't they have to hijack tons of innocent people's computers with viruses so that they can execute a flood of requests?

Another big problem I have with DDOS attacks: for the attackers to do this (one method, anyways) don't they have to hijack tons of innocent people's computers with viruses so that they can execute a flood of requests?

Today a call went out for botnets to join, and yes - computers that have been hijacked. That doesn't prevent the owner from using the machine, though.

Most of this has been with a voluntary botnet. The volunteers download the software, configure it to take instructions from the hive and rock and roll!

-t

This govt collusion thing is such a slippery slope. Do you realize liberals make this same argument when they talk about how everyone benefits from the govt roads? Since we all use the roads then it is ok to take our income away and regulate us.

I can't believe so many people here are going with this Midas Touch approach to govt collusion - once you touch it, we can attack you. Can you attack me because I registered my business as a corporation with the state?

its not the touching the government that is the worst offense, its getting special favors, protections from competition, the whole nine yards. a business married to the government is no longer a true private company.
and when that puppet business of the government defends the government by clamping down on the finances of those who are exposing the truth... then it is just to consider that business part of the tyranny and lies you are fighting.

Today a call went out for botnets to join, and yes - computers that have been hijacked. That doesn't prevent the owner from using the machine, though.

Most of this has been with a voluntary botnet. The volunteers download the software, configure it to take instructions from the hive and rock and roll!

-t

Interesting. Up until this point the attacks have operated simply by having enough angry people willing to join in. It's kind of like an anarchist version of SETI @ home. There is one perverse advantage to hijacked machines though. The owners of the machines have plausible deniability. Is it worse to hijack a machine with a trojan horse that you know is really harmless than it is to recruit some 16 y/o into a plan that might screw up the rest of his life?

Today a call went out for botnets to join, and yes - computers that have been hijacked. That doesn't prevent the owner from using the machine, though.

Most of this has been with a voluntary botnet. The volunteers download the software, configure it to take instructions from the hive and rock and roll!

-t

If they're volunteering that's fine. The hijacking thing is a real problem, it doesn't matter if they can still use the machine. Kind of like in Dark Night.

Interesting. Up until this point the attacks have operated simply by having enough angry people willing to join in. It's kind of like an anarchist version of SETI @ home. There is one perverse advantage to hijacked machines though. The owners of the machines have plausible deniability. Is it worse to hijack a machine with a trojan horse that you know is really harmless than it is to recruit some 16 y/o into a plan that might screw up the rest of his life?

or by having the hijacks, you protect the 16 year old by giving him plausible deniability.

its not the touching the government that is the worst offense, its getting special favors, protections from competition, the whole nine yards. a business married to the government is no longer a true private company.
and when that puppet business of the government defends the government by clamping down on the finances of those who are exposing the truth... then it is just to consider that business part of the tyranny and lies you are fighting.

I'm still waiting to hear from anyone how Paypal is colluding with the government. Like I said, they're not even a real bank in the US, and as far as I know Paypal does not rely on any govt protections. I'm sure Paypal pays tons of taxes, and they probably don't like it any more than we do. It is so unfortunate that the one biggish payment processor that really isn't helped by the govt is getting attacked so much.

I'm still waiting to hear from anyone how Paypal is colluding with the government. Like I said, they're not even a real bank in the US, and as far as I know Paypal does not rely on any govt protections. I'm sure Paypal pays tons of taxes, and they probably don't like it any more than we do. It is so unfortunate that the one biggish payment processor that really isn't helped by the govt is getting attacked so much.

from what i read, paypal got it from the other end. meaning, they were threatened by the state department, so to keep their business from being buried by government audits, they caved in, just like some banks did during the bail-outs.

from what i read, paypal got it from the other end. meaning, they were threatened by the state department, so to keep their business from being buried by government audits, they caved in, just like some banks did during the bail-outs.

If this is true it really isn't something we should hassle Paypal about. We should do what we do best and attack the govt. I give in to govt demands all the time, but I know I'm not colluding with the govt.

If this is true it really isn't something we should hassle Paypal about. We should do what we do best and attack the govt. I give in to govt demands all the time, but I know I'm not colluding with the govt.

paypal should fear the consumers more than the government.

Like I said, they're not even a real bank in the US, and as far as I know Paypal does not rely on any govt protections.

It is a bank in the EU. And IIRC in some states. I think LA was the first state to require them to have a bank charter and a brick and mortar location years ago. There are probably other states as well -- it is a state by state thing.

Also they started putting funds in FDIC-backed accounts years ago.

paypal should fear the consumers more than the government.

Yes, I should have been more clear. We should vote with our dollars, but we shouldn't literally attack them. Like I said in another thread, when Paypal calls me for our annual chat, I'm going to give them an earful about wikileaks.



Also they started putting funds in FDIC-backed accounts years ago.

Can you explain this? They may have money in banks that are FDIC insured, but this wouldn't come close to covering their holdings because they probably don't have 100 million accounts there. Paypal users do not have bank account numbers.

At least we can agree that Paypal is less protected by the govt than pretty much any other big payment processor. If some govts are requiring them to jump through hoops can we really blame Paypal for complying?

Can you explain this? They may have money in banks that are FDIC insured, but this wouldn't come close to covering their holdings because they probably don't have 100 million accounts there. Paypal users do not have bank account numbers.

Ok, so if you don't use the Paypal money markey then there is some pass-through protection, but this is a service of the banks that Paypal uses. Paypal is not a bank, they use banks to hold their money just like the rest of us do. You don't get to accuse me of colluding with the govt because I have a checking account that is FDIC insured.

Can you explain this? They may have money in banks that are FDIC insured, but this wouldn't come close to covering their holdings because they probably don't have 100 million accounts there. Paypal users do not have bank account numbers.

They deposit the funds in pooled accounts and users are covered through FDIC pass through insurance. You can google it if you want more info. It has been awhile since I remember reading about it.

Ok, so if you don't use the Paypal money markey then there is some pass-through protection, but this is a service of the banks that Paypal uses. Paypal is not a bank, they use banks to hold their money just like the rest of us do. You don't get to accuse me of colluding with the govt because I have a checking account that is FDIC insured.

You said:


Paypal does not rely on any govt protections
Is not FDIC insurance a govt protection?

You said:

Is not FDIC insurance a govt protection?

Read my post. Probably every person in the country has FDIC insured bank accounts just like Paypal has and FDIC insured bank account. If we're allowed to attack Paypal because of this, then we can attack anybody for colluding with the govt. This is the slippery slope I was talking about in my first post.

Read my post. Probably every person in the country has FDIC insured bank accounts just like Paypal has and FDIC insured bank account. If we're allowed to attack Paypal because of this, then we can attack anybody for colluding with the govt. This is the slippery slope I was talking about in my first post.

Right, well I didn't make that argument. I just attempted to correct your absolutist claim as well as point out that they are a bank.

Right, well I didn't make that argument. I just attempted to correct your absolutist claim as well as point out that they are a bank.

Absolutist? I said, "as far as I know Paypal does not rely on any govt protections", but you clipped out the "as far as I know". They have the same FDIC protection that every other person on this forum does, so why try and separate them out?

Paypal is not a bank in the US, and in most of the world.

..

how illegal is this?

how illegal is this?

imagine so many protestors in front of your store that no customer could get inside.
DDOS is basically the same thing.

imagine so many protestors in front of your store that no customer could get inside.
DDOS is basically the same thing.

Perfect explanation.


And this is exactly the kind of thing that the govt will use as reason to regulate/destroy the internet.

Perfect explanation.


And this is exactly the kind of thing that the govt will use as reason to regulate/destroy the internet.

:rolleyes: The government is already trying to regulate/destroy the internet. Non-violent protesting is THE MOST effective way to bring about positive change.

imagine so many protestors in front of your store that no customer could get inside.
DDOS is basically the same thing.

actually the protesters are continually walking inside your store allowing nobody else inside.

:rolleyes: The government is already trying to regulate/destroy the internet. Non-violent protesting is THE MOST effective way to bring about positive change.

and they have met much opposition, so they need to find events that turn public sentiment

actually the protesters are continually walking inside your store allowing nobody else inside.

Yeah that's a better analogy.


I guess it's over.

actually the protesters are continually walking inside your store allowing nobody else inside.

people were still able to use their mastercards, they just couldn't get on the website.
the side door was blocked, but the front door was still open for customers.
your analogy fails.

It's also worth pointing out that the action by itself is not illegal. (Submitting an html or other similar request to the webhost) The illegality seems to come into play once you do it a certain number of times or amount.

lol to the explanations above.

if one were to partake in this activity, would it be like a marijuana ticket, or a year in jail?

people were still able to use their mastercards, they just couldn't get on the website.
the side door was blocked, but the front door was still open for customers.
your analogy fails.

His analogy was perfectly reasonable and one of the more accurate ones in this thread. He was not talking about the ability to use MasterCards/Visa cards etc... we're talking about the ability to access website itself.

people were still able to use their mastercards, they just couldn't get on the website.
the side door was blocked, but the front door was still open for customers.
your analogy fails.

we are speaking denial of service in general.

your analogy was a larger failure for purporting that they are merely hanging around outside, when in fact they are doing the equivalent of walking in the store.

YouTube - This is the guy that lives in my head! (http://www.youtube.com/watch?v=ZuXxy8cjZQA)





lol to the explanations above.

if one were to partake in this activity, would it be like a marijuana ticket, or a year in jail?


http://www.wired.com/threatlevel/2010/01/guilty-plea-in-scientology-ddos-attack/

A Nebraska man is pleading guilty in federal court to a computer-disruption charge for his role in the 2008 distributed denial-of-service attack that temporarily shuttered Church of Scientology websites, the authorities said Tuesday.

Los Angeles federal prosecutors said Brian Thomas Mettenbrink, 20, signed a plea agreement Friday admitting his role in the January 2008 attack (.pdf) –- bringing to two the number of defendants convicted in Anonymous’ attack on Scientology. Next week, Mettenbrink is expected to officially enter his plea, which carries a year sentence, prosecutors said.

we are speaking denial of service in general.

your analogy was a larger failure for purporting that they are merely hanging around outside, when in fact they are doing the equivalent of walking in the store.

no, obstructing one entrance to the store. the store is still open. mastercard is still making money.

I'm undecided as to the morality of it all...

On the whole and especially in principle, the morality is clear. Just because you disagree with someone, it does not follow you are entitled to trespass upon him. If, however, he is proven to have committed some offense, in this case PayPal seizing Wikileaks assets without justification or authority, I have no problem with what has been done. PayPal, too, is enjoined to respect the property rights of others and it seems a good thing that people took the law into their own hands in that case. In the cases of M/C. and Visa, unless they can be proven to have acted immorally, the attacks upon them were not justified. Had they admitted to seizing property that was not theirs to take, then I might feel differently.

No doubt there is a gray area here, but that is part and parcel of life in general. DDoS is a way of letting certain entities know that some of their behaviors will not be tolerated. The trick, of course, is just application of the force. If people were cool and smart about such things, these sorts of tools could go far in reeling in some of these out of control companies, like Monsanto. Unfortunately, the likelihood is that they will be abused in too many cases.

OTOH, if such attacks were to become common, clued-in companies would simply ramp up their capacity in response by either expanding their farms or buying rights to transient capacity. We see how the attack on Amazon failed and why. They had shitloads of dormant capacity that came into play the moment it was called for.

If these attacks remain very rare and are used only in response to the occasional egregious behavior, they may remain effective awhile longer. In time, hoewever, technology will render them obsolete.

[quote=specialkornflake;3022624]I'm undecided as to the morality of it all...[/quote.]

On the whole and especially in principle, the morality is clear. Just because you disagree with someone, it does not follow you are entitled to trespass upon him. If, however, he is proven to have committed some offense, in this case PayPal seizing Wikileaks assets without justification or authority, I have no problem with what has been done. PayPal, too, is enjoined to respect the property rights of others and it seems a good thing that people took the law into their own hands in that case. In the cases of M/C. and Visa, unless they can be proven to have acted immorally, the attacks upon them were not justified. Had they admitted to seizing property that was not theirs to take, then I might feel differently.

No doubt there is a gray area here, but that is part and parcel of life in general. DDoS is a way of letting certain entities know that some of their behaviors will not be tolerated. The trick, of course, is just application of the force. If people were cool and smart about such things, these sorts of tools could go far in reeling in some of these out of control companies, like Monsanto. Unfortunately, the likelihood is that they will be abused in too many cases.

OTOH, if such attacks were to become common, clued-in companies would simply ramp up their capacity in response by either expanding their farms or buying rights to transient capacity. We see how the attack on Amazon failed and why. They had shitloads of dormant capacity that came into play the moment it was called for.

If these attacks remain very rare and are used only in response to the occasional egregious behavior, they may remain effective awhile longer. In time, hoewever, technology will render them obsolete.

how does your above statement apply to the events of dec. 16th, 1773.
an attack on a private companies property. a private company that was in bed with the english government and enjoyed their protection.

paypal should fear the consumers more than the government.

You said it. Perfect.

no, obstructing one entrance to the store. the store is still open. mastercard is still making money.

an http request doesn't stop outside the entrance to a store, it goes inside.

you are completely wrong.

and continually bringing up MasterCard makes you dense as well