funsec mailing list archives
Re: Anonymous not freedom fighters
From: Paul Vixie <vixie () isc org>
Date: Sun, 13 Feb 2011 16:22:42 +0000
From: <robert_mcmillan () idg com> Date: Sun, 13 Feb 2011 14:58:26 +0000 "Denial of service is not merely a peaceful protest meant to garner attention for a cause. Denial of service is forcible and it is injurious. It is not like any form of civil disobedience, but rather it is criminal behaviour more like looting. " But is it really? If I loot your shop, I now possess something that rightfully should belong to you. DoS isn't entirely like this. How is DoS different from shutting down business at a brick-and-mortar location by holding a big rally? They're both "forcible" and "injurious."
i'll address those two issues independently. first, possession does not matter and durability does not matter. forcible injury occurs in this case because someone is deprived of value whether it's measurable in dollars are not and whether it can be possessed by the depriver or not. second, there are checks and balances in place for "big rallies". if egypt does not settle down at some point and stop having big rallies and restart their economy they're going to have trouble growing and importing food. i think the "rule of law" is pretty much out the window on such things, and the exact same issues are at stake -- the crowd ultimately has to balance the need for chaos against the need for order. the "rule of law" wins out in some form even if it's a new government afterward. so, suspending the "rule of law" in that situation is beyond the scope of my blog post. if a million disgruntled citizens want to protest their government that's a very different matter than a few dozen disgruntled activists protesting the existence or nonexistence of something like wikileaks. the internet infrastructure has too many coupled dependencies to be used for protests in this way -- there's no way to isolate the effects so that people and activities who aren't being protested won't be injured. but even if it were possible to isolate the effects i would find statements of the form "i'm for freedom so i'm ddos'ing you" to be totally irrational.
People are often arrested at these G20 protests, but they're generally later released or charged with a misdemeanor. The consequences of those arrests are much less severe than in the case of DoS attacks. In fact, the consequences of those protests seem much more severe than a DDoS attack. I was in Toronto last summer and the city's center was essentially shut down both in anticipation of the G20 protests, and then moreso when the protests actually happened.
there are in that situation checks and balances. the protesters at a G20 summit are expecting to get arrested and it's a risk they're willing to take. if the people who ddos'd wikileaks or who ddos'd the banks who did not want wikileaks as a customer were taking the same risks i'd be less concerned about the instability of their implied new social order which seems to be "anybody who is angry at anybody can take pot shots at them through the internet infrastructure without any cost or risk to themselves." that way lies madness and there is no moral foundation for it no matter what the ddos'er may say or may believe. as a habitat, the internet infrastructure is fragile and easily overrun by bad acts or bad actors who behave nonsustainably and for whom no checks and balances exist. i am working on that but my work is way behind the curve for ddos attacks.
Anyhow, I'd be interested in seeing you expand on this a little more, as I think it's an interesting question.
loving as i do the sound of my own voice, i'm glad you asked for details. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Anonymous not freedom fighters RandallM (Feb 12)
- Re: Anonymous not freedom fighters phester (Feb 12)
- Re: Anonymous not freedom fighters Paul Vixie (Feb 12)
- Re: Anonymous not freedom fighters der Mouse (Feb 12)
- Re: Anonymous not freedom fighters Jeffrey Walton (Feb 12)
- Re: Anonymous not freedom fighters Paul Vixie (Feb 13)
- Re: Anonymous not freedom fighters robert_mcmillan (Feb 13)
- Re: Anonymous not freedom fighters Larry Seltzer (Feb 13)
- Re: Anonymous not freedom fighters Dave Paris (Feb 13)
- Message not available
- Re: Anonymous not freedom fighters Paul Vixie (Feb 13)
- Re: Anonymous not freedom fighters robert_mcmillan (Feb 14)
- Re: Anonymous not freedom fighters phester (Feb 14)
- Message not available
- Re: Anonymous not freedom fighters Paul Vixie (Feb 14)