Forgot your password?
typodupeerror
Botnet Privacy Security IT

'Anonymous' WikiLeaks Proponents Not So Anonymous 390

Posted by timothy
from the they-see-what-you-did-there dept.
Giovane Moura writes "For a number of days the websites of MasterCard, Visa, PayPal and others are attacked by a group of WikiLeaks supporters (hacktivists). Although the group calls itself 'Anonymous,' researchers at the DACS group of the University of Twente (UT), the Netherlands, discovered that these hacktivists are easy traceable (PDF), and therefore anything but anonymous. The LOIC (Low Orbit Ion Cannon) software, which is used by the hacktivists, was analyzed by UT researchers, who concluded that the attacks generated by this tool are relatively simple and unveil the identity of the attacker. If hacktivists use this tool directly from their own machines, instead of via anonymization networks such as Tor, the Internet address of the attacker is included in every Internet message being transmitted. In the tools no sophisticated techniques are used, such as IP-spoofing, in which the source address of others is used, or reflected attacks, in which attacks go via third party systems.
This discussion has been archived. No new comments can be posted.

'Anonymous' WikiLeaks Proponents Not So Anonymous

Comments Filter:
  • Using TOR? (Score:4, Insightful)

    by jfiling (844278) on Saturday December 11, 2010 @08:12AM (#34522626)
    I was under the impression that running the LOIC through TOR would DDoS the TOR network, not the intended target.
  • No shit, sherlock? (Score:5, Insightful)

    by PseudonymousBraveguy (1857734) on Saturday December 11, 2010 @08:24AM (#34522670)

    Sending an IP datagram with your own IP in the header makes you traceable? Inconceiveable!

    Why do you have to write a ten page whitepaper for a simple observation that anybody who is able to find out his own IP address and click on two buttons on wireshark could make in about 5 seconds?

  • by Rakshasa Taisab (244699) on Saturday December 11, 2010 @08:29AM (#34522700) Homepage

    Yeah, let them go ahead and arrest hundreds of random people... That's sure to make WikiLeaks less popular with The People.

    It's like arresting protesters trying to stop a building project... If you throw the law book at them it's going to ruing your public image.

  • by devbox (1919724) on Saturday December 11, 2010 @08:31AM (#34522712)
    Not really, most people just think they wont get any problems "just" as a part of a large group of people and think it's somehow justified because other people are doing it too. The usual teenage groupthink. But when you're hitting the likes of PayPal, Visa, Mastercard and government websites, well, problems will come.
  • by adosch (1397357) on Saturday December 11, 2010 @08:42AM (#34522762)
    Regardless of the amount of 'fight-the-man' fame WIkileaks and Assange and Company have drummed up, I think the bigger thing to take away from this story how vulnerable Big Company still is to online DDoS attacks at any given time and for any sort of reason, inflicted or not. You can argue about the traceability and poor track covering tactics of LOIC all day, but it did it's job and did it well. The time and effort to try and even prosecute any of the thousands and thousands of 'whomever's responsible for that source IP would be staggering and it just won't happen. Like many of the /.'s, I side with the notion, "Who cares" and wait for the next front-page new post.
  • by Ritz_Just_Ritz (883997) on Saturday December 11, 2010 @08:42AM (#34522766)

    Not really. These aren't "protesters trying to stop a building project." Like it or not, they're also criminals who are disrupting websites and networks that other folks are paying to use. However, let's humor you and say they're simple protesters. As every person who engages in civil disobedience knows, you've got to be prepared to be arrested/punished. The long arm of the law doesn't always roll their eyes and wait for you to go away.

    Best,

  • Re:Using TOR? (Score:5, Insightful)

    by gilbert644 (1515625) on Saturday December 11, 2010 @08:50AM (#34522790)
    Isn't it kinda childish to label everything that isn't pro wikileaks as CIA shills?
  • by Anonymous Coward on Saturday December 11, 2010 @08:59AM (#34522840)

    Because you heard other people on 4chan are doing it and wanted to be cool too?

  • by Anonymous Coward on Saturday December 11, 2010 @09:17AM (#34522912)

    Here's how the process goes:

    1. /b/ gets angry at something (only /b/, the other boards do nothing)
    2. Some /b/tard creates an image, which contains information in this format:

    A quick summary why we're attacking
    Where to get the tool
    How to use the tool (this part is usually a screenshot of the tool)
    When to start

    3. Aforementioned /b/tard starts a new thread with the image, with the text saying "GO!" or "do it nao!" (sic), occasionally referring to the alleged sexual preferences of the reader
    4. People see the thread, bump it, and do as they're told

    The vast majority of the people who use LOIC know nothing about the internet. They're just grunts. The only smart ones are those who create these images and formulate the attacks, and they're behind seven proxies. They might not even use LOIC themselves, knowing how easy it is to get caught.

  • by chrb (1083577) on Saturday December 11, 2010 @09:27AM (#34522958)

    I mean why would you join something such as the LOIC without IP spoofing?

    Because many people can't IP spoof? You need to get your broadband router to forward a packet without NATing it, then your ISP has to forward that packet even though the source IP is wrong.

  • by Opportunist (166417) on Saturday December 11, 2010 @09:28AM (#34522968)

    Well, technically, so do normal protesters. They clog streets that I'd like to use, they are noisy which disturbs the other neighbors, they're loitering and maybe even squatting, which may be illegal on its own, depending on your country.

    These "internet protests" are not really more or less disruptive to "normal folks" life than ordinary protesters. The difference is that "normal" protesting is protected in most western states and the disruption they cause is something you have to endure because they're executing their right to assemble (peacefully) and protest. Do you think I'm happy to sit in a traffic jam because some students are against chanting in front of our parliament? I hate the jam, but I support their right to protest and to voice their dissent. I consider it important that they may do that, even if I do not agree with their political position and think (for once in a while) that our government is doing a few things right.

    But their right to protest and voice their dissent is more important than me being late for my appointment.

  • by aurispector (530273) on Saturday December 11, 2010 @09:38AM (#34523026)

    It's a surprise that these people are just a bunch of script kiddies? The phrase "useful idiots" comes to mind: these knuckleheads will take the fall, giving the media and legal system someone to chew on while those with some modicum of coding skill avoid attention. I bet it wouldn't take a lot to ID the majority. Their safely is really in numbers, which isn't much safety at all.

  • by massysett (910130) on Saturday December 11, 2010 @09:39AM (#34523028) Homepage

    I don't know who started this dumb, inaccurate, and insulting "hacktivist" portmanteau. These people are simple criminals. They are doing nothing to support Wikileaks. To support Wikileaks, give it money. Give it hosting. MIrror its documents. Attacking MasterCard does absolutely nothing to support Wikileaks.

    "Hacker" only means bad things to most people, so I give up on that part of this dumb word. But "activist"? That belongs to people like Liu Xiaobo, winner of the Peace Prize who can't even go to his ceremony because he's in jail. It belongs to people who are actually trying to advance good in the world. It doesn't belong to simple criminals who are engaged in the pointless, cowardly, and pseudo-anonymous destruction of commercial websites.

    I don't know if "hacktivist" is some attempt to be cute, some attempt to stir sympathy for these criminals, or some attempt to look cool by using some hip new word invented on some blog or in Twitter, but there is a huge difference between activism of any kind and simple, cowardly, criminal vandalism.

  • by Sycraft-fu (314770) on Saturday December 11, 2010 @09:43AM (#34523044)

    Protest is things like gathering together peacefully to make your position and numbers known. Protest is writing your elected representatives to let them know that you find something unacceptable and will vote them out if they don't take action. Protest is refusing to shop at a store, and let others know why.

    Protest is NOT launching an attack to try and shut down things you don't like. These people aren't protesters. They are like the jackasses at a physical peaceful protest that go and loot stores or burn cars or whatever. They are vandals, pure and simple. They are out to destroy, not to protest.

    They aren't even EFFECTIVE vandals at that. Amazon is up and running good as ever, doesn't even seem to be slow. My understanding is that MasterCard was down but it is back up now, however none of that mattered since their site is not at all important, their transaction processing is and that was never affected (credit cards worked fine all last week). They are kids throwing rocks at a window, and missing, because they are angry and can't be bothered to do anything productive.

    There isn't any excuse for behaviour like this. It also doesn't help your cause. It makes it seem like the people who support Wikileaks are just immature criminals, who lash out at 3rd parties when they don't get their way. It is real thug like behaviour "Do what I want or I'll hurt you!" That kind of thing does NOT lend itself to respect and support.

  • by Elbereth (58257) on Saturday December 11, 2010 @10:05AM (#34523148) Journal

    Nice summary. Yeah, I wouldn't actually partake in the raid, myself, if I were calling for one. Instigating the raid is bad enough, really, and there's no reason to actually get your hands dirty, if dozens, hundreds, or thousands of grunts are doing it for you.

    Of course, you're unlikely to get a personal army just because your girlfriend cheated on you, unless your revenge includes lots of "lulzy" repercussions for her.

  • Re:Using TOR? (Score:5, Insightful)

    by horatio (127595) on Saturday December 11, 2010 @10:10AM (#34523168)

    Yes, it is. It is also some kind of hubris to scream about Wikileak's "1st amendment rights" to then attack MC, Paypal, ....and Sarah Palin's website? These entities have a right to conduct their business however they want without undue criminal interference. Palin, whether you agree with her or not, certainly has a right to post a dissenting opinion on FB without having her place (website) smashed up by a bunch of thugs.

    "More speech for Assange and wikileaks --- but no speech may be heard from, no business may be conducted with anyone who thinks this was a stupid/criminal/illegal/unethical thing to do and chooses to terminate their business relationship with Wikileaks!"

  • by Graymalkin (13732) on Saturday December 11, 2010 @10:31AM (#34523296)

    The people performing sit-ins were not attempting to be anonymous and running away as soon as they were challenged. They were willing to act in public and be arrested for what they believed in. Participating in a DDoS is not remotely similar no matter what delusions of grandeur they might have. It's troubling that these people are equating DDoSing a website with activism or protest.

  • by darrad (216734) on Saturday December 11, 2010 @10:31AM (#34523298) Homepage

    So says the Anonymous Coward...

  • Re:Using TOR? (Score:2, Insightful)

    by Farmer Tim (530755) <roundfile@nosPAM.mindless.com> on Saturday December 11, 2010 @10:47AM (#34523396) Journal

    There's this awesome thing called a sense of humour, that lets people realise when someone's being facetious, all by themselves. It's a crazy concept, I know, but it just might be worth a try.

  • by arivanov (12034) on Saturday December 11, 2010 @11:30AM (#34523664) Homepage

    Both you and UTwente missed the point.

    It is a different type of attack. It is the "I am Spartacus" attack.

    It requires putting 100000+ people most of which are juveniles in their jurisdiction on trial. No politician today can stomach that one at this point. However, the way things are going and the way we are sliding towards police societies I am not so sure that this will be the case a few years from now.

  • Re:Using TOR? (Score:0, Insightful)

    by Anonymous Coward on Saturday December 11, 2010 @11:40AM (#34523714)

    You may not be a CIA shill, but you're an enemy of freedom and transparency.

  • by h4rm0ny (722443) on Saturday December 11, 2010 @11:42AM (#34523726) Journal
    Nope, Ghandi never won the prize though I think he was nominated several times. On the other hand, Henry Kissinger did, which tells you all you need to know about the Nobel Peace Prize. GP made a bad example, I don't recall acts of sabotage by Ghandi, but he was certainly a law-breaker and a criminal by the laws of the time. GP should have picked a different specific.
  • Re:Using TOR? (Score:5, Insightful)

    by shaitand (626655) on Saturday December 11, 2010 @11:44AM (#34523740) Journal

    "It is also some kind of hubris to scream about Wikileak's "1st amendment rights" to then attack MC, Paypal, ....and Sarah Palin's website?"

    Silly rabbit. The bill of rights is for actual humans.*

    * Palin may be human but public figures open themselves to criticism.

  • by h00manist (800926) on Saturday December 11, 2010 @05:58PM (#34525994) Journal
    Just widely publish facts. That's what Wikileaks does. Just google some money laundering news or other similar "services" numerous financial mammoths offer regularly, publish them to many more places, and you'll do much more lasting damage than a bunch of packets for a couple of hours.

    Someone has to to teach these kids that corporations are more worries more about teh bad publicity, than the broken websites. You're not breaking the law by widely re-publishing the truth, it can be done easily, and you can actually use Tor for that, respecting netiquette and all.

Old programmers never die, they just hit account block limit.

Working...