Study Finds DDoS Attacks Threaten Human Rights 118
CWmike writes "A new study warned this week that DDoS attacks launched against sites run by human rights and dissident media groups threaten to knock free speech off the Web. The study, conducted by Harvard University's Berkman Center for Internet & Society, showed that such attacks frequently knocked such sites offline. Of the sites surveyed by the center, 62% were victimized by DDoS attacks in the last 12 months, and 61% experienced unexplained downtime."
Its not DDoS ... (Score:1)
Re: (Score:2)
Boo hoo. You had me and then you lost me.
Re: (Score:3)
Neither link meets definition of a DDoS attack. By definition, a DDoS attack is a third party forcing you to deny service by overloading your server. That's entirely different than an organization voluntarily deciding to not do business with a group.
Re: (Score:1)
Most importantly, it's not distributed.
Re: (Score:3)
They are actually DoS by the traditional meaning of the term.
Mastercard is denying service to Wikileaks. Not a actual internet attack but same effect.
Re: (Score:2)
Re: (Score:2)
Maybe he was just stating a fact. He did say "Its not DDoS" after all.
Re: (Score:1)
Re:Its not DDoS ... (Score:4, Insightful)
On a related note, no true bachelor is married.
This just in (Score:1)
Re: (Score:3)
I think they are trying to make the idea of "X fights Y's Fire with Fire" news.
Honestly, when people advocating Free Speech DDoS a site, they ARE inviting people to DDoS Sites on Free Speech. Regardless if you agree with the moral implications of either scenario - you have to admit it shouldn't be all that surprising.
Re: (Score:3)
Many don't realize that a DDOS hurts more then your target. Most places use external data centers. A really bad DDOS can bring down a data center then hit many other sources, which could be more vital information then a silly web page, saying stuff that people don't want to read.
Anyone else here wondering? (Score:5, Insightful)
There was no study when Georgia (the country, not the US state) was DDoSed during a "dispute" with another country that's gonna remain unnamed for now. Well, maybe because you just don't piss on countries with almost as many nukes as the US.
There was no study when the Iranian government was DDoSed during the 2009 elections, pretty much kicking the Iran off the web. But I guess that's ok, they're "evil" after all, right?
There was no study when wikileaks was under a DDoS just a month ago, probably because they are now evil too (I watch too much Fox, I admit it).
But suddenly, when companies come under a DDoS that terminated business and froze funds of an organization that fights FOR more transparency and freedom of information, a DDoS becomes an attack on the freedom of speech.
Doubleplusgood timing!
Re: (Score:2)
No - wait... What am I supposed to be wondering? I can't answer your question specifically unless you designate what it is I'm supposed to be wondering.
Unless you just mean wondering in general, in which case, yes, I'm wondering what it is you were wondering, so it's like meta-wondering.
Re: (Score:2)
Wonder what you feel like! I leave that to you. I said I watch Fox news, I didn't say I am them!
Re:Anyone else here wondering? (Score:4, Insightful)
So, a study of groups which are all pretty much the opposite of banking and financial institutions must clearly be secretly linked to an attempt to discredit people attacking the banks? I might need to get more tin foil, but when Russia 'attacked' Georgia or Wikileaks was under attack, the concept of DDoSing hadn't been in the news so much. Those were basically treated as curiosities on the sidelines of more major news coverage. After all, what's a little bandwidth choking when tanks and bombs are also involved?
The widespread, highly-publicised attacks against major corporations probably brought more attention on the subject, which previously had been something that was smaller scale and used either for tactical or strategic reasons, either by governments or crime rings, or maybe from time-to-time for personal revenge. Maybe its just the type of news sources I read, but there have been many, many stories about the Anonymous attacks and it seems to be getting coverage across the board.
Given the heightened awareness, is it any wonder that social scientists might start to take a broader look at it? Besides, this is still a pretty far cry from "attacking Visa is an attack on Human Rights!", although the bullshit title for this posting would make one think that. They're saying that many human rights and alternative media sites (one might include Wikileaks under that heading) are under an ever-increasing pressure from attacks like this, which is probably true, and has nothing to do with Visa, Mastercard, PayPal, etc.
Re: (Score:2)
the recent actions of anonymous merely opened up the issue of whether a DDoS can be considered a legitimate form of non-violent political protest.
Hell I'd never even considered the possibility before but there's a compelling argument for it.
This merely affirms the point that any tool can be used for multiple purposes and by different people.
Protesters can have a sit in in front of a store, gangs of teenagers can sit looking menacing scaring off customers.
etc etc.
Re: (Score:2)
Then the question should rather be, why did those Anonymous attacks get so much coverage? Compared to the attacks on Georgia or Iran, where the countries were pretty much off the web, they did fairly little actual damage, if any. Two companies were for a few hours unreachable, without actually interrupting their business.
Why suddenly the coverage? It hat near zero impact on their operation. Georgia was offline for days. Iran was struggling to get blogs online. MC and Visa didn't even issue press statements
Re: (Score:2)
With Visa and Mastercard, it was pretty much the whole story, though. There was no violence in the street and shootings like in Iran. I can't remember if the Georgia incident coincided with the brief shooting war or was just around the same time, but as I said in my original post, news of internet infrastructure being impaired isn't going to carry as much weight as images of Russian tanks rolling down the streets.
Re: (Score:2)
Sure, but it ain't like the last week was so dry that you have no option but to report about some webpages being down. I'd say riots in Athens with politicians being beaten up, storms in California that cause houses to follow the real estate market, the British royals being attacked (not just the usual stuff, assault) over tuition fees, Nobel Prize goes to Chinese dissident and the ensuing turmoil because China and a few other countries boycott the NP ceremonies, a foiled bombing in Baltimore, Hal Rogers be
Re: (Score:2)
Then the question should rather be, why did those Anonymous attacks get so much coverage?
I thought that should be pretty obvious: Wikileaks and the attacks on Mastercard and Visa are more directly related to American concerns.
Re: (Score:2)
Well, first of all, the attacks of 2009 [wikipedia.org] should have been WAY more of a concern, since they not only hit the US but the US media. Still, almost no reports that I could remember.
Also, it's not only the US where the current DDoSs are being reported at length.
Re: (Score:2)
Well, first of all, the attacks of 2009 [wikipedia.org] should have been WAY more of a concern, since they not only hit the US but the US media
But those weren't related to a hot-topic US media story like Wikileaks.
Also, it's not only the US where the current DDoSs are being reported at length.
Again, easily explained. The rest of the world tends to repeat the US media. The US media does not tend to repeat the rest of the world.
Re: (Score:1)
Google News begs to differ [google.com].
The same today, which was the GP's point. Having said that, what Wikileaks does seems more important than a DDoS against it, so Wikileaks activities takes precedence. Mastercard's front page being down because of a DDoS seems more importa
Re: (Score:2)
Well, I don't know about you, but when I'm trying to get a point across, I rarely call those that I want to address "evil". They tend not to listen when you do that.
The message is "DDoS is bad because it hurts freedom of speech and human rights". Interesting, it seems access to the internet is a human right now. I'll remember that next time I hear about three-strikes laws, I guess they're a violation of human rights now... but I digress.
I also neither said any of the DDoSs were justified or "right". All I s
Re: (Score:3)
http://www.metronews.ca/ottawa/world/article/725360--assange-complains-he-s-victim-of-leaks--page0 [metronews.ca]
Hypocrisy goes both ways, it seems.
Though I do sincerely doubt that the study has anything to do with Wikileaks at all. Especially considering that none of the sites that they looked at were involved in the Wikileaks thing, and are, instead, other sites that have been DDoS'd in the last year. As another poster pointed out, the best link that can be drawn is merely one of publicity: people know that DDoS exist t
Re: (Score:2)
I never said Assange is the saviour of the world. I also don't remember saying that Wikileaks is infallible.
What I said is that I find it suspicious that a study like this suddenly surfaces a week after the Anonymous attacks, while every other DDoS in history came and went without much coverage or scientific observation.
Also it's interesting what conclusions they came to. It's not that DDoSs hurt business. It's not that DDoSs puts undue strain on the internet infrastructure. It's not that DDoSs are a securi
Re: (Score:2)
2 Weeks. Do you have any idea how long it takes to do a study like this, then get it published?
Perhaps the timing is fortunate, but I doubt it's intentional. There's been news reporting on DDoS attacks in the past, just that the mainstream media doesn't tend to pick up on it, especially when it's something that doesn't affect people in the mainstream. Remember a few years ago when they took down A and K with a DDoS? That got reported in mainstream media... it didn't kill the Internet, but the mainstream med
Re: (Score:2)
No, this is just a case of a Computerworld 'journalist' editorialising and drawing false equivalencies between the DDoS attacks on WikiLeaks and other human rights organisations and those conducted by Anonymous. The Actual Report [harvard.edu] explicitly does not discuss the banks:
Re: (Score:2)
... and here I am, correcting myself.
Having read some of the report, the narrative does actually deal at length on the Anonymous attacks, in spite of the fact that the summary states that "independent media and human rights organizations" are their focus.
So, please don't mod parent up. It's misleading. My apologies; I shouldn't have trusted the authors' summary.
Re: (Score:1)
There is an old statement out there about it that has been around in one form another for - well - about as long as people have been around.
I'll tell it the way I first heard it (late 80's): "A death of another is comedy, a paper cut on my finger is a tragedy".
That pretty much sums up a great deal of our attitudes going on now. DDoS someone you do not like and it is Power to the People, the only way we can fight back, how *dare* you prosecute them. DDoS someone we like and where are the feds, these people n
Re: (Score:2)
Timing of this study is really peculiar. And anyway protests threatening your rights is true but irrelevant. All that matters is if the achievement of the protest offsets the problem it creates. I do not believe much in protests or even leaks, I think they make a change only when there's someone organized behind it, and organized guys very rarely represent the silent majority. But the study is stupid. Since I am in the scope of godwin's law, it's like saying fighting hitler got people killed.
Point of fact: DDoS does not suppress information (Score:5, Insightful)
The threat to free speech isn't DDoS, it's censorship.
Re: (Score:3)
What is censorship but a DoS, a denial-of-service? Ok, it's centralized, I give you that.
Re: (Score:2)
Censorship means using force to permanently remove suppress something as a means of dictating what is and isn't allowed.
Re: (Score:2)
That's a very narrow definition of denial of service attacks, and not usually used in security circles. The class of denials of service attacks is usually assumed to include every attack that, well, denies you the opportunity to use a service. That would include blowing up a transformer that is instrumental to providing power to the service that you're trying to consume, or setting the server room on fire and burning down the servers, which may well contain the only copy of the service they're hosting if th
Re: (Score:2)
Censorship is not permanent. It only feels that way since it usually lasts for more than a few days. This is the main difference to a DoS, which usually lasts only a very brief time compared to a censorship law. But if censorship was permanent, a lot of things could not be discussed in most of Europe.
The difference is mainly that the actor is a different one. Censorship is usually installed by some kind of governing body, be it an actual government telling what its citizens may or may not see, a church sayi
Re: (Score:1)
Re: (Score:2)
The threat to free speech isn't DDoS, it's censorship.
And a greater threat is self-censorship !
Human rights? (Score:3)
Re: (Score:3)
You gotta take "news" from any of the *world.com sites with a large grain of salt. They love to launch multi-page spams tying into this week's flavor of "exciting new trend and/or development" for a gain in traffic, the quality and sanity come second and third, or not at all.
Re: (Score:2)
It's kinda like the saying, "guns don't kill people, people kill people." The DDoS attacks themselves aren't hurting human rights groups (like the heading leads one to believe), but instead there are people using DDoS attacks to threaten such groups.
Or it's like saying that, "Space shuttle launches harm grizzly bears." If I read that, I'd think there was something going on with space shuttle launches that were damaging to the world's grizzly bear population, when the article just has a bunch of i
Re: (Score:2)
Its the typical 'its for the children' ruse for us t lose more of our rights at the hands of the government. Expect more draconian monitoring laws to be drafted.
Re: (Score:1)
Huh? Since when is 1st amendment violations something that the mouth breathers worry about?
Try to craft something around the 2nd, then they'll care.
DDOS is free speech. (Score:3, Insightful)
DDOS is a form of free speech, just like a lunch counter sit-in. Yes, they take some sites off line for a bit, but they're always back. As long as you're not using an illegally obtained bot-net, you are merely exercising your normal rights as a user of the internet. You're just requesting content, just like the rest of your 10,000 friends.
Sure, the people doing a DDOS could get their own website to get their message out. But who would view it? A DDOS sends a message that can't be ignored.
No it isn't (Score:4, Insightful)
Not unless stopping someone from speaking is free speech. If you are standing at a podium, speaking your mind, and I rush you and duct tape your mouth shut is that free speech? I think you'd have to agree no. Even though it can be argued to express an idea (that being that I don't like what you are saying) the effect is to silence you, not to counter your voice with my own.
Shutting down someone for saying something you don't like isn't free speech.
Re: (Score:2)
How the hell is this not modded up when the parent of it is? The gp is rationalizing offensive maneuvers as passive protesting akin to peaceful civil rights rallies. The parent meanwhile shoots holes through this.
Re: (Score:3, Insightful)
That'd be a great point, but that's not inherently what a DDoS is. It's much more like people crowding around the podium and all the speakers so they block other people's access to your speech. AFAIK, that's legal although not in keeping with the spirit of free speech. But, then, it's not really keeping with the spirit of free speech for you to be using speakers in the first place since o
Re:DDOS is free speech. (Score:5, Insightful)
Crippling a company's ability to do business online is identical to welding their front door shut so nobody can get in. You can picket a company but you're not allowed to physically prevent people from getting in. It's the online equivalent of book-burning, except you're burning the books and the bookstore. There is no "right" to do that, online or otherwise.
It's not free speech. It's a crime. DDoS "hacktivists" are denying the rights of others to visit that website, and are no different at all from the thugs operating China's Great Firewall or the religious freakjobs dictating Australia's and Iran's Internet content. A zealot is a zealot, and they all need to be treated as the threat to freedom and human rights they are, regardless of their leanings. Their methods are the same: "I will decide for everybody else what they are forbidden to see, and use any means necessary to impose my will on others".
Re: (Score:2)
The closest analogy I've seen is the lunch counter sit-in, but that's still not quite right, because the people who participated in sit-ins left peacefully when the police escorted them from the premises. The police can't escort you from paypal.com.
So that's the difference between a sit-in and DDoS.
Re: (Score:2)
A DDOS is like cutting someone's phone line. It seems like it should be a crime, but having your website go down for a few days is now a human rights violation? Puh-lease. This stinks of a vested interest trying to increase government power by issuing fear-mongering propaganda. The majority of DDOS attacks can be mitigated fairly easily; they're more of a nuisance value.
"Human rights and independent media sites are under constant attack," said Ethan Zuckerman
What!? Absolutely blatant rubbish.
Zuckerman's
Re: (Score:2)
OK, now I have skimmed the report, and voila:
"We propose a broad public discussion of a range of policy responses to the rise of DDOS attacks against independent media organizations and human rights groups, with a view toward a sustainable long-term approach that balances the range of legitimate interests involved."
Translation, 'government needs more power to regulate the Internet'.
They do precede that with some actual technical tips that can be used to mitigate against most DDoS attacks, interestingly en
Re: (Score:2)
A couple of points:
> It's the online equivalent of book-burning, except you're burning the books and the bookstore.
No it's not. It's the equivalent of standing outside the bookstore and not letting anyone in. I'm not saying that legitimizes it, just that your analogy is poor.
> religious freakjobs dictating Australia's and Iran's Internet content.
Australia's internet is, in practice, as free as other Western countries. There was a proposal to filter it which wasn't implemented. The proposal was motivat
Re: (Score:3)
Actually, a DDOS is like filling the business' premises with protesters (or having them crowd around the entrance) so that no one can enter.
It doesn't damage the server in the same sense that welding a door shut does, but it does deny access using non-aggressive means.
Re: (Score:2)
So you really think that Anon carries out its attacks buy sitting at the keyboard clicking the refresh button again and again?
Re: (Score:2)
Is it really relevant if they do it manually or automatically?
Re: (Score:2)
A DDOS sends a message that can't be ignored.
Firstly, a DDOS doesn't send any message apart from "somebody is trying to shut down your website." By its very nature, a DDOS does not send any other message - it could be happening for any number of reasons.
Secondly, they are easily ignored. DDOS attacks happen all the time, and they are usually ignored by everybody apart from the technical staff who have to deal with them. They almost never make the headlines.
Re: (Score:2)
Sure, the people doing a DDOS could get their own website to get their message out. But who would view it? A DDOS sends a message that can't be ignored.
That it does. Usually something like "I don't like your speech or practices, therefore I will deny you your right to them." But wait - there's another word for that isn't there?
What human rights groups? (Score:5, Insightful)
Um, what human rights groups are being assaulted by DDoS attacks? The article mentions only a few groups, and the closest things to human rights groups in that list are a Vietnamese environmental protest group and a Russian independent newspaper. And honestly, I can think of a dozen things off the top of my head that could get a group DDoS'd when dealing with Russia.
So I went and skimmed the actual report [harvard.edu] discussed by the article. (No, I didn't read all 66 pages of it.) It doesn't seem to reference any groups other than those mentioned in the article.
I have no doubt that DDoS attacks can be a threat to human rights sites, but so far I don't see any.
And I am having a hard time avoiding the conclusion that the article is deliberately conflating the pro-WikiLeaks attacks with attacks on "human rights."
Regardless (Score:1)
DDoS attacks at sites working against WikiLeaks rather strengthen human rights.
Slightly off topic though. (And no, I didn't RTFA.)
(don't) DDoS the damn media covering this crap (Score:2)
The public reaction to the most recent DDoS activities is far more alarming than the DDoSes themselves. Sure, people are trying to silence speech they do not agree with, but the fact that they are successful means these sites need the attention of a network/infrastructure admin, not the media. Once these attacks become irrelevant, they will stop, along with the sensationalist media that has accompanied them. I might be wrong, but I think all this media coverage has just made the problem worse.
Wow. get a load of that shitty lobbying !!! (Score:3)
apparently, the censorship that has been tried to effect by visa, mc, paypal, amazon, banks, american government, is not stifling free speech. but, the reaction AGAINST it, is. the VERY people that are supposed to have free speech, are being restricted, and when they react to it adversely and fiercely, it becomes 'stifling free speech'.
you gotta love corporate capitalism. even science works in your way, through connections and donations.
Re: (Score:1)
harvard puts out that the reaction of THE PEOPLE against the control mechanisms of established wealthy, are stifling 'free speech'.
Why does it matter what their opinions are? Free speech is for everybody and every opinion.
the VERY people that are supposed to have free speech, are being restricted
Again, EVERYBODY is supposed to have free speech, not just the people who agree with you.
Re: (Score:2)
Why does it matter what their opinions are? Free speech is for everybody and every opinion. Again, EVERYBODY is supposed to have free speech, not just the people who agree with you.
quite so. however the people who do not agree with me, are wanting to suppress my disagreement with them through capitalist mechanics, in this instance.
Re: (Score:2)
Which is their right of free association. They can choose not to do business with a company or organization, just as individuals or other groups have the right to boycott something they don't agree with.
Re: (Score:2)
Which is their right of free association. They can choose not to do business with a company or organization, just as individuals or other groups have the right to boycott something they don't agree with.
yeah, surely. except that in all fields of life there are at most 4 major conglomerates, ALL of which pursue the same policy, monopolizing the fields they are in, preventing entry, and eventually forcing their practices as 'industry' standard.
in middle ages you could also choose to move to somewhere else if you didnt want to live under a feudal lord, in some countries. curiously, wherever you go, feudal lords were ruling the land.
it is a foolish belief that you have, regarding 'choosing not to do busi
I wish you could get modded to "6" (Score:3)
It won't work on ISPs--switching from Comcast to AT&T won't help much.
It won't work on film makers (I'll just refuse to watch Universal Pictures because they are part of the MPAA! I'll just watch Warner Brothers films instead inst
indeed (Score:3)
Re: (Score:2)
it is a foolish belief that you have, regarding 'choosing not to do business with.
VISA, Mastercard, PayPal and whomever else have the right of free association. They get to choose not to do business with Wikileaks for whatever reasons they see fit. Maybe they don't want to support it because they think Assange is a rapist. Maybe they don't want to support it because they think that what he's doing is illegal, and they don't want to have to pay for the lawyers to get them off the hook. Maybe they actually don't think he should be leaking this stuff. Maybe they make all their business deci
Re: (Score:2)
you dont get shit (Score:2)
Re: (Score:2)
Re: (Score:1)
well played sir, well played!
Re: (Score:2)
I read both the article and the report, and it confirms 110% what unity100 is saying. The article specifically calls for "policy responses" to fix the so-called "problem". The article and report specifically bend over very far backwards to try artificially frame this as a "human rights" issue, even putting "human rights" in the title of the report. This is standard fear-mongering propaganda to push for legislative power in the finest 3rd-world communist tradition.
Humans. (Score:1)
Humans are a threat to human rights.
Now stop trying to seize control of my thrice-damned Internets, you fascist bastards.
After reading the ' study' I am worried (Score:2)
Not all DDoS attacks are created equal (Score:2)
Sensational Headline (Score:3)
I mean really, how can a study find anything about human rights? It can't even be conclusively said that human rights exist, and even if you believe in them (which I do), it's still questionable what constitutes as a right and what doesn't. Are they talking about negative rights, positive right? It could be argued that one has a right to DDoS a website. Analogy: If a man is speaking in the street, saying things I disagree with, do I not have the right to speak louder than he is, thus drowning him out and suppressing his right to speech? Where does his right to speech trump mine? I don't know the answer to that, but I'm sure one could legitimately argue either way. Rights are such a vague thing, and to be so conclusive about them is pretentious and ignorant. What sensational FUD.
Re: (Score:2)
Not to mention that on the Internet, if your little website host gets clogged by a DDoS, there are hundreds of other online channels you can spread the exact same information -- from the many online blogging services, to Facebook, to torrents, to using mirrors, to the many free website creation and publishing services, to 'all of the above'. Heck, most DDoS's can be mitigated by just getting better hosting, or using static content instead of dynamic content where possible ... basic things and even the sensa
DDoS is Now Irrelevant (Score:1)
With the FCC passing a law (no wait, they can't) but they wrote it and congress may reprint it, DDoS is no longer important. The government will do it for us.
Meaningless data (Score:2)
Since this was not an actual statistical survey you cannot extrapolate the findings to mean anything other than the 62% of the sites they got to talk with them had problems (as stated in the article). Now I understand that it might be difficult to get a statistical sample because sites may not want to participate, but that doesn't make this a valid report. Actually, it is worse than valid, because it implies a problem exists without any real evidence to support it. I would have expected more from Harvard
Slashdot Effect? (Score:2)
How many "DDoS attacks" were in reality too many real people trying to hit the site.
Re: (Score:1)
Re: (Score:1)
If the referrer field frequently points to a certain web page, it's likely that it's a sort of Slashdot effect caused by that site (unless that page specifically says "DDoS that site!").
Lies, Damn Lies and Statistics (Score:2)
I have to question the methodology of the "study". Of the 300 sites contacted only 45 wanted to talk. Of those 45 only 28 confirmed having been DDosed. Maybe the wanted to talk because they had been DDoSed thereby skewing the results in favour of a sensationalist article. I believe the statistics should be stated as at least 28 out of 300, or 10%, of sites contacted reported DDoS attacks; because that is all they have shown. Ten percent does not make as good a headline as 62%. The real number is probably so
Re: (Score:1)
They failed at inflation, too :-) They could have reported: "Only 5.7% of all contacted web sites stated they had not been attacked."
... really now? (Score:3)
Are we really having this discussion, many christian groups have been caught trying to destroy freedom and secular ideas manually. Their DDoS attacks are people literally banding together in groups to massively just continuously refreshing sites and trying to bring them down, just like they did on that site, what was it, digger? where they burried all stories that weren't extremely pro-religious zeleot in nature. They are all, and have always been, fighting freedom and knowledge in every way possible.
Now this, this load of bull is just trying to take that fact, and relabel all other DDoS attacks, including those to preserve or gain the freedom of speech by waging attacks on those who seek to destroy it. Amazing how hard those bastards will try to make everything against them turn into something against everybody. Hell, amazing what an infinite budget and a bunch of sick bastards can get done, am I right or what?
compared to? (Score:2)
Re: (Score:2)
What? I'm not an AC. I'm logged in. I'm a karma whore. And I just posted:
*
If Berkman donated 1% of its operation budget to maintain hosting for these (so-called) "free speech" issues, there would not be a problem. There's no news here, other than the political ridiculousness of Harvard's liberal whine.