
Anti-racism sites hit by wave of cyber-attacks - 34679
https://www.bbc.com/news/technology-52912881
======
bogwog
I hate how the internet makes everyone think they're smarter than everyone
else. Scheming malicious losers write fake news and propaganda to incite anger
in stupid and naive people, then skeptics come across it and become paranoid
and angry, and then _they_ make fake news and propaganda to incite anger in
stupid and naive people. But in the end, everyone involved is a stupid naive
scheming malicious paranoid loser.

Regardless of who is behind these cyber attacks, whether its white
supremacists, BLM protestors, anarchists, foreign state actors, or edgy 15
years olds in a Discord server with waifu profile pics, the end goal is the
same: to make people angry, and possibly incite more riots. And it's going to
succeed. And if you think about it too much, you'll just turn yourself into an
angry paranoid wreck.

Maybe the internet (or social media) wasn't such a good idea after all? The
technology moved faster than our monkey brains could keep up.

~~~
save_ferris
> The technology moved faster than our monkey brains could keep up.

I think it’s important to remember the ways in which the internet has evolved
that got us here. It’s not just a question of speed, but of incentives.

The internet has long been a tool for huge tech companies to build businesses
that can only exist as long as they remain largely unchecked and unregulated,
and the stock market has cheered these efforts on.

Now, we’re seeing the cost of giving everyone the ability to post whatever
they want without having sustainable solutions to combat weaponized speech
without compromising legitimate dissenting speech. This mistake largely falls
on the market for rewarding this shortsightedness for so long.

Social media companies have also known for years now that controversy drives
incredible amounts of traffic to their platforms, which in turn drives
revenue.

~~~
zozbot234
"Weaponized" speech is an Orwellian phrase. You can weaponize weapons, but
legitimate speech (outside of clear and present danger, like inciting lawless
action or shouting "Fire" in a crowded theater) should always be responded to
with speech.

~~~
save_ferris
The problem nowadays is that it’s getting harder to separate legitimate speech
from automated amplified speech.

Those who are able to build networks of bot accounts are able to deeply
undermine discourse in dangerous ways, and social media platforms aren’t
financially incentivized to deal with it.

Twitter could tell us right now how many bots are on the platform, but they
never will because it could tank their stock.

As long as platforms can be manipulated by automation, this intentionally
destructive speech will continue to proliferate.

~~~
thwarted
This point reveals an angle that is rarely recognized: what needs responding
to is not the mass amount of speech that comes from automated bots, for
automated bots won't listen to the response. What needs responding to is the
people who listen to automated bots.

The concept of responding to speech with speech is focused on reason and
debate between the speakers themselves. But with automated amplified speech,
no debate can exist because, at the surface, there are not multiple human
actors. And at a separate layer, those who listen to amplified automated
speech can not be reasoned with or debated with, the opinions are not their
own and if they were reasonable they wouldn't be listening to the automated
speech to begin with.

------
cochne
Original publication by Cloudflare: [https://blog.cloudflare.com/cyberattacks-
since-the-murder-of...](https://blog.cloudflare.com/cyberattacks-since-the-
murder-of-george-floyd/)

~~~
newacct583
_> Nearly six years ago, Cloudflare founded Project Galileo because we noticed
a disturbing trend of disproportionate attacks against at-risk organizations
and individuals that were advocating for marginalized groups. Project Galileo
was set up to provide protection from cyberattacks for vulnerable targets,
like artistic groups, humanitarian organizations, and the voices of political
dissent._

I had no idea that existed. But I'm pleased it does.

------
zozbot234
Anti-racism sites are being knocked offline... and some people still think
that white nationalists and nazi's are completely uninvolved in the street
violence we've been seeing. Yeah right. This is Anonymous/4chan M.O., and it
and "Antifa" are fake labels which white nationalists are using to cloak their
violent plans.

~~~
AlexandrB
Not _just_ them, but also more recent stuff like the boogaloo movement[1].

[1]
[https://en.wikipedia.org/wiki/Boogaloo_movement](https://en.wikipedia.org/wiki/Boogaloo_movement)

Edit: RE: Antifa as a "fake label". This might be true in specific cases, but
there's an actual anti-fascist movement happening as well.

~~~
lowdose
Sounds like this group is developing it self along the line of /r/thedonald.

Starts as a satire and slowly it shift to attracting more and more people with
extremist views that replace the sarcastic group members.

~~~
AlexandrB
I wonder if this phenomenon has more specific name than just "radicalization".
"Rule of goats"[1] comes close.

[1]
[https://twitter.com/popehat/status/858722120620265473?lang=e...](https://twitter.com/popehat/status/858722120620265473?lang=en)

~~~
pjc50
Other labels which may be useful are "ha ha only serious" (ironic racism is in
and of itself still racism), and "stochastic terrorism", the circulation and
planting of propaganda, ideology, and conspiracy theories that leads to mass
shootings.

The NZ mass shooter and Anders Breivik manifestoes are examples of this.
There's an entire nutcase ecosystem out there who cite each other in their
murders.

------
dec0dedab0de
I would be curious to see how they differentiate between a DDoS and a sudden
influx of traffic from new sources, possibly including sources hiding behind
tor/vpns/whatever.

To be clear, I'm sure Cloudflare is pretty good at determining what is an
attack and what is not, I'm just interested in the technical details.

~~~
nicmccool
I'm sure they could differentiate the hug of death due to sudden popularity vs
the continued onslaught of scripted bots just by frequency of requests, right?
As in, single IP frequency of pings measured out across a batch of addresses.
Those malicious would be more regimented with short recycle times, while those
unmalicious would be browsing making their repeated calls erratic. (Honest
question, I'm genuinely curious.)

------
tarkin2
How much do foreign actors help? There are, of course, US groups that want to
attack these sites.

But bigger pocketed foreign actors will want, it's suggested, to spread
division and mayhem to keep the US occupied.

That is, the Aleksandr Dugin's 'foundations of geopolitics' strategy regarding
the US: support both sides to divide the country thereby keeping the state too
occupied to command itself elsewhere.

Now our media, societies and communities are online this becomes possible,
much more so than before, to those outside the geographical borders of a
country.

The democratisation of the media, virtual communities and targeted-advertising
attacks the weakness of democracy: mass emotional manipulation to turn
democratic choices into unmanagementable tribal warfare that ends in a
totalitarian state.

------
blueatlas
Is the assumption here that racist groups are the source of the DDoS attacks?
Might be interesting to know where the majority of the attacks originate. I
wonder if the attacks are nation sponsored. Adversaries of the U.S. like to
see it on its knees these days, and injecting more FUD is certainly a way to
increase anger & hate.

------
belorn
I would like to see an estimate in how much a person paid in the black market
to buy access to the botnets that did this. $5? $50? $100? What is the going
rate for 110k requests per seconds?

~~~
bArray
I'm not sure, but it doesn't sound like much shared among all of them
(assuming a good number have popped up). I think many people here regularly
deal with those sorts of numbers in legitimate traffic.

> One single website belonging to an unnamed advocacy group

> dealt with 20,000 requests a second.

20k requests per second doesn't sound crazy to re-produce. Assuming you only
need a 100 byte TCP packet to make a request [1], that's 800 bits. Bump up to
2000 bits assuming some overheads from somewhere, a 100Mb/s internet
connection could send 50k requests a second.

Seems like a single person with a decent internet connection could flood them
with 20k request per second. If the attacker picks a page that requests
database access or a large payload return, you could easily sink a small web
server.

[1] [https://stackoverflow.com/questions/14526139/what-is-the-
min...](https://stackoverflow.com/questions/14526139/what-is-the-minimum-
packet-size-for-tcp-over-ipv4)

------
scottlocklin
As usual with this sort of "people doing things online" thing; a completely
vacuous conspiracy theory. Here is the actual source article:

[https://blog.cloudflare.com/cyberattacks-since-the-murder-
of...](https://blog.cloudflare.com/cyberattacks-since-the-murder-of-george-
floyd/)

Here is the plot showing something allegedly different happening this month:

[https://blog-cloudflare-com-
assets.storage.googleapis.com/20...](https://blog-cloudflare-com-
assets.storage.googleapis.com/2020/06/1.png)

What's the p-value on a t-test of difference there, cloudflare spooks? By
eyeball there is no difference.

Then a completely unsubstantiated assertion: "The category with the biggest
increase in cyberattacks was Advocacy Groups with a staggering increase of
1,120x."

What are these Advocacy Groups of which you speak? The BBC implies it's the
NAACP or something; Cloudflare spooks don't say at all -for all we know these
"activist" websites are terrorists, racists, anarchist revolutionaries, video
game fans: nobody but Cloudflare knows, assuming they're not just making it
up, or making a mistake in their group-by query.

Rather than reading this BBC report critically as the piece of nonsense
propaganda it is, people on HN seem determined to fit it into whatever
fantasies about Russians or Evil 4chan Racist Infiltrators or Weapons of Mass
Destruction or whatever (mostly imaginary) bugaboos they're troubled by this
week. Disgusting. Fools.

~~~
krebs_liebhaber
It's always an incredibly sad display when HN types talk about politics. The
only thing they're less qualified to talk about is religion.

------
SpicyLemonZest
I feel bad for Cloudflare saying this, but I really think this shows we need
to democratize DDoS protection. It's become essentially mandatory if you're
running a site which might face controversy, and in the long term I'm not sure
we can rely on the continued goodwill of a handful of companies to make sure
it's widely available.

~~~
jedieaston
What does that actually mean in practice? Government subsidized compute
doesn't seem like something I'd trust all that much in practice (seems like
it'd be ripe for censorship). So it'd have to be decentralized. If only IPFS
was ready for prime time....

~~~
SpicyLemonZest
I really don't know what it means in practice. I don't have a silver bullet in
mind.

------
noobermin
On the one hand, I guess you expect something more sophisticated when someone
mentions a "cyber-attack" but on the other hand, knowing the context (the
article is in the general media, and sophisticated/intelligent/motivated
actors don't really have a vested interest in attacking one-off activist
groups), you really come to suspect it's nothing more than a DDOS attack.

------
tarkin2
Why is this flagged?

------
crazygringo
I was under the impression that these kinds of kids and hackers DDoS-ing sites
for fun or activism were virtually all socially liberal, so attacks on
government and military websites make sense to me.

But I'm truly surprised to see anti-racism sites suffering from these attacks.

Is there really a racist contingent of hackers out there? I just never thought
of the two going together.

Or is this more likely to be more Russian hacking efforts continuing to do
their best to sow division, according to Putin's well-known playbook?

~~~
thrwaway69
I think they don't care as long as lulz. Don't think too much about what kids
like to do in free time.

~~~
kitotik
I’ve never understood this train of thought that kids have no meaningful
thoughts or points of view.

It’s not like adulthood has some magic turning point where ignorance turns to
enlightenment.

I’d wager that far more adults are manipulative, pathological liars than kids
tend to be.

~~~
thrwaway69
I think you misunderstood me. I didn't mean to generalize this over everything
they do but lulz is a good enough reason for the online fake propaganda and
trolling in 99% cases. Just go on discord and find 16 year old haxors with
waifu pics.

There's no profound political or sociological reason behind this like you
mentioned yourself, adults are manipulative while kids tend not to be as much.

------
sna1l
Why did this get flagged????

------
foobar_
How do you tolerate people who are against tolerance in a tolerable way
without becoming intolerant ?

~~~
teddyh
Easy: You just redefine “tolerance” to include intolerance of some people.
Done!

------
rapsey
We are really seing the chickens comming home to roost with regards to
globalisation politics of the last few decades. When the wealth growth only
happens in the top few percent this is inevitable.

~~~
AlexandrB
This comment is wholly unclear. What's inevitable? Cyberattacks? Racism?
Protests? Police violence?

~~~
rapsey
Yes

~~~
arel
Globalisation has many problems but _causes_ racism?

I would argue it's demagogues who take advantage of societal breakdown to
inflame inherent racism.

More generally we also have a choice regardless of circumstances to not be
racist. I can see how as a species we're not there yet though.

~~~
0-O-0
I believe that argument here is that globalisation causes a bunch of
interactions that wouldn't have happened otherwise, that leads to strife
("they took our jobs" is one of the plethora of scenarios) and that leads to
racism.

