

Anonymous takes down Department of Justice and Universal Music - coupdegrace
http://rt.com/usa/news/anonymous-doj-universal-sopa-235/

======
redthrowaway
Anonymous has never had the firepower to take down those three sites
simultaneously using LOIC, so I'd be interested to see what the mechanism is.
I suspect it's one or more of the Sabu-types firing their botnets. If this is
the case, to what extant can this action be attributed to Anonymous? I'm sure
there's likely broad support for it, but if it is just the actions of one or
two botherders it makes attribution a bit of a grey area.

Edit: Add mpaa.org to the mix, as well as an attempt on fbi.gov. They'd have
to have several gigs worth of bandwidth available to be able to hold all 4
sites down simultaneously. With average upload speeds in the hundreds of
kilobits, that's a reasonably large botnet (50k-100k, as an pulled-from-ass
guestimate).

~~~
espeed
Don't rule out a cyber-false-flag designed to raise the profile of "hackers"
and build public demand for SOPA and friends.

~~~
jhales
Possible, but if this were true, one would expect denials from anonymous
mouthpieces as well.

~~~
sebphfx
also, poster child spokesperson Barrett Brown confirmed it.

------
zmmmmm
I'm trying hard to think of what could be more counterproductive to the gains
made in combating SOPA and PIPA over the last week than this, and I basically
can't think of anything. Unbelievable.

~~~
rickmb
So taking a few sites down for a short while is counterproductive, but
completely destroying a business without due process is the normal civilized
legal procedure?

It's time we realized that we are no longer in the warm embrace of freedom and
democracy here. Sure, it's throwing stones while the other party is using
heavy artillery, but that's how uneven struggles start.

If anything, this Megaupload episode shows (and not for the first time) that
SOPA and PIPA are just a distraction, and there are no real gains to be made
here. We've already lost, they already have all the power they need.
Megaupload is _gone_ , complete with the data (and personal information) of
thousands of users worldwide. Any actual trial that may follow is just for
show, just like the whole SOPA debate.

~~~
dissident
I'm a completely anti-copyright, pro-piracy, pro-megaupload person, but there
was due process and complete legitimacy with them taking down megaupload.

Perhaps megaupload are not guilty of anything, but this entire episode was
completely legal and proper. The owners were indicted and they served
injunctions against the servers, and seized their domains. They have treaties
with all of the countries involved to extradite the operators.

Regardless, this does not make it okay to DDoS government websites offline.
It's really easy to download LOIC and DDoS whatever websites are mentioned in
#anonops, but you relinquish all moral high ground in the process.

In fact, this rarely does anything. The websites usually just mitigate the
attack within a couple hours, and in hindsight it just looks like a hissyfit
that got nowhere.

~~~
sebphfx
exactly. It's an uncreative form of hacking.

------
Zirro
While it's a bad way to protest in many ways, I somehow feel that it's pretty
fair considering that Megaupload was taken down without a trial. Both sides
taking the laws in their own hands, except that the media industry gets away
with it.

(Yes, I do consider taking a site down without a trial an abuse of the
system.)

~~~
electromagnetic
> I do consider taking a site down without a trial an abuse of the system.

Agreed. Every other type of business gets to continue operating with the
government just taking their books to investigate them and their practices.
However any dotcom will have their entire business and profitability shut down
the moment the government wants to investigate one iota of what they're
doing/done. It also won't be returned for 3 years and when it is it will be in
poor/unusable condition overlooking the fact that it's now likely
technologically useless to a dotcom.

------
abraxasz
I'm not sure this is the kind of PR that SOPA opponents need right now. I'm
not saying that attacking UM website is good or bad, but the timing is
certainly awkward imho.

~~~
earbitscom
I thought the same. There couldn't be an easier way to say, "Look at the
lawlessness of the internet. These pirates have to be stopped, oh, and they're
also a threat to homeland security."

~~~
Natsu
Yeah, this was a really bad idea on all counts.

EDIT: I don't care about being downvoted, but I would like to know why anyone
thinks this is a good idea? It accomplishes nothing and makes us look bad. I
understand why people are upset, but this does not help.

~~~
jarek
I don't really want to get meta but it's possible you were downvoted not in
disagreement but because someone felt your post contributed little more than a
"+1" post.

~~~
Natsu
You might be right about that, but I think it's pretty important not to get
mixed up with this.

I know they're not really doing anything harmful to the computers, but they're
making us look like criminals.

------
scott_s
This is another case of: <http://xkcd.com/932/>

~~~
Typhon
Which means it's a PR victory for anonymous ; it makes them appear stronger
than they are.

~~~
earbitscom
Also, unfortunately, a PR opportunity for the RIAA who can now point to the
wild west of the internet and the fact that sites like Megaupload are
supported by the most "dangerous" hackers in the world, the guys who took down
the DOJ.

~~~
moe
_sites like Megaupload are supported by the most "dangerous" hackers in the
world, the guys who took down the DOJ_

Wait for it, you'll hear this line nearly verbatim on Fox News.

------
ypcx
"Megaupload had been brought down by _federal authorities_ and four people
linked to the site, all _outside of America_ , were arrested and charged with
a conspiracy related to copyright infringement."

Are they also held in Guantanamo, or were they executed on the spot?

~~~
sp332
We probably have extradition treaties with those countries. And if those
countries signed the Berne Convention, those jurisdictions must uphold US
copyrights.

~~~
borism
extradition != arrest

~~~
feralchimp
You need to habeas some corpus before you can put that corpus on a plane to
America.

~~~
riffraff
But isn't extradition only applicable after you have been found guilty?

~~~
sp332
Not usually, since the act might not even be illegal in the jurisdiction where
you are finally arrested. Usually you're brought back for a trial and
sentencing.

~~~
riffraff
sorry, I was unclear and referred to a trial in the country asking for
extradition, but you answer is good anyway, thanks.

------
46Bit
I hate to be the guy who bemoans fun, but I'm sure this makes the Senators who
changed their minds over SOPA lately feel great about who they're on the side
of.

------
stfu
_Anonymous operative Barrett Brown_ So that guy still goes around pretending
he is some Anonymous official? What a weird character:
[http://www.dmagazine.com/Home/D_Magazine/2011/April/How_Barr...](http://www.dmagazine.com/Home/D_Magazine/2011/April/How_Barrett_Brown_Helped_Overthrow_the_Government_of_Tunisia.aspx)

------
user8204
I just downloaded their page (not via browser) and saw that they've just taken
this code: <http://pastebin.com/grNdf3Mj> (safe to visit, plaintext) and
wrapped the js in a self invoking function. At the end of the function they
included a call to another function which starts firing.

The original script required users to click the fire button but this does it
by itself on load.

Strangely the current 'attack' page also features the google ad script, a
twitter widget, kontextua ad script and whos.amung.us visitor tracking.

------
dmix
Based on the extremely slow loading of both sites, it seems to be a DDOS.

------
codezero
Don't feel too sorry for megaupload, they did manage to rake in several
hundred million dollars.

~~~
oinksoft
That's a very large figure. Source?

~~~
kcima
Not quite a several hundred.

Page two of the grand jury indictment linked from original post says,
"...reported income in excess of $175,000,000."

Still a very large figure.

~~~
Retric
That's before expenses, depending on their hosting costs etc they could have
lost money. IMO, profit may have been in the 10's of millions but copying them
is unlikely to make you rich.

------
pavel_lishin
> “It was in retaliation for Megaupload, as was the concurrent attack on
> Justice.gov,” Anonymous operative Barrett Brown tells RT on Thursday
> afternoon.

I hope that's a pseudonym.

~~~
redthrowaway
Barrett Brown is neither a pseudonym, nor an operative. He was, at one time, a
self-described spokesman for Anonymous. He since has said that he is no longer
an active participant, but that he hangs out in IRC to keep abreast of goings-
on.

------
trotsky
Ahh, pure e-thuggery. I'm sure the DOJ will think twice about using
international treaties to enforce federal law next time?

------
fady
i'm just amazed when i read about hacks like this. i can't help to think that
these guys really know their shit and seem kinda "powerful."

not because they did it, but because they know how to. i wish i understood the
web's infrastructure more.

~~~
eridius
It's just brute force. It's not like they're sneaking into the site and
disabling the web server. They're just assaulting it from the front until it
cracks under the pressure. In other words, they're taking down the site, but
they're not gaining access to any of the source or data in the site, or
gaining control over the servers.

~~~
fady
ahhh. i thought they gained access, etc.. thanks for the clarification.

~~~
hack_edu
Take HN commenters' infosec analysis with a large grain of salt. Their
assumption is that everyone is a script kiddie, especially Anonymous. Even if
there is a call for a DDOS, infiltration and gained access could likely
precede or follow as a supplement to the attack.

Let us not forget that DOS attacks present potential for man-in-the-middle
attacks. Its a perfect cover for their real hacking teams to infiltrate and
gather further intelligence.

------
_investigator
Well, let's see Anonymous host a website. I'm sure the DOJ or FBI could take
it down, by legal or technical means. What is the point? There's no such thing
as a webserver that "never goes down", or a network that is "always up".
Things fail under stress, things are taken offline and put back online, and
redundancy or rerouting usually covers it all up. Not all organisations put
100% of their efforts into maintaining an external public website that "stays
up" 24/7. I doubt any member of the public is pounding their keyboard because
they can't access the FBI, DOJ or UMG websites. How many visitors do you think
those sites even normally receive?

~~~
freehunter
Do you think these organizations are going to sit back and let their sites get
shut down without a response? No, they're going to ramp up their security and
network teams to subvert the attack and make sure the attack isn't covering a
penetration. Bring down the firewall, bring down the company. It costs real
money to keep a company running through a DDoS.

------
mrleinad
It´s indeed a LOIC on all those sites.

~~~
someone13
WARNING: It looks like these links actually cause your computer to attack
sites. Don't click these if you have a problem with that, fear getting
arrested, etc.

EDIT: seems that the parent comment was edited :)

~~~
jgmmo
__This is correct! NSFW!!!

