

'Anonymous' hackers plan to shut down the Internet this Saturday - joering2
http://www.bgr.com/2012/03/28/anonymous-hackers-plan-to-shut-down-the-internet-this-saturday/

======
nextparadigms
At this point I think it's just FBI/CIA trying to troll us and get more cyber-
laws passed.

~~~
droithomme
Arg! I hate to say this but "I came here to post this."

This is not the sort of thing Anonymous does, they've been careful not to
aggravate the public and make clear it is the elite and not the common man
that is their nemesis.

We also know for a fact that US intelligence agencies have infiltrated and
have been in control of many Anonymous operations.

Not too hard to see that this will be a test run of whether intelligence
agencies can shut down the internet.

~~~
wlesieutre
If you hated to say it, couldn't you have left it out or just said "I agree"
instead? The rest of your post doesn't depend on us knowing what you came here
to say.

~~~
droithomme
Sure I think you are right.

I sometimes maintain a conversational tone here, so expressing personal
surprise at seeing what I was going to type as the top comment just sort of
came out. I "hated to say it" because it's such an overused trite idiom. But
yeah, it added little and "I agree" would have been a smoother intro.

------
wtvanhest
I wish they would choose Friday. I could use a day to take a break.

~~~
stevenspasbo
and if nothing else it makes a great excuse for sys/network admins.

"I can't get online!"

"Yeah anonymous took down the internet"

~~~
JonnieCache
Perhaps it's not an fbi conspiracy, it's the secret brotherhood of BIND admins
who just really want a day off.

------
shenberg
Why attack DNS? BGP is more vulnerable and receives less scrutiny (remember
Pakistan bringing youtube down for the entire world via a misconfigured
censorship attempt?). Go look at the references from
<http://en.wikipedia.org/wiki/IP_hijacking> for some horror stories.

~~~
getsat
L0pht testified before Congress claiming that they could shut down the
Internet globally in 30 minutes back in 1998. If I recall correctly, it was
through attacks against BGP/BGMP. I can't find a non-broken source link,
though.

~~~
aw3c2
Should be <https://www.youtube.com/watch?v=VVJldn_MmMY>

~~~
ljd
The intro where they used their hacker names made it worth it.

------
adrianwaj
They should go more negative and turn off the sun or more positive and build a
new internet that day.

------
tzs
I'd love to see a few prominent sites (Google, Apple, Amazon, Microsoft,
Twitter, Facebook, and so on) get together secretly and agree to have, say, a
10 minute outage at the same time during this--just to see what these
"hackers" do if they think for a bit they actually succeeded.

------
inchcombec
I really hate the fact that this nonsense keeps getting reported. Even the
article itself, while it has the headline "'Anonymous' hackers plan to shut
down the Internet this Saturday", states that "there is really no need to
fear". Better title: 'A few individuals make crazy claims of doing something
impossible.'.

Not only would it be basically impossible to take down the DNS servers even if
they had large participation, but there will be essentially no participation
since most main 'anonymous' sites/leaders are telling people to have nothing
to do with it.

This is just nonsense intended to drive up hit counts. I really don't think a
person needs to be very technical to realize this is nonsense. Most people
aren't rocket scientists, but would have the sense to call bullshit pretty
quickly if I claimed I was going to test a working warp drive on Friday. I've
never understand why computers seem so complicated and strange to people that
the same common sense and critical thinking that makes it obvious I don't
really have a warp drive don't seem to apply.

~~~
cmfoster
You can read
[http://www.wired.com/science/discoveries/news/2002/07/54040?...](http://www.wired.com/science/discoveries/news/2002/07/54040?currentPage=all)

While it is unlikely that this will actually happen you are still far from
correct saying that this is virtually impossible, for certain this is
possible.

If anyone here recalls the blackhat heydays pre-2003 you may have/have not
recalled a group known as "Fluffy Bunny" that broke into (at the time) what
were thought to be the some of the most secure box's on the net, a few to name
were VA software, UU.net(efnet), (cross site scripting) securityfocus.com,
sans.org, (even a site dedicated to making fun of and host mirrors of defaced
websites) attrition.org.

Getting back to the original point I was trying to make, one of their most
notable hacks was breaking into multiple Akamai servers. No remote exploits
were used against Akamai servers, every computer they had access to at Akamai
was gained through a patch version of ssh which recorded all users password
before encryption and placed it in a log file within a hidden directory on the
system, this patch was installed on every box they exploited, they got lucky
when a user from the uu.net box logged into an Akamai box using the
compromised ssh client.

So they have Akamai, now what? The group further infiltrated their way into
Akamai's intranet and gained access to other computers on their network
through social engineering. Finally they located the development server that
stored the source code that Akamai used to update some 12,000+ high bandwidth
servers they used. The plan was to patch the update software they used to
automate the patching process to also include a rootkit&DDoS client. With this
they would be able to control a ridiculously large botnet, joined with their
already amassed 4000+ DDoS net from other compromised computers this would
have effectively timed out all 13 top level root name servers. More then
likely you can tell what happens after that.

If you were interested to know, these guys were caught out out of the
stupidity of this guy.
<http://articles.latimes.com/2000/sep/22/local/me-24959> Whom was drunk and
instead of hanging up decided to curse out a field technician that came onto
the centrex line(thanks AT&T) they used to communicate through. This resulted
in the tech recording the line 24/7 and eventually handing the information
over to the authorities.

------
canthonytucci
Steve gibson discussed this a while back on the Security Now! podcast, his
conclusion was that it wasn't likely.

<http://www.grc.com/sn/sn-341.pdf> Transcript and links to audio.

If my memory serves, he also noted that there also some uncertainty if this
was even an "official" anonymous action...whatever that might mean.

------
CrownStem
I cannot think of a better way for this group to hurt their cause and garner
the animosity of much of the world. It seems to endlessly repeat throughout
history- groups with an axe to grind (whether in power or rebelling against
it) use blunt force to try and further their cause. They're either too lazy or
not competent enough to use a scalpel so they blow up the patient to get rid
of a tumor. After the majority of the populace then turns against them,
they're either shocked or self-righteously indignant that everyone else
doesn't "get it". It never ends.

~~~
espeed
Or it's an opposing group using its name to discredit it.

~~~
CrownStem
That could be true, but I believe it to be unlikely in this case.

It's easier to benefit from a false-flag attack by just doing it- denials
don't carry as much weight in an emotional, post-attack context. When
forewarning is given for a false-flag, you give the accused a chance to back
away and say "it's not us" before an event, lodging enough doubt that the size
of the crowd with torches and pitchforks isn't as big afterwards... I think
this would be counter-productive for the guys staging the false-flag attack.

~~~
CrownStem
Looking at your idea from a different angle: I guess it could be useful for an
opposing group to make the threat, in order to make Anonymous look impotent if
it's not carried out, while the opposing group takes credit for "stopping" it.

Who knows... -We- surely don't. I feel like I'm outlining a plot for a Tom
Clancy novel.

------
nextstep
Either this is a hoax or the unrealistic claim of a sad group of hackers.
Regardless, it's still interesting to imagine what it would be like if the
internet really were inaccessible to a large number of people. Even light
Internet users would realize how dependent we have all become on this
infrastructure.

~~~
redthrowaway
Pretty sure someone just uploaded a video to YouTube with a title along the
lines of, "Message to The World".

IIRC, the "operation" was disavowed by all of the twitter accounts associated
with the more 'mainstream' anons.

------
knieveltech
Has anyone besides RTM ever successfully dropped the majority of the network?

~~~
tomjen3
The name escapes me for the moment, but there was a famous computer virus
which I believe did almost to do that. They key wasn't that it was
particularly clever and the attack vector it used had been patched by MS
months before.

The key was that the attack happened over UDP which meant that there was no
handshake, no congestion control, no need to worry about dropped packets, etc.
The only limitation was the bandwidth of the infected host -- the virus itself
was less than 500 bytes (not kilo, just straight bytes) so a single host could
infect tens of millions of computers.

It was a pretty fascination piece of malware.

~~~
Diederich
Code Red <http://en.wikipedia.org/wiki/Code_Red_(computer_worm)> did a lot of
damage, but I believe it was an attack on IIS, therefor TCP based.

~~~
tomjen3
It wasn't code Red. It was latter and attacked a database discovery service
for MSSQL.

~~~
davux
<http://en.wikipedia.org/wiki/SQL_Slammer>

------
juxta
Maybe it's a pre-april fools prank (as in it's probably not going to happen
but the extra hype will be the prank)! No one would take it seriously (even
more seriously) if this fell on sunday.

------
philip1209
How much redundancy is built into the GMail nameservers? That worries me more
than http requests.

Also, should I host my own nameservers and assume I'll fly under the radar of
attacks?

~~~
astrodust
This is allegedly targeted at the root servers. It doesn't matter what DNS
provider you use if your TLD is offline.

~~~
sneak
Delegations from the root to the TLDs and from the TLDs to second-level
domains generally have TTLs of over 24 hours. This attack will have zero
effect.

~~~
philip1209
Good point. They'll bring it down for a day and nothing will happen.

Is it likely that the big email providers keep the caching longer and could
maintain some functionality in the event the TLD nameservers are down for more
than 24 hours?

------
aw3c2
Unless they keep their attack up / the DNS root down long enough to make cache
timeout, this should not be noticed by any "normal" people.

~~~
hornbaker
With google.com and many other big players having a TTL of 300s, that's not a
long time.

~~~
sneak
They are not planning to attack Google's name servers, just the root servers
that hold the delegations for the TLDs.

The .com delegation is set to cache for 48 hours, for example. This simply
will not work at all.

------
GoodIntentions
umm glwt?

If anything, this will just damage them by exposing assets used in the
attempt.

------
bdunbar
Excellent: I need an excuse to clean out the garage.

------
jasongullickson
Sounds like a good day to go fishing.

------
duxup
I guess I'll work from home then...

------
mathieud
Whoo ... They're good, they should do stand-up...

