
Paypal gives FBI the list of IP Address of 1,000 Anomymous hackers - diggericon
http://www.thehackernews.com/2011/07/paypal-gives-fbi-list-of-ip-address-of.html
======
ja30278
"They have not been charged yet, but the house was the source of 3,678 packets
in about two-and-a-half hours."

really? were they mounting a DDOS attack using a pocket calculator attached to
4800 baud modem?

~~~
thelema314
3678 packets / 2.5 hours = One packet every 2.44 seconds * 1500 byte MTU =
3.5KB/s Yup, a 4800 baud modem.

~~~
tedunangst
You don't multiply packet size by interval, you divide (or multiply by the
inverse). And baud is measured in bits. But the numbers come out close anyway.
3678 / (2.5 * 3600) * 1500 * 8 = 4904.

~~~
moe
Did 4800 baud modems even exist in volume?

I just checked wikipedia and there's indeed a protocol for them, but I've
never seen one in the wild. In my day it was 300, 1200, 2400, 9600, 14400,
16800, 19200, 28800, 33600, 56k ...

So, back on topic, wouldn't it be more likely he was channel bonding two 2400
baud modems?

------
saulrh
The closest equivalent to a voluntary, publicized DDoS is a sit-in. While
those do lead to arrests, they _don't_ lead to wholesale confiscation of
(expensive!) property, and even the organizers don't get more than a few
months in jail. Furthermore, the computer-use ban you can get for "hacking" is
incomparable to any punishment for a sit-in or occupation.

My problem with this isn't that they're reporting participants; it's that the
participants and organizers are going to be dealt with an order of magnitude
more harshly than if they'd done the same thing minus a computer.

~~~
hugh3
_The closest equivalent to a voluntary, publicized DDoS is a sit-in. While
those do lead to arrests, they don't lead to wholesale confiscation of
(expensive!) property_

And DDoSes don't result in you being dragged across the floor by your arms.

Why? Because that's the point where they're non-analogous. If you participate
in a DDoS, you'll wind up getting your computers confiscated while the FBI
crime labs scour them for evidence. If you sit on the floor of Kentucky Fried
Panda, you'll get dragged out by your arms.

 _the participants and organizers are going to be dealt with an order of
magnitude more harshly than if they'd done the same thing minus a computer_

because it's not "the same thing", it's a slightly different thing, somewhat
more pernicious and dangerous, because the cost to a protestor of carrying out
a sit-in is large, whereas the cost of carrying out a DDoS is large.

I find it's always useful, when determining the legitimacy of a given
political tactic, to assume that it's being used by someone we hate rather
than someone we like. So let's suppose the Westboro Baptist Church gets up one
morning and decides to target businesses owned by gays. If they do this via
sit-in, then they can probably only target one business at a time, and they
have to sit around all day getting jeered at. But if they do it via DDoS, they
can take down businesses at their leisure.

These are both illegal and illegitimate forms of political protest, but the
DDoS is potentially much worse than the sit-in.

~~~
scarmig
For a different point of view on the legitimacy of tactics like sit-ins,
please check out <http://goo.gl/5JuJn>

~~~
hugh3
But this is exactly what you _shouldn't_ be doing -- determining the
legitimacy of tactics by assuming they're being used by someone whose cause
you like. There's always the temptation to think that the end justifies the
means, when you're supportive of the end.

Always assume that the questionable tactic is being used by the Illinois Nazis
(I hate those guys) or the Westboro Baptist Church. Because if it's okay for
Martin Luther King to do it, then it's gotta be okay for Fred Phelps to do it
too.

~~~
scarmig
There's a misunderstanding here. I wasn't saying that those tactics are
justified because Martin Luther King wrote a justification of them. I'm saying
Martin Luther King wrote a justification of them, and a damn good one.

The point is not the reference but what the reference points to.

~~~
hugh3
Honestly, I didn't read the whole thing, I only vaguely skimmed it. Can you
summarize his argument? It seemed to boil down to "This is the right thing to
do, because we're right, and the other guys are wrong"

~~~
scarmig
A key paragraph:

"You may well ask: "Why direct action? Why sit ins, marches and so forth?
Isn't negotiation a better path?" You are quite right in calling for
negotiation. Indeed, this is the very purpose of direct action. Nonviolent
direct action seeks to create such a crisis and foster such a tension that a
community which has constantly refused to negotiate is forced to confront the
issue. It seeks so to dramatize the issue that it can no longer be ignored. My
citing the creation of tension as part of the work of the nonviolent resister
may sound rather shocking. But I must confess that I am not afraid of the word
"tension." I have earnestly opposed violent tension, but there is a type of
constructive, nonviolent tension which is necessary for growth. Just as
Socrates felt that it was necessary to create a tension in the mind so that
individuals could rise from the bondage of myths and half truths to the
unfettered realm of creative analysis and objective appraisal, so must we see
the need for nonviolent gadflies to create the kind of tension in society that
will help men rise from the dark depths of prejudice and racism to the
majestic heights of understanding and brotherhood. The purpose of our direct
action program is to create a situation so crisis packed that it will
inevitably open the door to negotiation. I therefore concur with you in your
call for negotiation. Too long has our beloved Southland been bogged down in a
tragic effort to live in monologue rather than dialogue."

The point of nonviolent activism isn't to harm someone else or their economic
well-being (though the latter is often a side effect). It's to force a rupture
or break in the institutions of a community to resolve what King calls an
underlying tension in that community. By forcing people in power to use
violence against nonviolence, it disrupts the ruling ideology by pointing out
its hypocrisy and forcing action by threatening the breakdown of the social
order predicated on that ideology.

Of course, a neo-Nazi may well try a sit down, but that's likely to be
ineffective as it's not exploiting any inherent tension and isn't going to
cause any huge community squabbles that have the potential to degenerate into
violence.

As to why it's okay to threaten the social order... well, in effect because
laws and order exist to establish justice, and we are compelled by moral law
to oppose unjust laws. Which is, you might say, just saying we should do this
because this is right. Perhaps. But it's a difficult proposition to say every
action can be be considered individually and judged without moral context.
Occupied Resistance in WW2 fought the Nazis and broke many laws (including not
just vandalism but murder). A slave in pre-Civil War America who ran away, and
anyone who helped that slave run away, was breaking many federal and state
laws, as well as seriously disrupting the economy and commerce. Those were
unjust situations, though, and so it was right.

------
luu
_To be fair the names on the list will probably be the bottom feeding script
kiddies rather than the hackers at the top of Anomymous's greasy pole_

Isn't it likely to not even be script kiddies, but machines that are part of a
botnet owned by script kiddies?

~~~
maqr
Usually, yeah. In this particular case, however, it was more about political
activism and voluntary participation. People organized to use their individual
computers to make their collective voice heard.

If this were actually some kind of conspiracy to take down Paypal, the
organizers would have created a botnet trojan and encouraged everyone to
distribute it and infect others with it.

------
wmf
Flagged; this is a poor quality "article" and we already had this discussion
yesterday.

------
jrspruitt
Since it is an act of political protest, I wonder how this plays out. Seems it
is a lot like the cyber version of picketing/marching/protesting at a
business, government building or any physical location like that. Where would
you peaceably assemble online, in such a way it makes a statement? If everyone
joins a chat room so what? Only they notice it, where if you protest in
public, you get noticed, for disrupting the day to day flow of things. This
seems like one of the few ways to accomplish that same effect online.

~~~
hkolk
You can't call this action picketing/marching/protesting.. This group has
brought down multiple websites, with the malice as the intent. The next best
real-world comparison would have been a riot. Attempting to shut down a
business is in my eyes not something the police would let slide in real-world
situations

~~~
jrspruitt
Yeah they do give off more of a riot like atmosphere, with the breaking and
entering tactics. For this to be more equivalent, they'd need a permit to take
up so much traffic on public roadways, or in this case, internet connections.
Plus there is no clear cut description of what is causing the disruption. If a
building was surrounded by protesters, there would be plenty of signs, clearly
stating what the group of people felt was so terrible that they needed to
protest about. The way it is now, average person thinks the website is having
technical difficulties, and knows no different, until the news informs them.
Which gives the media all the power in framing what the protest was about.
Still regardless of this particular incident, I wonder if it is a tactic that
could be used to any sort of degree of effectiveness, as a means for people to
express their displeasure in the virtual world of the internet. We the People
are powerful only as a group. People doing evil things, might not always
respond to a PR attack through Twitter or Facebook.

------
genieyclo
I thought we banned thehackernews.com ?

