Anonymous Files Petition To Make DDoS Legal Form of Protest 323
hypnosec writes "Anonymous has filed a petition with the U.S. Government asking the Obama administration to make Distributed Denial of Service (DDoS) attacks a legal form of protest. Anonymous has argued that because of advancements in internet technology, there is a need for new ways of protest. The hacking collective doesn't consider DDoS as a form of attack and equates it to hitting the 'refresh' button on a webpage. Comparing these attacks to the 'occupy' protests, Anonymous notes that instead of people occupying an area, it is their computers occupying a website for a particular period of time."
Mannequin Attack (Score:5, Insightful)
Not going to fly (Score:4, Insightful)
Having a fleet of computers continually access a site does not occupy people's time, but rather is an automated process, which is not a form of individual protest. I would imagine that having people hit websites manually, and pressing the refresh button cannot be classed as a DDos attack, and if it were, then they would likely be protected by the right to protest.
Why are Slashdotters obsessed with Anonymous? (Score:2, Insightful)
This site claims to hate censorship, but it fawns over a group that protests against people it doesn't like by crashing their websites so that nobody can hear their free speech.
No (Score:5, Insightful)
I work for a small hosting/cloud provider, and from experience, I can say that this is a form of attack. It can't be controlled is the worst problem, and it starts affecting many other people who are not involved in the 'protest', who just happen to be on the same shared server, cloud, or data center. Also, as for any argument that such an outcome would be the point of a 'protest', to raise awareness, but the problem is that most people affected by it wouldn't know anything about the source of the attack. Overall, a dDoS should not be a protected option in any form or for any reason. It is way too blunt, and as we build more onto the Web, it can become dangerous or even life-threatening to allow these attacks. It could be the same as allowing people to attack power stations or plants, which is certainly a crime(bordering on terrorism in this day).
DDoS affects comerce (Score:5, Insightful)
I think Anonymous is missing the concept a bit here. You can protest a business with a sign and megaphone, but you are not allowed to stop people from patronising that business. Very rare is it that a DDoS doesn't affect somebodies business. Most often, it affects somebody not even related to who the attacker is intending. If you want to protest, there are non disruptive methods to use, DDoS shouldn't be one of them.
Re:DDoS affects comerce (Score:3, Insightful)
Toxic precedent (Score:5, Insightful)
If such activity were legalized, by the same principle so would automatically-generated petitions. So would spam. So would noise pollution. It sets an extremely toxic precedent.
Re:Not going to fly (Score:2, Insightful)
The website is also an automated process. It is a battle of wills between computers. Not as good as a sit-in, but certainly not violent.
Framing it as a parallel to a sit-in does make it sound quite legitimate.
Requiring a non-automated process to refresh an automated website wouldn't do a whole lot, even with a drinking bird pressing the key. It is safe to assume they are using an automated system, but is there any proof? Is the speed of the DDoS action proof of automation?
Re:No (Score:5, Insightful)
What you've described is no different than the collateral social cost of traditional wage strikes and other peaceful denial-of-access protests. Is that collateral social cost so great that it justifies criminalizing the protests? That is what you are advocating.
Abusers (Score:5, Insightful)
If you legalize DDOS as protest, is it going to be ok for companies to DDOS their competitors, sites they don't like, sites posting negative stories about them etc?
DDOS: It lets you censor anyone who spends less on servers than you.
Sure, its not always corporate folks, but if you let people do something disruptive, big money is going to be spent to abuse it. I may reluctantly go along with money=speech, but money=right to censor others is too far.
Re:Not going to fly (Score:5, Insightful)
The difference is that, things you can effectively protest by physically being in a given space are effective for the reason that your presence blocks *other humans* from doing something. That is to say, there's an equality between what is being blocked and the means used to block it.
But in the case of pressing a refresh button: there is no human at the other end of the network whose work is blocked by you clicking refresh. Your protest is up against an automated process. When protesting by "occupying" a website, there is no longer a level of equality between the humans doing the protesting and the automated processes they're trying to obstruct. Using automated proceses for the protest levels the playing field.
Re:DDoS affects comerce (Score:4, Insightful)
I protest business(es) by not buying anything from them. Where you put your money is the most important form of democracy.
That's capitalism, actually.
Re:Not going to fly (Score:5, Insightful)
The whole idea of the traditional protest is that people had to stand in a particular area to create problems for wherever they were standing.
And very often it is not legal, either. The whole point of civil disobedience is that you're willing to break the law and face the consequences rather than comply with something you feel is morally wrong.
Re:Not going to fly (Score:5, Insightful)
The difference is that, things you can effectively protest by physically being in a given space are effective for the reason that your presence blocks *other humans* from doing something. That is to say, there's an equality between what is being blocked and the means used to block it.
But in the case of pressing a refresh button: there is no human at the other end of the network whose work is blocked by you clicking refresh. Your protest is up against an automated process. When protesting by "occupying" a website, there is no longer a level of equality between the humans doing the protesting and the automated processes they're trying to obstruct. Using automated proceses for the protest levels the playing field.
See, I was wondering how they were going to draw a physical parallel to what they were doing that *WAS* a legal form of protest. The closest I could think of was a union mob blocking the entrance to a business, BUT that is illegal. You cannot legally protest by obstructing right of way (without a permit). Right of way also includes the entrance of a business to a road front in most states, [wisconsin.gov] for instance. So blocking where cars and trucks enter a property would be illegal. By blocking all/any IP traffic to a machine connected to the Internet wouldn't you be violating "virtual" rights of way and thereby be acting illegally in the same sense as the union mob?
Re:No (Score:5, Insightful)
Consider:
Striking: a combination of denying your services (and only yours) to an employer with (usually) highly visible protests and PR to get the reasons for the strike out to the general public, thus gaining their support and pressuring politicians. In most locations, it is illegal to actively interfere with the employers' ability to do business beyond withdrawing your own labour and expertise - blocking access to sites, harassing customers, etc will probably attract police attention. If a group of other people decide to do the same, they've done it under their own steam and should not be coerced to do so.
DDoS: actively suppressing the target's ability to communicate and do business with very little cost or effort, and a high potential for serious collateral damage to the operations of completely unrelated individuals and businesses along the way. In some rare instances individual participants may volunteer their resources to the DDoS, but much more often a lot of traffic is coming from compromised systems. DDoS and systems intrusion are both already criminalised actions.
I'm 100% for the ability to protest or strike - I've done my share in the past. I'm 100% against bored kids getting their mates together to smash small websites into gravel "for the lulz".
You can argue that it'll only be used as a responsible form of protest against those that deserve it, at which time my eyebrows will climb my forehead and burrow under my hairline. The amount of effort required to "protest" is much too small, the relative damage against small operations and individuals far out of proportion. If we would like to see spam outfits "protesting" against Spamhaus' DNSBL resolvers, pro-X advocates "protesting" against the blogs of their pro-Y opponents, kids targetting the local donut shop because they're bored and want to give them a huge bandwidth bill, sure, lets allow legal DDoS. Perhaps we could allow governments to set rules on what constitutes "fair protest" to solve this problem? I'm not really warming to that idea either.
Re:Mannequin Attack (Score:4, Insightful)
If DDOS is more akin to walking into the foyer of Congress armed to the teeth, holding everyone hostage, until Congress agrees to the hostage-taker's demands, then wouldn't that make John Boehner more akin to a script kiddie who uses LOIC?
Re:Mannequin Attack (Score:5, Insightful)
>On another note, I'm guessing (let me repeat that: I'm guessing) the sorts that would resort to professional protesters are likely left-wing types trying to inflate their presence.
Odd, I would have guessed the exact opposite. Surely none of those people who show up at teabagger protests can actually BELIEVE that insanity !
Re:Mannequin Attack (Score:0, Insightful)