Let me put this into another kind of context.Originally Posted by AdamG
There are about 5K people in the Anonymous IRC. Of those about 1K are engaged in these DDOS attacks.
I have at my disposal right this second 509 dual core computers connected to an OC48. I can reach out with a few minutes time and pull capacity from another 2500 nodes. I'm a nobody and I'd likely get fired for using that much expensive iron for nefarious purposes.
Perspective.
But, lets say the government turned the National Lab System into a weapon and opened up TerraGrid (NSF) and walloped somebody with aprox 250K nodes (I've lost track). That'd be impressive if stupid.
This stuff ain't hard.
For fun and games my undergrads just cracked 56K M$ Windows (DOD SPEC by the way) passwords in their test program in a little under four days. Their target is 450K passwords in four days with tuning.
We consider three elements in information assurance {confidentiality, integrity and availability}. In order of decreasing difficulty (not nearly linear) they are integrity, confidentiality, and availability. We are currently looking at cracking SSL/TLS mid transmission and changing messages but that work is a ways out. A distributed denial of service (DDOS) is supremely easy to accomplish. Breaking into most corporate systems (confidentiality) requires some targeting knowledge but is middling easy.
So, I reserve the right to consider Anonymous cute. I like the creative way that they do things. I like the way they troubleshoot and get around systems. But, in the end a Verizon or AT&T could shut them down instantly. Ma Bell has the only atomic bomb on the Internet. Everybody else is fighting a guerilla action. In the end they are annoying people but could be charged with crimes. In fact I'm willing to bet a bunch of prosecutors are sharpening their warrants now.
Bookmarks