Anonymous attacks (Catch All)

[selil]

WWII and the Congo Civil War were different levels of the same mildly amusing thing.

Let me put this into another kind of context.

There are about 5K people in the Anonymous IRC. Of those about 1K are engaged in these DDOS attacks.

I have at my disposal right this second 509 dual core computers connected to an OC48. I can reach out with a few minutes time and pull capacity from another 2500 nodes. I'm a nobody and I'd likely get fired for using that much expensive iron for nefarious purposes.

Perspective.

But, lets say the government turned the National Lab System into a weapon and opened up TerraGrid (NSF) and walloped somebody with aprox 250K nodes (I've lost track). That'd be impressive if stupid.

This stuff ain't hard.

For fun and games my undergrads just cracked 56K M$ Windows (DOD SPEC by the way) passwords in their test program in a little under four days. Their target is 450K passwords in four days with tuning.

We consider three elements in information assurance {confidentiality, integrity and availability}. In order of decreasing difficulty (not nearly linear) they are integrity, confidentiality, and availability. We are currently looking at cracking SSL/TLS mid transmission and changing messages but that work is a ways out. A distributed denial of service (DDOS) is supremely easy to accomplish. Breaking into most corporate systems (confidentiality) requires some targeting knowledge but is middling easy.

So, I reserve the right to consider Anonymous cute. I like the creative way that they do things. I like the way they troubleshoot and get around systems. But, in the end a Verizon or AT&T could shut them down instantly. Ma Bell has the only atomic bomb on the Internet. Everybody else is fighting a guerilla action. In the end they are annoying people but could be charged with crimes. In fact I'm willing to bet a bunch of prosecutors are sharpening their warrants now.

[AdamG]

So, I reserve the right to consider Anonymous cute. I like the creative way that they do things. I like the way they troubleshoot and get around systems. But, in the end a Verizon or AT&T could shut them down instantly. Ma Bell has the only atomic bomb on the Internet. Everybody else is fighting a guerilla action. In the end they are annoying people but could be charged with crimes. In fact I'm willing to bet a bunch of prosecutors are sharpening their warrants now.

Let me put this into another kind of context - alot of 'People's Movements' started out with a gaggle of poorly-armed amateurs, who were first viewed as jokes (I'll spare the Peanut Gallery the laundry list). Granted, Anonymous is a bunch of script kiddies & some talented teenagers (see also my first post, wrt their fizzled attempts to irritate Scientology).

When we here look at the varying levels of unconventional warfare, are there meatspace analogies to Anonymous? What's Anonymous' (or a similar groups') potential? The AK-toting 'child warriors' of Africa were/are notorious for their capacity to orchestrate violence, particularly when they're driven by some adults.

[selil]

Let me put this into another kind of context - alot of 'People's Movements' started out with a gaggle of poorly-armed amateurs, who were first viewed as jokes (I'll spare the Peanut Gallery the laundry list). Granted, Anonymous is a bunch of script kiddies & some talented teenagers (see also my first post, wrt their fizzled attempts to irritate Scientology).

When we here look at the varying levels of unconventional warfare, are there meatspace analogies to Anonymous? What's Anonymous' (or a similar groups') potential? The AK-toting 'child warriors' of Africa were/are notorious for their capacity to orchestrate violence, particularly when they're driven by some adults.

you assume you're dealing with a peoples movement when looking at assange and wikileaks. that is likely an error. I do not see a large population being mobilized I see a few with tools. that though is not necessarily bad or even relevant as technology has a tendency to enhance the power projection of smaller groups. large scale protests in cyber space have little effect in meat space so far. until people are mobilized into the street the effect on society beyond the connected few just doesn't scale. we could talk about zapatista movements, and iranian revolutionaries but most people have no clue there was even digerati involved.

anonymous may not have a kinetic conflict analog. simply they may exist in some new aspect as previously undiscovered. new domains have new elements. there were no submarine analogs taken from the land army. the submarine was something entirely new. i would suggest that the anonymous group is more like a bunch of skateboard punks having fun at the expense of others and just about as dangerous. can they break into your store, ruin your furniture and cause major chaos? absolutely but they aren't going to be taking over third world countries.

the level of cohesion and thought behind wikileaks and anonymous simply does not suggest large scale capability or strategic thinking. that could change. there could be a fagin training the orphans to steal but i'm more inclined to believe they simply steal.

[anonamatic]

The activity of Anonymous is mainly one meant to be protest. Keep in mind, for all the various attention that they get from their activities, no one is referring to them as any sort of `defacement group' or using language that would characterize a pattern of permanently destructive activity. This stuff is online protest, there's a real difference in context of the activity. The 2600 groups press release discouraging these attacks speaks volumes about how politically witless they are, and about how much they are not attacks in a context of warfare.

Context of negative online actions is fairly important, because of timing and application. In this case, using these tools on these targets (Visa etc.) is having very limited effects, but in other contexts the outcomes can be different. The best example of that thus far is Georgia, where similar efforts had a far more consequential effect.

There is a huge difference where there are any sorts of effect on anything kinetic. The difference between taking out a system designed to allow the porn industry to do online commerce, and one designed to route ambulances during a disaster is obvious, but the methods used could be the exact same ones.

These contextual questions, in combination with technical aspects of the types of activity are one of the things that make this a difficult subject. It's made even more difficult when the context switches from one involving some sort of organizational operations by an entity, and a context involving information operations. My impression is also that things can go from bad to worse quickly based on misperceptions and misinformation, & Wikileaks has proved to be no end of that quite purposefully. So much so that it has caused the group & supporters to splinter pretty seriously.

Timing seems to matter an awful lot. Action biases matter a lot too.

I'm going to be far more interested in some respects in the involvement of technology in the attack on Prince Charles's car in the UK. Imagine for a moment if those attacks were part of a riot over Wikileaks material rather than school tuition, and the Prince had been injured fatally. Given the sustained quasi-idiotic protests in Australia , given they're running around protesting over rights they don't have in a country that's not their own, in a different context and this is not too far fetched a scenario. Had that occurred in a less civilized location it might have been an RPG someone shoved through the window rather than a stick...

Avoiding the cables themselves was slightly easier before there were piles of mirrors all over. In this case the original source material isn't so useful as the information itself, so not its fairly simple not to look at it directly. On the other hand, all the global yammering doesn't make it easy. I was entirely able to avoid seeing any of the Iraq & Afghan material with no trouble. Not so the cables. My untroubled conscience is more than enough reward for avoiding material that is fairly useless to me to begin with. It's ironic that about the only thing needed to quash most of the mirroring that's occurred would have been some assertion of copyright internationally, yet no one in the US has chosen to do that. The bright side is I doubt any of this will get any worse.

Solil: I read your blog entry and liked it a great deal. I'd take some issue with your characterization of Metasploit as lowering the bar too far. I'd reserve that characterization for the whole crimeware market personally.

[selil]

Solil: I read your blog entry and liked it a great deal. I'd take some issue with your characterization of Metasploit as lowering the bar too far. I'd reserve that characterization for the whole crimeware market personally.

I'd have to agree with you. Thinking about it, the entire BackTrak and other penetration testing tools suites really are part of an ecosystem. Not one I'd really like to see go away as they truly are dual use. No, I think your critique about the crimeware market is valid.

[AdamG]

RUMINT was that some trolls on the Anonymous site told a bunch of the users of LOIC that the IP for the anon website/IRC was in fact the IP for the Paypal site, so those users ended up blasting the anon site off the net instead.

Doh.