Denial Of Service Attacks On RIAA & MPAA Are A Really Dumb Idea
from the come-on dept
There’s an entertainment industry lawyer who once used his blog to suggest that I had an “army of hackers” at my disposal that I would order to send a denial of service attack against anyone I disagreed with. I thought that was pretty funny in how ridiculous a claim it was. Beyond the fact that I can barely get my dog to follow my instructions (and I feed her!), let alone anyone who reads this site, I think that denial of service attacks are a pretty dumb idea. It does nothing but piss off people and doesn’t make any real point at all. So it’s really disappointing to hear that the /b/ folks at 4chan decided to use this weekend to DDoS the MPAA and then the RIAA. The thing with /b/ is that even at their most crude and immature, they’re usually creative in their attacks. There’s nothing at all creative about taking down the MPAA and the RIAA — and all it does is serve to reinforce their misguided prejudices that it’s just a bunch unruly kids who dislike them. On top of that, it gives them more ammo to position themselves as being persecuted by a small minority. It’s a dumb move that looks bad and does a lot more harm than good from a group that should know better.
Comments on “Denial Of Service Attacks On RIAA & MPAA Are A Really Dumb Idea”
Hmm…maybe /b/ just got fed up of being blamed for all the media’s problems, so they decided to make sure they were blamed legitimately.
You left out that the attack included the firm in India who claimed to have carried out the exact same style of attacks on behalf of these 2 companies on websites not willing to bow down to their demands.
Maybe one could read this more as you reap what you sow.
Re: Re:
Exactly,
This DDoS attack was in response to the MPAA and RIAA hiring an outside firm to execute DoS attacks against sites that refused to just give in the their demands.
Just a reminder to the MPAA and RIAA not to piss off the internet as a whole. It is not a fight that the MPAA/ RIAA is prepared to win.
Re: Re: Re:
It is not a fight that the MPAA/ RIAA is prepared to win.
This is why they are pushing ACTA. They believe that it will help them win that battle.
Re: Re: Re: Re:
I meant to say that it is one of the reasons they are pushing ACTA. There are of course a lot more control related reasons.
Re: Re:
I thought that the attack was initially going to be limited to that firm in India doing DDoS attacks on behalf of **AA, but that site went down before the /b/ attacks even started thanks to some folks with real botnets at their disposal.
Then the RIAA/MPAA takedown was passed around to essentially give them something to do.
Re: Re:
This.
The **AAs are engaging in DDoS against sites like the Pirate Bay, and this is sending them a clear message in response. They are outnumbered.
What would you detractors propose as a method to fight the industry’s DDoS attacks? Just sitting back and complaining on a blog a little more? Some of you have been doing that for a decade now, and note that it hasn’t accomplished a hell of a lot.
The RIAA, MPAA, et al need to be taught that they can be fought on their own ground.
It probably has more to do with that average citizen being so powerless to anything against such a well-funded, government-friendly organization. But they could have been a lot more creative. They didn’t even do it during the week when people are actually working.
amusing
Sometimes even the most dumb ideas can be VERY amusing. Yes, hacking is a crime, but if you have to go after heartless bastards, they 4chan picks the right ones!!
Re: amusing
“Yes, hacking is a crime,”
Apparently, DDOS attacks are illegal only if you are not a large politiacl contributor.
Also, DDOS is not hacking.
Re: amusing
Since when is “hacking” a crime? I think you misunderstand the meaning. Hacking can be something as simple as modifying a tv remote, is that illegal?
Re: Re: amusing
Depends, is that remote protected by the DMCA? 🙂
Re: Re: amusing
The term is phreaking if its hardware 🙂
Re: Re: Re: amusing
phreaking is confined to telephones and telephone systems.
fone phreaks actually predate hackers by a significant margin.
Re: Re: Re:2 amusing
In my experience, phreaking usually means a hardhack of a transmission or traffic line, or the dumb endpoint of such a system.
Witness: Van Eck Phreaking
Re: Re: amusing
Don’t be so literal. The term has transformed for better or worse from its original meaning.
That what I’ve been saying all along. It just makes “pirate” look bad and childish. Btw, nice to see that you finally got some nicer URL’s.
Did you actually write that /b should know better? This is 4chan we are talking about – right?
I do agree, they can be incredibly original at times, but I believe the string of text “/b should know better” is entirely original to the internets.
I dunno, I got to say that the fact that the first target was a company who admitted to using ddos attacks against sites and effectively on behalf of MPAA and RIAA, it seems to me that many would feel that turnabout is fair play.
Although they can only feel that way if they are given that information in the first place.
If you make it look like it was naughty juvenile geeks just picking random authority targets then that will naturally be the story,
a pity when it could have been large companies using criminal methods to shut down websites they don’t like got their backsides well and truly spanked.
Re: Re:
“it seems to me that many would feel that turnabout is fair play.”
While I agree with MM that a DDOS attack is the wrong approach, I do agree that the MSM will never mention that the MPAA started it. In light of the fact that the MPAA started it, retaliation is fair play, but unfortunately everyone else is held to a higher standard than big corporations that control the government. and I do believe that we should hold ourselves to a higher standard and set a good example for everyone to follow so that people can see that it is the big corporations and the MSM that are nefarious and that those questioning them are more than overly tolerant (fair play doesn’t make something the right approach). I think that would be a better long term approach than to counter attack with a DDOS. But if the MSM does focus on it, hopefully more people will be smart enough to see past what the MSM merely tells them and actually research and discover the fact that the MPAA started it. This possibility might make the MSM ignore the issue altogether. However, unfortunately, even if the MSM doesn’t ignore it they will only be one sided and most people will only see one side of the issue and either way the politicians will only see one side.
If politicians decide to start arresting people for this I predict it won’t do much to curtail these attacks. If anything, it could even make them worse. Things could get very interesting from there and there is no telling what could happen.
Re: Re: Re:
Oh, come on. That’s like arguing the Massachusetts militiamen at Lexington and Concorde should claim the moral high ground by coming out from behind the rocks, putting on bright red uniforms, and marching in parade ground formation.
We’re fighting an enemy that controls an increasingly absolutist state, in an environment where the very idea of democratically challenging its control of the state is a sick joke.
If everyone played by “the rules” (rules set by the people we’re fighting), we’d eventually wind up in the totalitarian society Stallman described in “The Right to Read.”
Are those sites in top 100,000? I think they took down some websites that nobody visits.
You called something /b/ did dumb?
I won’t expect to see anything else on here the rest of the day. 😛
TPing the Internet
I’ve always thought of DDoS attacks as similar to, say, parking your car sideways in front of the company parking lot. It’s a form of vandalism, not a form of organized protest.
Re: TPing the Internet
I have always thought of them as similar to a picket line in which nobody remembered a sign to explain to people why they were picketing.
You cannot get into the door, but the only reason you get is that the door is too busy.
Re: Re: TPing the Internet
u dont need signs for people to know why
its like someone chaining themselves to a tree after the plans to cut down the forest are released, only people who dont know anything about trees would wonder y
@14
parking ones car sideways in the wy of a parking lot entrance
IS NOT vandalism as nothing was damaged just as in this case nothing was damaged ONLY there ability to get there lies and crap out to the public
we have allowed you for ten + years to try and solve these morons only to have them continue to harm the greater societal mantra.
NO LONGER.
so #14 you consider it vandalism when a group of environmentalists block a road to stop logging?
YOU consider it vandalism when protesters gather and block off a road?
YOU sir need your head re examined
and i will say it.
if your not with us you are against us. THE time for being nice has ended.
Re: @14
One of the keys to a picket line is the picket sign.
If people do not know that you are environmentalists blocking off the road to save some trees, they just think you are some annoying nut in their way.
DDoS attacks don’t send a message to anyone, so they tend to be ineffective. A picketing effort needs to educate the people that would have been customers so they do not come back.
Re: Re: @14
It seems to be doing a good job getting the message out there. Someone living in a tree means nothing. It’s the others on the ground that spread the message.
Re: Re: @14
6! 7! 8! 9!
We don’t need no stinking sign!
Re: @14
“THE time for being nice has ended.”
Actually, I agree with you here. It’s high time to start dipping our feet in the water of actual rebellious actions.
That said, /b/, or whoever this actually was, would do themselves a favor by figuring out a way to get an actual public message out to go along with their “attack”. Doing this on the weekend, and going with the relatively benign DDoS style attack, makes the purpose of this “attack” clear. It wasn’t an attack at all. It was a warning shot across the bow, letting these people know that they aren’t the only ones on the high seas with cannons.
My problem is that 99% of people who hear about this aren’t going to know WHY it happened. If they did, they’d see the story in a different light….
Re: Re: @14
Actually, I agree with you here. It’s high time to start dipping our feet in the water of actual rebellious actions.
DDOS is a really good tool if you want to get people involved in a protest:
1) anyone with a computer and internet access can participate
2) it doesn’t require much actual skill, once the vulnerability has been identified. you just download the script and run it.
3) with thousands or millions of hosts around the globe it makes it very difficult to determine who was accessing the site legitimately and who was part of the protest.
4) with thousands or millions of hosts around the globe it makes it very difficult, if not impossible to stop such an attack.
Re: @14
I love it when 4chaners, or /b’ers, or whatever you call em start getting all puffed up.
“we are watching you”
“not with us you are against us”
“legion… blah blah blah”
I have no love for MPAA for sure, but your little escapades will not accomplish anything.
Re: Re: @14
well ddos attacks beats out the current internet protesting of Facebook groups
Re: @14
“we have allowed you for ten + years to try and solve these morons only to have them continue to harm the greater societal mantra.”
What time frame is that? From the time you started caring until now? Get some perspective, your arrogance is frightful.
“YOU consider it vandalism when protesters gather and block off a road?”
I’d consider it manslaughter if they flooded the road so that one person died due to lack of access. You have no way of knowing what effect a denial of service attack may have as collateral damage; for all you know the websites share a pipe with a doctors surgery. An unlikely scenario but not as much of a stretch as comparing a denial of service attack over the internet to blocking a road. The people blocking a road are at least there in person to take responsibility for their actions.
“YOU sir need your head re examined
and i will say it.
if your not with us you are against us. THE time for being nice has ended.”
You try to justify denial of service attacks as being harmless. I hope routers become sentient and drop all of your packets out of disgust.
Re: @14
Get off your high horse because their cause is not so noble,
they are not protesting logging or the parole release of a serial rapist. They’re protesting that they have the right too steal Intellectual copyrighted material and distributing it illegaly, giving it away. Who’s going too pay $200 million for a strait to utube movie? You maight as well ask for free money.
If U want free music, sing to yourself.
If U want a free movie, go to a school play, kids are funny.
If U want free software, learn to program.
If U want a free game, remember sports or what your toes
look like?
And if you want free pornography, girl + camera = 🙂
Only a dumb idea...
You need to assume the /b/tards are actually doing this for anymore then the lulz.
It was not that bad imagine if people have used the geo-location features in browser to go after them LoL
http://www.youtube.com/watch?v=nrLkubifpSA
Photos with geolocation data are also not great if you are an RIAA member.
Shills be warned your browser can tell others exactly where you are writing from LoL
Be nice to people.
oops!
Forgot to give the time stamp.
http://www.youtube.com/watch?v=nrLkubifpSA
The geolocation discussion starts at 16:44.
People can find you!
Dear /b/
Please include USCG and Copyright Enforcement Group in your efforts as they deserve it more than most.
Re: Re:
USCG – What does the Coast Guard have to do with any of this?
Keep in mind that there’s some dispute as to whether the people who started the whole thing were /b/-tards or just eBaumsWorld forum users trying to take a stick to the /b/ hornet’s nest.
javascript: function UserPosition(position) {alert (position.coords.latitude + ” ” + position.coords.longitude)};navigator.geolocation.getCurrentPosition(UserPosition);
This will show you where you are typing from.
Source:
http://dev.w3.org/geo/api/spec-source.html#get-current-position
http://hacks.mozilla.org/2009/06/geolocation/
All browsers apparently implemented already the geolocation API.
i think not even 1% of /b/ is partaking is this one
most of the threads are 404 before they hit the bump limit
i think the sites are designed to go down if a doss happens
My 2 cents: I think you guys are on the same side on this, with different techniques, and you shouldn’t fight.
Having said that, I agree with Mike on the DDOS not being the best weapon against RIAA and friends. I mean, the power of those groups is AFK, that’s why they hate the internet. Who visits their sites anyway? They serve absolutely no purpose, and people wouldn’t notice if they went offline completely. But the RIAA will then bitch and whine on them being poor victims of the anarchy of the internet. And they will make it easier for paid-for congress people to pass absurd laws. Flood the congress… DDOS’ing RIAA makes no sense. Attacks from /b/ are always interesting to watch, DDOS are not interesting at all.
Last, I think this is a good teaching moment. The original fight with Ebaums was on uncredited use of images from /b/. Remixing is important to the internet and should not be a problem, as it is for the RIAA&MPAA. Fighting Ebaums is fun and should continue, but images from anon are by definition uncredited, and Ebaums is not important (or fun) enough to deserve the attention it has from /b.
Re: Re:
“My 2 cents: I think you guys are on the same side on this, with different techniques, and you shouldn’t fight. “
Having one thing in common does not make a good argument for agreeing with something else. I have no qualms about infringing copyright, that’s my choice. I’d not expect Mike or anyone else to cut me any slack just because we both disagree with the current system.
“Last, I think this is a good teaching moment.”
There’s a trite phrase I could stand to see copyright protected.
But they’re right. It is a bunch of unruly kids that don’t like them and proud of it. Truth!
Its the cancer that’s killing /b/.
I apologize, but I just had to say it.
@28 yep, but those kids happen to be right… so it’s important to focus on the message, not the messenger.
OR...
They could find and DDOS nonstop the main routers for the executive offices of the RIAA and MPAA. What good is attacking the organizations’ public websites?
Re: OR...
I was thinking if they really wanted to make a difference they should DDOS a relevant govt website (maybe ohttp://www.copyright.gov/ ). Doing so at least directs the attack to the appropriate organization (the govt) and which site receives the attack somewhat serves the purpose of somewhat communicating what the attackers are mad about. For instance, attacking the USPTO website could serve the purpose of saying, “we don’t like patents” or “we don’t like our current patent laws.” Attacking http://www.copyright.gov at least directs their anger against copyright law. Still, I think such an approach isn’t the right one regardless. For one thing it doesn’t express what is wrong with copyright law (perhaps they can place messages in the packets, messages that the MSM will merely ignore of course).
At least these attacks show some level of organized protest, which is better than not being organized, but it’s not exactly the approach I was hoping for. I want to see something more along the lines of a whole lot more people marching to congress and the white house and demanding that our legislators fix our laws. Or we need to find more creative ways to manage our govt and not let the corporations completely control it.
The only denial of service I’m interested in is denial of money to the punks that finance things like the RIAA and the MPAA and other fine institutions like it.
There’s nothing at all creative about taking down the MPAA and the RIAA — and all it does is serve to reinforce their misguided prejudices that it’s just a bunch unruly kids who dislike them.
Why do you assume their children?
Re: Re:
Are you accusing Mike of kidnapping?
Re: Re: Re:
Make that uneducated, unruly kids.
Re: Re: Re: Re:
“uneducated, unruly kids” who are able to crash websites and wreak havok with near impunity. I’d hate to see what educated ones could do.
While I don’t like DDOS attacks I can understand their position here. RIAA and MPAA lie and cheat and bribe and bully and, above all, they get away with it. The frustration with them is enormous and the temptation to respond with attacks like this is entirely understandable.
Re: Re: Re:2 Re:
Where I work we call people with this ability “users”.
If you can install an app, you can keep up with today’s /b/
Re: Re: Re:2 Re:
When do these geniuses start DDoSing techdirt for disagreeing?
It does not take much in the way of education to do this stuff. It might take some amount of education to figure out that it is counterproductive.
Turnabout
Anyone that watches any sports or has children of their own knows all too well that it is the one that retaliates that gets in trouble.
Its the general attitude, expected and confirmed.
At least these attacks show some level of organized protest, which is better than not being organized, but it’s not exactly the approach I was hoping for
A DDoS is not or does not have to be ‘organized’ it can be a single person, (called the ‘botmaster’) controlling a bot net. Yes, all his computers in his botnet are organized but it certainly can be, and often is a single person behind it.
as for damage, yes, it will do far more damage than good. making the attacked marters to the cause..
this is ofcourse playing right into their hands, even to the point that claiming a DDoS would benifit them.
And promoting their attack helps them as well. and shows the attitude of those who oppose their views.
So its actually putting your ’cause’ backwards, not forward.
Re: Its the general attitude, expected and confirmed.
“A DDoS is not or does not have to be ‘organized’ it can be a single person, (called the ‘botmaster’) controlling a bot net.”
But that’s not the case here. In this case it is a bunch of people voluntarily participating, not a botnet of users with their computers unknowingly under the control of a single person.
Also, make sure you click reply to this post when responding.
Re: Its the general attitude, expected and confirmed.
“and shows the attitude of those who oppose their views. “
Unfortunately this is how the MSM may see it, but the fact remains, it’s the MPAA that started it.
/b/ is a bunch of ugly kids who dislike them.
Is it possible, I wonder, to hack a site so that instead of any link to it taking visitors to that site, they get redirected to another page instead – in this case, one addressing the reason for the redirect and the issues at hand? Because that seems like it might be a more effective “virtual picket” as it were.
Also, how long can a DDoS be maintained? And what would happen if a coordinated, simultaneous attack were made upon sites like copyright.gov and the USPTO site as well as the major record label, movie studio, RIAA, MPAA and other MAFIAA sites and maintained for a long period of time? Or a redirect as I mentioned above? Not just for a weekend, but continuously, day after day, month after month.
Might be interesting to find out.
Ha!
“In my many years I have come to a conclusion that one
useless man is a shame, two is a law firm and three or
more is a congress.” — John Adams
The above statement pretty much says it all! I started laughing when I read the word “lawyer”! If a lawyer is involved expect anything to take twice as long, cost four times the original budget and meet half of less of the original requirements!
The point of /b/ is to have no point. And Mike, who’s to say a DDoS attack had no real effect? They got you to write about it, didn’t they? They got a lot of folks to cover it:
http://www.pcmag.com/article2/0,2817,2369359,00.asp
http://techcrunch.com/2010/09/19/riaa-attack/
http://pandalabs.pandasecurity.com/4chan-users-organize-ddos-against-mpaa/
Just because folks like yourself fail to quantify its effects in a nice paragraphs post the morning after, doesn’t mean it was worthless, or all for nothing.
Re: Re:
“And Mike, who’s to say a DDoS attack had no real effect? They got you to write about it, didn’t they? They got a lot of folks to cover it:”
Mike said point, not effect. Regardless, was that the first and only idea they managed to come up with to generate press? I’m confident that you can generate better press in less stupid ways even if you really don’t have anything constructive to say.
“Just because folks like yourself fail to quantify its effects in a nice paragraphs post the morning after, doesn’t mean it was worthless, or all for nothing.”
What was it worth? For the few sites that covered this and didn’t cover the original story of the anti pirate outfit DoS attacking, I can’t imagine that the coverage was a good thing.
Just my $.02 worth
I have to play devil’s advocate here on a few things, and for the record I’m not taking sides i this, just some observations.
From the comments I’ve been reading it seems like the consensus is that the DDoS attacks were “ok” because it was against the RIAA and MPAA. My first question is, when does it stop being “OK”, when it’s against something that you support, or is it not what you do but who you do it to that matters?
Secondly, am I the only person that can see a day come when /b/ and 4chan are deemed to be “domestic cyber terrorists” due to their actions? Not that I would want this, far from it, but I can see something like it being done.
Personally, I think if given a message with the actions, it’s a valid form of protest, but I always think of what the repercussions would be.
Re: Just my $.02 worth
“From the comments I’ve been reading it seems like the consensus is that the DDoS attacks were “ok” because it was against the RIAA and MPAA.”
If anyone thinks that then it would seem to be more because of the ‘reap what you sow’ angle than general hatred for the targets. Why anyone sane enough to hate the RIAA and MPAA would want to stoop to their level is beyond me.
Re: Just my $.02 worth
“From the comments I’ve been reading it seems like the consensus is that the DDoS attacks were “ok””
Which one? The one perpetrated by Aiplex?
They're not doing their job
Well, the government is suppose to be *for* the people and *by* the people.
Both are false right now. The government is for the money and bought by the corps.
The government is lucky we’re not exercising our RIGHT and civic DUTY to replace the shit it’s become.
DDOS attacks are not the answer. This can only lead to the escalation of the “war”. “We” shoot them with DDOS attacks, and they hit back with “cyber-terrorism” legislation.
Who wins in the end? They are the one with the law on their side and can claim the moral high-ground. Worse, they can shoot back with their own DDOS attacks against anyone they disagree with (EFF, FSF, CC, TPB, etc) under the pretext of enforcing the law and protecting their interests.
This attack was no good for anyone.
Hey, when regular methods of making our unhappiness don’t work? You resort to other methods to make your point clear.
“I think that denial of service attacks are a pretty dumb idea. It does nothing but piss off people and doesn’t make any real point at all.”
We gotta take these bastards. Now we could do it with conventional weapons that could take years and cost millions of lives. No, I think we have to go all out. I think that this situation absolutely requires a really futile and stupid gesture be done on somebody’s part.
Re: Re:
“No, I think we have to go all out. I think that this situation absolutely requires a really futile and stupid gesture be done on somebody’s part.”
Nailed it.
It's a dumb move
But feels so gooooood.
Why is it bad if internet users team up to do exactly what the MPAA has done by hiring a contractor earlier?
The internet’s DDoS on the MPAA is worse than that Indian companies hired DDoS attacks against sites the MPAA doesn’t like?
I see some flaws in the author’s logic.
Also a DDoS attack isn’t a crime. It’s basically a digital sit in. Civil disobedience at max.
Whats needs to happen is that the RIAA and the MPAA gets blackholed forever!
Amazed by the BBC
http://www.bbc.co.uk/news/technology-11371315
I’m quite amazed to say this but the BBC appears to have accurately reported this story. They haven’t just said that 4Chan have attacked the RIAA and MPAA, they’ve explained that it is in retaliation.
Even better this is one of the most read stories on the BBC News site which suggests that a great many people will have seen the this surprisingly unbiased piece of news and seen that the RIAA and MPAA have reaped what they have sown.
If you look at the links on the bottom of the article it also seems certain other MSM news provisers have not just taken the industry line but explained it is about protest and not just spite.
Dumb Idea?
http://torrentfreak.com/acslaw-anti-piracy-law-firm-torn-apart-by-leaked-emails-100925/
A week into Operation Payback and the first casualty.
the anti piracy groups hack them selfs and dos attack also they should of been sued years ago for invasion of privacy with thier spyware and virus’s they pack on every p2p network its all about greed now that the economy isnt as good people actually have to work back when napster was around no one could care a less what was downloaded online or shared now all the sudden they make a big deal about it and try shutting everyone down why cant the internet just be free like linux why do people have to charge for music dont they make enough from concerts music should be free you dont own sound no one does god made sound how can these companys think they own sound its stupid if people didnt download songs they would record them from the radio or tv or copy cds or tapes or even make thier own music no one is paying nothing for them expecially for modern music that most of it isnt good anyway who wants to buy a cd with songs that suck just cause one has a ok beat or better yet who wants to buy cds of bands you have not even heard cause they dont play them on the local radio when you can download them and see if you like them first we all know that the musicians are not hurting they can go perform a concert any day and sell out they dont need cd sales to make a living