errorsandexceptions

Code, etc.

Tag Archives: anonymous

Operation Payback: activism or idiocy?

Recent attacks by governments and private enterprises on the expressive and economic freedoms of Wikileaks and its founder Julian Assange have provoked the wrath of the Interwebs. Following the release of the first batch of 250,000 diplomatic cables, Amazon, Mastercard, Paypal, Postfinance and others have sought to distance themselves from the group.

In response, Anonymous has unleashed a massive Distributed Denial of Service attack against the online infrastructure of the offending corporations, as well as against the website of the Swedish Prosecution Authority and US Senator Joe Lieberman, he of the Kill-Switch Bill, who called Amazon to put pressure on them over their hosting of Wikileaks in their EC2 cloud.

The description of Anonymous in the mainstream media belies their lack of engagement with online culture. Variously designated as “online activists”, “cyber activists” and other even more ridiculous monikers, Anonymous is simply the group of people who post without usernames on the internet image board 4chan. Their past actions can be characterized by an overriding puerility, punctuated by random displays of kindness and some legitimate activism, such as when they organized Operation Chanology, a series of online and real-world actions against the Church of Scientology.

Operation Payback, the name given to the recent DDoS attack against Wikileaks’s enemies, is not a typical Anonymous operation. Firstly, it has vastly more participants. Anonymous has no leadership structure. Membership has no conditions. Anyone can join in the attack simply by installing a piece of software called LOIC (Low Orbit Ion Cannon). Although Anonymous is characterized as a decentralized collective with no leaders, in recent days a Twitter account has been transmitting orders for sites to attack.

In many countries, DDoS attacks are a legal grey area. Since 2006, the UK has had anti-DDoS laws in place. Similar laws came into force in Sweden in 2007. The USA, unsurprisingly, imposes harsh sanctions on coordinatiors of DDoS attacks. In 2009 a man was jailed in relation to Operation Chanology, the previously mentioned operation to disrupt the Church of Scientology website. Where there is legislation concerning attacks, they are generally outlawed. However, law concerning the internet is not sufficiently advanced in many jurisdictions to take the phenomenon into account.

I would like to suggest that the law should take a different view of DDoS attacks. Operation Payback is showing us that they can be a legitimate form of protest. In the classic DDoS, a horde of infected computers are commandeered unbeknownst to their owners and aimed at a website merely to cause disruption or as a form of extortion. We already have the laws to deal with this. Trespassing on someone else’s computer system is illegal. So is extortion. But in the case of the Operation Payback swarm there is no extortion and participation is voluntary. In effect, it is a form of mass gathering. Hordes of people, disgusted at the actions of the companies, public bodies and individuals targeted, have turned up at their websites to register their disapproval and prevent others from entering. By making themselves visible in this way and disrupting the targets’ business, they are conveying a message to the targets and the public at large.

This action has a real-world corrollary: the picket line. The two phenomena are remarkably similar in purpose and effect. Picketing/DDoS activism both aim to bring public attention and sympathy to an issue, to disrupt the business of the target, and to discourage others from patronizing or otherwise associating with the target. (As a form of industrial action, picketing seeks to discourage people from crossing the picket line and going to work.)

In many places, the actions of picketers are protected by labour laws. So long as the picketing takes place on public property, there is little that can be done to stop it. Likewise, the rights of people to protest and assemble peacefully are generally protected by constitutional provisions. DDoS attacks – like Operation payback – that involve no trespassing, vandalism or extortion, and are undertaken as a peaceful form of protest ought to be afforded the same protection.