Brendan Cooney

This conversation is closed.

Why do we consider groups motivated by protest to be attackers?

In this talk, the second group mentioned were the attackers motivated by protest (ex: Anonymous). Why do we consider groups like this to be attackers?

Answering this may require re-evaluating our definitions and connotations of the vocabulary we use regarding the Internet today: What is crime? What is an attack? What is violence?

  • Comment deleted

    • thumb
      Jan 19 2012: Nor do I, but the basic premise of the first half of this talk is that some collective 'we' *do* believe they are...
  • Jan 28 2012: If you are taking action to cause something that isn't yours to be destroyed or malfunction what better term would you suggest than "attack"? Violate? Vandalize? Destroy? In the end, they all end up meaning something like attack anyway.

    If you want to protest start a blog, or gather signatures online. If you are hacking into something that isn't yours or intentionally misuing equipment to break someone elses system then it's an attack.
  • thumb
    Jan 22 2012: Q: "Why do we consider groups motivated by protest to be attackers?"

    A: Because that is what hactivists want. Corporations can get away with skimping on cyber security because their users do not demand it nor hold them accountable for it. Anonymous wants to change that by making you realize that YOU are directly at risk. The only way this works is to actually exploit vulnerabilities and then prove the exploit by releasing confidential data. Without incidental damage to that vendor's customers, people who aren't being harmed continue to think it can't or won't happen to them. By causing harm to end users and consumers, Anonymous and other groups make the threat real so that the public starts (FINALLY) to take notice. "Hey, this could happen to me! I'd better ask my bank why they don't offer 1-time use credit card numbers or SMS login verification." Hacktivist tactics work in part *because* we consider them hostile and then demand protection and accountability from custodians of our data.

    The market system rewards the most efficient producer of a good or service. As long as end users are not demanding security nor holding their vendors accountable, investment in security is an unrewarded cost that makes the secure company less competitive in the market. Until it becomes cost effective to invest in security, companies won't do it. That means a majority of users need to speak out and start differentiating products based on security. To give one example, I've notified Hilton several times since 2009 of a vulnerability in their HHonors web site. I've reported it through their customer service, through hotel managers, through their High Speed Internet Access satisfaction surveys and through their marketing department. I even located someone whose account had been breached. Despite having reached and exchanged emails with VPs since 2009, the site to this day remains vulnerable. Apparently securing my and your information is not profitable. Yet.
  • Jan 20 2012: I'm not 100% backing them up, because they might be attacking me as well and without me knowing it.
    Next thing, line is obviously thin like you tried to imply, but as for BIG COMPANIES, they have BIG profits and they should offer protection. After all you are paying for it.

    I do back them up for discovering some disturbing stuff that GOV does to their own people.

    Now the real question is, are they really working for us or are they just a puppet for GOV, that are making GOV look bad, because GOV all over the world, won't have that trust level as groups like Anonymous.
  • thumb
    Jan 19 2012: Being motivated by protest is not justification for attempting to harm or destroy. To call peaceful, lawful protest an attack is wrong. Does Anonymous use peaceful, lawful means to accomplish their purpose? Or do they seek harm and destruction?
    • thumb
      Jan 23 2012: Really? Consider the US war for independence. Americans (at the time every bit as British as the Brits) kicked it off with acts of sabotage. Also consider that only about one third of Americans wanted to rebel. Would you suggest we issue a mea culpa and hand ourselves back over to the British?

      It is an ugly truth, but sometimes destruction is exactly what a situation calls for. Worse still, there is no clear distinction of when it is appropriate. It's the old, "one man's terrorist is another man's freedom fighter" problem. And for as proud as I am of the denizens of the internet for peacefully stopping the SOPA/PIPA bills, I also recognize that there are some problems a sit-in just wont solve.
      • thumb
        Jan 23 2012: The question is more one of semantcs than politics. "Why are protesters (sometimes) called attackers?" is the question Mr. Cooney asked. I am sure the King of England considered acts of sabotage by American revolutionaries to be attacks against England, and rightly so. Just because a person is motivated by protest does not exempt them from being called attackers if they use illegal, destructive measures. If a group decides to use criminal, destructive methods to demonstrate their protest they deserve the title "Attackers". PS. England does not want us back. Sorry if I contributed to you being livid Mr.Imp.
  • Jan 19 2012: I don't, but if they tend to use their knowledge to some personal gain like getting money of from me, or selling my information, I will mark them as attackers.

    But in this case I do not, and It's not because they aren't attacking me, but it's because governments and large corporations are using their power to their advantage. Like Sony, they get Milions of dollars for their services and when they got attacked they couldn't protect their users, just because they were so money hungry and did not invest in security.
    • thumb
      Jan 20 2012: No offense meant, but isn't "because they aren't attacking me" a faulty, or at least narrow, premise for belief? Mikko demonstrates(in his other TEDTalk) many of the tactics used by these groups of people, and in this video insinuates that the same tactics are used today used for political protest as well as for financial gain, both illegally. So, even if they haven't attacked you, it's still the same playbook they are operating from... This is where I become curious -- how do we draw the line? Is it if it happens to us?
  • Jan 19 2012: Groups such as Anonymous are guaranteed the rights to peaceful protest, but if they cause damage to websites it could be viewed as a form of vandalism and as such a crime. But then when they protested the Syrian government and shut down its Ministry of Defence's webapge, most people would believe that was a good thing. It's a very complicated matter.
    • Jan 26 2012: But is there such thing as peaceful protest on the Internet? Protests are meant to draw attention to one's cause, and, on the internet, there is no way to draw attention. People can ignore you on the internet, refuse to visit the sites which you post your protests upon, but in real life, there is no way to do so.

      Denial of Service attacks act in the same way as a protest does in real life. A large number of people show up on-site, and informs both the people within (the building or website), and those who are attempting to get in that they hold an opinion which holds those inside to a lower regard.

      Granted, it's not a perfect analogy, as DoS attacks could shut down all access to the site (which is analogous to blockades and other such illegal activities) but if the DoSers leave one nameserver up, then the site would still be accessible, although slower, which would resemble a peaceful protest.

      All protests make some sort of disturbance. And freedom of speech should be protected.

      (Maybe if people could apply for permit to DoS a certain site, just like one applies for a permit to protest in meatspace.)