Log in ....Tribune


Dot.ComLatest in ITFree DownloadsOn hardware

Monday, January 8, 2001
Article

Hackers divert visitors, overwhelm servers
with e-mail ‘bombs’
By Tania Branigan

Rocketing numbers of political campaigners are embracing the Internet with the fervour their parents showed for sit-ins as they try to claw back its independence and make online actions a standard part of modern protests.

Computer activists — "hacktivists", as they have become known — are squaring up to governments and corporations who want to restrict their activities. They are not opposed to business, but their immediate political aims, which range from improvements in working conditions to political independence, are fuelled by anger at the commercial dominance of cyberspace. Their tactics range from sending straightforward e-mails of complaint to crashing Web sites or diverting visitors to different sites. Some have overwhelmed servers with e-mail "bombs" of thousands of protest messages or launched computer viruses and worms.

In the US election both Republican and Democratic sites were defaced with anti-Bush and anti-Gore sentiments, while the Middle East conflict has been fought almost as heatedly online as in the real world. Palestinian and Israeli computer users have defaced Web sites, set up spoof sites as propaganda and even stolen the credit card details of their enemies.

 


Ingenious:
But so far hacktivism has been dominated by social justice and leftwing issues, with the far right using the internet only to organise and recruit. In one case campaigner diverted visitors seeking the Ku Klux Klan site to hatewatch.org instead; public reaction is likely to be very different when someone tries to do the opposite.

That day may come sooner rather than later, as new programs make it easy for activists with little computer knowledge to enter systems or crash a Web site. These newcomers have joined the original hackers: highly skilled and ingenious programmers who share distaste for authority and belief in freedom of information. Some are malicious; most see their hobby as a technical challenge; and increasingly, many are investigating its political possibilities.

"People don’t like the way the Internet is increasingly commercialised," says Paul Taylor, a sociologist at Salford University in England who has written a book on hackers and is currently researching hacktivism. "Comparisons are made with the land enclosure acts — who owns common land? There are a lot of insidious ways in which corporate power has increased and is pervading the whole social fabric. It’s happened within the structure of the Internet; big corporations have got an advantage over governments and their values are getting incorporated into government policies."

Underlying tensions are coming to a head with the advent of new legislation and information-gathering techniques. In Britain, the Regulation of Investigatory Powers Act has given the police and security services the power to collect Internet data without a warrant and to demand the keys to encrypted material. In the USA, the FBI is seeking the right to capture all messages sent across the Internet with software called Carnivore. This would allow them to trawl for e-mails containing particular words.

In both cases, the authorities insist that the measures are essential to combat international crime and terrorism. But others worry that they will be used to monitor and discourage legitimate political activity and will ultimately ensure that only "acceptable" voices are heard on the Net. Hacktivists fear that politicians, often lacking technical expertise, will be easily swayed by business.

"The prime minister of this country (Tony Blair), by his own admission, gets most of his information on the Internet from his kids," says Paul Mobbs, co-founder of the UK-based Electrohippies. "Politicians don’t know the first thing about it."

He fears that individuals may be driven off the Net because they have no rights to access. They are dependent on the Internet service providers who, for commercial reasons, are likely to refuse to host material that is controversial or which could attract expensive legal action and who could block users requesting certain sites.

"E-commerce has driven the Internet over the past few years. Anyone who’s not part of that is not supposed to be there," Mr Mobbs complains. He acknowledges the damage that some hacktivists have caused and accepts the need for policing. But he also says security forces and businesses are scaremongering and believe that the RIP Act and Terrorism Act are a dangerous combination. "These new laws, rather than enabling free use of the Internet by all, are seeking to blur the distinction between public protest, crime and terrorism in order to provide a ‘safe environment’ for corporations to do their deals," he says. "The British government is seeking to define a ‘virtual corporate free state’ where corporations can do business free from public pressure."

What delights the protesters - but worries their opponents - is that the Internet acts as a magnifying glass for discontent. Individuals using computers can wield power they could never command on the street: it takes dozens, maybe hundreds, to occupy a building and unveil a banner but only one to hack into a computer system and take over a Web site. One person can bring down an e-commerce site, disrupting or halting a firm’s trading.

Oxblood Ruffin, of the respected hacker group Cult of the Dead Cow, suggests that the versatility and technical know-how of protesters offers them a chance to redress imbalances of power in the real world:

"Hacktivism allows us to mount better arguments, rally unseen allies, and take on any tyranny," writes Ruffin, based in Toronto. "It shrinks any Goliath down to his true size. Usually puny.

"Where a large physical mass is the currency of protest on the street, or at the ballot box, it is an irrelevance on the Internet. Or more correctly, it is not always necessary...To think that it takes a lot of people to execute an act of civil disobedience on the Internet is naive. Programs make a difference, not people."

For that reason, detractors argue that hacktivists are a classic example of power without responsibility. But unlike the original hackers many are happy to discuss their actions openly: Mr Mobbs publishes his address and phone number on the Web. The Electrohippies informed the World Trade Organisation before launching an attack on its Web site in November 1999, and ensured that their own site linked to sites supportive as well as critical of the organisation.

They debate their tactics with passion and sophistication, citing Aristotle, Thoreau and Lord Acton. Many, like the Electrohippies, refuse to access other persons computer systems and regard denial of service attacks as a last resort. Oxblood Ruffin goes further and insists they are unforgivable: "Denial of service attacks are a violation of the freedoms of expression and assembly," he insists. "You do not make a better point in a public forum by shouting down your opponent. Say something more intelligent or observe your opponents’ technology and leverage your assets against them in creative and legal ways."

It seems inevitable that many of the protesters’ tactics will be outlawed. Dr Taylor agrees that some measures may be needed, but suggests that we have overreacted, encouraged by security specialists who have a clear commercial interest in playing up the threat to worried businesses and who may mislead the public with their real world analogies.

One firm described the Electrohippies as "terrorists" for their WTO action. Yet the Electrohippies refuse to intrude into computer systems. "I think we have really twisted values," says Dr Taylor. "In the Kosovan war the Pentagon was scared of using cyber warfare in case it was a war crime - but they bombed civilians. It seems to me that it’s quite skewed values by which 1,500 lives are less relevant than the legal elements of cyber war. People talk about the Tamils sending e-mail bombs to the Sri Lankan government, but surely that’s better than real ones." He predicts that a "cat and mouse" game will ensue as talented hackers find new ways to protest every time governments ban an old tactic. Oxblood Ruffin, one of the most technically advanced of the hacktivists, is currently working on a complex program that could mark the next significant stage in online activism: it focuses on giving people a tool rather than criticising or disabling opponents.

 

Hackers’ lexicon

1. Denial of service attack:
One of the most popular methods of attacking Web sites. Users run a program that makes thousands of requests for a site simultaneously, slowing the speed at which the server fetches pages or in some cases crashing the server totally so that the target site - and others hosted there - cannot be accessed

2. Mail bombing:
Inundating an email address with thousands of messages, again slowing or even crashing the server. It inconveniences other server users and prevents the targets finding genuine messages in their inboxes

3. Defacing:
Changing the information shown on another person’s website. It involves hacking into the target’s computer system and is therefore illegal

4. Hijacking:
Redirecting anyone trying to visit a certain site elsewhere. Again, it is illegal because it.

 

Home Top