Anonymous turns attack drones against fax machines
From cyberspace to Office Space
Pro-Wikileaks hacktivists have begun targeting the fax machines rather than the websites of firms who have withdrawn services from Wikileaks.
As part of the new Leakflood mission, activists have been encouraged to send faxes to Amazon, MasterCard, Moneybookers, PayPal, Visa and Tableau Software. The group published a list of fax numbers, encouraging members to send over extracts from leaked cables, letters from or images of Guy Fawkes – but no gross-out porn or similar offensive material. Would-be participants were encouraged to use the MyFax free fax service and to take steps to preserve their anonymity.
The campaign, which started at 13:00 GMT on Monday, is due to run for a day until 16:00 GMT on Tuesday. However, Netcraft reports that patriot hackers opposed to the operation have launched a counterstrike against the IRC servers where would-be participants go to discuss attack strategies. The anonops.eu domain (used to list the locations of IRC servers) has also come under attack and is currently unavailable.
Fax-flooding campaigns were also used against the Church of Scientology in the early phases of the Anonymous campaign against that organisation. It never emerged whether the tactic had been successful or not and it is still less unclear whether the fax-bombing of Amazon et al has caused any disruption. ®
Trouble is that there are *much* more concrete and established laws against malicious telecommunication over a phone / fax line than over the general Internet. It's likely to be much easier to punish people, e.g. by cutting off *their* phone line. All you'll do is get MyFax into trouble, who'll then push it back to you or secure their service properly. Probably takes a minute to add their Caller ID number to a blocklist on the fax system at the other end, or to just not answer all non-caller ID calls, and then you're back to glorious silence and only slightly more hang-ups than usual.
And, to what end? They would just advertise another (up until now private) number to their clients who *really* need to fax something to them, which may or may not eventually make it into the attack list, when they then move to another number - but basically it's more a nuisance than anything constructive (or even destructive). I know that the schools I work in have a dedicated switchboard line and external number for fax, and mostly it goes straight to a Fax-to-email gateway of some kind, and if a primary school has that kind of setup, you can be sure that a huge organisation has a much better one. All they've done is stuff people who are, say, abroad and need to fax proof that they are the person who lost their Visa card, etc. Hurting people who have no connection to the actual events is likely to make things infinitely worse overall than actually targeting your message properly.
I wouldn't be surprised if someone like Visa has hundreds or even thousands of fax lines, all automated by some Asterix-esque hunk of metal. Sure it's a nuisance for the person reading them but then that's likely to be some lowly secretary who receives and treats it just like spam email. The software company might be a bit smaller, but still they probably have a decent setup. It's unlikely to be costing ink or paper in this day and age, with fax-capable MFD's, scanners and photocopiers before you even get into Hylafax setups or the like. It's just the same as sending a bit of spam and holding up the phone line for 30-seconds or so.
It's childishness, aimed at avenues that are, ultimately, pretty weak and unrelated. Next some idiot will suggest attacking the UK Police websites because they're the ones who arrested him, and then you'll be in *actual* deep trouble, rather than just being treated as a bunch of random idiots with a petition (which is *exactly* how Anonymous behave: "sign my petition to end taxation and make cocaine legal!", and they get viewed by others in exactly the same fashion as such petitions would be).
I'm not even sure *what* the grievance is so far, except possibly "We think you might eventually, possibly, take our ball away, mister". An organisation committed an almost certainly illegal act (whether they are prosecuted or not doesn't reflect on the actual illegality of the act), went public, then had it's funding cut by credit card companies and banks (who can do that for *no* reason if they really want to - read your terms and conditions), its hosting denied by a company that has T&C's against hosting such content (and probably has a US-hosting-presence so is absolutely in danger if they continue to allow it to be hosted on their servers), and a random publicity-seeking idiot from the organisation has been arrested (voluntarily) on unrelated charges which will have to be proven in court, from a country that's subject to EU law with regards to extraditing people.
I actually think there's been a huge amount of restraint in dealing with this and that, actually, there's not much to react over. The UK police even sent his arrest warrant back several times because it wasn't filed 100% correctly. Now it has, they have arrested someone who INFORMED the police deliberately of where he is in case he needed to be arrested. The banks and card companies, and server hosts? That's their right. If you're found dealing drugs online, they will seize or terminate your account. If you're found hosting an illegal porn site, they will seize or terminate your account. In some cases, if their T&C's say not to operate that kind of site using their services, they will terminate your account (e.g. almost every web host has a "no porn" policy, even if it's completely legal porn). Where's the difference? Where's the actual unfairness that's applying to Wikileaks that hasn't been applied to millions of other people in the past and will continue to be applied to millions of other people in the future?
You can say what you like (within reason). But no company in the world has to sponsor your speech, or provide you with a free soapbox. And disseminating illegally-obtained confidential material and publishing it is very much a legal red area. Whether they can get a prosecution is a grey area but almost certainly it's illegal to do what was done. And for what? So we can find out that some people called the Korean leader some names, or that America was asking us about our anti-terrorism preparations. There was no huge piece of news that resulted from the leak - just diplomatic sundries, personal comments and a handful of "revelations" that weren't really that surprising to anyone with a brain. If you'd found evidence of, say, mass torture and illegal imprisonment, with government complicity, in a supposed democracy, without trial - that's news and I'd be defending your right to get that into the papers in as big a headline as possible. Instead we end up with "The oil-rich Niger Delta is a hotbed of corruption", that "China and US share a common frustration in dealing with Burma." and that "The IRA took advantage of the economic boom in the Irish Republic to diversify into the property market". Wow.
Yeah that will do it
Go hacktivists go! Attacking and harassing these companies will get them on your side. Yes indeed!
All you need to do is launch DDOS attacks etc. and they'll toss aside their business dealings and their good graces and support Wikileaks to the hilt! Fight censorship by censoring these people!
Or rather they won't. They'll largely ignore the attacks except in coordinating with law enforcement in whatever way necessary to get at least a few of these idiots sent down if possible.
Perhaps 4chan can divert their attention and start DDOS'ing the law courts next. I'm fully expecting some children are already plotting just that very eventuality if Julian Assange's hearing doesn't go to their liking.
And nothing of value was lost...
People still use fax machines???