1998-12-15 - DoS considered harmful [WAS: RE: Anyone striking?]

Header Data

From: “Trei, Peter” <ptrei@securitydynamics.com>
To: dcsb@ai.mit.edu
Message Hash: 303e3a50a95362388c339f41a5e4bfdf617930cb953bef837de2cd9de9558a06
Message ID: <D104150098E6D111B7830000F8D90AE84DDFC6@exna02.securitydynamics.com>
Reply To: N/A
UTC Datetime: 1998-12-15 18:26:30 UTC
Raw Date: Wed, 16 Dec 1998 02:26:30 +0800

Raw message

From: "Trei, Peter" <ptrei@securitydynamics.com>
Date: Wed, 16 Dec 1998 02:26:30 +0800
To: dcsb@ai.mit.edu
Subject: DoS considered harmful [WAS: RE: Anyone striking?]
Message-ID: <D104150098E6D111B7830000F8D90AE84DDFC6@exna02.securitydynamics.com>
MIME-Version: 1.0
Content-Type: text/plain

Someone using the name Carlos Gomes [GomesC@netsolve.net] 

> [...]
> There were several ideas floating around: a) detach
> from the net and from work b) create a signed letter of
> disapproval published to appropriate orgs c) _short_
> loosely organized burst of DoS against select online
> targets from widely distributed sources.

> All valid forms of protests (when properly organized
> and executed) all with varying forms of impact and
> visibility.  For the record, I think option c) could be
> a valid and effective form of active protest.  It is a
> form which has not been used in support of the cpunks'
> agenda (or many agenda's for that matter) to date and
> one that merits a review.
> [...]

> regards,
> C.G.

A DoS (Denial of Service) action is a really, really,
really bad idea.

It's both illegal and counterproductive. It's the sort
of thing I would expect to hear from an 'agent
provocateur' bent on discrediting critics of
government policy, by casting them as malicous hackers.

We went through this once before. Back when I was
getting the DES challenges going, some one proposed
that the target should be a live bank transaction (I
think in Germany). I argued strenuously against such a
move, and in favor of a specifically created target
This goal was fullfilled when I got RSA to set up and
sponsor the Symmetric Key Challenges.

If a group of people coordinated in any way to mount a
DoS attack, the effects would include:

1. Lump anyone taking an anti-Wassenaar position
together with a gang of destructive hackers.  This
would be a tremendous setback for the Good Guys, and
play straight into the hands of the those who would
remove freedom.

2. Anyone engaging in such an attack would face
real-world LEA investigation for computer hacking.

3. Anyone who discusses such an attack with anyone who
actually goes out and does it (other than to argue
against it, as I am doing) could be charged with

[So, if any of you are idiotic enough to do this, do
the rest of us a favor, and keep your discussion to
private channels and *off* the mailing lists. I *don't*
want to know.]

4. Most importantly, It Would Be Wrong. As long as
legal channels exist to right the errors of government
policy, they should be used. That governments stoop to
dishonest, deceitful, and unconstitutional activities
(or activities 'legal' only in the Clintonian sense)
does not justify others abandoning the moral high

I don't think a strike is going to fly, either. What
might work is a Web page blackout, similar to that
done for the original CDA nonsense.

Peter Trei

[Disclaimer: In this message, I speak for myself only.]