A University of California professor who organized a "virtual sit-in" that targeted the university president's website has been told he may face criminal charges for mounting a distributed denial of service attack. UC San Diego Professor Ricardo Dominguez spearheaded the March 4 digital protest by calling on demonstrators to …
Submit post: 'Virtual sit-in' tests line between DDoS and free speech
At least the numbers of computers participating in the attack was directly related to the number of people in support of the protest. It reminds me of this: http://en.wikipedia.org/wiki/BlueFrog
Quite the ego there in Dominguez, comparing himself to Henry David Thoreau, Mohandas Gandhi, and Martin Luther King. If he actually knew anything about these great men and their use of civil disobedience, Dominguez would also know that they were willing to, and did, go to jail for their actions. The fact that Dominguez is whelping and comparing himself to these great men in an attempt to not bear the consequences of his civil disobedience, speaks droves.
".....the digital equivalent of the types of civil disobedience championed by....<etc>"
Total fucking bollocks that is too. There's a world of difference between motivating a sufficiently large group of people to go out at personal risk on a regular basis to get in the faces of authority and getting a load of couch-potatoes to fire up a browser session to leave running while they go out on the lash.
The first requires as a prerequisite a seriously worthwhile cause that a large number of people care deeply about, plus the motivation and organisation to get 'em to do something about it . For the second, you only need something that can raise the interest level above "meh" amongst lazy arsehats and a tame s'kiddie.
He's a pompous prat and deserves everything he gets.
It seems to me the key issue is whether the protest was calibrated to actually disable the web site in question, or merely be noticed. Much like a real sit-in could either try to blockade a building or just attract attention.
On the other hand if he's calling it civil disobedience, he shouldn't exactly be surprised if it turns out to be illegal. That's kind of the point, isn't it?
...is that when people protest in person - whether they just make themselves noticed or blockade entirely - all other visitors to that building get to see what they are protesting about. When you DDOS a website, all people get to know is that the site's been DDOS'd
seems pretty clear to me that it fits the technical definition of a DDOS, and the intent... you don't get a free pass just because you're claiming to be doing it for a better reason than "for the lulz"
That's kind of the point?
I thought the point in civil disobedience was that you are doing something that is not illigal but in such a way as to cause a problem.
If you are not doing something illegal, then what exactly are you disobeying?
Way to go! Who's responsible for budget cuts at a state university? It seems the protest was misdirected. Why didn't they protest governor's office or state congress? Also, who ever visits a university president's website anyway?
Eh? Does this idiot know what "scale" means in networking?
"Dominguez, an associate professor in UC San Diego's visual arts department, said the demonstration was an act of "electronic civil disobedience," a field he's been studying for more than a decade and for which he earned tenure in 2006."
An associate prof. at UCSD, specializing in visual arts, managed to get tenure by studying electronic civil disobedience? The mind boggles ... no fucking wonder the UC system can't balance their budget.
If this twat tried to do the same thing to my web site, and I retaliated in kind, I'm fairly certain that he'd whine about me being unfair because I have more bandwidth than him and the UC system ... DDoS doesn't scale, and shouldn't be allowed regardless of cause.
(Anyone at UC Davis know how to train the barn cats not to hit the "post" button before I'm done typing?)
Not trying to DoS - read the FAQ Luke...
Looks like he's knowinglyu tryi8ng to disable to target server.
Below are the first two paragraphs of the help page.
I don;t see how he can claim his intent was anything but to cause a DoS.
# The action page send multiple, fast and repeating querries to the website of the UCOP. If there are enough numbers of people running the action at the same time, the massive traffic load causes the President's server to drastically slow-down and/or, hopefully, come to a halt.
# If you see messages saying the server is 'too busy' or 'not available' or 'cannot be found' it means our collective action is having the desired effect. Even if you do not see these messages, you can be sure that the server admin is going to take notice of the action; in other words, they're going to know that we're sitting in on them. This form of electronic action is legal: All we are doing is visiting their site.
"In order for there to be a computer crime, there has to be either an intentional denial-of-service ....."
".... merely going to the website repeatedly is many, many authorized accesses, not an unauthorized access."
Connecting to a website repeatedly is pretty much the definition of a denial-of-service attack. getting many people to do it adds the word "Distributed". He has also done this to his own employers - is he a bit thick?
Jumped up psych little prick? And the world is a full of them at the top of the pyramid.
Sieg Heil, Mein Herr Drake.
Anarchy reigned and it is reined and rains from the top who need it in IT down and not from the bottom who feed it with IT up.
However, that was before the Controls in CHAOS which have Changed the Paradigm and Reversed the Meme with Commanding Clouds and Special IntelAIgent Sources with AIResources for Talking to Minds Mined and Virtually Enriched, and which now bait the Destructive Anarchists' Honey Pots with Sticky Sweet Invites to Play in NEUKlearer HyperRadioProActive IT LOVE Fields. ......... and find them as Ill equipped as a Virgin to Deliver Satisfaction and Hold Professional Attention.
The Bigger Picture
Errr ....... there appears to be a much bigger, politically loaded, issue at the heart of this tale ....... http://cryptome.org/0001/ricardo-dominguez.htm
Anyway student protest is dead
How can you go an buy a new pair of Nikes if you're wasting time protesting? If it takes lecturers to be doing the protesting theses days, what a wonderfully compliant generation they've raised.
Honestly, the yoof of today....
How about a denial of service email attack, all obediently saying "sent from my crackberry?"
Is it that easy to get tenure?
So. by "studying" this for 10 years he gets tenure and a fellowship, without actually, it would appear, really knowing anything about about cifvil disobediance ( as noted above, like the personal risk of jail, the importance of resisastance in the fight against oppression etc etc).
So, how little does a junior academic actually need to do to get ahead in a Visual Arts department of an American college?
While I personally oppose education cuts anywhere normally, here's one department where i'd make an exception.
It will be interesting to see the outcome of this and what (if any) precedents it sets.
Sadly, if the University have any sense they will just let this whole thing die. If the central authority have so little control they cant resolve this without recourse to the Criminal Justice System then we might see something interesting.
If it goes to trial and he is found not to have broken any laws it opens the doors to DDoS as surely the principle should ignore the technological aspects - denial of service is a denial of service if 100 machines do it or 10 gazillion.
If he goes to jail then it shows criminal laws can be used to stifle some forms of protest (what a surprise that would be....). It would mean that effectively a sit in was criminal and all participants should be jailed.
If he goes to jail, surely everyone else who took part in the "attack" should as they were willing participants (rather than zombie machines) who contributed in equal measures to the criminal damage caused.
Turkeys @ xmas moment
Whats despicable is that he's masking this job protection protest tantrum by referencing some real hero's of the common man. No more hero's any more, just twat danglers and self interested, narcissistic wankers.
Send him to the electric chair.
And all his supporters can switch on their lights at the exact moment if they don't want him to fry.
(What? California? Lethal injection? Oh well.)
Throw him out!
'Not a DDoS' because the paricipants can be freely identified?
What a load of BOLLOCKS!
What's to stop anyone from going to public PCs and load that page, all over campus, or libraries, or...
A (D)DoS is an attack designed to cripple or completely deny access to a service.
It doesn't matter how many is in on the 'Distributed' part, or whether they can be identified or not.
It's INTENT that matters!
As for his other 'pet project', the 'Trans Border Immigration Tool'.
That sounds illegal to me...
It seems to me...
...as though there is a difference between this and a standard DDOS attack. This is the Internet equivalent of a go-slow protest on roads, where lots of people individually (organized, of course) decide to drive really slowly through a city. You don't get arrested for that.
Here, lots of people individually (organized, of course) decide to slow down a website. The difference between this and a DDOS is that no computers were hacked/pwned/whatever the skiddies call it, and every computer that sent requests had a human being in front of it deliberately doing it. I don't know what this is, but to call it a DDOS makes the real DDOSs look less like the criminal acts they are.
That's pretty much exactly what it is - if it was a genuine attempt to totally bork the website the requests would be more aggressive than simply reloading the page every 1 to 6 seconds - it's not like it was something to the effect of "ping [URI] -t -l 1024".
It seems to me... (that a title shouldn't be required on a reply)
The web page these people were visiting was 'sending a new page request every 1 to 6 seconds' and a seperate function was sending 404 requests.
For it to be a true 'go slow' protest, each of the people involved should be visiting the targeted website directly (and hitting refresh if they want). By visiting a website that then sends malformed requests to the target, thay are started a DOS attack. Just because this is a DOS attack started by many people does not stop it being a deliberate attack.
A go slow protest on the roads involve lots of people with normal cars or trucks. This is the equivalent of each driver being able to set multiple automatic vehicles driving slowly down the road.
I agree that is does make DDOS attacks from pwned computers look more trivial though.
Maybe not arrested, but ...
"You don't get arrested for that."
Here in California, it's a moving violation. "Impeding the flow of traffic", to be precise. Ticket, court, points on driving record, insurance rates go up, etc..
If you are doing 35MPH in a 35 zone and refuse to pull over to let faster traffic pass, you can be cited for this ... it's not up to you to decide how fast other traffic moves. Note that that doesn't mean that the speeders won't get tickets ... Why the neon-clad "critical mess" bicyclistotards don't get ticketed under this statute is beyond me. Would be a good little income for cash-strapped San Francisco.
Transborder Immigrant Tool
The cell phones help nourish the users...
Pecked to death by a duckling
This man evidently hasn't heard of the horribly slow murderer with the extremely inefficient weapon: http://www.youtube.com/watch?v=YcltSOl7yZ0
stupid Ivory Tower
Yes cutting spending to education is like eating the seed corn and will bite us bad in the ass later. Still the sympathy for many working Americans towards our civil servants (many of whom directly or indirectly caused the current financial mess) is a bit low. The public sector should realize the private sector doesn't exists solely to sponge off of. Those in the ivory tower only seem to care when it affects their fat paychecks.
He's a lecturer??
OK, is there no minimum IQ required for his teaching role? His own "help" actually states he wants to bring the server in question to a halt, so he's admitted intent to commit a denial of service! He doesn't actually have to succeed, he only has to attempt to do it (which he did), and his own "help" will help to convict him.
But that's not the fun point. The real fun point is that the Uni must have an agreed set of useage regs as signed by all staff and students, just like there are in most businesses. By breaking those rules (and the Uni computing staff get to say if he has or not) then he's in breach of his employment contract and can be fired. He can even be sued for the costs to the Uni sysadmins for fixing the mess he created, and as this is the US legal system they can go for punitive damages and bankrupt the moron. And then they can sue him over for bringing the Uni into disrepute!
Was this guy asleep when they handed out the brains?
@ Matt Bryant, good point, probably everyone who joined in also broke the university's rules.
Now they get to expel all his students! And save a ton of money it would cost to teach them!
And presumably, those who didn't take part, consequently failed his civil disobedience course, so they can be dumped as well!
What is sad is...
I actually mostly agree with him on the protesting of the budget cuts in education. It is so often seen as a soft target. However, I'm not convinced his actions were right, or even really that important in the big scheme.
But what is sad is $900m is to be cut from education in California, but how much will be frittered away pursuing this? They pretty much have to make an attempt to slap him down, else lots of people might get ideas like this and that wouldn't be good for their infrastructure.
BTW, did I read he's tenured in acts of electronic civil disobedience? If so, isn't this all pretty much a big epic DUH! ?
this is what the fee west should be applauding
In a "civilized" society we should applaud this sort of thing, we should support this kind of action, why ! when the alternative is blowing you self up with explosives strapped to your chest and taking many other's who don't even know what your gripe is never mind care, should this bloke be nominated for a peace prize , as times get tough people need to express their repulsion with a system. I for one would prefer his methods of "self expression"
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Feature Be your own Big Brother: Monitoring your manor, the easy way
- Boffins say they've got Lithium batteries the wrong way around
- In a spin: Samsung accuses LG exec of washing machine SABOTAGE
- Phones 4u slips into administration after EE cuts ties with Brit mobe retailer