UK student in dock over Anonymous £3.5m PayPal attack The trial of a British university student accused of participating in attacks by hacktivist collective Anonymous against the websites of PayPal and others has begun in London. Prosecutors say Christopher Weatherhead, 22, was studying at Northampton University when he allegedly took part in "Operation Payback", the packet- …
A sophisticated DDoS attack is targetted against a company with a size that was hitherto un-precidented and the victim of the attack is to blame for having to buy more hardware/services to prevent that attack, not the people attacking them? Are you sure you've got this the right way round?
I really hate the current trend in Reg comments for blaming the victims of a crime for bringing it upon themselves.
>> I really hate the current trend in Reg comments for blaming the victims of a crime for bringing it upon themselves.<<
You see this all the time on Slashdot.
The geek at the core is technocratic not libertarian. He believes that his unique skills and training put him somehow above the law, and answerable to no one.
@second AC,
I'm blaming the victims of the crime for being dumb enough to be a multi-national without proper protection against attacks and then trying to blame the attacker for their own failure to do a proper job of it in the first place. I mean ... paypal ... internet finance. They should have protection like the proverbial Sherman bleedin tank.
Did no one learn anything from McKinnon and the US military having wide open security ten years ago, then the military trying to blame McKinnon for their own inability to run a decent shop?
Locking yourself up securely is different to preventing DDoS attacks larger than those which have been previously seen. I don't think that anyone is suggesting that PayPal were wide open in this respect.
Anyway remember that we only have the McKinnon legal team's word for the fact that these servers were wide open. I find it very hard to believe that NASA AND US military servers which would have been on different builds and OSes (some reports of unix and others of Windows) both had blank passwords, it's simply not credible.
The issue with DDoS is it's difficult to mitigate packet-blasting. The only real way to do it is have better pipes, or better control over your pipes, and it's too expensive to have either of these for a very long time, even for a group like paypal. They'd do fine to weather the storm; these DDoS attacks don't really cost any money, since they just take the site down for a period of time.
There are actually hundreds of DoS/DDoS attacks launched every day, some of them exponentially more powerful than those that Anonymous launched, but because they aren't high-profile targets or launched by a high profile group (if they think Anonymous actually represented the dark side of the internet, they are sadly mistaken; I hate hyperbole in these situations), they don't ever make the news.
Anonymous aren't really relevant or dangerous, except in terms of garnering media attention; while they did no damage directly to paypal, I bet the media coverage of HACKERS ATTACK ECOMMERCE did do damage of a sort.
So, paypal sets out to get Anonymous shafted.
Those guys all deserve each other.
"....They should have protection like the proverbial Sherman bleedin tank...." You don't seem to know much about tanks or criminal law. The Sherman was nicknamed the "Ronson" and the "Tommie Cooker" becasue it had a nasty habit of bursting into flames and frying the crew when hit. Whilst it had OK armour when introduced, it was used more because it was available in large numbers, was reasonably fast and reliable, and shot the mass-produced Yank 75mm shells. Perfectly protected it was not.
As to criminal law and responsibility, do you have a two alarm triggers on each of your doors and windows and steel shutters over all of them? No? Oh, so no-one can be blamed for burgling your house and stealing all your possessions because you obviously didn't put enough effort into securing it? Luckily for you criminal law still makes it a crime even if you left your door unlicked. Similarly, criminal law makes the cybercrime commited by Nerdo and his skiddie pals still cybercrime even if PayPal had been completely unprotected (which they were not).
Fail.
yes, just because i left my car running and unlocked in the bad part of town... doesn't mean it isn't illegal to steal my car. however, the incident would take a lower priority than other crimes where the victim had no reason to suspect they were making themselves a target.
the WORD of the law protects you to a certain extent, but society still judges you for being stupid. personal responsibility is not dead, and we all know corporations are people now.
paypal had every reason to expect retaliation from hackers. anonymous practically formed over the sony vs geohot fiasco...
> yes, just because i left my car running and unlocked in the bad part of town ...
If you want an car analogy then what PayPal failed to do was attach the trailer with the 6 spares wheels just in case all four car tires and the 2 trailer tyres ever got punctured at the same time. They also forgot to attach the reserve fuel tank to the top of the car and put a spare engine in the back seat.
I cant ever remember taking that attitude for any purchase. When I've gone through all the steps of purchasing (picking the item, finding cheapest supplier, choosing the type of delivery) there is little to no chance that I'll come back later when Paypal/Visa/Mastercard/etc are working (and possibly miss dispatch time of the item for that day). I will simply use a different payment method for the item.
This post has been deleted by its author
Right, here is how things work.
When you go to court the prosecution presents its evidence. Once they have done that it is the turn of the defence and they present theirs.
Journalists, no matter how good or bad, can only report on what has been presented in court. At the moment it is only the prosecution who have presented any evidence and so this is what is getting reported.
There are several things that might result in journalists not reporting on the defence and they are:
1. The defence presents no evidence.
2. The Judge believes the prosecution has not met the minimum standard so directs the jury.
3. The defence's arguments are to boring.
4. The defence's evidence is so short the trial is over before it can be reported.
Personally, I'd go for number 3 although I think the Register will report it. The defendant will claim, he didn't do it and/or his computer was hacked and/or he was only joking when he said lets attack Paypal and/or etc. All of these are fairly predictable and boring.
> Weatherhead was described in court as the network administrator for the AnonOps group
You would that that a network administrator would have enough ability to hide their tracks from the police.
Apparently one of the more knowledgeable in anonymous doesn't even have that ability.
Like I've always said, anonymous aren't hackers, they are a bunch of skiddies
"....You would that that a network administrator would have enough ability to hide their tracks from the police....." It's highly likely that he was grassed up by one of the other Anons that have been collared. There all so brave in cyberspace, all so quick to grass when facing jailtime!
When interviewed by the police, you get one copy of the recording and they get another. I forget who has the thirds.
So who gets the copies of the harddrives and who watches that the police are procuring evidence honestly?
When the finnish Faltfeet trod all over that 9 year old non-adult (AKA little girl AKA moppet) for not downloading a song, who was acting in locum parentis, so to speak, for the impounded evidence?
There is nothing stopping you posting comments on an ongoing case even before an arrest, as long as you're not on the jury or a member of either the prosecuting or defending legal teams. As long as it's not libelous (and then whichever party you libeled would have to prove it was libelous), you can post as much theorising and publicly-available material as you like.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
