...we seem to be dealing with the most 1337 HaX0R we've ever encountered. May god have mercy on our souls.
A Wisconsin man has been sentenced to two years of probation and a fine of $183,000 after pleading guilty to taking part in an Anonymous DDoS attack against the servers of Koch Industries for one minute. Eric Rosol, 38, pleaded guilty to one misdemeanor count of accessing a protected computer by downloading the Low Orbit Ion …
...we seem to be dealing with the most 1337 HaX0R we've ever encountered. May god have mercy on our souls.
these anon guys only caused $100 of damage
Get some consultants in.. we'll soon get the damage bill to $1 000 000 (and thats only our cost for listening to them)
They did the same with McKinnon didn't they. He got in, did a small amount of damage, probably deleted a few backed up files. They find out, bring in consultants, find out their network is massively insecure. Then claim massive damages including the cost of the consultants and the costs of actually installing security software on their network which should have been there in the first place.
How on earth can a misdemeanor add up to 2 years + $140K ?
"How on earth can a misdemeanor add up to 2 years + $140K ?"
It sounds like they'll use the money to pay for the security upgrade they should have had in the first place.
...ya gotta love his verve. His heart was in the right place.
On the other hand...what an immense doof! The traceability of the LOIC has been documented here and elsewhere for what, a year or so now? And this yutz still uses it to target the babydoll of the Corporatists? Really?!?
Well, a pint to him anyway...'cuz it seems it will be a while before he can buy one on his own.
"The traceability of the LOIC has been documented here and elsewhere for what, a year or so now?"
…and according to the article, the attack took place in February, 2011, so that's about right then...
His heart was in the right place.
Right next to 4chan?
I warned a lot of those idiots at the time.
*Any* DDOS can be traced back. It's all a function of logging and traffic analysis.
Oh well, one less idiot with a computer.
As the usual court orders in such matters is that the convict not possess, access or even be near a computer or other internet connected device.
*Any* DDOS can be traced back. It's all a function of logging and traffic analysis.
However, that trace may lead you nowhere useful. The payment service provider that a previous employer used were hit by a short but massive DDOS, then received a demand for money. The PSP refused to be blackmailed, and an even bigger DDOS started. In the forensic analysis they made public afterwards, they were able to trace the attack back to a mobile device presumably being used for tethered access by the perpetrators. The mobile account had been paid for with a stolen credit card, so end of the road for tracing those responsible for the attack.
You cannot just ANGER the BIGGEST BUGBEAR OF
LIBURLSLEFTISTS (probably just below a Republican donning a Dark Helmet suit in their overall scheme of classification) and hope to get away scot-free.
Fade to black while a hand is seen stroking a white fluffy lolcat
Right? Aiming at the Koch brothers is just a dumb idea. You will be caught and you will be punished. It's like walking up to a professional rugby player and kicking them in the sack. Their pain is minimal, your pain will last a very long time.
Besides, what was the purpose of this attack? I'm fairly certain the Koch brothers are well aware of people's opinions of them. Did Anonymous think they would suddenly realize the error of their ways? No good can come from angering people like this.
"It's like walking up to a professional rugby player and kicking them in the sack. "
That all depends on where the second kick, rapidly following the first is directed.
All fights end when the knees bend the wrong way. ;)
"No good can come from angering people like this."
Well, it all depends on *how* one angers them. It's then a case of mutually assured destruction.
This was a case of stooges being stooges.
Some fights simply can't be won and shouldn't be fought, it's just poor resource use. The fact the Koch brothers are big fat assholes does not mean their unlimited resources and capacity for retribution are any less potent. Fighting the good fight grants you no extra powers nor does it ease the suffering you experience from sticking your dick in fire.
I'm all for seeing nasty people get what's coming to them but you've also got to choose your battles. Some can't be won and by fighting them you're only losing the ability to affect change somewhere it will be felt. Besides, the only way to stop the Koch brothers is to cut off their heads and launch them into deep space inside a nine-demon bag after you burn the bodies with flames from from a fire fueled by 60 virgins. Anything less simply angers them.
But wouldn't receiving this software as as a spam email attachment titled "Your UPS delivery" or something similar provide the user with plausible deniability?
It would have to be pre-configured and perform its function with no intervention on the part of the user other than running the EXE.
All we need to do to shut down a business is ignore them and if enough people are motived and driven by what is right rather than what is easy, what polishes the ego or fills the coffers, it should be possible.
The software is actually a load testing tool.
Misapplied in this case, with malicious intent by Anomalous and used by their stooges.
I've used it and similar tools to hammer production servers before they are released into production.
"All we need to do to shut down a business is ignore them and if enough people are motived and driven by what is right rather than what is easy, what polishes the ego or fills the coffers, it should be possible."
Look up "Hell freezes over". People are inherently lazy anyway, that is simply an excuse to permit king making.
The US got rid of one king some years back, it's periodically experimented in various alternative ways of creating the same.
It's the asshole who pays attention, resists in less unlawful ways and gathers the support of his/her peers that causes such things to temporarily halt.
How come all the outrage is directed at the Koch brothers? George Soros is at least as interfering a rich busybody, and funds just as many lunatics.
"How come all the outrage is directed at the Koch brothers? George Soros is at least as interfering a rich busybody, and funds just as many lunatics."
Please! Never, ever, *ever* give assholes an asshole idea.
They just get themselves into trouble and the taxpayer ends up footing the bill.
False equivalence. The Koch brothers are so much nastier and sneakier than Soros that the comparison is invalid; if you think that having a habitable planet and healthcare are worthwhile things, then Soros agrees with you while the Koch brothers think you're leeching, socialist scum.
Soros at least made his money - the Koch brothers inherited it, and want to make damned sure that noone else gets any.
George Soros is just like any other super wealthy person except he likes to brag about his interference. He's a massive ass, sure, but he also gets bored easily and stops messing with things if he's not getting the results he wants.
The Koch brothers on the other hand are insatiable and they're willing to use unlimited resources in retribution for failure to acquiesce to their demands. They actually believe that a win is a win even if the prize is worth 100x less than what it cost to gain it. They follow the Genghis Khan strategy of completely destroying the first few enemies in such a way that everybody else simply surrenders because they don't want to be skinned alive while the women, children and dogs are raped then eaten.
I'm all for aggressive business and winner take all gambits, as long as those involved recognize it as the big game it is and know when to say enough is enough. Causing destruction as a sign of power or for revenge has no place in society. Especially when you've already won. Ungracious winners are simply the worst.
If it means disagreeing with the Koch brothers, maybe you should keep your fingers far away from the keyboard, eh?
Watch me get in trouble now: I think they are worthless scum. They did NOTHING to earn their fortune, and everything they have done to protect and increase their fortune has been on the scale from morally despicable to purely evil.
@ Shannon Jacobs
"I think they are worthless scum. They did NOTHING to earn their fortune, and everything they have done to protect and increase their fortune has been on the scale from morally despicable to purely evil."
Don't think you can get into trouble for telling the truth. Have a pint on me.
Well, my wife has met them - they invite their employees to their houses for Christmas parties, etc. Nobody special, just a line worker from one of their factories, yet treated her as an equal. They are not bad people - no matter what the liberal narrative is.
That is one hell of a weak defence!
It's probably the best the Kochs can get, though ...
Ah, so you have met them too?
I thought not.
@404 : "they invite their employees to their houses for Christmas parties, etc"
Who got else got invited, is this an annual occurrence, is there a link?
Clear breach of the bro' code.
Great example of judicial misconduct: If I say your girlfriend's haircut is ugly then I have to pay for her week-long spa visit and coiffure upgrade? Feh!
"Great example of judicial misconduct:"
So, you won't call the authorities if I screw all of the doors and windows of your house shut in the middle of the night?
Denial of service is a crime, as one is denying someone of that which they are paying for to enjoy.
Damn, but that made me want to puke! But, as much as I despise the Kochsuckers, the reality is that we have laws for a reason. Disregarding those laws out of simple dislike is simple anarchy.
We in the US had quite enough of that in the old west, we're still trying to put a stop to it... :/
> So, you won't call the authorities if I screw all of the doors and windows of your house shut in the middle of the night?
He probably would, and he might also push to have you pay to replace the doors and windows, but I don't think he'd also push for you to pay for a professional structural survey, a new all-encompassing 6' wall topped with razor-wire, 4" thick steel security doors, and a 12-month contract with a local security agency to patrol his property 24/7.
And what if you only tightened one screw, and two dozen others were also involved? Should you be expected to pay the entirety of the redress, just because you were the only person to be caught?
"Should you be expected to pay the entirety of the redress, just because you were the only person to be caught?"
yes. If you're going to do this kind of thing, don't get caught. Use Someone Else's Computer(tm) from An Undisclosed Location(tm) by way of a proxy Someone Else Set Up(tm). Do it that way, or take the chance that you'll be the one caught and will take the fall for everyone else. Do the math; if such and such a percentage of those who mount the attack get caught per attack, how many attacks can you reasonably expect to make before it is mathematically certain that you'll be caught? Perhaps it would be prudent to limit the number of attacks you make.
"I don't think he'd also push for you to pay for a professional structural survey, a new all-encompassing 6' wall topped with razor-wire, 4" thick steel security doors, and a 12-month contract with a local security agency to patrol his property 24/7."
You may not think so, but the Koch brothers obviously disagree with you on this, and probably on other subjects. And they've got this laddie where they want him and and squeeze. Furthermore, really hammering this boy is useful as an Awful Example(tm). So awful that it might dissuade others from trying what he did, which means that they don't actually have to go the trouble of building the wall with razor-wire. A chain-link fence would probably do just fine and would cost much less, allowing them to just pocket the difference. And if someone else breaches the chain-link fence, and one or more of them get caught, why then the precedent has been set and the Koch brothers can use a bigger hammer on those poor sods. So we're back to the initial conclusion: don't get caught. If you do, you will be _sorry_.
America - home of the corporation, land of the oppressed. Hasn't been "land of the free" since the 1950's at least.
Two of the hallmarks of fascism are suppression of opposition through terror and control, and government for the benefit of the corporations. That's what the USA has today. Hitler and Hirohito won the war after all, just nobody fucking noticed. Two years and $183,000k fine for causing at most a few hundred dollars in "damage"? Terror and control indeed.
"Two years and $183,000k fine for causing at most a few hundred dollars in "damage"? Terror and control indeed."
OK, a similar, mechanical example is in order.
I put epoxy into the locks of IBM corporate. I epoxy the locks of Congress.
OK, the latter is a bad example, as they do so little of late anyway.
Seriously, the reality is, a service was being paid for, a few assholes insisted on denying that service.
Rather like me epoxying the locks to your car before you go to work.
A few hundred dollars of damage, significant loss of income, yes?
So, if you epoxy the locks on my Fiat Punto, writing it off.
Is it reasonable for you to pay for a Lamborghini to replace it?
I'm reasonably sure the fundamental rule of law to keep losses "reasonable" applies in the USA, at least according to Judge Judy, anyway.
- Although lawyers do seem to take the piss, as I've seen one insurance claim with ~£50 of damage, ~£1000 legal.
More like "I was in a crowd that held your car door shut for five full seconds - then after we left and you got out you called a $1.000.000 locksmith to check your door still works, and now you f***er expect me to pay for that?!?"
Headline sentencing, American style.
Se also 1000 year sentences.
I walk in to a bricks and mortar shop, sit down and block a door, a good old fashioned sit-in still practiced today. If I'm unlucky, I get arrested and later released or if really unlucky get some sort as assault charge as I struggled while being arrested and the copper says I assaulted him.
How do I carry out a digital sit-in?
1 minute of a DDOS of the size of my broadband seems more than fare, my physical sit-in can block one door of the shop that rarely have more than a handful, my 15Mb DSL is likely to be a much smaller block to a web site's connectivity.
I've been on the end of a DDOS, not nice, but there has to be some form of a right to protest. There seems to be no right to protest online and a diminishing set of rights in the physical world too. This is leading to the dis-empowerment of ordinary people, demonstrated by the number of conflicts our governments seem to start, few of which have public approval, legislation similar to SPOA, TPPA and over reaching monitoring of people going about their normal lives.
In all fairness, the guy got such a harsh sentence because he got caught. Nothing he was doing related to this matter was worthwhile or even moderately intelligent. He used a known broken tool to attack extremely wealthy and powerful people in a very public way intended to embarrass those people. He displayed no cunning or cleverness and even if he had been 'successful' his actions were pointless.
The lesson here is that if you're going to choose powerful people as enemies then you damn well better have your ducks in a row and have a real plan. Once you've grabbed the tigers tail the game has changed, and just letting go doesn't stop the tiger. It will hunt you down and fuck you up. Pick battles you can win and where you can make a difference. This guy was an idiot. Nobody likes idiots.
Comparing the Koch brothers to famous fascists is also fairly idiotic. Yes they are shitty people but we built and support the environment they thrive in. What did we think would happen? The nice guys are going to end up with the money? We as a society reward them for being dicks. And as bad as they are, I know for a fact they aren't gassing and burning millions of people or raising a generation of insane racists.
Clearly they dun goofed and consequences will never be the same. Were the Cyber Police involved?
He should have used 7 proxies.
I fondly remember participating in several DDOS attacks against a spammer back in the late 90's. there were no rules for such conduct back then and the T1 line at the office proved to be quite valuable. I never even got a slap on the wrist from an admin.
Ahhh, consequence free digital attacks, those were the days!
...presumably any other anon types that took part in this "action" and subsequently get prosecuted will only get the probation time? (and possibly Mr Rosol passing them his hat to chip in a share)
I would have thought his lawyers could argue that he is not liable for the FULL fine in what was a SHARED action.
The phrase is "joint and several." It means if the other guys can't be found and/or can't afford it, whoever has the cash does. At the moment he is the only one convicted, so he bears the full cost. And yes, this is standard practice when suing for damages in the US.
Hmm, I wonder if Koch Industries have a subsidiary in American Samoa. If so, do they have a domain name of Kochind.as, which for those with a sense of humour less puerile than mine is sniggeringly close to "Koch in de ass" when pronounced USian style.
More low hanging fruit in the form of loic sheeples harvested. So far we've seen the top of anon done in by being grassed up, and the bottom end by packet traces.
I think there is a awful lot of people not fitting into either of those categories, but hey, keep the noise up and the "everyone will be caught" statements if they make you feel cozy at night.
Posting anon, but, er, I'm not. Just a interested observer.
Seems like the hapless Mr Rosol has been hung out to dry by the Anonymous crowd. Under normal tort law principles one of a number of joint tortfeasors can be made responsible for 100% of the damages awarded to the claimant. Presumably there were several thousand people who followed Anonymous's lead and took part in the DDOS attack. If they could be traced they would also be liable (though the Kochs cannot recover more than once). How about everyone who took part in the attack chipping in just $1 towards his fine? Won't hold my breath on this one as I expect their "principles" don't stretch that far.
2 years probation and a six figure fine is nothing compared to the horror of spending that hour on 4Chan learning how to launch the attack.
I would have thought that was punishment enough itself.
Am I the only one who had Blues Brothers flashbacks: "Yeah but you drank $183,000 worth of beer".
Biting the hand that feeds IT © 1998–2017