Quite an embarassing level of ignorance
On current hardware even fairly cumbersome web servers can serve around 30 requests per second per process. How often do you think people can refresh the browser window? And you still think this is an effective attack vector? Maybe on a mom'n'pop or hobby server but anything professional should hopefully have a few more resources:
1) serve as much content as possible statically - this can easily get you thousands or requests a second performance
2) multipe server processes
3) reverse-proxy caching
4) CDN caching
For DDOS http requests are, in my experience at least, fairly inefficient. Poisoned TCP and UDP packets attack the network directly and require more skill both to run and defend against. I think Slow Loris follows this approach but it is limited as to the server it can attack. Utility computing makes distributed, brute force attacks of this type fairly easy to run but if people are not careful they can fall foul of IETF because of the sheer volume of traffic generated. If this happens, you can expect more than your local ISP to come down on you.
http attacks on servers are more useful for either detecting vulnerabilities or exploiting known ones. No point in sending poisoned requests to a server that ignores them. Such attacks generally seek to do more than simply make a server unavailable. But I don't think they really count as terror attacks. Getting onto a company's mail or file server is likely to be more rewarding or dangerous, depending on your point of view.
Personally, I regard the wikileaks stuff as the high-point of Anonymous' success. White hat activity which highlights common security holes is important and it is important for journalists to cover the most egregious breaches, both of which generally tend to include a period of grace for fixing any problems.
But much of the more recent attacks can perhaps best described as petulant. I have a little more time for the Lulzsec "doing it for laughs" approach which is at least free of the sickening self-righteousness of such of the anonymous stuff and, if there is an equivalent of graffiti on the web, then "Kilroy was 'ere" should be seen in the same light - it's a civil offence but also sometimes a legitimate form of protest.
As others have noted, the poorly thought-out and executed DDOS attacks are fodder for those politicians who think that a free internet is per se a bad thing™. Much as Thatcher used civil unrest and the threat of IRA terrorism in the 1980s to extend the period of detention without trial and ban groups of more than six people gathering - yeah, worshipping the summer solstice at Stonehenge is the end of civilisation!
As for your protests against Ebay and Paypal - you have my sympathy in that bank giro transfers don't seem to have reached America yet. I believe this has something to do with limiting the power of retail banks to doing business within a state. Anyway electronic transfers and alternative marketplaces are the solution to that particular problem.
Biting the hand that feeds IT
