Pool's closed meme used by 4chan and related groups.
Here's a post I put into the queue at Fast Company, which predictably ran an article today, "Prepare for the Next Round of Hactivists".
Leave aside that they've dignified the Anon thugs as being coterminous with the sort of coders who try to help people in Haiti with their skills -- we'll see more of this, which is why I continue to insist on the meaning of the word "hack" as exclusively negative, as a counterspin to those trying to whitewash it as positive. Hacking must be defined by victims, not perpetrators.
I think the CEOs of Amazon, Paypal, Mastercard -- and Gawker.com -- all of whom have had their servers hacked -- need to be calling Ariana Huffington, editor of the Huffington Post, who styles herself as a promoter of Internet Freedom and spoke at the Personal Democracy Forum this past Saturday, and Ken Lerer, the chairman of the Huffington Post company. They need to ask Ms. Huffington and Mr. Lerer to explain why he is hiring Christopher Poole ("Moot"), the man who owns 4chan.org, right at the time his site is engaged in attacks on other companies. Moot knows EXACTLY what goes down on his servers: knowing and deliberate coordination of DDOS attacks.
The little nerd's mind has to be concentrated wonderfully: you want to play big-time start-up venture capitalist consultant, Moot? Grow up, and not only pretend you didn't do these DDOS attacks; step up and publicly condemn them and disassociate yourself from them and eliminate them from your servers. Don't tell us it "can't" be done. Show some balls and show some leadership and stop cowering to peer pressure in your tribe. Grow up. If you don't, Huffington should dismiss you. Huffington should feel pressure from every other company suffering from Moot's handiwork right now -- their ass should be on fire. This is war -- and it's a war you fight by stopping some people from thinking their need for "cool" can be achieved at the expense of other people.
And Huffington -- you want to be cool and cutting-edge and innovative? Connect up the dots and tell us what is "innovative" about the DDOS attack perpetrated by your new advisor's website.
It has to be like that. This is a war of psychology and morals, not this or that security software that some consultant will be hustling greedily to scared managers. This is about removing the amoral hacker culture from your own ranks, first and foremost. That *is* within your control, even if scores of script kiddies downloading and clicking a button may not seem to be.
What has to change isn't so much technology or procedure as mentality. Companies need to start by eliminating the nihilist and amoral hacker culture within their own ranks of coders. They have to reexamine wikitarianism and sharing data unaccountably. These cultural tics and habits within their own ranks made the U.S. government vulnerable and makes every other company vulnerable.
It's starts with a basic premise that unlike Lessig's tenet, code is not law; law is law. Code and coders have to be subject to the rule of law in the organic world, and the rule of law in companies, or they don't have jobs. It's about accountability to people not machines. Ever wonder how scientific dystopias and totalitarian horrors get started? It starts with situations like this, where some people are invoking the "inevitability" or the "unstoppability" of machines -- the Internet -- and other people are cowed by that. Don't be. It starts with a mentality that says either the machine is something you make accountable to a coder's will and moral framework of ethics -- or you don't work here.
The DDOS attack has to be repudiated as a form of "civil disobedience" without consequences -- a point of view sweeping through hacker circles now as somehow legitimate. It's not. The hack has to be defined not by perpetrators, motivated to minimize it, or the tribe of geeks, motivated to downplay it, but the victims -- the public and companies and individuals subjected to business and personal loss.
Every single company attacked now needs to be going to the Huffington Post and asking them why on earth they are hiring as an advisor to their company the very man who runs 4chan.org which is the site used to coordinate many of these attacks. Everyone needs to be demanding accountability from Christopher Poole or "Moot" of 4chan.org for what his site is doing, and stop seeing it as a cool new idea generator.
It starts with an end of apologizing, minimizing, compensating for, etc. the nihilism of hackers and ending the mythology surrounding hackers and the destructive culture of open source ported everywhere these days. You also have to stop believing the hype perpetrated by the Anonymous agitprop and your own geeks within your own ranks who are the secret sympathizers, claiming that somehow all of this is cool and fun and not serious.
While you're all welcome to spend time battening down your MYSQL from injections and bolstering yourselves from LOIC or whatever it is you think works, nothing can replace a sober assessment of the culture of your own IT people. Are they for you or against you?
Businesses that rely on servers -- and who doesn't these days? -- need to be part of a community that bolsters ethical coders. Just as we have societies like "Business for Social Responsibility" we need "Programmers for Social Responsibility" which includes professional condemnation of the DDOS as a "form of free speech or civil disobedience". You need to be actively promoting the ethics of coders, not waiting for snivelling 16 year old "hacktivists" to grow up and come work for you and sabotage your business.
Every single amoral and cynical coder in America -- and there are a lot of them! -- needs to feel the heat of consequences now if he imagines that attacking PayPal for their refusal to support WikiLeaks criminality deserves yet more crime in the form of the DDOS attack. Those consequences must be his very employment as his job as a coder. Until managers in every company start taking up a knowledgeable and firm attitude toward the unruly hackers in their own ranks, we will see more of these attacks.
Recent Comments