AT&T Blocks Part of 4chan 342
holdenkarau writes "Several news sources (Mashable, The Inquistr, etc.) are reporting that AT&T is blocking img.4chan.org in the southern United States. That server is used for the infamous /b/ board (the home of anonymous). TechCrunch calls the decision to block 4chan 'stupid,' noting that they may have 'opened perhaps the most vindictive, messy can of worms.' The Inquisitr suggests that 'The global internet censorship debate landed in the home of the free.' moot (who runs 4chan) asks users to call AT&T, while some others suggest more drastic action (like cutting AT&T fiber)." Update: 07/27 09:23 GMT by T : Readers' comments below suggest that a) the purpose of the block was to curtail the effects of a serious DDoS attack and b) that the block has now been lifted, at least for some regions.
Comment removed (Score:5, Insightful)
Net Neutrality (Score:2, Insightful)
Sure Anonymous is angry about being blocked by 15.5% of internet users, but this is only the first step. Most responses to this blockage are directed toward fighting net neutrality, NOT Anon attacking AT&T because their site was blocked.
Anonymous is trying to fight this peacefully, they're not going to be DDoSing any DNS servers, backbone routers, or the like. They're going to be calling Customer Reps and complaining.
This is a Net Neutrality issue, not a Internet Hate Machine issue.
Thanks,
Smark
http://www.spectralcoding.com/ [spectralcoding.com]
Re:Looks like the block was lifted (Score:2, Insightful)
Sounds like they backed out pretty quickly. Probably the best move they could make (aside from not blocking 4chan in the first place).
As for the DDoS claim by them, i say FUD. /b/ was just as slow as it always is.
Idiots (Score:5, Insightful)
while some others suggest more drastic action (like cutting AT&T fiber)
And eliminate ANY kind of access for themselves, and others who could care less about their problems.. Just as smart as having riots, burning down the grocery stores and then having no place to buy food.. Destruction as a form of protest only hurts themselves and other innocents.
Re:Net Neutrality (Score:2, Insightful)
Blocked for a portion (not all markets) of 15.5% of American Internet users
Re:Simmer Down Now. (Score:1, Insightful)
Well it can't be bad if it's for their protection, right?
Re:Idiots (Score:5, Insightful)
Nobody ever claimed the /b/tards were smart. Clever, created, talent, energetic - sure. But not smart.
Re:Net Neutrality (Score:5, Insightful)
ED Article [encycloped...matica.com] Excerpts:
"1. DON'T FUCK WITH THE LAW- We want to first make use of the rights we have, censorship is violating our rights."
"Acting like an idiot and trying to DDoS them will only end with you being persecuted (and/or prosecuted), and your actions being used as a justification."
"This battle is one we have to fight legally..."
"DO NOT RAGE ON THESE PHONE NUMBERS, SIMPLY COMPLAIN ABOUT THE ISSUE!"
Insurgen Article [insurgen.info]
Excepts:
"Acting like a retard and trying to DDoS them will only end in them going [A QUOTE]"
"Don't try to DDoS or do ANYTHING illegal or legally ambiguous to AT&T. This is a corporation with more resources, manpower, and preparation than anything you script kiddies have ever dealt with. You will be caught and prosecuted. Go through legal channels and reverse this using legitimate means."
Those are just the ones in the windows I have open.
Obviously there is no way to force someone not to do something, but the intentions are to solve this without any "damages".
Thanks,
Smark
SpectralCoding [spectralcoding.com]
That was a truly awful analogy (Score:0, Insightful)
Newsflash: Latitude has nothing to do with religion, freedom vs. censorship, nor race.
Re:Before we act too hastily.. (Score:5, Insightful)
That's clearly an attempt to draw an analogy, so it really isn't as offtopic as it sounds. And yes, in the case of repeated rape of the same girl by the same person, you might. It's called protective custody [wikipedia.org].
In this case, though, AT&T almost certainly isn't doing it to protect 4chan's server. I'm sure they couldn't care less about that. They do, however, care about the huge zombie botnet on their network that is probably racking up huge bandwidth bills for them with their upstream providers.
Re:Before we act too hastily.. (Score:3, Insightful)
Mission Accomplished!
Re:Before we act too hastily.. (Score:5, Insightful)
If they REALLY cared about what a zombie botfarm AT&T has become, they'd start cutting the users that allowed their machines to turn into spam- and DDoSbots. Instead they block access to a server. And not to protect this server, because of the very nature of the attack, AT&T bears the same if not the higher load of the DDoS.
They don't give a shit about hosting a zombie botnet. If they did, they'd cut their users, but that in turn would cause angry phone calls to their support center and a lot of canceled contracts. Instead, they block a server to all their customers, along the "can't see it, so it's no problem" theory.
The zombies still exist. And prepare for the next server to attack. *pondering*... Hmmm.... If I wanted to disallow AT&T users into a server, could I order a DDoS attack? I mean, if it was AOLlers it would be a no-brainer...
Re:Net Neutrality (Score:5, Insightful)
If you don't care about the opinion of people who have too much time on their hands, no life and you're the one who just took away the only thing that gave their life something resembling meaning, you have no call center.
Be aware who you're dealing with: People who have time to make you waste time. Time of your employees you have to pay by the hour. That costs money, and a load thereof. Don't underestimate the power of people with more time than you. Especially if being an expensive nuisance doesn't take too much skill.
Re:Net Neutrality (Score:3, Insightful)
Thinking about all the "internet vigilante groups" that exist, Anonymous is maybe one of the better organized and better "behaved" ones. Actually it surprises me that they haven't been labeled a terrorist group yet, they act coherently and are not under any government's control...
I think one of the reasons why this won't happen is that there's appearantly no "unspoken consensus" that DDoSing would be the right thing. You know, where you essentially say "stay within the law", but secretly everyone wished someone wouldn't. Anonymous is, like most of similar groups, very heavy on peer esteem and peer approval/recognition. Doing what is the general consensus of what's "right" rises your "rank", doing something stupid will lower it, to the point where you will be cast out.
As long as the general population of Anonymous will view it as stupid to launch a full blown DDoS attack against anyone, it will stay calm. Launching a DDoS requires resources the average hotheat might not necessarily have. It takes a wee bit of sophistication (or enough money to buy/rent a botnet), something you won't invest if the chance to piss off the people you want to impress is pretty high.
Once the general consensus changes, take cover.
Re:Before we act too hastily.. (Score:5, Insightful)
Unfortunately the very nature of communications is a war of control. If it's not wrestling the control from governments, it's about controlling users.
AT&T are well known for blanket bans, especially when it comes from reverse NDR attacks. The idea of having low cost human infrastructure working on one of the worlds largest commercial networks is one of the silliest ideas around.
The only people with any sort of expertise seem to be pushed out with redundancies, etc, by the upper management, and all you're left with is lackies getting paid enough to keep them working, but not enough to make them excel and executives that care more about golf. This pretty much makes any real network security or decent policy impossible.
While I don't like what's happening, I can understand it. It's all about the cheapest near sighted avenue. The accountants and executives only see short term benefits of actions like this. They're unaware that the impact both on brand and network performance is far more of a negative impact to revenue than any single DDoS can have.
Pretty much AT&T need to clean their act, network and image up or they'll end up in an irrecoverable position.
Re:Freedom and privacy (Score:5, Insightful)
You have never been punished for exercising your freedom to speak by someone with more money or political clout than you have making you pay for disagreeing with them I see. Being able to be anonymous is basic to free speech.
Re:Before we act too hastily.. (Score:2, Insightful)
So to stop a DDoS attack on a server, they remove any and all access to that server?
How else would you do it?
The same logic behind the USA PATRIOT Act as a response to the threat to our freedom.
In order to save the village, we had to destroy it...
In order to stop the DDoS, we had to deny service to the site!
Re:Before we act too hastily.. (Score:3, Insightful)
There is such a thing as orgasm during non-consensual sex. It can be very traumatic and confusing for the victim causing them to question themselves. It has been particularly damaging for children who were abused to have had their first orgasms the result of forced sex. Your implying that sexual stimulation indicates volition is very incorrect. Might as well say that the release of endorphins following physical pain indicates that the injured chose to be hurt.
The study you linked to about increased chance of pregnancy under rape is innaccurately characterised by yourself as saying "twice as likely". The article you linked to [b]doesn't[/b] say that rape increases the chance of conception (by any amount). It discusses the controversy over some research on the subject. Research, incidentally, that has many factors uncovered. It compares conception rates from casual, consensual sex with rape and it is very far from conclusive. For example, it makes the assumption that a woman is more likely to engage in casual sex when she is most likely to conceive. What is the basis for this assumption? It could just as likely be possible that women are less likely to do so - after all, human beings are one of the few species that uses sex as a means for a female to attract a male even when the female is not fertile. What makes more sense than to see if someone is a good partner first, with less risk.
And yes, though highly unusual and doubtless under-reported, there are cases of female sexual abuse of males (no, not for payment).
Finally, regarding the beating up of AT&T employees, should you not be going after the senior execs rather than the phone monkeys? Or do you just go for easy targets?
Re:Before we act too hastily.. (Score:2, Insightful)
Why is a DDoS attack bad? Because it stops people from being able to (legitimately) access the server. That's the irony.
Re:Rule #1... (Score:1, Insightful)
Those rules might not have been written but they were very much real. The true spirit of the rules existed without a numbered list for a long time, and it stemmed from the social stigma that 4chan's content operated with. You didn't talk about it because doing so would associate you with it. In my view, that was the true anonymous form. As the culture online and popularly changed, so did the stigma attached to 4chan and other like sites.
If you had been a part of 4chan from the beginning you would have known that because you lived it. You obviously did not, which is fine because things change. But it's foolish to pretend it did not exist at all.
Re:"Could this all be a hoax...?" (Score:5, Insightful)
Well that makes no sense. AT&T should be taking no action unless somebody from 4chan calls them up and asks them to block the perceived source of the DDoS..
Sounds like you don't understand what's going on - please educate yourself.
4chan is being SYN flooded, various ISPs were getting a lot of collateral traffic from the resulting ACKs going back to spoofed IPs. Since those ISPs had nothing to do with either the attacker or 4chan, there was nothing they could do but pull the plug on the source of the collateral ACKs (4chan). i.e. the ISPs who blocked 4chan weren't trying to protect 4chan from an attack, they were protecting their own networks from the fallout.
Sadly, like you, the vast majority of users are clueless and won't investigate to see what is only going on. I'm sure there will be a kneejerk reaction against AT&T and the other ISPs who tried to protect themselves and everyone will make out that they are the bad guys.
Re:Before we act too hastily.. (Score:5, Insightful)
So the problem isn't AT&T, and the problem isn't really even the users (or more likely zombie bots) who are DDoSing AT&T, the real problem is the networks that are allowing the spoofed packets out. Because if you receive an IP packet from an end user with a source address that's not from your network, you should assume that it came from a new legitimate routing path and forward it right up. Because it's normal for your end users to set up crazy routing without even having an AS.
A big problem on the internets is ISPs that are run by idiots or assholes who don't understand (or care about) basic TCP/IP etiquette. It's not just spoofed packets, it's also spoofed BGP announcements. And freely allowing outbound port 25 access.
(I noticed recently when I was setting up and testing SMTP auth on my own mail server that AT&T apparently now blocks outbound port 25 for dynamic IP users, hooray for them. It still works from my AT&T static IP, though.)
Re:Before we act too hastily.. (Score:3, Insightful)
Re:Net Neutrality (Score:3, Insightful)
Re:Before we act too hastily.. (Score:1, Insightful)
If internet providers had any real competition, it would be true. But when your choices are very limited by the area, people use crappy providers, and they stay in business.
Re:Freedom and privacy (Score:3, Insightful)
Surely if you believe that you have freedom,
Somewhere in between the unwarranted wiretaps and the indefinite detentions without trials, I decided to stop taking that belief for granted.
you don't need to be anonymous when you speak your mind?
My country was literally founded by [wikipedia.org] people anonymously speaking their minds [wikipedia.org]. I would be very wary of anyone who claims we don't need that right anymore.
Re:Before we act too hastily.. (Score:2, Insightful)
Except said DDoS attacks happened und 2 weeks ago. Can't they act in a more timely fashion?
http://status.4chan.org/
See the post below the top one
The DDOSing has been happening on and off for a few weeks now, and apparently it fell into full force around now. Everybody seems to think that it's AnonTalk zombie bots doing the spamming, but now /b/'s own users are helping by hammering F5. Regardless of what happened with blocking an DDOSing, /b/ is pissed off at AT&T. Having /b/ pissed off at you is not a place you want to be in, my friend.
-Samriel, posting Anonymously in solidarity
Re:Before we act too hastily.. (Score:3, Insightful)
While the hypothetical issue people always use is one of the 11 year old knowing more than the 40 year old who runs a real shop does and yet charges excessive amounts seems to show an issue; the reality is that commonly the 11 year old got the virus downloading porn or MSN smiley packs from his friends, and the mother spends $50-$100 at a local shop getting it taken care of by a pro who notifies her of the issue (which she then punishes the child for). We all know the stories of the retarded shop tech who can't ID his own ass despite the zipcode the state has assigned it, but the reality is that most people who own a shop and charge reasonable rates (or even high rates) can do so because they are experienced and have good word of mouth business.
Re:"Could this all be a hoax...?" (Score:3, Insightful)
You were doing so great until this bit. Or I hadn't realised that one of the biggest ISPs in the USA lacked the capability to do something as simple [derkeiler.com] as filtering out unwanted ACKs.
That discussion appears to address 2 separate problems, both in infeasible ways:
1. Rejecting unsolicited ACKs - "SYN+ACK -> (check if your network requested it) -> (if yes) -> then -> ALLOW -> else (REJECT)":
It doesn't really expand on a method of doing this, but usually you would use connection tracking, whereby you remember the state of all connections running through the router. This is a pretty resource intensive setup and is nigh on unworkable in networks with asymmetric or non-deterministic routing. I.e. it isn't something that I would expect an ISP as big as AT&T to be able to implement, especially at the drop of a hat. Sure, it's easy enough to do on your home network, but it just ain't going to work at the ISP level without some *serious* effort.
2. Prevention of SYN floods by proxying the connection initialisation:
The method described here will lead to you being able to connect to *any* server, even if it isn't accepting connections. Only once the connection is fully established will the real server be contacted, whereupon you may well discover that the server doesn't accept connections on that port, or doesn't even exist. If my ISP pulled that kind of stunt, I'd be finding a new ISP as soon as possible and I would be advising my customers to do the same because messing with network traffic like that is going to cause all sorts of "weird shit" problems, cause software to use incorrect error messages when reporting failures and generally make debugging network issues absolute hell.
Both of the above methods also suffer from the exact same problem that SYN cookies were invented to prevent - namely, there is a device on the network which has to remember the status of all the pending connections which may have been started by spoofed packets. Sure, your firewall is protecting the real server from seeing these spoofed packets, but the firewall itself will collapse under the load of tracking millions of half-open connections from an attacker.