• Anonymous isn't: LOIC leaks internet address of user

    by
    Cabalo
    Published on 12-14-2010 04:43 AM    
    4 Comments Comments
    Researchers at the University of Twente in the Netherlands report that the LOIC (Low Orbit Ion Cannon) software used in pro-Wikileaks Anonymous attacks discloses the identity of the user.

    If hacktivists use this tool directly from their own machines, instead of via anonymization networks such as Tor, the Internet address of the attacker is included in every Internet message being transmitted. In the tools no sophisticated techniques are used, such as IP-spoofing, in which the source address of others is used, or reflected attacks, in which attacks go via third party systems. The current attack technique can therefore be compared to overwhelming someone with letters, but putting your address at the back of the envelop. In addition, hacktivists may not be aware that international data retention laws require that commercial Internet providers store data regarding Internet usage for at least 6 months. This means that hacktivists can still be traced easily after the attacks are over.
    Here's a PDF with details on the report. Attacks by "Anonymous" WikiLeaks proponents not anonymous utwente.nl (via Slashdot)

    Source: BoingBoing
    1. Categories:
    2. Internet
    Comments 4 Comments
    1. TONiC's Avatar
      TONiC - 12-14-2010, 10:50 AM
      This means that hacktivists can still be traced easily after the attacks are over.
      Yah.. in the same way copyright infringement can. That's why grannies and grandads are getting letters of pornos they didn't download.
    1. tucan's Avatar
      tucan - 12-14-2010, 04:41 PM
      Hmm sounds like scare tactics to me
    1. ca_aok's Avatar
      ca_aok - 12-14-2010, 09:48 PM
      Anyone who didn't know this already is far too stupid to be getting involved in a large scale DDoS attack. I mean, you're flooding someone else's computer with packets from YOUR CONNECTION. IP spoofing? That's not a technique, that's someone pulling shit out of their ass to sound smart, meaning whoever wrote that has no idea what they're talking about (or it was poorly translated).

      And please, don't use Tor for these childish attacks. Services like Tor are there so that people who might be punished for accessing WikiLeaks (like workers in the American Government) can do so without being caught. Not so some 14 year olds browsing /b/ can DDoS paypal. Sure, a DoS attack through a proxy won't down the proxy, but if everyone's using the same proxies you're essentially DDoSing the proxy instead.
    1. taniquetil's Avatar
      taniquetil - 12-15-2010, 07:15 AM
      Quote Originally Posted by ca_aok View Post
      Not so some 14 year olds browsing /b/ can DDoS paypal. Sure, a DoS attack through a proxy won't down the proxy, but if everyone's using the same proxies you're essentially DDoSing the proxy instead.
      Hey, admit it, it'd be pretty funny if the servers hosting the LOIC all went down because too many people tried to download it.
Page Generation Time
0.07
Number of Queries
73
Links: Buy VPN | Anonymous VPN | Pure VPS