shell scripts work better than giant puppets

There were two good pieces on NPR this morning discussing the reaction to Wikileaks.

First, there’s this story, which briefly gets at some of the concerns about Twitter as a platform for activism that I tried to express in this piece. The point Shirky makes is an important one: so much vital expression now happens in privately-controlled mediums that nominal speech rights are often a bit beside the point. This, combined with the fact that we seem to be relitigating the “should shield laws apply to bloggers?” question, makes me think that we’re collectively more confused about how you can and ought to be able to speak on the internet than I would’ve expected. Hopefully we’ll muddle our way through to a productive conclusion.

Second, they did a piece discussing the costs of prosecuting participants in Operation Payback, and it’s also worth a read. I’m sympathetic to the basic dilemma: going after the participants is a lot like calling in Interpol for a vandalism case. Individual actors are only responsible for substantial damage when considered together; and nobody’s very happy about the idea of locking up bored rich kids. Still, it’s worth keeping in mind that this is what a hard computer crime problem looks like. It’s not thrilling to me to read that the FBI and DOJ are basically shrugging their shoulders and saying, “Eh, that sounds too hard.” This is all the more galling when these agencies are bothering to pursue computer crime enforcement agendas around intellectual property. Like it or not, distributed international attacks are the class of problem most in need of solving.

One other thing I’d add: keep an eye on how useful the “cybersecurity” community makes itself during this process. My guess is that they’ll keep their traps shut (or at least spend their time gleefully fretting about what kind of funding requests Stuxnet will necessitate) while the “computer security” community does the hard work of grappling with the Operation Payback DDoS. On the other hand, I suppose the cybersec guys were probably the ones behind DDoSing Wikileaks, so, y’know, your tax dollars at work.

Third: about that DDoS. I’m not sure what to say about it, really. I find the argument that it can be considered civil disobedience to be more compelling than I would’ve expected. I’m somewhat sympathetic to arguments like the one Tim makes here (or that’s discussed in this comment). But I think the idea that past instances of civil disobedience were done in an orderly manner by uniformly thoughtful people who did their best not to inconvenience anyone else is probably wishful thinking. I’m no expert on this stuff, but that strikes me as the sort of perceptual shift that happens after a movement is vindicated by history. You’re going to have to piss some people off. Otherwise you might as well go schedule a protest march for all the good it’ll do you.

And although I’m not particularly sympathetic to Payback’s targeting of Amazon — cowardly though the firm’s behavior may have been, too many others rely on the AWS infrastructure, and there are plenty of hosts out there — the payment-processing and DNS control points now being counter-attacked by Operation Payback really do represent worrying concentrations of power. These systems are controlled by entities that are immune to public oversight, yet seem to be completely compliant when state agents ask them to restrict their customers’ liberty. That’s a recipe that should worry libertarians a lot more than it seems to.

On the other hand, there’s Gawker. And although it’s probably a mistake to conflate all of these actors, there do seem to be some connections. The “Anonymous” community is becoming a sort of petulant digital Fight Club that’s going to be very difficult to combat, and which behaves in a chaotic and unprincipled manner. That they’re targeting those who dare to talk about them is pretty dismaying; that the only way to respond seems likely to be a combination of quiet state cooption of ISPs and throwing children in jail — that’s incredibly depressing.

One Response to “shell scripts work better than giant puppets”

  1. Tim Lee

    Interesting. My thinking on this has been evolving somewhat as I’ve thought through it more. I think the fundamental problem with DDOS as civil disobedience is that there’s no real connection between the injustice being protested and the form of protest. The thing that makes CD a distinctive tactic, is that it typically involves goading the target of the protest into committing the act you’re protesting in a way that draws attention to the injustice in question. This might involve collateral damage, but the collateral damage isn’t the point. The Woolworth’s sit-in may be preventing Woolworth’s from selling lunch to white customers, but that’s not the point of the protest. It wouldn’t be OK to instead break into the Woolworth’s building in the middle of the night and sabotage their kitchen equipment–even if doing so has a comparable effect on their bottom line.

    If DDOSing MasterCard over Wikileaks is laudable civil disobedience, I don’t see an obvious limiting principle. Would it be “civil disobedience” to DDOS Apple’s website in protest of the allegedly poor worker conditions in their iPod factories? Is it OK to DDOS Wal-Mart to protest its allegedly discriminatory hiring practices? And almost everyone can think of something bad the federal government has done, so should we all be downloading LOIC and pointing it at the website of our least favorite federal agency? This strikes me as stupid both as a matter of justice and as a practical political strategy.

Leave a Reply