The Need for Decentralised Communications
07/05/2011
One of my last posts was slightly incorrect, as FaceBook was removing groups registered as individual profiles, for whatever reason, and not the online groups/pages they were apparently supposed to be using. Although the accounts were suspended because they went against FaceBook’s terms of service, I still don’t believe the timing was a coincidence, as they were all suspended within such a short period just prior to a big event. It actually does look as if there was some political censorship going on. The questions are: who reported the infringement, and did somebody compile a list of profiles they wanted taken down?
Considering the amount of information it sells to third parties and the number of accounts that get taken down, FaceBook doesn’t provide the confidentiality, integrity or availability many think it does, and that’s largely the reason I’m not using it these days. Like many social networks, it’s actually more of a data gathering platform than an effective communications system, so it’s in FaceBook’s interests to remove profiles that don’t represent genuine individual identities.
There are many blogs and forums that could be considered decent alternatives, but in my experience comments are either disallowed or routinely deleted on the political sites, thereby (perhaps intentionally) limiting the capacity for debate to an accepted narrative. On the other hand, I’m sure there are celebrity-worshipping sites that disallow any political discussion. It supports the argument that meaningful communication isn’t really possible in a censored system, there can’t be any real argument/debate between different ideologies and perspectives, and therefore no ‘truths’, however much we disagree with them, are actually tested and invalidated. The fact that many who identify themselves as politically far-right are completely unaware of an alternative, because the mainstream media’s their only source of information, is also quite revealing.
The other danger of having something that enables one person to silence another, according to Jim Killock of the Open Rights Group, is “while we all use these platforms without growing the alternatives, we increase the likelihood that our power and autonomy reduces”. Considering some of us, like the press in the early 20th century, are on the road to becoming another ‘elite’ with the capacity to control the flow of information in various ways (Langbein, 2011), and given data breaches in large organisations are now happening daily, it’s becoming increasingly dangerous to trust centralised platforms that gather colossal amounts of personal data. The current situation regarding identity theft and activists losing their FaceBook profiles may be just a taste of things to come.
Many decentralised alternatives already exist, in which everyone can communicate on an equal basis, and where no person can censor another. But what about inappropriate/abusive content? The answer to that would be to enable the individual to filter the information they receive, in much the same way as we choose which people to follow on Twitter, or which television programme to watch. The only difference would be data can be broadcast equally by everyone in a distributed system. The Internet itself is ideally suited for such a system at a very basic level, with its architecture routing traffic through the most efficient links, and Ethernet being a broadcasting medium with the receiving nodes filtering out irrelevant traffic.
As a result of the recent takedowns on FaceBook, a number of people from the activist groups affected have reportedly signed up for Diaspora, My Seed, and other distributed platforms. Eventually a majority will do the same, thereby solving numerous privacy and censorship issues.
Supercomputing Network to Cover Wales
27/03/2011
A major project to create a supercomputing network connecting locations across Wales has been in the works for a while now, as part of the ‘economic regeneration’ effort by the Welsh Assembly Government, and it’s something I’ve been waiting to see happen since 2004, around the time I made an extremely low-budget attempt at the same thing with a Linux cluster and an old Cray system in Germany.
While there are existing massively parallel computers installed at one or two universities, the infrastructure doesn’t yet exist in Wales for a distributed/grid computing model. What’s needed is a wide area low-latency network, clusters installed at a number of sites, and the software to manage the resources.
So a number of organisations have invested in the creation of this, and the University of Wales and the St David’s Day Group are leading the High Performance Computing (HPC) Wales project.
Last week Fujitsu, which already runs the RIKEN facility in Japan, won a £15 million contract to provide and install most of the infrastructure for the network, after putting forward a solution that would make the resources available to a broad range of public and private users. The creation of a research institute, some kind of academy and an outreach programme were also mentioned, which will provide trained staff to mantain the network and keep it running, in addition to those already involved in the project.
Although the details are a little vague at the moment, it looks like the network will have the following:
- The main hubs located at Cardiff and Swansea.
- Sub networks at Swansea, Aberystwyth, Bangor and the University of Glamorgan.
- Centres at the University of Wales sites, including Newport.
- An institute providing the training to operate and maintain the system.
- Some connection to JANET.
In all, there will be roughly 1,400 nodes installed at eight sites, and the estimated performace will be around 190TF. Hopefully it will also be scalable.
Such a network has the potential to make quite an economic impact in pretty much all of Wales, bringing the universities and industry closer together. At the very least, it will create new businesses and an estimated 400+ jobs, some of which will only be possible because of the access to some form of supercomputing for the research and development. It’s also very likely to attract businesses from elsewhere. I’ve heard a figure of £23 million for the amount it will bring to the economy over the next 10 years.
A Fujitsu spokesman said: ‘Our work with HPC Wales will be one of the most significant enterprise-class grid systems in Europe today and will be Fujitsu’s largest HPC project in Europe’ and ‘We’re confident that our work with HPC Wales will bring significant technology, skills, research, jobs and economic development to the region’.
For more information, visit www.hpcwales.co.uk
While I largely believe in what 4Chan stands for, especially when it put a stop to ACS:Law sending threat letters to pensioners who were in fact innocent of copyright theft, the methods are still questionable. Only a small minority of Anonymous are real hackers who know how LOIC works, can write their own scripts, and are familiar enough with the law to get themselves out of trouble if they get caught. The rest are putting themselves at risk, at least until the hackers there start employing the more effective ways of slowing down servers and covering ther tracks, unless they’re already doing that and using LOIC as cover.
Readers should also be aware this is an entirely different game from previous efforts that took down the copyright law firms. The current targets are larger companies who employ real hackers and professionals to manage their servers, which is why relatively little disruption has been caused.
Hopefully this post will give enough information to deter those who don’t know the risks from joining Anonymous and ending up with a 10 year prison sentence.
Overview
Sophos Security, who have taken a less tolerant attitude to LOIC since 2008, has posted a more general introduction to the code on its site. This post goes into a ittle more detail. The LOIC DDoS attacks work like this:
- Download the LOIC client
- Configure the client to connect to an IRC server
- The target gets flooded with requests from the LOIC clients operating in ‘Hive’ mode.
This is a classic Distributed Denial of Service (DDoS) using a botnet, except in this case people volunteer to join it. It’s important to note the LOIC client is a legitimate security testing application, apparently developed by Praetox Technologies. It does not include code for masking the originator’s IP address, which will show up somewhere on the target server’s logs and can easily be traced back to the user’s ISP account, and eventually the local router. A couple of teenagers have already been arrested and police are now investigating the latest round of DDoS attacks.
Source Code
The C# source code for the LOIC client is available at GitHub for anyone who wants to look at it, and the executable should be found in the /bin directory. Readers might want to test the client on their own servers to see what shows up on the logs.
Most the files are for creating the interface, but three of them are of interest:
- frmMain.cs
- HTTPFlooder.cs
- Program.cs
Main Form/GUI Code
The file frmMain.cs generates the main part of the user interface, and where the user specifies the URL or IP address of the target server. When the command IMMA CHARGIN MAH LAZER is recieved, the program does a series of checks for valid addresses, port numbers, payload, etc. before running the DDoS code for whichever of the three methods (TCP, UDP or XXP) is selected, until the command Stop Flooding is entered.
The rest of the code in that file’s for displaying the current status of the attack.
IRC and Hive Mode
In the ‘Hive’ mode, which is enabled with /hivemind entered, commands are sent to the LOIC client through IRC. The IRC server, channel and port are set through on of the Windows forms and defined in Program.cs, which uses the C# SmartIRC4NET library.
As you can see in the code, the default is channel #loic at port 6667. In this mode, the user has volunteered to join the botnet which collectively sends requests to whatever Anonymous decides the target is.
A typical command recieved by the client through IRC sets the parameters:
default targethost=http://server.com subsite=/ speed=3
threads=15 method=tcp message=Enjoy_the_DDoS port=80 start
