Threatened with being put on a United States trade blacklist, the Government passed the so-called ‘Sinde Law’ in a rush late last year. The law allows for the blocking of allegedly infringing sites based on reports from copyright holders, a position similar to that proposed by the US SOPA bill.

Today the Sinde law went into effect and immediately it was met with resistance from opponents. The group Hackivistas was quick to organize a rather unique form of protest. They encouraged sites to link to a copyrighted track from the artist Eme Navarro, who’s a member of the music rights group SGAE, but critical of the Sinde law.

While Navarro generally publishes his music under a Creative Commons license, he created an “all rights reserved” track specifically for the protest. Thanks to the hacktivist campaign hundreds of websites are now linking to this copyrighted song without permission, and Navarro reported a first batch of sites to the Ministry of Culture early this morning.

As a result, the commission tasked with reviewing all the requests will be overloaded with complaints. All the reported sites have to be processed on order of arrival, so the protest will significantly slow down this review process.

Artist and Hacktivists Sabotage Spanish Anti-Piracy Law ]]> http://boingboing.net/2012/03/01/hactivistas-protest-brutal-spa.html/feed 17 http://boingboing.net/2012/02/28/spain-south-america-arrest-25.html http://boingboing.net/2012/02/28/spain-south-america-arrest-25.html#comments Tue, 28 Feb 2012 23:09:59 +0000 Xeni Jardin http://boingboing.net/?p=146272 Reuters:

Spanish police also accused one of four suspects picked up in the cities of Madrid and Malaga of releasing personal data about police officers and bodyguards protecting Spain's royal family and the prime minister.

Other arrests were in Argentina, Chile and Colombia, and 250 items of computer equipment and mobile phones were seized across 15 cities, Interpol said. Colombia's Ministry of Defence and presidential websites as well as Chile's Endesa electricity company were among the targets of the hackers, it said.

And not coincidentally, the Interpol website has been intermittently offline today.

]]> http://boingboing.net/2012/02/28/spain-south-america-arrest-25.html/feed 7 http://boingboing.net/2012/01/20/megaupload-raided-founder-arr.html http://boingboing.net/2012/01/20/megaupload-raided-founder-arr.html#comments Fri, 20 Jan 2012 08:24:17 +0000 Cory Doctorow http://boingboing.net/?p=139936 New Zealand police, responding from a request from the US government, raided MegaUpload today, arresting founder and CEO Kim ”Dotcom” Schmitz and three "associates." The service, which allowed users to upload files that were too big to email, claimed 150 million users. The entertainment industry alleged that the service was primarily intended to facilitate copyright infringement, since people could use it to illegally share music and movies, but the company claimed that while some users might infringe copyright with MegaUpload, others simply used it to share files that belonged to them. For example, I use a comparable service, YouSendIt, to exchange large MP3 files of my podcast with John Taylor Williams, the sound engineer who masters them. At other times, companies that wanted me to review their movies and music have uploaded them to a file locker and supplied me with the link and password to get them.

In response, a large denial-of-service attack ("OpMegaupload") has been launched against the US Department of Justice, the FBI, Universal Music and other entertainment and law-enforcement sites, by activists operating under the Anonymous banner.

MegaUpload has been waging an online campaign against Universal Music and US law enforcement and trade representatives, first releasing a video featuring famous artists singing an anthem in praise of MegaUpload, then suing Universal Music over false copyright claims that had the video removed from YouTube.

The Swedish Pirate Party strongly condemns raid against MegaUpload ]]> http://boingboing.net/2012/01/20/megaupload-raided-founder-arr.html/feed 98 http://boingboing.net/2011/06/30/denial-of-service-si.html http://boingboing.net/2011/06/30/denial-of-service-si.html#comments Thu, 30 Jun 2011 08:17:27 +0000 Cory Doctorow I grew up in the antiwar movement and participated in my first sit-in when I was 12. Sit-ins are a sort of denial of service, but that's not why they work. What they do is convey the message: "I am willing to put myself in harm's way for my beliefs. I am willing to risk arrest and jail. This matters." This may not be convincing for people who strongly disagree with you, but it makes an impression on people who haven't been paying attention. Discovering that your neighbors are willing to be harmed, arrested, imprisoned, or even killed for their beliefs is a striking thing.

And that's a crucial difference between a DDoS and a sit-in: participants in a sit-in expect to get arrested. Participants in a DDoS do everything they can to avoid getting caught. If you want to draw a metaphor, DDoSers are like the animal rights activists who fill a lab's locks with super glue. This is effective at shutting down your opponent for a good while, but it's a lot less likely to draw sympathy from the public, who can dismiss it as vandalism. Moral Suasion

(Image: Sit-in "Giornata degli studenti", a Creative Commons Attribution Share-Alike (2.0) image from retestudentimassa's photostream) ]]> http://boingboing.net/2011/06/30/denial-of-service-si.html/feed 23 http://boingboing.net/2011/06/01/nato-fears-anonymous.html http://boingboing.net/2011/06/01/nato-fears-anonymous.html#comments Wed, 01 Jun 2011 08:03:56 +0000 Xeni Jardin

James Nixon at thinq.com: "NATO leaders have been warned that Wikileaks-loving 'hacktivist' collective Anonymous could pose a threat to member states' security, following recent attacks on the US Chamber of Commerce and defence contractor HBGary - and promise to 'persecute' its members." Here's a draft report by General Rapporteur Lord Jopling which claims Anonymous "is becoming more and more sophisticated", and "could potentially hack into sensitive government, military, and corporate files".

Audio: MP3 Download.

I joined "The Madeleine Brand Show" today for a discussion about the marathon hack of PBS.org by a group calling itself LulzSec, or The Lulz Boat. They've published what they claim was the method used: in short, vulnerabilities in Movable Type, and related weaknesses.

As noted here on Boing Boing in previous posts, the hack was said to be in retaliation for the PBS Frontline "Wikisecrets" documentary, which was perceived by Wikileaks advocates (and whoever LulzSec is) to be unfair to the secrets-leaking organization and to accused leaker Bradley Manning.

Taking a news organization effectively offline to protest the content of its coverage is not exactly supporting free speech—but this was about lulz, not logic. And as I said on Twitter when news of the attack first broke: PBS doesn't operate like CNN or Fox News, with a centralized news production process. Attacking PBS like this because one episode of one show wasn't A+ is like firebombing an entire grocery store because one apple you bit was bad.

Of course, unlike a firebombing, PBS will recover just fine. While the hack was ongoing last night, the organization coped by publishing to Tumblr and interacting more directly on Twitter with viewers. But a bunch of poor IT admins at PBS HQ, and affiliate stations around the country whose logins and passwords were exposed, probably had a really crappy Memorial Day (and will have a lot of cleanup and stress in weeks ahead). None of this helps Wikileaks, Manning, or journalism.

From the show overview:

After hacking PBS.org, Lulzsec posted fake news stories, including one claiming Tupac was alive and living in New Zealand. They also exposed the site's inner workings and posted the login information for PBS member stations across the country.

Boing Boing followed the story closely. First, the hackers posted a story about how Tupac Shakur is still alive. Then the hackers hacked the PBS statement in response to the hack. And recently, the hackers released a statement, documenting how they carried out the operation.

]]> http://boingboing.net/2011/05/31/pbs-hack-and-lulzsec.html/feed 38 http://boingboing.net/2011/02/10/disgraced-security-f.html http://boingboing.net/2011/02/10/disgraced-security-f.html#comments Thu, 10 Feb 2011 04:03:18 +0000 Cory Doctorow
Last week, hackers operating under the Anonymous banner broken into servers for HBGary, a security firm whose COO, Aaron Barr had declared his intention to reveal the identities of key people operating as Anonymous. The hackers released 50,000-some emails from HBGary, including a series of slides presented to Bank of America by HBGary and two other security firms, Palantir Technologies and Berico Technologies.

The slide presentation proposes a series of dirty tricks to neutralize Wikileaks and its supporters, including targetted attacks on Salon's Glenn Greenwald, as well as infrastructure attacks, disinformation campaigns, and sabotage. There's no indication that Bank of America signed off on this plan.

Data intelligence firms proposed a systematic attack against WikiLeaks

Looks like Operation Payback is shifting targets from Mastercard.com to VISA. (Previous BB article here, and a related radio piece with Xeni is here.)

Update, 1:02pm PT: The Visa.com site is now unavailable. Goodness, that was fast. Post updated with a screengrab of the response I get when attempting to access visa.com. Below, a video released when Operation Payback began back in October (only recently did the focal point become companies cutting off the lifeblood of funding or internet services to Wikileaks).

]]> http://boingboing.net/2010/12/08/having-ddosed-master.html/feed 69 http://boingboing.net/2010/12/08/mastercardcom-ddosed.html http://boingboing.net/2010/12/08/mastercardcom-ddosed.html#comments Wed, 08 Dec 2010 03:23:28 +0000 Xeni Jardin (image: Reuters)

Operation Payback is a bitch. "Anonymous" is retaliating against Mastercard for denying payment processing services to WikiLeaks, and Mastercard.com is currently down as a result.

The apparent US government efforts to cut Wikileaks' lifeblood—cashflow and web services—kicked into high gear this week. On Monday, Swiss bank PostFinance closed the defense fund account for WikiLeaks founder Julian Assange. PayPal shut down donation processing after receiving a State Department letter, and most recently, Visa and Mastercard have suspended Wikileaks' accounts. Did the credit card companies do so in response to the same pressures? And, further, in part because the cables show the US lobbied Russia on their behalf? A Guardian report today suggests so.

Amazon.com, which provided some hosting services to Wikileaks, and DNS service provider EveryDNS.net, have also cut off service to the secret-leaking website. Both companies cite technical reasons: the burden of too many anti-Wikileaks hacking attacks, in the case of EveryDNS, and a violation of TOS in Amazon's. But perhaps they, too, are reacting to explicit or implicit government pressure. Wikileaks' latest response is here.

"Operation: Payback" began months ago as a series of attacks targeting anti-piracy entities like the RIAA and MPAA. The shift in focus to defending Wikileaks isn't without a link: a portion of the "Cablegate" tranche reportedly amounts to proof the US pressured Sweden to "do something" about The Pirate Bay."

"Their servers have been shut down and they will remain so for as long as there is no true freedom of information and data," read an Anonymous open letter related to Operation Payback. "[We] will target any website bowing down to government pressure."

The US hasn't pressed charges against Assange or Wikileaks, but all the noose-tightening is concurrent with increasingly blunt statements characterizing Wikileaks as a criminal or terrorist organization.

And that should concern every American.

Whatever you think of Wikileaks, the crescendo of extra-legal pressure tactics threaten all our freedom.

Silencing Mastercard.com with pingfloods or malware isn't going to do much to advance the cause of liberating those who would be silenced. But what exactly should be done? Normally I'd dismiss tweets describing this as "the world's first great infowar" as hyperbole. But this time, everything really does feel unprecedented.

I believe Wikileaks as an organization to be flawed and Assange to be a problematic figure, to put it charitably. There are negative effects and public benefits from the project's actions, so far. But Wikileaks has a right to exist, just as you have a right to know when your government's secrets grow into public deceptions.

I believe we are better off knowing what we now do of those deceptions from the material Wikileaks has brought to light.

Just as past court struggles for the legal protection of free speech in America have sometimes involved characters or groups one might find flawed at best, and abhorrent at worst, so too is this an imperfect entity deserving of the full protection of law and due process.

Wikileaks may be flawed. But Americans cannot allow the US to criminalize Wikileaks. If we do, the rights of all citizens are jeopardized.

Related links: Wikileaks is still asking for donations, and they've figured out alternatives to keep the cash flowing in.

Coverage of the Mastercard DDOS, and the denials of financial services to Wikileaks: ZDnet, Guardian UK, Forbes, Business Insider, NYT "The Lede" blog, NYT article by John Markoff, WSJ, Reuters.

Also: "How to Think About Wikileaks," by Alexis Madrigal at The Atlantic.

Dylan Ratigan of MSNBC asks what the institutions are afraid of.

And don't miss this piece by a former Marine at Gizmodo.

]]> http://boingboing.net/2010/12/08/mastercardcom-ddosed.html/feed 83