Arg! I hate to say this but "I came here to post this."
This is not the sort of thing Anonymous does, they've been careful not to aggravate the public and make clear it is the elite and not the common man that is their nemesis.
We also know for a fact that US intelligence agencies have infiltrated and have been in control of many Anonymous operations.
Not too hard to see that this will be a test run of whether intelligence agencies can shut down the internet.
If you hated to say it, couldn't you have left it out or just said "I agree" instead? The rest of your post doesn't depend on us knowing what you came here to say.
I sometimes maintain a conversational tone here, so expressing personal surprise at seeing what I was going to type as the top comment just sort of came out. I "hated to say it" because it's such an overused trite idiom. But yeah, it added little and "I agree" would have been a smoother intro.
As cynical as this point sounds, you may be on to something. We know that the FBI infiltrated LulzSec...so who knows if this may be something they are doing.
As godwinesque as this may sound, this wouldn't be the first time group A does something bad just to be able to blame group B in order to receive the powers it craves.
Why attack DNS? BGP is more vulnerable and receives less scrutiny (remember Pakistan bringing youtube down for the entire world via a misconfigured censorship attempt?). Go look at the references from http://en.wikipedia.org/wiki/IP_hijacking for some horror stories.
L0pht testified before Congress claiming that they could shut down the Internet globally in 30 minutes back in 1998. If I recall correctly, it was through attacks against BGP/BGMP. I can't find a non-broken source link, though.
I'd love to see a few prominent sites (Google, Apple, Amazon, Microsoft, Twitter, Facebook, and so on) get together secretly and agree to have, say, a 10 minute outage at the same time during this--just to see what these "hackers" do if they think for a bit they actually succeeded.
I really hate the fact that this nonsense keeps getting reported. Even the article itself, while it has the headline "'Anonymous' hackers plan to shut down the Internet this Saturday", states that "there is really no need to fear". Better title: 'A few individuals make crazy claims of doing something impossible.'.
Not only would it be basically impossible to take down the DNS servers even if they had large participation, but there will be essentially no participation since most main 'anonymous' sites/leaders are telling people to have nothing to do with it.
This is just nonsense intended to drive up hit counts. I really don't think a person needs to be very technical to realize this is nonsense. Most people aren't rocket scientists, but would have the sense to call bullshit pretty quickly if I claimed I was going to test a working warp drive on Friday. I've never understand why computers seem so complicated and strange to people that the same common sense and critical thinking that makes it obvious I don't really have a warp drive don't seem to apply.
While it is unlikely that this will actually happen you are still far from correct saying that this is virtually impossible, for certain this is possible.
If anyone here recalls the blackhat heydays pre-2003 you may have/have not recalled a group known as "Fluffy Bunny" that broke into (at the time) what were thought to be the some of the most secure box's on the net, a few to name were VA software, UU.net(efnet), (cross site scripting) securityfocus.com, sans.org, (even a site dedicated to making fun of and host mirrors of defaced websites) attrition.org.
Getting back to the original point I was trying to make, one of their most notable hacks was breaking into multiple Akamai servers. No remote exploits were used against Akamai servers, every computer they had access to at Akamai was gained through a patch version of ssh which recorded all users password before encryption and placed it in a log file within a hidden directory on the system, this patch was installed on every box they exploited, they got lucky when a user from the uu.net box logged into an Akamai box using the compromised ssh client.
So they have Akamai, now what? The group further infiltrated their way into Akamai's intranet and gained access to other computers on their network through social engineering. Finally they located the development server that stored the source code that Akamai used to update some 12,000+ high bandwidth servers they used. The plan was to patch the update software they used to automate the patching process to also include a rootkit&DDoS client. With this they would be able to control a ridiculously large botnet, joined with their already amassed 4000+ DDoS net from other compromised computers this would have effectively timed out all 13 top level root name servers. More then likely you can tell what happens after that.
If you were interested to know, these guys were caught out out of the stupidity of this guy.
http://articles.latimes.com/2000/sep/22/local/me-24959
Whom was drunk and instead of hanging up decided to curse out a field technician that came onto the centrex line(thanks AT&T) they used to communicate through. This resulted in the tech recording the line 24/7 and eventually handing the information over to the authorities.
I cannot think of a better way for this group to hurt their cause and garner the animosity of much of the world. It seems to endlessly repeat throughout history- groups with an axe to grind (whether in power or rebelling against it) use blunt force to try and further their cause. They're either too lazy or not competent enough to use a scalpel so they blow up the patient to get rid of a tumor. After the majority of the populace then turns against them, they're either shocked or self-righteously indignant that everyone else doesn't "get it". It never ends.
That could be true, but I believe it to be unlikely in this case.
It's easier to benefit from a false-flag attack by just doing it- denials don't carry as much weight in an emotional, post-attack context. When forewarning is given for a false-flag, you give the accused a chance to back away and say "it's not us" before an event, lodging enough doubt that the size of the crowd with torches and pitchforks isn't as big afterwards... I think this would be counter-productive for the guys staging the false-flag attack.
Looking at your idea from a different angle: I guess it could be useful for an opposing group to make the threat, in order to make Anonymous look impotent if it's not carried out, while the opposing group takes credit for "stopping" it.
Who knows... -We- surely don't. I feel like I'm outlining a plot for a Tom Clancy novel.
Either this is a hoax or the unrealistic claim of a sad group of hackers. Regardless, it's still interesting to imagine what it would be like if the internet really were inaccessible to a large number of people. Even light Internet users would realize how dependent we have all become on this infrastructure.
The name escapes me for the moment, but there was a famous computer virus which I believe did almost to do that. They key wasn't that it was particularly clever and the attack vector it used had been patched by MS months before.
The key was that the attack happened over UDP which meant that there was no handshake, no congestion control, no need to worry about dropped packets, etc. The only limitation was the bandwidth of the infected host -- the virus itself was less than 500 bytes (not kilo, just straight bytes) so a single host could infect tens of millions of computers.
Maybe it's a pre-april fools prank (as in it's probably not going to happen but the extra hype will be the prank)! No one would take it seriously (even more seriously) if this fell on sunday.
Delegations from the root to the TLDs and from the TLDs to second-level domains generally have TTLs of over 24 hours. This attack will have zero effect.
Good point. They'll bring it down for a day and nothing will happen.
Is it likely that the big email providers keep the caching longer and could maintain some functionality in the event the TLD nameservers are down for more than 24 hours?
I don't understand why people say this. At any given minute, aren't 1/n caches about to expire? So a few people will be hit immediately, and the number will grow from there.
