Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Participating in a distributed denial of service attack is not necessarily illegal. There has to be some intent on the part of the visitor to cause damage. You could get involved in one just by innocently visiting a malicious web page which makes your browser download large files from the victim. Or suppose I set up an under-sized server with a very popular web application, the server might collapse under the load, but my visitors would not automatically become criminals when my server went down.


If you look at riaa.org with the intention of helping out the DDoS, it is illegal. If you do it innocently, it is not.

The question of whether your mens rea can actually be proven is an entirely different question from whether it is illegal.


My comment was in the context of the article. I'd say firing up LOIC is plenty enough intent for it to be illegal.


I don't know about the rest of you but I've thought about firing up LOIC just so I could say I fired up a Low-Orbit Ion Cannon. Who cares about DDoS-ing. :)


But following the tutorial of the OP demonstrates with some certainty intent to cause damage.


The earlier attack on the Scientologists sent at least two guys to prison:

http://www.wired.com/threatlevel/2010/01/guilty-plea-in-scie...


No, if you innocently view a page on an underpowered server, you are not part of a denial of service attack and are, by definition, innocent. A Denial of Service attack is explicitly malicious.


A Distributed Denial of Service attack can be made up of a bunch of people innocently viewing a page on an underpowered server though. The people clicking on a link don't have to know they are part of an attack, even if the link was made expressly to bring a site down. A link on 4chan or any large website can easily bring down a site, especially if it's to a resource heavy page.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: