Computer vigilantism and a call for a Dark Knight.

Josh recently brought my attention (via Twitter) to a website he dubbed “basically the most evil product ever” (to clarify, Josh meant “evil” in intent, as a business model, not in effect). According to a Wired article, websites like av-check.com and virtest.com will scan your file to check that is not detected by the most common forms of anti-virus and anti-spam protection. These websites allow hackers to test their viruses before releasing them into the Internet to maliciously infect our computers. After reading this article, I tried to think of a good legal way for the authorities to stop this activity. Not only do I doubt the federal government could ban these websites under the law, but even if could do so, I doubt that any such measures would be very effective. I have no idea where they are hosted, but not in the United States is a good bet. The Internet is like the underbelly of Gotham City, so filled with a myriad of niches for criminal elements to hide it is beyond the reach of the government’s law enforcement.

Like in Gotham City, the innocent civilian users of the internet need a protector that can go where their flatfoots cannot, that can use tactics that the feds are not allowed to use. We need dark knights who would bring the terror of the night back to those who would shroud us in darkness, courageous computer programmers who would bring the spam back to the spammers who would shove it down our throats. We need an Internet Batman, an Internet Punisher, a veritable Internet Justice League.

Internet vigilantism, judging from Wikipedia, is nothing new. There was a case in 2007 where an internet vigilante distributed Trojans that would infect computers and report if they contained downloaded child pornography, and caught a California judge who confessed to the crime. Another famous case involved an anti-spam firm, Blue Security Inc., which galvanized over half a million users in a return e-mail campaign to cripple spammers. It folded after a denial of service counterattack by spammers shut down its website, which it closed for good. Lycos attempted a similar anti-spam war, but was also forced to back down; its DDOS attacks at spammers might have even been illegal. A major flaw in the latter anti-spam campaigns was that the instigators were too public and accessible; a vigilante must be as anonymous and masterful in guerrilla tactics as his criminal prey.

There is a huge niche for internet vigilantes to combat the spammers and hackers that infect our computers. Large corporations, and/or the government, can’t or won’t act because they don’t want to become targets themselves, or they lack authority and jurisdiction. I suspect that many computer programmers, like me, grew up on comic book heroes that stood up for those too weak to stand up for themselves, and secretly dreamed of finding a Green Lantern’s ring or building a Bat Cave. Unlike me, they actually have the programming and hacking skills (we blog on WordPress.com…) necessary to mount a decent counter-attack.

To start the counter-hacking war, I can suggest no better target than the sites indicated at the top of this entry. Sites that profit by helping hackers check their work before unleashing it are clearly responsibly, at least partly, for incredible destruction–financially, and emotionally. These sites should be taken down, and the only people in a position to do that are internet vigilantes.

(update: 1/5/2010)

Hackers attack Ahmadinejad’s website.

Users trying to access it last night were redirected to the following message:

Dear God, In 2009 you took my favorite singer – Michael Jackson, my favorite actress – Farrah Fawcett, my favorite actor – Patrick Swayze, my favorite voice – Neda.
Please, please, don’t forget my favorite politician – Ahmadinejad and my favorite dictator – Khamenei
in the year 2010. Thank you.

Advertisements