Comments on: U.K. cops want to attack terrorism Web sites

British police want to launch DoS attacks on terrorism sites and to make it an offense to fail to disclose encryption keys.

[Jim Hubbard]

More brilliance from government....

How about letting the sites stay open and tracing the computers and people that log on, or exchange information on the sites?

Isn't the idea to catch them, and not simply send them scurrying into the night?

And what of the traffic that will clog the internet as a result of perfoming these DoS attacks? How many bystanders must have their internet capabilities diminished or denied because governments would rather attack the sites than the people responsible for them?

[zaznet]

Nope...

The idea is not to catch the terrorists. The idea is to stretch their legal power on the Internet by using fear of terrorism as the vehicle for their fight against privacy and free will.

[unknown unknown]

They're are begging to get attacked

They're just asking hackers to DDoS them right back or as the article suggest exploit the system to attack targets for them by faking IP addresses. Using such tatics is irresponsible on the part of law enforcment. I for one will have no sympathy for them when a hacker shuts down their operation or worse as retaliation.

[zaznet]

Cost Benefit Ratio?

If they do plan to use DDoS methods, it will impact many innocent users. The bandwidth required to disable a website is a bit more than the total available bandwidth to that website. Many websites and other services share that total available bandwidth, not only at the initial provider but along the entire network leading up to the website host. The costs to innocent users will be high. Other unintended targets will be taken offline or slowed to an unusable state. Customers who pay for bandwidth used could end up with extra and unexpected charges. It would be about like arming all the police officers on the streat with gatling cannons and firing off as many rounds as possible at a suspect in a crowded area.

It would cost $10 or less to evade a DDoS attack with a minimal downtime. Change of DNS records, new host uploaded, done. The manpower required to pull of a "legitimate" DDoS (with no illegal compromised hosts in the DDoS network) would cost far more than the cost of evading it.

It will likely be difficult and expensive to find multiple network providers who are willing to host the DDoS attacker machines. There is very little profit in giving bandwidth to the cause of saturating another machines bandwidth. Since that would be the purpose of such connectivity, the provider would have every right to charge a huge fee or deny service all together.

Terrorists could use the above costs to pop up hundreds of "terrorist" websites, then abandon them to be "attacked" by police. This baiting of law enforcement into copulating an attack that drains valuable police resources would allow the terrorists a cost effective way of harming those law enforcement officials in at least a financial way. This is much like a fient attack used in war to draw away enemy forces or force the enemy to expend ammunition or reveal it's strength.

It would probably just be cheaper to carpet bomb the buildings where the servers are located...