Dancho Danchev, who is one of my most favorite bloggers on all things "cyber-security", has a great post about the rapidly changing market for DDOS attacks (btw, I think that the next supermegaduper-sequel to Freakonomics should definitely include a chapter about the markets for DDOS attacks)

...a huge number of "boutique vendors" of DDoS services remain reluctant to initiate DDoS attacks against government or political parties, in an attempt to stay beneath the radar. This mentality prompted the inevitable development of "aggregate-and-forget" type of botnets exclusively aggregated for customer-tailored propositions who would inevitably get detected, shut down, but end up harder to trace back to the original source compared to a situation where they would be DDoS the requested high-profile target from the very same botnet that is closely monitored by the security community.

The future of DDoS extortion attacks, however, looks a bit grey due the numerous monetization models that cybercriminals developed - for instance ransomware, which attempts to scale by extorting significant amounts of money from thousands of infected users in an automated and much more efficient way than the now old-fashioned DDoS extortion model.

Check Dancho's original post to see sample text of a cyber-extortion letter; I'll only post the bonus section here:

You will also receive several bonuses.

1. 30% discount if you request DDoS attack on your competitors/enemies. Fair market value ddos attacks a simple site is about $ 100 per night, for you it will cost only 70 $ per day.

2. If we turn to your competitors / enemies, to make an attack on your site, then we deny them.

 

David Sasaki, of the Global Voices fame, recently challenged me to write at least one positive post or essay for evern ten that are negative. I can't yet live up to that challenge but I am eager to try bit by bit.

There is an interesting (and somewhat too upbeat for my taste) story in the Jakarta Globe today on how the Indonesian civil society has been mobilized to get two senior members of the country's anti-corruption body out of detention:

When Bibit and Chandra were first detained on Oct. 29, few people anticipated the kind of uproar that would ensue. But public opinion swung dramatically to the side of the KPK officials, as demonstrated when a Facebook group set up in support of the two officials attracted tens of thousands of hits. With the Internet pushing Bibit and Chandra’s agenda, countless prominent individuals also rose to the challenge and rallied behind the antigraft officials’ cause. That, combined with the revelation of incriminating wiretaps — made public on the instruction of the Constitutional Court — culminated in their release.

...the two important developments in the case are, first, the way Indonesia’s civil society rallied around an issue of national importance, and second, the way the Internet helped to facilitate this trend.
 
Freewheeling and unregulated, the Internet has played a critical role, serving as a platform for independent debate, so much so that mainstream media are left with no choice but to start reporting issues that are causing waves in cyberspace.

This dramatic flattening of the media landscape lessens the power and influence of owners, editors, producers, journalists and indeed columnists such as myself. For many, this sort of transparency will be painful. At the end of the day, you, the reader, are in charge.

And one can only expect this process to accelerate, as technological change gathers momentum. While there were only 25 million Internet users in Indonesia in 2008, mobile penetration is 60 percent and soaring on the back of a 40 percent annual growth. At the same time, the explosive increase in handheld computing devices, such as BlackBerries, also signals a dramatic expansion in Internet usage. As a result, ordinary people can shape all aspects of news-making, tipping the balance of power away from the elite.

These are all important points. I do agree that in societies that have SOME media freedom and SOME civil society, the Internet can greatly amplify their work, potentially even getting tyrants (or semi-tyrants in this case) out of power. That's why Twitter is so great at helping to preserve (improve?) the British democracy - but can't really do much when it comes to bringing democracy to places like Turkmenistan or even Iran.

The big question is: what comes first, the engaged society or the twittering society? Looking at the case of Indonesia described above, to me the answer is pretty obvious: you first need to have informed/active citizenry and at least some quasi-democratic institutions - and Twitter revolutions would follow. You can't start with twittering citizenry and NO democracy in sight - and expect that it would suddenly drop from the skies as the masses begin twittering.

This is the question I am posing in my review of Andrew Lih's Wikipedia Revolution in the new issue of Boston Review. Here is a teaser: 

“Wikipedia approaches its limits,” ran a striking August 2009 headline in the usually sober Guardian. With infinite storage and lots of free labor, the very notion of “limits” seems misplaced. However, the limits alluded to in the Guardian are more editorial than logistical. The low-hanging fruit is disappearing—Wikipedians can write only so many biographies of Seinfeld characters—and getting new content onto the site is not as easy as it used to be. A recent study by Palo Alto Research Center (PARC) found that Wikipedia’s key growth indicators—the number of new pages and new editors—have floundered for the past two years, while coordination and editing costs have ratcheted up. Today’s Wikipedians waste a growing portion of their editing time on bureaucratic infighting rather than creating new content. According to the PARC study, Wikipedians also exhibit increasing resistance to new content, especially that contributed by occasional editors.

 

The Internet has often been praised for allowing new, fluid and hard-to-control public spaces to emerge. Often, these new public spaces would help to bring attention to stories/developments that may go unnoticed otherwise.

This has certainly been the case in Russia, where the vast majority of journalists had to tone down their criticism of the government for fear of being fired or worse. LiveJournal, by far the most influential blogging platform in the country, allowed dissidents to express their views, share news that didn't make it to the mainstream media, or bring public attention to important activist campaigns that needed funding or participants.

But how could one make sense of all these conversations? This is where blog search engines and especially meme-trackers - online services that track most popular blog conversations - came into play. Yandex is the Russian answer to Google and Yandex Blogs, its blog search engine - along with its excellent meme-tracker - emerged as an absolute leader in the Russian-speaking world. Every day they would run a list of 30 or so most popular stories - determined based on a complex formula that took stock of how many other bloggers have linked to this blog post, how many comments it attracted, and so forth. Thus, Yandex Blogs emerged as a kind of an alternative newspaper of the blogosphere: you could spend 5 min a day looking at the most discussed subjects and get to know the zeitgeist.

It was also obvious that, as a blogger, by linking to blog posts you like or consider important, you could push them into Top30 and thus bring national attention to them. And this is what many people did - and not just activists; nationalists, religious fanatics, spammers - all of them were taking advantage of Top 30. This produced some noise - every now and then an irrelevant posting will make it to the list of headlines - but the system seemed to work and was widely used, not just by Russian-speaking bloggers, but also by those who didn't have time to look at thousands of Russian blogs every day and wanted to get a quick snapshot of what's happening.

Well, goodbye to all that. On Nov 3 Yandex announced that they were going to shut down the service but opening its API, so that anyone can build their own meme-trackers using Yandex's technology. The reason for this shut-down has little to do with money (even though Yandex does claim that this is at best a niche - rather than mass-market - service); the company is uncomfortable with the various political uses/abuses of the service. Here is a very telling quote from them (in my hasty translation from Russian):

We discovered that the service which had initially been developed to mirror the blogosphere has become an amplifier, a media tool of sorts. It started exhibiting the effect of positive feedback: many bloggers were  writing, commenting, and generating links only for the purposes of "pushing stuff into our top list". There appeared dedicated blog-bots, which were polluting the blogosphere with the same purpose: get into the list of most popular posts. To filter out the robots is a difficult but clear problem; we solved it. But what to do with the "social manipulation"? Particularly, when someone starts shouting "let's get this into the Yandex Top" and bloggers start linking to a given post? We thought it was a natural activity of Internet users and didn't put any hurdles when such items were getting into the top. We only put up a disclaimer: be careful, someone may be manipulating the links.

But more and more our service looks less than a mirror of the blogosphere and more as a tool of getting stuff "into the top" and then letting it spread through mass-media. Almost anyone who is not too lazy is using this tool: from people organizing fund-raising campaigns to all sorts of radicals. As a result, radicals of one variety started accusing Yandex of helping their enemies and vice verca. Journalists have also acquired a habit of checking our rating; getting stuff up there has become a paid service; and some people in power already treat it as "voice of the people".

Judging by the last sentence only it looks like the service is, indeed, very popular and very successful; most PR companies would probably kill for such audience. And yet Yandex decided to kill its child rather than continue playing an important social and political function. It's as if Google Blog Search - which bears the closest resemblance to Yandex Blogs in the English-speaking world - decided that, well, they didn't like the fact that there were too many rightwing bloggers or that most bloggers seemed to care more about the balolon boy than about climate change (to make the comparison work, imagine that most media in the US were under tight government control so Google Blog Search was, indeed, the only way to know what's really happening/being said).

I can see why Yandex the company may be uncomfortable with such a political role; having any kind of media power usually doesn't bode well for anyone in modern Russia. I guess it's also a sign that the new public sphere in Russia just got a little bit too networked - and nobody really wants to be in charge of this monster. It's, of course, good that Yandex also opened their API, allowing third parties to build their own meme-trackers. The problem is that it will almost certainly defragment national attention; when there are 50 competing meme-trackers, one doesn't really know which one to trust/use. The charm of the old model was its serendipity: people looking for fun/entertainment would occasionally stumble upon posts about politics/nationalism/history - and get exposed to opinions that they disagree with. Under the new set up, there will certainly be "fun" meme-trackers and "activist" meme-trackers - I am just not sure whether their audiences will ever cross their paths online.

So what exactly does all this NSF-funded research on obscure subjects get us, after all? Well, how about this excellent graph of how information spreads (and evolves - i.e. gets distorted in the process) through the rightwing blogosphere? The image below is courtesy of Harvard's David Lazer whose own research was recently singled out by Sen Tom Coburn; it aims to visualize how various rightwing blogs have picked up and amplified Coburn's criticism. This provides a pretty good insight into how well-integtrated and networked the new media empire of the right really is: 

Node colors correspond to dates (28: white, 29: light gray, 30: dark gray). Time flows left to right, where the variations within each day reflect publication time of day, but only in an "eyeballing" sense. Link weights are encoded white: explicit mention, black: shared text, grey: both. Arrows point from destination node to source

More from Lazer:

And as the signal propagates it evolves. Thus, for example, Stossel quotes from the Heritage blog, but then adds his distinct emphasis. The link and copying structure reflects the attention each blogger is paying to other blogs, however one would guess that each blog has a different but overlapping audience...

 I don't know about you, but I want more, not less, of such research funded - and to study left-wing blogospheres/echo-chambers too. 

 

Even though Iran's Twitter Revolution has faded from the attention of the Western media , the country's talented techies keep innovating:

The Press TV news website reported last week (October 25) the launch of the world’s first search engine for Quran-related websites. Created by Iran, the search engine allows web surfers to easily look up information on Islamic religious law. Ali Ismailpour, the director of the search engine (www.quransite.ir) said that it was designed to promote Islamic culture by providing convenient access to websites pertaining to the study of Quran. **The search engine currently provides access to over 360 different websites, he added. **

And it's not like they haven't been trying before:

In recent years Iran has launched several Islamic-oriented technological services. For example, an Islamic version of Windows XP was released in Esfahan in March 2007, which included unique Islamic features. Among other things, the program makes it possible to download the full text of the Quran with audio, and provides access to over 200 Islamic websites and a collection of dozens of Islamic prayers through its “favorites” tab. In June 2008, the beginning of the production of the first Islamic cellular telephone with integrated “unique Islamic features” was announced in Iran. Among other things, it allows to display the Quran in eight different fonts, the interpretation of the Quran in three languages (Persian, Arabic, and English), as well as Islamic and Shi’ite books on religious law and religious works by several prominent Shi’ite clerics. In addition, the device translates verses from the Quran to ten languages, displays the prayer direction worldwide, provides written transcripts or audio broadcasts of prayers at mosques, converts dates from the solar calendar to the lunar calendar, gives dates of religious events, and displays prayer times in 4500 cities in Iran and across the globe. 

 I do wonder, though, whether the Islamic version of Windows XP doesn't crash as often as my secular edition.
 

 

If you think that American journalists misunderstand the Interwebs, the Kuwaiti literatti can prove you wrong anytime:

Kuwaiti Liberal: Uncensored Internet Discourse May Lead to Assassination of Liberals

Kuwaiti liberal columnist Ahmad Al-Saraf published an article criticizing Internet users for posting opinions on issues about which they are profoundly ignorant, and for using grossly inappropriate style and phraseology that reveal their low intellectual level. These postings, he contended, sometimes contain accusations of heresy and are dangerous because they lead to extreme actions. Al-Saraf called on website owners to monitor the postings submitted to them and to censor those that are potentially harmful.

If, like many Americans, you've got H1N1 and are reading this at home, turn off your computer NOW. Even better, take a pair of scissors and cause irreparable damage to your Internet cable. If you are really addicted to the Web and can't even contempate doing this, well, try to ration your daily surfing: turn off loading of images in your browser and don't even think of downloading that new episode of your favorite soap-opera.

Why? Because you may be one of those stay-at-home H1N1 victims who are causing our Internet networks to OVERLOAD. Government Accountability Office already hates you:

Adults working from home, children accessing video files and playing games online and families logging on for information about the illness would overwhelm residential Internet networks that were never built to have a majority of users on the Web at the same time, according to an October report by the Government Accountability Office, the investigative arm of Congress.

The federal government is in disarray when it comes to dealing with such a scenario, the GAO reported. The Department of Homeland Security is in charge of communications networks during times of national emergency. But it says it doesn't have a plan to deal with overloaded Internet networks -- an essential resource to keep the economy humming and residents informed and connected during a pandemic. And the DHS hasn't coordinated with agencies like the Federal Communications Commission to create clear guidelines for how telecom, cable and satellite providers can minimize congestion.

Such confusion "would increase the risk that the federal government will not be able to respond rapidly or effectively if a pandemic quickly emerges," the GAO reported.

While Europeans are considering introducing "three strikes and you are out" law that would disconnect Internet pirates from the Internet, I propose that the US government should consider a "three sneezes and you are out" variation on this theme. Why disconnect all sneezers from the Web? For once, it will help us deal with both online rumors and computer viruses. Besides, don't they need to be in bed and all, to recover faster?