Journalism student faces 15 years for alleged ‘Anonymous’ hacktivism

A journalism student at the University of Nevada at Las Vegas who used the online alias "No" and "MMMM" faces 15 years in prison and $500,000 in fines if she is convicted of hacking charges related to the group "Anonymous." The Rebel Yell reported that the FBI arrested 20-year-old Mercedes Renee Haefer last week for allegedly participating in distributed denial of service (DDoS) attacks against PayPal’s website.

www.rawstory.com...

This is really very heavy handed. No damge is caused in a Ddos. It is like walking through the front doors of your banks, sitting on the floor and refusing to move.. It is peaceful protest and should be treated as such.
If the authorties are going to treat people like this for Ddos attacks, then a backlash is coming. If you are going to get 15 years if you are caught you might as well do some damage or make it so you cant be seen....
I have been arrested before for activism. You usually get a slap on the wrists and a fine.. This is a step to farI hope this case is dropped....

[atsimg]http://files.abovetopsecret.com/images/member/cad4bc5aaed9.jpg[/atsimg]

I would like to see a Jury convict for such a crime. The problem is that many do not understand the nature of a ddos attack.

This is like arresting someone for calling Bank of America, over and over, at the same time as thousands of others, because the request to do so was going around twitter.

Yeah she probably wont get convicted for that much, and the backlash from this story is going to be felt all across the world.

Anon will not stand by and let this happen, DDoSing is like a picket line at a strike, its denying access to something. Thats the point. There HAS to be some lawyer out there that is capable of understanding that a DDoS is not hacking, she wasn't the one who was hacking. She pressed a button on her computer, thats it. 15 years in jail for pressing a button?

This is just going to ramp Anon up the ladder, if she is convicted, i suspect that sh!t will hit the fan pretty hard.

I feel bad for her, her life could possible be ruined because of this, i wonder if she regrets it. They can't really prove much though, an IP should not be a person, because IP's are dynamic.

Guaranteed that this is going to cause a sh!tstorm. Every single computer geek on the planet is going to freak. 15 years for something that can be done from the command prompt.. Bet her parents are getting a nice lawyer too

Just thinking about it more gets my blood boiling, there are much worse threats out there. Corporate interests number one, and think of all the murderers and rapists that get to walk. She doesn't deserve to be put there.

They intend to make an example out of all that have been arrested. If convicted, the maximum sentence will be likely. These kids are pawns in a game much bigger than them, anonymous uses them, and they stupidly play along.

You know what they say... If you can't do the time, don't do the crime, and ignorance of the law is no excuse.

Originally posted by Fractured.Facade
They intend to make an example out of all that have been arrested. If convicted, the maximum sentence will be likely. These kids are pawns in a game much bigger than them, anonymous uses them, and they stupidly play along.

You know what they say... If you can't do the time, don't do the crime, and ignorance of the law is no excuse.

I agree, She's played in a game way above her pay grade, DDOS may be nothing we all know that, but the game being played isn't about DDOS'ing or hacking, it's much bigger and much more involved and to the top players it can only be won by bringing down the other side down.

Anon aren't going to stop they are just going to keep gathering data, and their message resonates too highly on the basic human rights scale that they have far too many followers.

Still waiting for their "nuke" though when the governments finally catch up to them (and i reckon the will). I bet they have a massive amount of very top secret stuff that they know is red hot and are holding onto it as a just in case.

Poor girl and sucks to be caught but she should have understood the game she was playing and at least masked her IP or VPN'd via a VPN via a VPN. I read that majority of the others caught had no involvement and just had open wireless, seems like anon could never be stopped if you have a bunch of war drivers going around ddos'ing.

reply to post by purplemer


You say:

"It is like walking through the front doors of your banks, sitting on the floor and refusing to move.. It is peaceful protest and should be treated as such. "

Sorry, that pretty, innocent description of the crime and the cute picture doesn't sway me. In your example, the correct charge would be breaking and entering whether anything was taken from the bank or not. I'm afraid to tell you that going sightseeing into a place where you have no official business or invitation for addmission can be a crime. It tends to be called trespassing in the solid world. (And you know, if somebody can go into off-limit areas of any business and agency and takes camera images (not screen shots) of the data, how can anybody claim that nothing was stolen?)

Originally posted by Scaledown

Poor girl and sucks to be caught but she should have understood the game she was playing and at least masked her IP or VPN'd via a VPN via a VPN.

That is the problem that is going to bite a lot more anons and wannabes in the butt now and in the future.

The feds deep packet inspection methods and other new tools they have make anonymity and masking, using proxies etc useless.

Let me make it clear, they can and will find you, you will be made an example of, there is NO SUCH THING as anonymity online anymore, period... anyone who assumes otherwise and participates in illegal activity are taking an extreme risk, and deserve whatever happens to them when they are caught.

Good luck.

and so ends the story of the very first girl on the internet.

reply to post by Aliensun

Sorry, that pretty, innocent description of the crime and the cute picture doesn't sway me. In your example, the correct charge would be breaking and entering whether anything was taken from the bank or not. I'm afraid to tell you that going sightseeing into a place where you have no official business or invitation for addmission can be a crime. It tends to be called trespassing in the solid world. (And you know, if somebody can go into off-limit areas of any business and agency and takes camera images (not screen shots) of the data, how can anybody claim that nothing was stolen?)

Ddos where not in off limit areas, they went through the public front door. There was no breaking and entering no hacking was involved. Again I will state people should have the right to stage peaceful protest both digital and anolog...

reply to post by Scaledown

Poor girl and sucks to be caught but she should have understood the game she was playing and at least masked her IP or VPN'd via a VPN via a VPN. I read that majority of the others caught had no involvement and just had open wireless, seems like anon could never be stopped if you have a bunch of war drivers going around ddos'ing.

Attacks through VPN is not effective as it is easy to block traffic from VPNs and stifle the protest...

nvm

This is a case of cyber activism and not hacking, more akin to a strike or protest rather than vandalism or espionage. 15 years is a serious over reaction and sounds more like the maximum sentence rather than any ruling that has been made. With some of the laws in relation to copyright there have been huge imbalances with some people facing large unrealistic and unjustified fines as judgements, more to serve as a detriment to others than providing any sense of justice for the transgression.

With the motivation being social outrage and to defend of wikileaks from the way it had been attacked by the financial institutions, there is a strong precedence for a light judgement as with many other political protests. Such penalties do vary between actions, nations and system of governance thought.

Socially, the use of DDOS attacks can permanently take down a business if it does rely on the internet for its business operations and the attack is sustained for long enough. I do know there have been some small businesses that have suffered a lot from such attacks in conjunction with extortion attempts. With this growing technological frontier expanding, DDOS is one of a few growing digital weapons that is causing a lot of concern in how to deal with it.

I would be very surprised if the maximum penalty is applied in this case, while it would send a strong message that DDOS is not an acceptable method, it would raise a lot of public support for Anonymous and outrage at the system with such and extreme punishment for a social justice cause.

reply to post by GogoVicMorrow


There are a multitude of ways, but the simplest and easiest are (once a computer and location have been identified) what else was she doing online?, could it have been anyone else? her history is enough... and posting pictures like the one in the OP makes it even easier... Have a webcam?

Big bro can watch YOU too!

Really, if you believe you can fool them, or pin your activity on someone else who has an account on the computer you are using.... More power to you, and again ... Good luck!

What anonymous has done and will do (their most important accomplishments) has been and will be to make fighting cyber-crimes more efficient, effective, and technologically advanced than ever before. As well as provide the justification for new laws and legislation, restrictions and regulations on the internet, eventually inhibiting the freedom and they claim to be champions for.

They are also heavily infiltrated, and the beauty is that anyone can do anything and blame it on them.

reply to post by Fractured.Facade


You must have been answering while I was un-asking. Thanks for the response nonetheless.

But like I was saying, in a college setting there could easily be several people using a computer at once. A lot of people generally leave their accounts logged in on their personal computers. I'd just be interested to see the case for this. Not to mention she doesn't deserve a day of jail in the first place even if she admitted to doing it.

reply to post by GogoVicMorrow


Safety in numbers may work, but only possible if the perpetrator leaves absolutely zero evidence of their involvement.. From there investigative tools and methods are available that still can track down the guilty parties... But that is only going to be done for the most serious crimes and criminal activity.

There are a million ifs here, and a million ways around them... In the end an educated and informed person should make themselves fully aware of the risks involved in any activity they are being coaxed to participate in.

Expect them.

DDoS As A First Amendment Right

The constitution state about the right of protest as „the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.“ In the past that has always meant you must uproot yourself and go either across town or more likely across the nation to reach these pivotal spots where people meet and show their distress as a collective. But, something new has happened. With the recent revenge by Anonymous for the repression of Wikileaks and its founder Julian Assange on Paypal, Visa, Mastercard, etc. etc. etc. people have come across something very interesting. They use a tool called LOIC that uses Distributed Denial of Service attacks to shut down access to websites they believe are taking away the right of information by these companies or websites. First you must understand this one fact, DDoS attacks in no way harm computers, damage the server, harm a person, remove a persons rights, or cause a disturbance of the peace. All they do is take up the bandwidth and restrict peoples ability to use the services provided by a website. In a way it acts very similarly to the sit ins from the civil rights movement, these people both just occupy the space to make a point and cause no physical damage to anyone or thing. So the fact that they do not cause damage or loss of rights would to most people be classified as peaceful protest against a government or group that has committed something that is ethically in question. It is also important to remember that this wasn’t just a small group of people, there were on the upwards of 30,000 downloads of LOIC.

serpentsembrace.wordpress.com...

dp..

reply to post by kwakakev


you are right it is cyber activism not hacking and the best way of looking at it is as civil disobendiance. The laws have a long way to catch up in this case....

A couple questions:

Should any DDOS be acceptable and legal, or does there need to be a good reason? Who defines activism vs harassment?

Can the authorities use DDOS to knock independent, free-thinking sites temporarily offline, or is this a tactic only the people can use? Why?

Originally posted by quango
A couple questions:

Should any DDOS be acceptable and legal, or does there need to be a good reason? Who defines activism vs harassment?

Can the authorities use DDOS to knock independent, free-thinking sites temporarily offline, or is this a tactic only the people can use? Why?

swap it round and instead of asking if any DDOS is acceptable and legal, use the word protest. Both legal and illegal protest form a part of a healthy democratic system. History speaks for itself protest has changed the course of law in the western world. If the laws in place have no respect for humanity then I dont have a problem breaking them. The law is not always right.
It is a fair question DDOS can take websites down and make them not welcome on their servers anymore. This has been a tactic on some human rights charities in certain countries...
Authorities have used DDOS to knock out independent websites. Look what happened to wikileaks. It was knocked out by a massive attack from the Jeester. I dont see the law enforments going after him. Instead they are targeting script kiddies that blocked down the front door of a few large sites for a limited period of time and caused no damage to finacial infrastructure....