risks/ethics of paricipating in actions, and can we make them available to the masses?

From Ben Earnhart <bearnhar@blue.weeg.uiowa.edu>
Date Mon, 27 Mar 2000 02:33:48 -0600

[: hacktivism :]

Much of the folowing might seem naive to those true hackers on this list,
that some subcultures might just assume anonymity through rlogins at
multiple IPs, but I think the issues below might be relevant:

I've been mulling this over, and imagine that many of the lurkers/observers
on this list have, too -- what are the potential risks of participating in
activities?  When is it "my" electronic resource that I can
legally/ethically devote to a purpose such as a DDoS attack?

For example, to make my own situation public, I have access to many IPs,
but they are all university-based.  I could:

a) use them at will.  Stupid.  Traceable to me.  I'm in deep shit. bad
regarding ethics, but at least I'm open about it and taking responsibility
for my actions.

b) use some available IPs, but in ways that are not necessarily traceable
to me.  OK but not perfect re: risks, shitty regarding ethics.  

c) knowingly allow others to gain access to launch attacks.  May or may not
be traceable to me, really, really shitty regarding ethics.  Stupid, too,
since I miight not know when or how they might choose to use those IPs.

d) utilize only my own IP.  All the costs of (a) above, but at least I can
personally justify it as (more-or-less) not misusing the resources of

e) getting a bunch of free sites at places like freeservers, homepage,
geoocities, etc.
	e1) with my own name
	e2) logging in using yahoo/hotmail etc, through something like
either e1 or e2 not good -- you know that the service providers did not
intend for those sites to be used for such a purpose, even apart from the
obvious thing that they would immediately shut down a site that was
misbehaving.  Also, potential for "collateral damage" if free space
providers got swamped.

f) paying $$ for access and being willing to pay the penalty of being cut
off from my ISP.  Seems the only legitimate solution, but dammit, it limits
my alternatives (and those of many, many others), costs $, and puts me
totally at the mercy of the corporations we might potentially be fighting
to begin with.  Fight AOL using AOL? not gonna work...   

Hmm...  what to do?  It's a step beyond using the copier to run off posters
for your local anarchist orgainization, because IP addresses are
*traceable*.  Responsibility adds both positive and negative  elements to

Not meaning to be negative and/or make excuses, but think that an honest
discussion might be a good thing.  From what I can tell, the basic
assumption is that people crack to get IPs in the first place (such as the
DDoS attacks on Yahoo etc.), or use IPs they pay for (e.g. situation f).
Situation f is the ultimate IP democracy, but we are far from being there,
and the resources available through corporations and eduicational
insitutions need to be fit in somehow.  I imagine most people who are
potentially serious participants are in a gray area using university or
corporate resources, and would not crack or knowingly misuse somebody
else's resouces even if they could.  

Sorry if I sound like a wuss, but I think that the ethics of it should be
ironed out, at least -- the risks, one can simply estimate on one's own and
try to avoid negative sanctions (e.g. b and c are similar risk-wise), but
what behavior is best *ethically*??

Random, beer-soaked thoughts, should have stuck with the caffiene...


           Ben Earnhart
    Department of Sociology (student)
         University of Iowa
          Iowa City, Iowa
           (319) 335-2505

[: hacktivism :]
[: for unsubscribe instructions or list info consult the list FAQ :]
[: http://hacktivism.tao.ca/ :]