Editorial

Anonymous FacebookOp is a hoax [Update: It really is]

It wasn’t too long ago that I was lurking in AnonOps’ IRC channel during Operation Payback, the Anonymous action that “took down” a few well-known financial companies’ landing pages, and generally stirred up a lot more media than they deserved. I remember the general chaos and script kiddie-like enthusiasm that pervaded the public chat areas and trying to make sense of the mystique and reverence that the channel operators enjoyed. I also remember a lot of people yelling about Amazon.com, that it was just as bad as the other financial companies that denied donations to Wikileaks, and that it should be “taken down” in turn.

Almost every time, someone a little more wizened and experienced would chime in and say that you don’t just “take down” Amazon.com; websites, especially the ones that are the veritable bastions of distributed cloud systems, scalability, and server infrastructure, aren’t really susceptible to script kiddies en masse. Distributed Denial of Service attacks are not new and it’s amusing to watch people drool over the piece of software that enables you participate in them (Low Orbit Ion Cannon) as if it’s some sophisticated and occult hacking device that magically “takes down websites.”

I keep putting “take down” in quotation marks for a reason.  The most damaging wound that Anonymous has ever inflicted on a website is temporarily taking down its homepage, which simply bars visitors from viewing it. This isn’t “taking down” a company. All you’ve done is piss off some sysadmins and alienated some users who needed the site. Putting up an alternate message on the homepage, sometimes embarrassing the site, doesn’t constitute taking down very much. As I’ve seen one comic strip put it, it’s the equivalent of defacing a poster in the lobby.

This is in stark contrast to the recent doings of LulzSec and the Antisec movement as a whole. Those groups are determined to actually do some damage, and damage they certainly do. They have distributed troves of personal and confidential information, swiped maliciously from government and law enforcement websites. While not causing downtime per se, these actions are for more harmful to an organization than simply defacing its landing page.

This is why Anonymous will never attack Facebook. Aside from the numerous other circumstantial evidence that point to yesterday’s announcement being a hoax to begin with (new YouTube account, non-standard Twitter account, non-Pastebin distribution, and none of the usual chatter), you can’t just “take down” Facebook. Facebook is not a website. It isn’t staffed by a few starving sysadmins without the resources to plan for, preempt, and defend from this kind of decidedly primitive attack.

According to Alexa, 44% of global Internet users visited Facebook.com yesterday. In 2010, Facebook was running more than 60,000 servers. 3 billion photos are uploaded to Facebook every month. These numbers are constantly growing. Think about the scale of that number for a moment and it’s quite obvious to see that trying to “take down” Facebook is about as foolhardy a fantasy as simply walking into Mordor. Furthermore, just to add another layer of disbelief, Anonymous is warning Facebook months ahead of time that this is happening!

If the FacebookOp announcement is not a hoax (and it most certainly is), then this is obviously a desperate grasp at some kind of publicity. Anonymous has been rightfully overshadowed by the much more harmful and inflammatory AntiSec groups, and is probably looking for a way to get their hacktivist agenda back on the media’s radar screen. Suffice it to say that it worked; they have the media’s rapt attention. The other possibility, albeit highly unlikely, is that Anonymous actually has the firepower and wherewithal to bring Facebook to its knees. If this really is the case, and Anonymous has evolved from the chaotic and leaderless group we know it to be, we’re obviously dealing with something much larger than hacktivism, and it’s a scenario in which 600 million or so of the world’s population would be victims. While it’s an interesting plot for a bad sci-fi movie, I’m not ready to acknowledge that Anonymous has anywhere near the capabilities required to pull off something as huge and nefarious as “killing Facebook,” and I think Facebook sysadmins would agree.

Image Sources: AnonNewsjutarnji.hr

‚ÄčUpdate: @Anonops, the usual source of information surrounding all things Anonymous has all but confirmed that this is indeed a hoax.

Report a problem with article
Previous Story

Steam announces beta of Steam Trading service

Next Story

Activision reveals more contributors to Call of Duty Elite service

33 Comments

Commenting is disabled on this article.

it isnt impossible you just have to map the whole network which takes a few days with just one person..... then you attack the most valuable source or the head office.... if there is enough people around the world an attack can be successful all you need is 10-20 people for a speedy attack...... with the multiple servers and data centres a DoS attack would be difficult but not impossible... the best option if they just want to **** facebook off is domain grabbing but for a info grab the back up server would be the best point of attack as there is probably only 2-4 and for data only so not for large traffics just for downloading ... its not impossible just a lot of work with many variations

Correction. Anonops just recently stated 23 hours ago.. "#OpFacebook is being organised by some Anons. This does not necessarily mean that all of #Anonymous agrees with it." Meaning it will happen. Just not everyone is involved

I really hope it turns out to be a hoax, because I use FB from time-to-time and I don't want to be exploited by these *******s.

Could Facebook possibly be ramping up security anyway as a preventive measure? For the last half hour or so, things have been erroring out on their end and has now actually crashed Chrome.

Edit: Ah, nevermind. Must have been a hiccup or something. Everything is back to normal.

SpyderCanopus said,
Dagumit! Stop posting rumors. You make us look stupid when we share them.

Stop spreading rumours then you won`t look stupid

no-sweat said,

Then it shouldn't be on the main page under "LATEST NEWS"


Or you could open your eyes, see the big red editorial tag, and skip over it whilst at same time not wasting everyone's time by posting stupid comments like the above this one

no-sweat said,

Then it shouldn't be on the main page under "LATEST NEWS"


Editorials deserve attention too (just as much as news). That's why it's put here. You can choose not to read it if you wish, but if it wasn't on the latest news page, it wouldn't have been shown.

no-sweat said,

Then it shouldn't be on the main page under "LATEST NEWS"

If you wanna get all literal, an editorials IS news. It's an opinionated piece of news. So having it on the latest news page DOES make sense. Just sayin'.

no-sweat said,

Then it shouldn't be on the main page under "LATEST NEWS"

We'd just be a generic news site if we didn't offer our analysis of the news. Editorials are an opportunity to spark debate, question what's true and false, and keep those who make the news (not those who write it, those who make it) credible.

They will obviously not kill Facebook per se. But...
For the sake of it, let's assume this is not an act and Anon will try to DDoS Facebook. With this kind of media attention, trust me that the users themselves will actually be the ones DDoSing Facebook when they'll all try to access the site during various stages of the day to actually see if Anon kept up to its word.
I guess we'll wait and see, but I'm pretty sure Facebook sysadmins will keep an extra eye on the servers on that day just-in-case.

zikalify said,
So its not actually a hoax, rather you just think it won't happen? Just to be clear

Two main points:
a) it can't/won't happen fb has too many servers and they're too big for LOiC attacks.
b) The announment hasn't come from the usual sources so quite possibly fake ie a hoax

zikalify said,
So its not actually a hoax, rather you just think it won't happen? Just to be clear

It's two-fold. The article talks about how it is both impractical and how the claims seem to be a hoax. The impracticality claim comes from Facebook's distributed nature, as well as it's serving capacity, not to mention the massive time period given where Facebook could ramp up defenses. The thought that it is not a claim by Anon is because the announcement and details were all filtered through non standard vectors, that is to say that Anon didn't announce this the way that Anon usually does, plus there is little chatter within Anon's IRC to suggest that they are actually planning to pull this off

Derges said,

Two main points:
a) it can't/won't happen fb has too many servers and they're too big for LOiC attacks.
b) The announment hasn't come from the usual sources so quite possibly fake ie a hoax

That's why most ddos is done aimed at the nameservers

Derges said,

Two main points:
a) it can't/won't happen fb has too many servers and they're too big for LOiC attacks.
b) The announment hasn't come from the usual sources so quite possibly fake ie a hoax

not LOIC. #RefRef. it takes down a website using it's own computing power

SpyderCanopus said,

That's why most ddos is done aimed at the nameservers

No they're not, because such attacks would have to be sustained for a very long period of time (>24 hours) and would have to have a very high traffic volume. DNS servers use a tiny amount of resources. Compare that to the resources required to serve an HTTP request to a site like Facebook, which has to access multiple databases, process the results, render and return the page. Most attacks are against HTTP as you need far fewer participants to generate enough load to overload the servers.

zikalify said,
So its not actually a hoax, rather you just think it won't happen? Just to be clear

It's both a hoax and won't happen. Why would we take down our greatest recruiting/marketing tool?