This war is very close to my heart and I’ve been able to contribute some network capacity to pressure Russian servers, without any effect to other services I host, using my RPi4.
I added this entry to my docker-compose.yml and it fetched the targets and started spamming their servers (logs are in Ukranian).
services:
mhddos_proxy:
image: ghcr.io/porthole-ascend-cinnamon/mhddos_proxy
restart: unless-stopped
environment:
- TZ=Asia/Tokyo
deploy:
mode: replicated
replicas: 2
You may think it is “unethical” to disturb services, but I’m sure you understand who is the aggressor, what is at stake here and this is a completely free way to be on the right side of history.
More information here: https://bsky.app/profile/itarmy-ua.bsky.social
I am not related to the project, I just contribute the little I can.
Running something like this will put a big target on your back. I hope you have your network locked down tight.
Not really
If anything they will just block your IP
That is not true. There is nothing illegal about creating massive amounts of traffic to an IP/website. Your comment sounds disingenuous.
no one said anything about legality.
but that this points known hackers at your door.
Ah yes, in that sense my network is locked down super tight. My SecOps is solid by any standard.
I promise you that your personal security posture is not adequate to keep you protected from a nation state.
It so happens that my own nation state’s security is in danger of another nation state, so at that point this stops mattering.
Not sure where you got that, but DDOS attacks are, in fact, illegal in many places.
Even if it was legal, you’d still become a target for fucking with big powers like the government of a major country.
It’s also most certainly against the terms of service for your ISP, VPN or VPS, so you could get your service terminated.
Again, no. Fundamentally, there is no difference in you refreshing a page over and over, the strength comes from the distributed aspect of this attack. There’s no limit on the use of bandwidth and this is no base, by any means, to end a contract.
Of course, you are free to do as you please, but I am aware of how this works and happy to contribute.
No, you are absolutely not aware of how this works. This is a blatant felony. Its like thinking you can’t be convicted for murder because there’s nothing “fundamentally” illegal about shooting a gun.
I think there is a misunderstanding: I am not the one carrying out the attack in this instance, I only lend some CPU cycles to a coordinated attack. The bandwidth I contribute is insignificant (I mean… a RPi and the impact to my own services is not noticeable). The attack is only effective with lots of people with the same ideals.
I think the gun analogy does not really work here: you cannot be held accountable for creating any part of a gun, in case of a murder.
You’re not making the gun, the programmers that wrote the DDoS program did. You’re firing it.
It’s more like, you and a bunch of your friends murder by getting together and flinging the victim with rubber bands until the victim actually dies. Just because all you did was fling a small percentage of the rubber bands and that wouldn’t have killed the victim on your own doesn’t change the fact that you participated in and committed a murder. Legal systems do not have loopholes that allow you to commit crimes like this. They only have loopholes for the ultra wealthy.
Intent is the thing you are missing. You know the end result of your actions. That is why this action is illegal in civilised countries.
It absolutely applies, but you are not making the gun are you? You are handing a working firearm with ammo to someone you know will do something illegal.
If I borrowed my friends firearm and said I’m going to the range, that is a normal thing. If I said I’m going to Bondi Beach with it, that is a cause for concern and why people get caught up in accessories charges.
I see what you mean. Of course this is most probably “illegal”, but I really do not care about the ramifications the Russian Federation could hold me accountable of, especially since they do not have jurisdiction where I live.
?? No this is extremely illegal.
You are right in that purposefully creating massive traffic to a specific website is most probably against some TOS (I would not go so far as to say illegal). Nevertheless, this is war and my contribution, by itself, is insignificant and remains well under the radar.
This war is very dear to my heart and I wanted to attract some attention to this tool for people who feel the same.
No, this is not a civil matter or TOS violation. It is a federal crime and felony in the USA under the Computer Fraud and Abuse Act.
So is conspiracy or threat to commit a crime in the CFAA. If you’re in the USA, you should delete this post because it is a federal crime, itself.
Thank you for your concern. I do not reside in the USA. Certainly, actions that would hinder an oppressive government’s reach would be made illegal, but there is strength in numbers.
There is only strength in numbers (as a defence, which is what you’re positing) if everyone is informed of the consequences of their actions. If they are not, they can blame you for misleading them.
People aren’t doubting the virtue of your intent but you are speaking very confidently incorrectly about legal matters which doesn’t help your overall appeal.
It seems so. I guess I do not understand where the many requests/DDoS limit is and the ramifications it may entail in some jurisdictions, although, I explicitly wrote “DDoS” in the title…
I had the impression that as a lone actor, lending CPU cycles, you do not fall into the latter category, since the state-sponsored attack, which I support in this instance, is carried out by a different entity.
Perhaps, you would even argue that you have plausible deniability when accused of carrying out such attacks, just like the proprietor of a hacked device cannot be held liable (I assume). Definitely good to know.