Considering that most DDOS attacks come from zombie bots installed on programs when people Torrent, I'm suprised that there were arrest made based on IPs
Did you read the article? Paypal provided evidence that the DDoS was coming from LOIC, a manually-operated non-botnet tool. Also, it sounds like Paypal's evidence was only used to get search warrants, and evidence found in those searches (like LIOC) would then be used to justify arrests.
The issue is not how to translate it but whether an IP address identifies a person beyond reasonable doubt, especially given Anonymous's ability to defeat FBI/CIA and other military grade networks including those the FBI/CIA employ to protect them.
It really raises question as to whether you can trust something as flimsy as an IP header given the technical sophistication of Anonymous. These people could well be innocent and in fact victims of anonymous directing attention away from itself and towards these innocent victims. When Anonymous can gain control of HB Gary and FBI/CIA assets imagine what they could do to an off the shelf system that hasn't been through the rigorous security protocols that HB Gary, the FBI and CIA follow.
Given the mutability of data on a USB stick I'd also be very interested to see the chain of custody on that data and how it might have been modified. Also, the defense should request access to the source code for the IDS system in question so that it can be examined for bugs and problems that may affect its ability to generate reliable evidence.
These people could well be innocent and in fact victims of anonymous directing attention away from itself and towards these innocent victims.
This is wishful thinking, but there is a sense in which it is true. People running LOIC are typically if not exclusively clueless mooks duped into doing so by people who know better.
For all the mythos around Anonymous "having no leaders", I doubt very strongly that you'll find many examples of people who spontaneously downloaded LOIC and started flinging packets at PayPal. Instead what you'll find is people who say they got the idea from an image posted on 4chan (or elsewhere) or from "some guy" on IRC.
All you have to do is convince someone to willingly join a botnet (or anything else) is that 1) this is a way to relieve their angst and 2) other people are doing it. The affidavit even includes examples of the kind of image instructions that accomplish exactly this. The "orders" spread as would memes, and the originators of those orders put themselves at almost no risk to distribute them, while "innocent" members of the herd get caught.
When Anonymous can gain control of HB Gary and FBI/CIA assets
Indeed: "When..." But AFAICR, Anonymous didn't gain control of either FBI or CIA assets. Hacking a self-described FBI "affiliate" and DDOSing cia.gov are hardly the same thing.
Also, holding up HB Gary Federal as an example of an organisation with "rigorous security protocols" is an amusing claim with no real evidence.
Maybe, I'm not so sure though. If you participate in a mob that went down to some local business to throw rocks through their window, should you expect to be let off easy because you just threw a pebble?
On balance I think the idea that DDoS is "ok" and should be tolerated is not a good road to travel down.
Sit ins are not legal either, you can be arrested for trespassing on someone's property if you've been told to leave. The purpose of a sit in is to draw attention to an issue through non-violent means, and it's accepted that there may be consequences to that (including jail time) but the cause justifies the risk.
Regardless, it's questionable whether a DDoS and a sit-in are comparable. For one, DDoS does not require the presence of the individual, this makes it more difficult to form a connection with their cause and the activity. For another, a sit-in doesn't typically totally shut down a business, let alone at a national scale. With a DDoS a very tiny minority of people are able to disrupt the business activities of millions. This is not the sort of thing that we want to become accepted a legitimate form of protest. You may think it's all well and good when people who are "fighting" for causes you believe in are "sticking it to the man" but if it becomes the norm then everyone with a grudge will use it. And then it won't be the "good guys" wielding the power it'll be the people most fanatical in its use who will get what they want.
If you want to find a form of protest that mimics a sit-in, fine, go ahead, by find something other than DDoS, because that isn't it.
Reading compression. I am not suggesting that sit ins are legal. I am asking if participating in one is enough for the police to get a warrant to thrash your house.
Furthermore, sit ins are by definition denial of service attacks. Assertions about differences of scale are 1) irrelevant, 2) questionable (most DDoS fail miserably).
This has nothing at all to do with my approval or disapproval of the politics.
Here the analogy breaks down. Sit ins are nominally illegal. DDoS is also a crime. And whereas a sit-in doesn't involve any special equipment and happens outside someone's home the equipment and the act itself of a DDoS happens in the home, so using strong probable cause to obtain a warrant and collect evidence is perfectly legitimate I think.
As far as sit-ins vs. DDoS, it's patently ridiculous to say that scale is irrelevant. If I steal a single penny that is a much different crime than if I were to steal a penny from everyone in America. And if I stage a sit-in at a place of business and deny one or a handful of customers the opportunity to do business that's incomparable to if I deny a thousand or a million people.
One of the core reasons why sit-ins are a respected form of civil disobedience is because it preserves an important aspect of scale. One person one seat. The more popular a cause is and the more people are dedicated to fighting for it the more effective the sit-in can be. But unpopular causes will find it tough to use a sit-in to advance their agenda. The public will ignore their cause and turn a deaf ear to their arrests. And no one will take their place at the sit-in once they're gone. That sense of scale is important. In contrast, a DoS becomes very much more akin to a bomb threat or breaking windows. Because a far smaller and less popular group can effectively disrupt the business activities of a very large number of people. That is not in any way a good thing.
I like your breakdown of the DDoS vs the sit-in. The requirement of many people vs a few does make an important distinction when considering the effectiveness as a form of protest.
But I think the analogy to a bomb threat or breaking windows is a bad one, primarily because it's likely to be misunderstood. I'll agree that those are more similar in the sense of scale, but that's about the only similarity. Bombs and stones damage both property and individual human lives in ways that are likely to be traumatic and irrevocable. A DDoS is peaceful, causing only a temporary financial effect on a business.
If he had gone to say the paypal homepage and diddled around all day then he would have had the same impact as a sit-in. Instead he simulated the traffic of thousands of people. That's not comparable to a sit-in.
Bullshit. The entire idea behind a sit in is a number of people consuming disproportionate resources of an establishment. You don't participate in a sit in by using the amount of resources that a single person might normally reasonably use.
I suggest you read this article, since I am beginning to suspect you are operating under a very very distorted definition of the term: http://en.wikipedia.org/wiki/Sit-in
