Victims Whose Names Were Used In Fake FCC Comments Call For Investigation
Fight For The Future (FFTF), a digital rights organizations, recently launched Comcastroturf.com, where people can check whether or not their names have been used to create fake anti-net neutrality comments for submission to the FCC. The victims are now demanding the FCC starts an investigation into this issue.
Almost Half A Million Fake Comments
The FFTF said that the botnet has created over 450,000 comments using the names of real people. The comments were asking the FCC to kill the net neutrality regulation former the FCC leadership passed in 2015.
According to Chris Sinchok, a developer from Chicago, it’s rather easy to spot the botnet-made comments because they were submitted at a near-constant rate, which is something that a typical script would do (post comments every 60 seconds, etc). Another indication that these type of comments were submitted by a botnet was that the botnet would “pause” for a few hours, and then it would start submitting comments at a high rate again.
The bottom line is that the botnet would fill the comment forms in a rather consistent way with a certain cadence, as you would expect a robot to do. However, it’s possible that future similar actions could become more “unpredictable” as the botnet owners try to hide their activity and make the submissions seem more random.
Victims Demand Investigation
Some of the victims whose names were used to create the fake anti-net neutrality comments have sent a letter to the FCC in which they demand the following actions:
Notify all who have been impacted by this attackRemove all of the fraudulent comments, including the ones made in our names, from the public docket immediatelyPublicly disclose any information the FCC may have about the group or person behind the 450,000+ fake commentsCall for an investigation by the appropriate authorities into possible violations of 18 U.S.C. § 1001 (“making false statements”) and other relevant laws.
Aji Pai, the new FCC chairman, has been quite open about wanting to eliminate net neutrality rules, saying that they harm the free internet (as in free from regulations). Therefore, it would seem that the fake comments demanding the same thing favor Pai’s position on the issue. However, those who signed the letter hope that the FCC will not move forward with a decision on net neutrality without first removing the fake comments and finding out who submitted them.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
USB-C cable CT scan reveals sinister active electronics — O.MG pen testing cable contains a hidden antenna and another die embedded in the microcontroller
Hackers breach Wi-Fi network of U.S. firm from Russia — daisy chain attack jumps from network to network to gain access from thousands of miles away
-
AgentLozen What kind of person would make a botnet that fills the FCC with fake comments that supports killing net neutrality. I was under the impression that, generally speaking, net neutrality was good for the internet. The only people who seem to oppose it are those who are horribly misinformed or companies that directly benefit from the death of net neutrality.Reply
Assuming this is a single person sitting in their basement cobbling together a list of names and fake comments to send to the FCC, this person would have to belong to the later group. Right? Is there anyone well informed that still wants to kill net neutrality? Some Cisco Certified Internet Architect that hates net neutrality?
I dunno. This whole situation doesn't make any sense. The only explanation that I can come up with is that a party that stands to benefit from the death of net neutrality has hired a hacker to spam the FCC with false comments. Aren't these big companies supposed to operate in a respectful and lawful way? And if they don't, shouldn't they be subject to the same criminal consequences that everyone else is? -
coolitic I find it highly unlikely that someone wouldn't include a bit of randomization for the timing of the script.Reply -
ammaross 19738838 said:I find it highly unlikely that someone wouldn't include a bit of randomization for the timing of the script.
Depends on their age and experience level. Also may depend on how serious they take the project on whether they decide to go above and beyond the scope of the original request. Could easily be someone (out of country) hired via Freelance or the like, being paid $200 for a quick'n'dirty job. -
jeremy2020 It's rather obvious someone was hired to generate the fake responses. PAI and his cretins are saying that they favor "inclusiveness" which is why they're not looking into removing the comments.....rofl.Reply -
nzalog 19738307 said:What kind of person would make a botnet that fills the FCC with fake comments that supports killing net neutrality. I was under the impression that, generally speaking, net neutrality was good for the internet. The only people who seem to oppose it are those who are horribly misinformed or companies that directly benefit from the death of net neutrality.
Assuming this is a single person sitting in their basement cobbling together a list of names and fake comments to send to the FCC, this person would have to belong to the later group. Right? Is there anyone well informed that still wants to kill net neutrality? Some Cisco Certified Internet Architect that hates net neutrality?
I dunno. This whole situation doesn't make any sense. The only explanation that I can come up with is that a party that stands to benefit from the death of net neutrality has hired a hacker to spam the FCC with false comments. Aren't these big companies supposed to operate in a respectful and lawful way? And if they don't, shouldn't they be subject to the same criminal consequences that everyone else is?
Have you not been seeing the pattern of what is going on lately? Policies that only benefit special interests and the rich are being put into place with very little regard to how it may harm our country. Even the people that were put in charge of the FCC are against net neutrality. We no longer matter for the next few coming years... best we can do is make our voice heard. -
bit_user
Some corporate entity or corporate-funded special interest group that stands to gain from it.19738307 said:What kind of person would make a botnet that fills the FCC with fake comments that supports killing net neutrality.
It could even be a large share holder (or group thereof) of telecomms stocks, and therefore might not even be a US citizen or US-based organization. Like a big hedge fund or, worse yet, sovereign wealth fund of a big country like Saudi Arabia or China. Not to be overly conspiratorial, but someone did it who stood to gain enough to more than offset the cost of doing it. -
bit_user
In this case, I think that's right. I don't know that the named individuals have any grounds to sue the government, so they'd need the government to undertake an investigation.19739523 said:best we can do is make our voice heard.
Anyway, what I think this shows is that these types of public comment things are probably now & forever broken. At least, in a society where you don't have some sort of government-issued ID (thinking of China, here).
In free & open societies, I can only see these sorts of exploits continuing. We definitely don't want to follow China's model, here, but then I'm not sure what's the answer.
-
hahmed330 AT&T, VERIZON, SPRINT, Mercers heck it could have been Ajat Pai's hired botnet army. As any Tom, Dick and Harry could hired a swarm of botnet by dialling 111-111-BOT.Reply -
abbadon_34 Honestly I don't think public comments ever figure into top end policy decisions. Especially regulators who, while required to receive public comments, are not elected and thus not responsible to the public.Reply -
alextheblue
Those who consider themselves so "well informed" on any side are often the most closed-minded and arrogant. After all, they know everything, why listen to opposing views? I've already discussed this at length, but the short version is that I oppose the implementation, rather than the original "spirit". In my case I hate that it forces ISPs to treat all packets alike regardless of type. Not all packets are equal, and they should not be treated equally. Real-time traffic should get higher priority, as non-real-time traffic (which is most traffic) is not latency sensitive. In other words, QoS or traffic shaping. There's no downside to this sort of packet discrimination. It's a technique to optimize traffic to improve end-user experiences (such as when playing games online, or during video conferences), which is prohibited under NN.19738307 said:I was under the impression that, generally speaking, net neutrality was good for the internet. The only people who seem to oppose it are those who are horribly misinformed or companies that directly benefit from the death of net neutrality.
...
Is there anyone well informed that still wants to kill net neutrality?
With that being said, they shouldn't be allowed to treat traffic differently based only on the source. Thus ending "fast lanes" and throttling of competitors or services they just don't like. That part of NN is good. They should still be allowed to throttle abusers at an individual subscriber level - I don't believe NN interferes with that. But as I mentioned above they should *also* be allowed to discriminate based on the type of traffic (RT vs non-RT). Implementation of this would be tricky, but what they have done was actually worse from a network standpoint than staying out of it. Again, NN prohibits this traffic shaping, and this has various side effects for the future of the internet as traffic levels continue to skyrocket - especially if you're trying to keep costs in check.
Edit: And no, using local traffic shaping on your internal network does NOT solve this problem. People keep bringing up local QoS like it's a fix, so I figured this time I should preempt this "idea". It allows a heavily loaded local router (lots of local users) keep real-time traffic flowing acceptably within your network, but it doesn't help the packets once they leave your network.