Commerce in a post-Wikileaks economy

cc.jpgYou’ve likely seen the news that Visa, Mastercard, PayPal and others are under distributed denial of service (DDOS) attacks by folk who feel that WikiLeaks headman Julian Assange is being persecuted for distributing sensitive information he’d received from others.

Setting aside that entire espionage, sex-by-surprise, persecution, journalism and right to information thing, what’s left is the hacking attempts — coordinated attacks on key points of the infrastructure of commerce. This, as we are in the midst of the holiday buying season. A juicy target indeed.

What’s happening
The coordinated attacks seem to be having some small effect on commerce. According to one report:

MasterCard, calling the attack “a concentrated effort to flood our corporate website with traffic and slow access,” said all its services had been restored and that account data was not at risk.

But it said the attack, mounted by hackers using simple tools posted on the Web, had extended beyond its website to payment processing technology, leaving some customers unable to make online payments using MasterCard software.

How it’s done
By using freely available tools to target and coordinate these attacks, *anyone* can join in the action. Find the right IRC server, download the tools, and turn them on — poof, you’re a ‘hack-tivist’ and  your computer (or computer network) is now part of a botnet:

The weapon of choice is a piece of software named a “Low Orbit Ion Cannon” (LOIC) which was developed to help Internet security experts test the vulnerability of a website to these assaults, the distributed denial of service attacks. The LOIC is readily and easily available for download on the Internet.

The LOIC can be controlled centrally by an administrator in an Internet Relay Chat (IRC) channel, a type of computer chat room; it can seize control of a network of computers and use their combined power in a DDoS attack. The attack is aimed at the target website and when the LOICs are activated they flood the website with a deluge of data requests at the same time.

The DDoS attack prevents the overloaded server from responding to legitimate requests and slows down the website to a crawl — or shuts it down totally. The attacks are coordinated in the IRC channel, and on Thursday, around 3,000 people were active on the Operation: Payback channel at one stage.

One side effect of all this is that the participants are also testing the limits of the commerce infrastructure for hackers and others who’s intentions may not be so noble as preventing a perceived injustice.

The impact
So what does this mean for retailers and customers in the next few weeks and months, and what does this mean for the future of online commerce?

  • Slow or blocked online commerce — if the servers are clogged, your online merchant may not be able to process your credit card or PayPal transaction, and can’t complete the sale
  • Increased attacks — depending on how this spate of incidents turns out, copy-cats will use the same techniques against new targets, or evolve their own methods and tools
  • Increased unease — new online consumers will have another reason to *not* shop online, preferring to continue shopping at brick and mortar shops as they’ll feel more secure
  • Increased security — essential to recover control of the commerce infrastructure and to demonstrate to consumers that online commerce works and is safe
  • Increased cost — better and tighter security isn’t free, so this ‘cost of doing business’ will be factored into the retail process, resulting in higher prices

The Genie is out of the bottle
Yep, the tools and techniques have been around for a while. It’s taken one event like this to catalyze a motivated and unconnected group of people around the world to participate in coordinated action. We will see more of this, maybe aimed at political institutions, national governments, or launched by environmental activists. Welcome to a new reality.

Spending good money on nothing, it’s not a new concept.

Disclosure: I’m involved with an organization that has virtual goods and currency  — and yes, you can exchange real money for virtual goods in it.

fv_250.jpgThe virtual economy is heating up. GigaOm reports that Facebook Could Make $250M From Virtual Goods Next Year; make money from stuff that isn’t tangible. Stuff you can’t hold in your hands. Yet, the concept of virtual isn’t really new, it’s really just a new label applied to an ancient concept.

It is kind of interesting, when you think of it. For the vast majority of human history, ideas used to be the only type of non-physical ‘object’ that people would pay money for — ideas manifested as stories, concepts, music, inventions, etc.

Someone had to come up with the idea. And if it was good, then someone paid for that idea.

Then, the idea had to be transformed into reality — a play, a symphony, a building perhaps. The idea becomes physical (for a short time if you’re witnessing a performance). But still you have the physical manifestation of something created in the mind of someone.

Today, we have the virtual manifestation of ideas. Virtual in that when they manifest, they exist only in the medium they were designed for — a Farmville farm lovingly tended and nurtured by someone using a keyboard and mouse. Or an Elvish Archer who’s virtual skills and abilities have been carefully selected and honed.

Today’s virtual goods economy is wonderful, exciting, and offers huge new opportunities that didn’t exist before — from the swetshop goldfarmer to the (mobile-device-app-store) developer– doing work that has no physical manifestation can be both a pastime and a career.

But it shouldn’t surprise us that people and organizations can make money in this way — because we’ve been doing it for thousands of years. Only this medium is new.



This post of is one of many I publish weekly at the Future Shop Techblog. Read more of my stuff here.


No reason NOT to get a new computer this year.

Only in Canada ‘eh? Pity!

The recently announced Canadian Budget seems to have a direct boon to me. I wasn’t expecting it. I was expecting more of the same general economic stimulus packages, etc. But here’s something that applies to me directly.

Temporary 100-Per-Cent Capital Cost Allowance Rate for Computers

In light of the economic slowdown, Budget 2009 proposes a two-year 100-per-cent CCA rate for computers acquired after January 27, 2009 and before February 1, 2011. This will allow businesses to fully expense their investment in computers in one year. Businesses in all sectors of the economy, including the service sector, will benefit from this initiative, which will contribute to boosting Canada’s productivity through the faster adoption of newer technology.

Obviously I’d need to see the details regarding what kind of equipment would be covered. For example:

  • what about computer support equipment (network routers, printers, etc)
  • what are the limits and qualifications?
  • do you have to be a registered company to benefit or does it apply to sole proprietorships?

A few details need to be crafted, but this could be an interesting time in the Tech sector, especially in Tech retail! I’ll be watching this rather closely…stay tuned!