Media manipulation

From Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/Media_manipulation 

Examples of televised manipulation can be found in news programs that can potentially influence mass audiences. Pictured is the infamous Dziennik (Journal) news cast, which attempted to slander capitalism in then-communist Poland using emotive and loaded language.

Media manipulation is a series of related techniques in which partisans create an image or argument that favours their particular interests. Such tactics may include the use of logical fallacies, manipulation, outright deception (disinformation), rhetorical and propaganda techniques, and often involve the suppression of information or points of view by crowding them out, by inducing other people or groups of people to stop listening to certain arguments, or by simply diverting attention elsewhere. In Propaganda: The Formation of Men's Attitudes, Jacques Ellul writes that public opinion can only express itself through channels which are provided by the mass media of communication – without which there could be no propaganda. It is used within public relations, propaganda, marketing, etc. While the objective for each context is quite different, the broad techniques are often similar.

As illustrated below, many of the more modern mass media manipulation methods are types of distraction, on the assumption that the public has a limited attention span.

Contexts

Activism

Main article: Activism

Activism is the practice or doctrine that has an emphasis on direct vigorous action especially supporting or opposing one side of a controversial matter. It is quite simply starting a movement to affect or change social views. It is frequently started by influential individuals but is done collectively through social movements with large masses. These social movements can be done through public rallies, strikes, street marches and even rants on social media.

A large social movement that has changed public opinion through time would be the 'Civil Rights March on Washington', where Martin Luther King Jr. performed his 'I Have a Dream' speech attempting to change social views on Non-White Americans in the United States of America, 28 August 1963. Most of King's movements were done through non-violent rallies and public speeches to show the white American population that they were peaceful but also wanted change in their community. In 1964, the 'Civil Rights Acts' commenced giving Non-White Americans equality with all races.

Advertising

Play media

"Daisy", a TV commercial for the re-election of U.S. President Lyndon B. Johnson. It aired only once, in September 1964, and is considered both one of the most controversial and one of the most effective political ads in U.S. history.

 

Main article: Advertising

Advertising is the action of attracting public attention to something, especially through paid announcements for products and services. This tends to be done by businesses who wish to sell their product by paying media outlets to show their products or services on television breaks, banners on websites and mobile applications.

These advertisements are not only done by businesses but can also be done by certain groups. Non-commercial advertisers are those who spend money on advertising in a hope to raise awareness for a cause or promote specific ideas. These include groups such as interest groups, political parties, government organizations and religious movements. Most of these organizations intend to spread a message or sway public opinion instead of trying to sell products or services. Advertising can not only be found on social media, but it is also evident on billboards, newspapers, magazines and even word of mouth.

Hoaxing

Main article: Hoax

A hoax is something intended to deceive or defraud. When a newspaper or the news reports a fake story, it is known as a hoax. Misleading public stunts, scientific frauds, false bomb threats and business scams are examples of hoaxes. A common aspect that hoaxes have is that they are all meant to deceive or lie. For something to become a hoax, the lie must have something more to offer. It must be outrageous, dramatic but also has to be believable and ingenious. Above all, it must be able to attract attention from the public. Once it has done that then a hoax is in full effect.

An example of a hoax can be found in a video from 2012, paid for by  Greenpeace  and made by Yes Men, that went viral. The video, purported to be footage from a cell phone filmed at a Shell party to celebrate the beginning of Arctic drilling operations, shows a drinking fountain that is designed to look like an oil platform malfunction and spray a dark beverage (similar to the appearance of oil) over a lady. This causes a commotion, with employees seen rushing to mop up the mess, and security guards attempting to confiscate the filmed footage. The hoax continued further through the distribution of fake legal messages from Shell that threatened legal action against the activists who supposedly pulled off the stunt, and even a fake website designed to look like Shell's, with copy such as "Birds are like sponges … for oil!"

Propagandizing

Main article: Propaganda

Propagandizing is a form of communication that is aimed at influencing the attitude of a community toward some cause or position by presenting only one side of an argument. Propaganda is commonly created by governments, but some forms of mass communication created by other powerful organizations can be considered propaganda as well. As opposed to impartially providing information, propaganda, in its most basic sense, presents information primarily to influence an audience. Propaganda is usually repeated and dispersed over a wide variety of media in order to create the chosen result in audience attitudes. While the term propaganda has justifiably acquired a strongly negative connotation by association with its most manipulative and jingoistic examples (e.g. Nazi propaganda used to justify the Holocaust), propaganda in its original sense was neutral, and could refer to uses that were generally benign or innocuous, such as public health recommendations, signs encouraging citizens to participate in a census or election, or messages encouraging persons to report crimes to the police, among others.

Propaganda uses societal norms and myths that people hear and believe. Because people respond to, understand and remember more simple ideas this is what is used to influence people's beliefs, attitudes and values.

Psychological warfare

Main article: Psychological warfare

Psychological warfare is sometimes considered synonymous with propaganda. The principal distinction being that propaganda normally occurs within a nation, whereas psychological warfare normally takes place between nations, often during war or cold war. Various techniques are used to influence a target's values, beliefs, emotions, motives, reasoning, or behavior. Target audiences can be governments, organizations, groups, and individuals.

This tactic has been used in multiple wars throughout history. During World War II, the western Allies, expected for the Soviet Union would drop leaflets on the US and England. During the conflict with Iraq, American and English forces dropped leaflets, with many of the leaflets telling the people how to surrender. In the Korean War both sides would use loud speakers from the front lines. In 2009 people in Israel in the Gaza war received text messages on their cell phones threatening them with rocket attacks. The Palestinian people were getting phone calls and leaflets warning them that they were going to drop rockets on them. These phone calls and leaflets were not always accurate.

Public relations

Main article: Public relations

Public relations (PR) is the management of the flow of information between an individual or an organization and the public. Public relations may include an organization or individual gaining exposure to their audiences using topics of public interest and news items that do not require direct payment. PR is generally created by specialized individuals or firms at the behest of already public individuals or organizations, as a way of managing their public profile.

Techniques

Internet manipulation

Main article: Internet manipulation

Astroturfing

Main article: Astroturfing

Astroturfing is when there is an intent and attempt to create the illusion of support for a particular cause, person, or stance. While this is mainly connected to and seen on the internet, it has also happened in newspapers during times of political elections. Corporations and political parties try to imitate grassroots movements in order to sway the public to believing something that isn't true.

Clickbait

Main article: Clickbait

Clickbait refers to headlines of online news articles that are sensationalized or sometimes completely fake. It uses people's natural curiosity to get people to click. In some cases clickbait is simply used to generate income, more clicks means more money made with advertisers. But these headlines and articles can also be used to influence a group of people on social media. They are constructed to appeal to the interest group's pre-existing biases and thus to be shared within filter bubbles.

Propaganda laundering

Main article: Propaganda

Propaganda laundering is a method of using a less trusted or less popular platform to publish a story of dubious origin or veracity for the purposes of reporting on that report, rather than the story itself. This technique serves to insulate the secondary more established media from having to issue a retraction if the report is false. Generally secondary reports will report that the original report is reporting without verifying or making the report themselves. The news and entertainment site Buzzfeed.com has been used to originate several via their BuzzFeed News section. This term was coined by a Reddit user HexezWork regarding a discussion related to the investigation by Robert Mueller into Russian Collusion.

Search engine marketing

Main article: Search engine marketing

In search engine marketing websites use market research, from past searches and other sources, to increase their visibility in search engine results pages. This allows them to guide search results along the lines they desire, and thereby influence searchers.

Business have many tactics to lure customers into their websites and to generate revenue such as banner ads, search engine optimization and pay-per-click marketing tools. They all serve a different purpose and use different tools that appeal to multiple types of users. Banner ads appear on sites that then redirect to other sites that are similar. Search engine optimization is changing a page to seem more reliable or applicable than other similar pages. Pay-per-click involves certain words being highlighted because they were bought by advertisers to then redirect to a page containing information or selling whatever that word pertained to. By using the internet, users are susceptible to these type of advertisements without a clear advertising campaign being viewed.

Distraction

Distraction by major events

Commonly known as "smoke screen", this technique consists of making the public focus its attention on a topic that is more convenient for the propagandist. This particular type of media manipulation has been referenced many times in popular culture. Some examples are:

• The movie Wag the Dog (1997), which illustrates the public being deceitfully distracted from an important topic by presenting another that whose only quality is that of being more attractive.
• In the U.S. TV series House of Cards, when protagonist Frank Underwood finds himself trapped in a media rampage, he addresses the viewer and says: "From the lion's den or a pack of wolves. When you're fresh meat, kill and throw them something fresher".

Politicians distract the public by showing them "shiny object" issues through the use of TV and other media. Sometimes they can be as simple as a politician with a reality show, like Sarah Palin had for a short time back in 2009, which aired on TLC.

Distracting the public

This a mere variation of the traditional arguments known, in logic, as ad hominem and ad populum but applied to countries instead of individuals. This technique consists on refuting arguments by appealing to nationalism or by inspiring fear and hate towards a foreign country or to all the foreigners. It has the potential of being important since it gives the propagandists the power to discredit any information coming from other countries.

Some examples are:

Q: "What do you think about Khokara's politic on X matter?" A: "I think they've been wrong about everything for the last 20 years or so..."

Q: "Your idea is quite similar to the one proposed in Falala." A: "Are you suggesting Falala is a better country than ours?"

Straw man fallacy

Main article: Straw man

An informal fallacy. The "straw man" consists of appearing to refute the opponent's argument while actually attacking another topic. For it to work properly the topic that was actually refuted and the one that should have been refuted need to be similar.

Distraction by scapegoat

Main article: Scapegoat

This is a combination of the straw man fallacy and the ad hominem argument. It is often used to incriminate someone in order to argument the innocence of someone else.

Photo manipulation

Main article: Photo manipulation

Visual media can be transformed through photo manipulation, commonly called "photoshopping." This can make a product, person, or idea seem more appealing. This is done by highlighting certain features on the product and using certain editing tools to enlarge the photo, to attract and persuade the public.

Video manipulation

Main article: video manipulation

Video manipulation is a new variant of media manipulation that targets digital video using a combination of traditional video processing and video editing techniques and auxiliary methods from artificial intelligence like face recognition. In typical video manipulation, the facial structure, body movements, and voice of the subject are replicated in order to create a fabricated recording of the subject. The applications of these methods range from educational videos to videos aimed at (mass) manipulation and propaganda, a straightforward extension of the long-standing possibilities of photo manipulation. This form of computer-generated misinformation has contributed to fake news, and there have been instances when this technology was used during political campaigns.

Compliance professionals

A compliance professional is an expert that utilizes and perfects means of gaining media influence. Though the means of gaining influence are common, their aims vary from political, economic, to personal. Thus the label of compliance professional applies to diverse groups of people, including propagandists, marketers, pollsters, salespeople and political advocates.

Techniques

Means of influence include, but are not limited to, the methods outlined in Influence: Science and Practice:

• Reciprocation
• Commitment and consistency
• Social proof
• Liking
• Authority
• Scarcity

Additionally, techniques like framing and less formal means of effective obfuscation, such as the use of logical fallacies, are used to gain compliance.

Computer worm

From Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/Computer_worm 

Hex dump of the Blaster worm, showing a message left for Microsoft CEO Bill Gates by the worm's creator

 

Spread of Conficker worm

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behavior will continue. Computer worms use recursive methods to copy themselves without host programs and distribute themselves based on the law of exponential growth, thus controlling and infecting more and more computers in a short time. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

Many worms are designed only to spread, and do not attempt to change the systems they pass through. However, as the Morris worm and Mydoom showed, even these "payload-free" worms can cause major disruption by increasing network traffic and other unintended effects.

History

Morris worm source code floppy diskette at the Computer History Museum

The actual term "worm" was first used in John Brunner's 1975 novel, The Shockwave Rider. In the novel, Nichlas Haflinger designs and sets off a data-gathering worm in an act of revenge against the powerful men who run a national electronic information web that induces mass conformity. "You have the biggest-ever worm loose in the net, and it automatically sabotages any attempt to monitor it. There's never been a worm with that tough a head or that long a tail!"

The first ever computer worm was devised to be an anti-virus software. Named Reaper, it was created by Ray Tomlinson to replicate itself across the ARPANET and delete the experimental Creeper program. On November 2, 1988, Robert Tappan Morris, a Cornell University computer science graduate student, unleashed what became known as the Morris worm, disrupting many computers then on the Internet, guessed at the time to be one tenth of all those connected. During the Morris appeal process, the U.S. Court of Appeals estimated the cost of removing the worm from each installation at between $200 and $53,000; this work prompted the formation of the CERT Coordination Center and Phage mailing list. Morris himself became the first person tried and convicted under the 1986 Computer Fraud and Abuse Act.

Features

Independence

Computer viruses generally require a host program. The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection and damage. A worm does not need a host program, as it is an independent program or code chunk. Therefore, it is not restricted by the host program, but can run independently and actively carry out attacks.

Exploit attacks

Because a worm is not limited by the host program, worms can take advantage of various operating system vulnerabilities to carry out active attacks. For example, the "Nimda" virus exploits vulnerabilities to attack.

Complexity

Some worms are combined with web page scripts, and are hidden in HTML pages using VBScript, ActiveX and other technologies. When a user accesses a webpage containing a virus, the virus automatically resides in memory and waits to be triggered. There are also some worms that are combined with backdoor programs or Trojan horses, such as "Code Red".

Contagiousness

Worms are more infectious than traditional viruses. They not only infect local computers, but also all servers and clients on the network based on the local computer. Worms can easily spread through shared folders, e-mails, malicious web pages, and servers with a large number of vulnerabilities in the network.

Harm

Any code designed to do more than spread the worm is typically referred to as the "payload". Typical malicious payloads might delete files on a host system (e.g., the ExploreZip worm), encrypt files in a ransomware attack, or exfiltrate data such as confidential documents or passwords.

Some worms may install a backdoor. This allows the computer to be remotely controlled by the worm author as a "zombie". Networks of such machines are often referred to as botnets and are very commonly used for a range of malicious purposes, including sending spam or performing DoS attacks.

Some special worms attack industrial systems in a targeted manner. Stuxnet was primarily transmitted through LANs and infected thumb-drives, as its targets were never connected to untrusted networks, like the internet. This virus can destroy the core production control computer software used by chemical, power generation and power transmission companies in various countries around the world - in Stuxnet's case, Iran, Indonesia and India were hardest hit - it was used to "issue orders" to other equipment in the factory, and to hide those commands from being detected. Stuxnet used multiple vulnerabilities and four different zero-day exploits in Windows systems and Siemens SIMATICWinCC systems to attack the embedded programmable logic controllers of industrial machines. Although these systems operate independently from the network, if the operator inserts a virus-infected drive into the system's USB interface, the virus will be able to gain control of the system without any other operational requirements or prompts.

Countermeasures

Worms spread by exploiting vulnerabilities in operating systems. Vendors with security problems supply regular security updates (see "Patch Tuesday"), and if these are installed to a machine, then the majority of worms are unable to spread to it. If a vulnerability is disclosed before the security patch released by the vendor, a zero-day attack is possible.

Users need to be wary of opening unexpected email, and should not run attached files or programs, or visit web sites that are linked to such emails. However, as with the ILOVEYOU worm, and with the increased growth and efficiency of phishing attacks, it remains possible to trick the end-user into running malicious code.

Anti-virus and anti-spyware software are helpful, but must be kept up-to-date with new pattern files at least every few days. The use of a firewall is also recommended.

Users can minimize the threat posed by worms by keeping their computers' operating system and other software up to date, avoiding opening unrecognized or unexpected emails and running firewall and antivirus software.

Mitigation techniques include:

• ACLs in routers and switches
• Packet-filters
• TCP Wrapper/ACL enabled network service daemons
• Nullroute

Infections can sometimes be detected by their behavior - typically scanning the Internet randomly, looking for vulnerable hosts to infect. In addition, machine learning techniques can be used to detect new worms, by analyzing the behavior of the suspected computer.

Worms with good intent

A helpful worm or anti-worm is a worm designed to do something that its author feels is helpful, though not necessarily with the permission of the executing computer's owner. Beginning with the first research into worms at Xerox PARC, there have been attempts to create useful worms. Those worms allowed John Shoch and Jon Hupp to test the Ethernet principles on their network of Xerox Alto computers. Similarly, the Nachi family of worms tried to download and install patches from Microsoft's website to fix vulnerabilities in the host system by exploiting those same vulnerabilities. In practice, although this may have made these systems more secure, it generated considerable network traffic, rebooted the machine in the course of patching it, and did its work without the consent of the computer's owner or user. Regardless of their payload or their writers' intentions, security experts regard all worms as malware.

One study proposed the first computer worm that operates on the second layer of the OSI model (Data link Layer), utilizing topology information such as Content-addressable memory (CAM) tables and Spanning Tree information stored in switches to propagate and probe for vulnerable nodes until the enterprise network is covered.

Anti-worms have been used to combat the effects of the Code Red, Blaster, and Santy worms. Welchia is an example of a helpful worm. Utilizing the same deficiencies exploited by the Blaster worm, Welchia infected computers and automatically began downloading Microsoft security updates for Windows without the users' consent. Welchia automatically reboots the computers it infects after installing the updates. One of these updates was the patch that fixed the exploit.

Other examples of helpful worms are "Den_Zuko", "Cheeze", "CodeGreen", and "Millenium".

Botnet

From Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/Botnet 

 

Stacheldraht botnet diagram showing a DDoS attack. (Note this is also an example of a type of client–server model of a botnet.)

A botnet is a number of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation.

Overview

A botnet is a logical collection of Internet-connected devices, such as computers, smartphones or Internet of things (IoT) devices whose security have been breached and control ceded to a third party. Each compromised device, known as a "bot," is created when a device is penetrated by software from a malware (malicious software) distribution. The controller of a botnet is able to direct the activities of these compromised computers through communication channels formed by standards-based network protocols, such as IRC and Hypertext Transfer Protocol (HTTP).

Botnets are increasingly rented out by cyber criminals as commodities for a variety of purposes.

Architecture

Botnet architecture has evolved over time in an effort to evade detection and disruption. Traditionally, bot programs are constructed as clients which communicate via existing servers. This allows the bot herder (the controller of the botnet) to perform all control from a remote location, which obfuscates the traffic. Many recent botnets now rely on existing peer-to-peer networks to communicate. These P2P bot programs perform the same actions as the client–server model, but they do not require a central server to communicate.

Client–server model

A network based on the client–server model, where individual clients request services and resources from centralized servers

The first botnets on the Internet used a client–server model to accomplish their tasks. Typically, these botnets operate through Internet Relay Chat networks, domains, or websites. Infected clients access a predetermined location and await incoming commands from the server. The bot herder sends commands to the server, which relays them to the clients. Clients execute the commands and report their results back to the bot herder.

In the case of IRC botnets, infected clients connect to an infected IRC server and join a channel pre-designated for C&C by the bot herder. The bot herder sends commands to the channel via the IRC server. Each client retrieves the commands and executes them. Clients send messages back to the IRC channel with the results of their actions.

Peer-to-peer

A peer-to-peer (P2P) network in which interconnected nodes ("peers") share resources among each other without the use of a centralized administrative system

In response to efforts to detect and decapitate IRC botnets, bot herders have begun deploying malware on peer-to-peer networks. These bots may use digital signatures so that only someone with access to the private key can control the botnet. See e.g. Gameover ZeuS and ZeroAccess botnet.

Newer botnets fully operate over P2P networks. Rather than communicate with a centralized server, P2P bots perform as both a command distribution server and a client which receives commands. This avoids having any single point of failure, which is an issue for centralized botnets.

In order to find other infected machines, the bot discreetly probes random IP addresses until it contacts another infected machine. The contacted bot replies with information such as its software version and list of known bots. If one of the bots' version is lower than the other, they will initiate a file transfer to update. This way, each bot grows its list of infected machines and updates itself by periodically communicating to all known bots.

Core components

A botnet's originator (known as a "bot herder" or "bot master") controls the botnet remotely. This is known as the command-and-control (C&C). The program for the operation must communicate via a covert channel to the client on the victim's machine (zombie computer).

Control protocols

IRC is a historically favored means of C&C because of its communication protocol. A bot herder creates an IRC channel for infected clients to join. Messages sent to the channel are broadcast to all channel members. The bot herder may set the channel's topic to command the botnet. E.g. the message :herder!herder@example.com TOPIC #channel DDoS www.victim.com from the bot herder alerts all infected clients belonging to #channel to begin a DDoS attack on the website www.victim.com. An example response :bot1!bot1@compromised.net PRIVMSG #channel I am DDoSing www.victim.com by a bot client alerts the bot herder that it has begun the attack.

Some botnets implement custom versions of well-known protocols. The implementation differences can be used for detection of botnets. For example, Mega-D features a slightly modified Simple Mail Transfer Protocol (SMTP) implementation for testing spam capability. Bringing down the Mega-D's SMTP server disables the entire pool of bots that rely upon the same SMTP server.

Zombie computer

In computer science, a zombie computer is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse and can be used to perform malicious tasks under remote direction. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service attacks (DDoS). Most owners of zombie computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to zombies. A coordinated DDoS attack by multiple botnet machines also resembles a zombie horde attack.

The process of stealing computing resources as a result of a system being joined to a "botnet" is sometimes referred to as "scrumping".

Command and control

Botnet command and control (C&C) protocols have been implemented in a number of ways, from traditional IRC approaches to more sophisticated versions.

Telnet

Telnet botnets use a simple C&C botnet protocol in which bots connect to the main command server to host the botnet. Bots are added to the botnet by using a scanning script, which runs on an external server and scans IP ranges for telnet and SSH server default logins. Once a login is found, the scanning server can infect it through SSH with malware, which pings the control server.

IRC

IRC networks use simple, low bandwidth communication methods, making them widely used to host botnets. They tend to be relatively simple in construction and have been used with moderate success for coordinating DDoS attacks and spam campaigns while being able to continually switch channels to avoid being taken down. However, in some cases, merely blocking of certain keywords has proven effective in stopping IRC-based botnets. The RFC 1459 (IRC) standard is popular with botnets. The first known popular botnet controller script, "MaXiTE Bot" was using IRC XDCC protocol for private control commands.

One problem with using IRC is that each bot client must know the IRC server, port, and channel to be of any use to the botnet. Anti-malware organizations can detect and shut down these servers and channels, effectively halting the botnet attack. If this happens, clients are still infected, but they typically lie dormant since they have no way of receiving instructions. To mitigate this problem, a botnet can consist of several servers or channels. If one of the servers or channels becomes disabled, the botnet simply switches to another. It is still possible to detect and disrupt additional botnet servers or channels by sniffing IRC traffic. A botnet adversary can even potentially gain knowledge of the control scheme and imitate the bot herder by issuing commands correctly.

P2P

Since most botnets using IRC networks and domains can be taken down with time, hackers have moved to P2P botnets with C&C to make the botnet more resilient and resistant to termination.

Some have also used encryption as a way to secure or lock down the botnet from others, most of the time when they use encryption it is public-key cryptography and has presented challenges in both implementing it and breaking it.

Domains

Many large botnets tend to use domains rather than IRC in their construction (see Rustock botnet and Srizbi botnet). They are usually hosted with bulletproof hosting services. This is one of the earliest types of C&C. A zombie computer accesses a specially-designed webpage or domain(s) which serves the list of controlling commands. The advantages of using web pages or domains as C&C is that a large botnet can be effectively controlled and maintained with very simple code that can be readily updated.

Disadvantages of using this method are that it uses a considerable amount of bandwidth at large scale, and domains can be quickly seized by government agencies with little effort. If the domains controlling the botnets are not seized, they are also easy targets to compromise with denial-of-service attacks.

Fast-flux DNS can be used to make it difficult to track down the control servers, which may change from day to day. Control servers may also hop from DNS domain to DNS domain, with domain generation algorithms being used to create new DNS names for controller servers.

Some botnets use free DNS hosting services such as DynDns.org, No-IP.com, and Afraid.org to point a subdomain towards an IRC server that harbors the bots. While these free DNS services do not themselves host attacks, they provide reference points (often hard-coded into the botnet executable). Removing such services can cripple an entire botnet.

Others

Calling back to large social media sites such as GitHub, Twitter, Reddit, Instagram, the XMPP open source instant message protocol and Tor hidden services are popular ways of avoiding egress filtering to communicate with a C&C server.

Construction

Traditional

This example illustrates how a botnet is created and used for malicious gain.

1. A hacker purchases or builds a Trojan and/or exploit kit and uses it to start infecting users' computers, whose payload is a malicious application—the bot.
2. The bot instructs the infected PC to connect to a particular command-and-control (C&C) server. (This allows the botmaster to keep logs of how many bots are active and online.)
3. The botmaster may then use the bots to gather keystrokes or use form grabbing to steal online credentials and may rent out the botnet as DDoS and/or spam as a service or sell the credentials online for a profit.
4. Depending on the quality and capability of the bots, the value is increased or decreased.

Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community.

Computers can be co-opted into a botnet when they execute malicious software. This can be accomplished by luring users into making a drive-by download, exploiting web browser vulnerabilities, or by tricking the user into running a Trojan horse program, which may come from an email attachment. This malware will typically install modules that allow the computer to be commanded and controlled by the botnet's operator. After the software is downloaded, it will call home (send a reconnection packet) to the host computer. When the re-connection is made, depending on how it is written, a Trojan may then delete itself or may remain present to update and maintain the modules.

Others

In some cases, a botnet may be temporarily created by volunteer hacktivists, such as with implementations of the Low Orbit Ion Cannon as used by 4chan members during Project Chanology in 2010.

China's Great Cannon of China allows the modification of legitimate web browsing traffic at internet backbones into China to create a large ephemeral botnet to attack large targets such as GitHub in 2015.

Common features

• Most botnets currently feature distributed denial-of-service attacks in which multiple systems submit as many requests as possible to a single Internet computer or service, overloading it and preventing it from servicing legitimate requests. An example is an attack on a victim's server. The victim's server is bombarded with requests by the bots, attempting to connect to the server, therefore, overloading it.
• Spyware is software which sends information to its creators about a user's activities – typically passwords, credit card numbers and other information that can be sold on the black market. Compromised machines that are located within a corporate network can be worth more to the bot herder, as they can often gain access to confidential corporate information. Several targeted attacks on large corporations aimed to steal sensitive information, such as the Aurora botnet.
• E-mail spam are e-mail messages disguised as messages from people, but are either advertising, annoying, or malicious.
• Click fraud occurs when the user's computer visits websites without the user's awareness to create false web traffic for personal or commercial gain.
• Ad fraud is often a consequence of malicious bot activity, according to CHEQ, Ad Fraud 2019, The Economic Cost of Bad Actors on the Internet. Commercial purposes of bots include influencers using them to boost their supposed popularity, and online publishers using bots to increase the number of clicks an ad receives, allowing sites to earn more commission from advertisers.
• Bitcoin mining was used in some of the more recent botnets have which include bitcoin mining as a feature in order to generate profits for the operator of the botnet.
• Self-spreading functionality, to seek for pre-configured command-and-control (CNC) pushed instruction contains targeted devices or network, to aim for more infection, is also spotted in several botnets. Some of the botnets are utilizing this function to automate their infections.

Market

The botnet controller community features a constant and continuous struggle over who has the most bots, the highest overall bandwidth, and the most "high-quality" infected machines, like university, corporate, and even government machines.

While botnets are often named after the malware that created them, multiple botnets typically use the same malware but are operated by different entities.

Phishing

Botnets can be used for many electronic scams. These botnets can be used to distribute malware such as viruses to take control of a regular users computer/software By taking control of someone's personal computer they have unlimited access to their personal information, including passwords and login information to accounts. This is called phishing. Phishing is the acquiring of login information to the "victim's" accounts with a link the "victim" clicks on that is sent through an email or text. A survey by Verizon found that around two-thirds of electronic "espionage" cases come from phishing.

Countermeasures

The geographic dispersal of botnets means that each recruit must be individually identified/corralled/repaired and limits the benefits of filtering.

Computer security experts have succeeded in destroying or subverting malware command and control networks, by, among other means, seizing servers or getting them cut off from the Internet, denying access to domains that were due to be used by malware to contact its C&C infrastructure, and, in some cases, breaking into the C&C network itself. In response to this, C&C operators have resorted to using techniques such as overlaying their C&C networks on other existing benign infrastructure such as IRC or Tor, using peer-to-peer networking systems that are not dependent on any fixed servers, and using public key encryption to defeat attempts to break into or spoof the network.

Norton AntiBot was aimed at consumers, but most target enterprises and/or ISPs. Host-based techniques use heuristics to identify bot behavior that has bypassed conventional anti-virus software. Network-based approaches tend to use the techniques described above; shutting down C&C servers, null-routing DNS entries, or completely shutting down IRC servers. BotHunter is software, developed with support from the U.S. Army Research Office, that detects botnet activity within a network by analyzing network traffic and comparing it to patterns characteristic of malicious processes.

Researchers at Sandia National Laboratories are analyzing botnets' behavior by simultaneously running one million Linux kernels—a similar scale to a botnet—as virtual machines on a 4,480-node high-performance computer cluster to emulate a very large network, allowing them to watch how botnets work and experiment with ways to stop them.

Detecting automated bot attacks is becoming more difficult each day as newer and more sophisticated generations of bots are getting launched by attackers. For example, an automated attack can deploy a large bot army and apply brute-force methods with highly accurate username and password lists to hack into accounts. The idea is to overwhelm sites with tens of thousands of requests from different IPs all over the world, but with each bot only submitting a single request every 10 minutes or so, which can result in more than 5 million attempts per day. In these cases, many tools try to leverage volumetric detection, but automated bot attacks now have ways of circumventing triggers of volumetric detection.

One of the techniques for detecting these bot attacks is what's known as "signature-based systems" in which the software will attempt to detect patterns in the request packet. But attacks are constantly evolving, so this may not be a viable option when patterns can't be discerned from thousands of requests. There is also the behavioral approach to thwarting bots, which ultimately tries to distinguish bots from humans. By identifying non-human behavior and recognizing known bot behavior, this process can be applied at the user, browser, and network levels.

The most capable method of using software to combat against a virus has been to utilize honeypot software in order to convince the malware that a system is vulnerable. The malicious files are then analyzed using forensic software.

On 15 July 2014, the Subcommittee on Crime and Terrorism of the Committee on the Judiciary, United States Senate, held a hearing on the threats posed by botnets and the public and private efforts to disrupt and dismantle them.

Non-malicious use

Non-malicious botnets such as the ones part of BOINC are often used for Scientific purposes. For example, there is Rosetta@home, which aims to predict protein–protein docking and design new proteins; LHC@home, which aims to simulate various different experiments relating to the Large Hadron Collider; and Einstein@Home, which searches for signals from spinning neutron stars. These botnets are voluntary, allowing any user to "enlist" their computer into the botnet, and later take it out when they no longer want it in the botnet.

Tyrant

From Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/Tyrant 

King Jie of Xia holding a Ji polearm, representing oppression, and sitting on two ladies, symbolizing his abuse of power

 

Killing No Murder, cover page, 18th century reprint of 17th century English pamphlet written to inspire and make righteous the act of assassinating Oliver Cromwell.

A tyrant (from Ancient Greek τύραννος, tyrannos), in the modern English usage of the word, is an absolute ruler who is unrestrained by law, or one who has usurped a legitimate ruler's sovereignty. Often portrayed as cruel, tyrants may defend their positions by resorting to repressive means. The original Greek term meant an absolute sovereign who came to power without constitutional right, yet the word had a neutral connotation during the Archaic and early Classical periods. However, Greek philosopher Plato saw tyrannos as a negative word, and on account of the decisive influence of philosophy on politics, its negative connotations only increased, continuing into the Hellenistic period.

The philosophers Plato and Aristotle defined a tyrant as a person who rules without law, using extreme and cruel methods against both his own people and others. The Encyclopédie defined the term as a usurper of sovereign power who makes "his subjects the victims of his passions and unjust desires, which he substitutes for laws". In the late fifth and fourth centuries BC, a new kind of tyrant, one who had the support of the military, arose – specifically in Sicily.

One can apply accusations of tyranny to a variety of types of government:

• to government by one individual (in an autocracy)
• to government by a minority (in an oligarchy, tyranny of the minority)
• to government by a majority (in a democracy, tyranny of the majority)

Etymology

The English noun tyrant appears in Middle English use, via Old French, from the 1290s. The word derives from Latin tyrannus, meaning "illegitimate ruler", and this in turn from the Greek τύραννος tyrannos "monarch, ruler of a polis"; tyrannos in its turn has a Pre-Greek origin, perhaps from Lydian. The final -t arises in Old French by association with the present participles in -ant.

Definition

"The word 'tyranny' is used with many meanings, not only by the Greeks but throughout the tradition of the great books." The Oxford English Dictionary offers alternative definitions: a ruler, an illegitimate ruler (a usurper), an absolute ruler (despot), or an oppressive, unjust, or cruel ruler. The term is usually applied to vicious autocrats who rule their subjects by brutal methods. Oppression, injustice, and cruelty do not have standardized measurements or thresholds.

The Greeks defined both usurpers and those inheriting rule from usurpers as tyrants. Polybius (~150 B.C.) indicated that eventually, any one-man rule (monarchy/executive) governing form would become corrupted into a tyranny.

Old words are defined by their historical usage. Biblical quotations do not use the word tyrant, but express opinions very similar to those of the Greek philosophers, citing the wickedness, cruelty, and injustice of rulers.

• "Like a roaring lion or a charging bear is a wicked ruler over a poor people. A ruler who lacks understanding is a cruel oppressor, but one who hates unjust gain will enjoy a long life." Proverbs 28:15–16
• "By justice, a king gives stability to the land, but one who makes heavy extractions ruins it." Proverbs 29:4

The Greek philosophers stressed the quality of rule rather than legitimacy or absolutism. "Both Plato and Aristotle speak of the king as a good monarch and the tyrant as a bad one. Both say that monarchy, or rule by a single man, is royal when it is for the welfare of the ruled and tyrannical when it serves only the interest of the ruler. Both make lawlessness – either a violation of existing laws or government by personal fiat without settled laws – a mark of tyranny."

Enlightenment philosophers seemed to define tyranny by its associated characteristics.

• "The sovereign is called a tyrant who knows no laws but his caprice." Voltaire in a Philosophical Dictionary
• "Where Law ends Tyranny begins." Locke in Two Treatises of Government

Some authors consider that bad results are relative, and cite some tyrants as examples of such as authoritarian rule might be beneficial (for example Mustafa Kemal Atatürk of Turkey) or of limited lasting harm to the country (like Francisco Franco of Spain), however they are a very subjective assessment. Those who list or rank tyrants can provide definitions and criteria for comparison or acknowledge subjectivity. Comparative criteria may include checklists or body counts. Accounting for deaths in war is problematic – war can build empires or defend the populace – it also keeps winning tyrants in power.

Qin Shi-Huang Di is the first emperor of China. He united seven separate kingdoms into a single nation. He built the Great Wall and was buried with the terra-cotta soldiers. The Chinese have mixed feelings about him. They're proud of the nation he created, but he was a maniacal tyrant. —Gene Luen Yang

Oppressive leaders have held states together (Alexander the Great, Josip Broz Tito).

A modern tyrant might be objectively defined by proven violation of international criminal law such as crimes against humanity.

Edward Sexby's 1657 pamphlet, "Killing, No Murder", [https://www.yorku.ca/comninel/courses/3025pdf/Killing_Noe_Murder.pdf] outlined 14 key traits of a tyrant, as the pamphlet was written to inspire the assassination of Oliver Cromwell, and show in what circumstances an assassination might be considered honorable. The full document mulls over and references points on the matter from early pre-Christian history, up into the 17th century when the pamphlet was writ. Of the most prevailing traits of tyranny outlined, "Killing, No Murder" emphasizes:

1. Prior military leadership service -- tyrants are often former captains or generals, which allows them to assume a degree of honor, loyalty, and reputability regarding matters of state
2. Fraud over force -- most tyrants are likely to manipulate their way into supreme power than force it militarily
3. Defamation and/or disbanding of formerly respectable persons, intellectuals, or institutions, and the discouragement of refined thinking or public involvement in state affairs
4. Absence or minimalization of collective input, bargaining, or debate (assemblies, conferences, etc.)
5. Amplification of military activity for the purposes of public distraction, raising new levies, or opening future business pathways
6. Tit-for-tat symbiosis in domestic relations: e.g. finding religious ideas permissible insofar as they are useful and flattering of the tyrant; finding aristocrats or the nobility laudable & honorable insofar as they are compliant with the will of the tyrant or in service of the tyrant, etc.
7. Pretenses toward inspiration from God
8. Pretenses toward a love of God and religion
9. Grow or maintain publish impoverishment as a way of removing the efficacy of the people's will

[Original 1657 text: https://archive.org/details/killingnomurderb00sexbuoft/page/n3/mode/2up]

In Scotland, Samuel Rutherford's Lex Rex and Alexander Shields' A Hind Let Loose were influential works of theology written in opposition to tyranny.

Historical forms

Ancient Greek and Sicilian tyrants were influential opportunists that came to power by securing the support of different factions of a deme. The word tyrannos, possibly pre-Greek, Pelasgian or eastern in origin, then carried no ethical censure; it simply referred to anyone, good or bad, who obtained executive power in a polis by unconventional means. Support for the tyrants could come from fellow oligarchs, from the growing middle class or from the peasants who had no land or were in debt to the wealthy landowners.

The Greek tyrants stayed in power by using mercenary soldiers from outside of their respective city-state. To mock tyranny, Thales wrote that the strangest thing to see is "an aged tyrant" meaning that tyrants do not have the public support to survive for long.

Aesymnetes

An aesymnetes (plural aesymnetai) had similar scope of power to the tyrant, such as Pittacus of Mytilene (c. 640–568 BC), and was elected for life or for a specified period by a city-state in a time of crisis – the only difference being that the aesymnetes was a constitutional office and were comparable to the Roman dictator. Magistrates in some city-states were also called aesymnetai.

Populism

A sculptural pairing of Harmodius and Aristogeiton, who became known as the tyrannicides after they killed Hipparchus and were the preeminent symbol of Athenian democracy

Some Greek tyrants, when they seized power, represented themselves as championing under classes against aristocrats For instance, the popular imagination remembered Peisistratus for an episode – related by (pseudonymous) Aristotle, but possibly fictional – in which he exempted a farmer from taxation because of the particular barrenness of his plot.

Peisistratus' sons Hippias and Hipparchus, on the other hand, were not such able rulers, and when the disaffected aristocrats Harmodios and Aristogeiton slew Hipparchus, Hippias' rule quickly became oppressive, resulting in the expulsion of the Peisistratids in 510 BC, who resided henceforth in Persepolis as clients of the Persian Shahanshah (King of kings).

Archaic tyrants

One of the earliest known uses of the word tyrant (in Greek) was by the poet Archilochus, who lived three centuries before Plato, in reference to king Gyges of Lydia. The king's assumption of power was unconventional.

The heyday of the Archaic period tyrants came in the early 6th century BC, when Cleisthenes ruled Sicyon in the Peloponnesus and Polycrates ruled Samos. During this time, revolts overthrew many governments in the Aegean world. Chilon, the ambitious and capable ephor of Sparta, built a strong alliance amongst neighbouring states by making common cause with these groups seeking to oppose unpopular tyrannical rule. By intervening against the tyrants of Sicyon, Corinth and Athens, Sparta thus came to assume Hellenic leadership prior to the Persian invasions. Simultaneously Persia first started making inroads into Greece, and many tyrants sought Persian help against popular forces seeking to remove them.

Corinth

Corinth hosted one of the earliest of Greek tyrants. In Corinth, growing wealth from colonial enterprises, and the wider horizons brought about by the export of wine and oil, together with the new experiences of the Eastern Mediterranean brought back by returning mercenary hoplites employed overseas created a new environment. Conditions were right for Cypselus to overthrow the aristocratic power of the dominant but unpopular clan of Bacchiadae. Clan members were killed, executed, driven out or exiled in 657 BC. Corinth prospered economically under his rule, and Cypselus managed to rule without a bodyguard. When he then bequeathed his position to his son, Periander, the tyranny proved less secure, and Periander required a retinue of mercenary soldiers personally loyal to him.

Nevertheless, under Cypselus and Periander, Corinth extended and tightened her control over her colonial enterprises, and exports of Corinthian pottery flourished. However, tyrants seldom succeeded in establishing an untroubled line of succession. Periander threw his pregnant wife downstairs (killing her), burnt his concubines alive, exiled his son, warred with his father-in-law and attempted to castrate 300 sons of his perceived enemies. He retained his position. Periander's successor was less fortunate and was expelled. Afterward, Corinth was ruled by a lackluster oligarchy, and was eventually eclipsed by the rising fortunes of Athens and Sparta.

Athens

Athens hosted its tyrants late in the Archaic period. In Athens, the inhabitants first gave the title of tyrant to Peisistratos (a relative of Solon, the Athenian lawgiver) who succeeded in 546 BC, after two failed attempts, to install himself as tyrant. Supported by the prosperity of the peasantry and landowning interests of the plain, which was prospering from the rise of olive oil exports, as well as his clients from Marathon, he managed to achieve authoritarian power. Through an ambitious program of public works, which included fostering the state cult of Athena; encouraging the creation of festivals; supporting the Panathenaic Games in which prizes were jars of olive oil; and supporting the Dionysia (ultimately leading to the development of Athenian drama), Peisistratus managed to maintain his personal popularity.

He was followed by his sons, and with the subsequent growth of Athenian democracy, the title "tyrant" took on its familiar negative connotations. The murder of Peisistratus' son, the tyrant Hipparchus by Aristogeiton and Harmodios in Athens in 514 BC marked the beginning of the so-called "cult of the tyrannicides" (i.e., of killers of tyrants). Contempt for tyranny characterised this cult movement. Despite financial help from Persia, in 510 the Peisistratids were expelled by a combination of intrigue, exile and Spartan arms. The anti-tyrannical attitude became especially prevalent in Athens after 508 BC, when Cleisthenes reformed the political system so that it resembled demokratia. Hippias (Peisistratus' other son) offered to rule the Greeks on behalf of the Persians and provided military advice to the Persians against the Greeks.

The Thirty Tyrants whom the Spartans imposed on a defeated Attica in 404 BC would not be classified as tyrants in the usual sense and were in effect an oligarchy.

Sicilian tyrants

The best known Sicilian tyrants appeared long after the Archaic period. The tyrannies of Sicily came about due to similar causes, but here the threat of Carthaginian attack prolonged tyranny, facilitating the rise of military leaders with the people united behind them. Such Sicilian tyrants as Gelo, Hiero I, Hiero II, Dionysius the Elder, Dionysius the Younger, and Agathocles of Syracuse maintained lavish courts and became patrons of culture. The dangers threatening the lives of the Sicilian tyrants are highlighted in the moral tale of the "Sword of Damocles".

Later tyrants

Under the Macedonian hegemony in the 4th and 3rd century BC a new generation of tyrants rose in Greece, especially under the rule of king Antigonus II Gonatas, who installed his puppets in many cities of the Peloponnese. Examples were Cleon of Sicyon, Aristodemus of Megalopolis, Aristomachus I of Argos, Abantidas of Sicyon, Aristippus of Argos, Lydiadas of Megalopolis, Aristomachus II of Argos, and Xenon of Hermione.

Against these rulers, in 280 BC the democratic cities started to join forces in the Achaean League which was able to expand its influence even into Corinthia, Megaris, Argolis and Arcadia. From 251 BC under the leadership of Aratus of Sicyon, the Achaeans liberated many cities, in several cases by convincing the tyrants to step down, and when Aratus died in 213 BC, Hellas had been free of tyrants for more than 15 years. The last tyrant on the Greek mainland, Nabis of Sparta, was assassinated in 192 BC and after his death the Peloponnese was united as a confederation of stable democracies in the Achaean League.

See also: List of ancient Greek tyrants

Roman tyrants

Roman historians like Suetonius, Tacitus, Plutarch, and Josephus often spoke of "tyranny" in opposition to "liberty". Tyranny was associated with imperial rule and those rulers who usurped too much authority from the Roman Senate. Those who were advocates of "liberty" tended to be pro-Republic and pro-Senate. For instance, regarding Julius Caesar and his assassins, Suetonius wrote:

Therefore the plots which had previously been formed separately, often by groups of two or three, were united in a general conspiracy, since even the populace no longer were pleased with present conditions, but both secretly and openly rebelled at his tyranny and cried out for defenders of their liberty.

Citizens of the empire were circumspect in identifying tyrants. "...Cicero's head and hands [were] cut off and nailed to the rostrum of the Senate to remind everyone of the perils of speaking out against tyranny." There has since been a tendency to discuss tyranny in the abstract while limiting examples of tyrants to ancient Greek rulers. Philosophers have been more expressive than historians.

Josephus identified tyrants in Biblical history (in Antiquities of the Jews) including Nimrod, Moses, the Maccabees and Herod the Great. He also identified some later tyrants.

In the classics

Tyranny is considered an important subject, one of the "Great Ideas" of Western thought. The classics contain many references to tyranny and its causes, effects, methods, practitioners, alternatives... They consider tyranny from historical, religious, ethical, political and fictional perspectives. "If any point in political theory is indisputable, it would seem to be that tyranny is the worst corruption of government – a vicious misuse of power and a violent abuse of human beings who are subject to it." While this may represent a consensus position among the classics, it is not unanimous – Thomas Hobbes dissented, claiming no objective distinction, such as being vicious or virtuous, existed among monarchs. "They that are discontented under monarchy, call it tyranny; and they that are displeased with aristocracy, call it oligarchy: so also, they which find themselves grieved under a democracy, call it anarchy..."

The first part of Dante Alighieri's The Divine Comedy describes tyrants ("who laid hold on blood and plunder") in the seventh level of Hell, where they are submerged in boiling blood. These include Alexander the Great and Attila the Hun, and share the level with highway robbers.

Niccolò Machiavelli conflates all rule by a single person (whom he generally refers to as a "prince") with "tyranny", regardless of the legitimacy of that rule, in his Discourses on Livy. He also identifies liberty with republican regimes. Sometimes he calls leaders of republics "princes". He never uses the word in The Prince. He also does not share in the traditional view of tyranny, and in his Discourses he sometimes explicitly acts as an advisor to tyrants.

Ancient Greeks, as well as the Roman Republicans, became generally quite wary of many people seeking to implement a popular coup. Shakespeare portrays the struggle of one such anti-tyrannical Roman, Marcus Junius Brutus, in his play Julius Caesar.

In Gibbon's Decline and Fall of the Roman Empire, Volume I, Chapter III, Augustus was shown to assume the power of a tyrant while sharing power with the reformed senate. "After a decent resistance, the crafty tyrant submitted to the orders of the senate; and consented to receive the government of the provinces, and the general command of the Roman armies..." Emperors "humbly professed themselves the accountable ministers of the senate, whose supreme decrees they dictated and obeyed." The Roman Empire "may be defined as an absolute monarchy disguised by the forms of a commonwealth." Roman emperors were deified. Gibbons called emperors tyrants and their rule tyranny. His definitions in the chapter were related to the absolutism of power alone – not oppression, injustice or cruelty. He ignored the appearance of shared rule.

Enlightenment

François Gérard, The French people demanding destitution of the Tyran on 10 August 1792

In the Enlightenment, thinkers applied the word tyranny to the system of governance that had developed around aristocracy and monarchy. Specifically, John Locke as part of his argument against the "Divine Right of Kings" in his book Two Treatises of Government defines it this way: "Tyranny is the exercise of power beyond right, which nobody can have a right to; and this is making use of the power any one has in his hands, not for the good of those who are under it, but for his own private, separate advantage." Locke's concept of tyranny influenced the writers of subsequent generations who developed the concept of tyranny as counterpoint to ideas of human rights and democracy. Thomas Jefferson referred to the tyranny of King George III of Great Britain in the Declaration of Independence.

Lists of tyrants

Lists include:

• List of ancient Greek tyrants numbering several hundred plus those of Syracuse.
• List of tyrants of Syracuse numbering about 20.
• 100 throughout history, including 40 from the 20th century
• 13 20th century tyrants
• 30 tyrants of the late 20th century
• 20 tyrants of the early 21st century

There are also numerous book titles which identify tyrants by name or circumstances.

Among English rulers, several have been identified as tyrants by book title: John, King of England (who signed the Magna Carta), Henry VIII of England and Oliver Cromwell.

Methods of obtaining and retaining power

The path of a tyrant can appear easy and pleasant (for all but the aristocracy). A 20th-century historian said:

Hence the road to power in Greece commercial cities was simple: to attack the aristocracy, defend the poor, and come to an understanding with the middle classes. Arrived at power, the dictator abolished debts, or confiscated large estates, taxed the rich to finance public works, or otherwise redistributed the overconcentrated wealth; and while attaching the masses to himself through such measures, he secured the support of the business community by promoting trade with state coinage and commercial treaties, and by raising the social prestige of the bourgeoisie. Forced to depend upon popularity instead of hereditary power, the dictatorships for the most part kept out of war, supported religion, maintained order, promoted morality, favored the higher status of women, encouraged the arts, and lavished revenues upon the beautification of their cities. And they did all these things, in many cases, while preserving the forms of popular government, so that even under despotism the people learned the ways of liberty. When the dictatorship [of the tyrant] had served to destroy the aristocracy the people destroyed the dictatorship; and only a few changes were needed to make democracy of freemen a reality as well as a form.

Ancient Greek philosophers (who were aristocrats) were far more critical in reporting the methods of tyrants. The justification for ousting a tyrant was absent from the historian's description but was central to the philosophers.

Obtaining

In the Republic, Plato stated: "The people have always some champion whom they set over them and nurse into greatness. [...] This and no other is the root from which a tyrant springs; when he first appears he is a protector".

Tyrants either inherit the position from a previous ruler, rise up the ranks in the military/party or seize power as entrepreneurs. Early texts called only the entrepreneurs tyrants, distinguishing them from "bad kings". Such tyrants may act as renters, rather than owners, of the state.

The political methods of obtaining power were occasionally supplemented by theater or force. Peisistratus of Athens blamed self-inflicted wounds on enemies to justify a bodyguard which he used to seize power. He later appeared with a woman dressed as a goddess to suggest divine sanction of his rule. The third time he used mercenaries to seize and retain power.

Retaining

Lengthy recommendations of methods were made to tyrants by Aristotle (in Politics for example) and Niccolò Machiavelli (in The Prince). These are, in general, force and fraud. They include hiring bodyguards, stirring up wars to smother dissent, purges, assassinations, and unwarranted searches and seizures. Aristotle suggested an alternative means of retaining power – ruling justly.

The methods of tyrants to retain power include placating world opinion by staging rigged elections, using or threatening to use violence, and seeking popular support by appeals to patriotism and claims that conditions have improved.