---

In everyday life we don't usually need to take the law into our own hands. But even in civilized countries citizens can do so. For example in the United States, it's quite legal to defend one's own home even to the point of inflicting lethal force. Such force is allowed when there is no other recourse.

Applying the same concept to the Internet, it is commonly viewed that malware criminals, the phish con artists, the spam merchants, etc. are becoming even more prevalent than in the past and prospering even more from their illegal activities. I believe many folks have become frustrated with the lack of action on the part of authorities so feel justified in taking matters into their own hands. They believe there is no other recourse.

So what is CastleCops then? Certainly CastleCops is an oasis for travellers traversing the ever expanding desert we know as the Internet. Some just come to seek solace here. Many come to CastleCops to repair any damage done and venture back out into the wild hopefully having gained some wisdom from the experts who frequent CastleCops. Then there are the folks who volunteer their time to help others cope with the wild wild web. In fact they form the oasis known as CastleCops.

But some who frequent CastleCops want to do more than just grin and bear it. Some are satisfied with being able to report illegal and immoral activities. Others are willing to take more activist measures such as filling spam orders with garbage data. And a few are quite willing to entertain DoS attacks in retaliation.

Certainly the latter approach can be considered a vigilante activity, especially when coordinated with like-minded individuals. But should bothering spam merchants with fake orders be considered the be a vigilante activity? In my opinion, protesting illegal activities by activist actions, even to the point of depriving commercial gain, serves a democratic purpose.

Where the line is drawn is not a black and white issue. Certainly CastleCops is firmly against any form of DoS retaliation but hasn't discouraged activist activities. One aspect that might be considered is warning those considering activist actions about the potential risks and the need for extra protection from retaliation by the criminals.

Research and take down of illegal sites via the P/M/S/IRT services is a specific activist action that CastleCops is encouraging and facilitating. In fact by spearheading this public service, CastleCops has become widely recognized by law enforcement officials as highly credible and thus a solid source of forensic evidence. Vetting and training *IRT Handlers is a demanding task though; it's a lot of work and the Handler retention rate is low. And the retention rate is low because it's time-consuming to research even a single takedown. In fact the site owner is now devoting most of his time further developing the IRT service and personally taking down illegal sites.

In some respects the CastleCops forums are suffering because of the decreased attention in favour of IRT development. IMO, the single biggest challenge for CastleCops is scaling the current *IRT operations while retaining the familiar CastleCops forums oasis so many have come to rely on ... and which many of us now call home.

---