Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hack the Army, Brag About it, Get Raided

Posted by michael on from the stupid-is-as-stupid-does dept.

SunCrushr was one of many who submitted this. A security company called ForensicTec decided to explore the U.S. government's computer systems, with particular emphasis on the Army. They talked to the press and had their fifteen minutes of fame. And surprise surprise, they immediately got raided by the FBI. What did they expect?

8 of 382 comments (clear)

  1. Publicly breakly the law is dumb by mesocyclone · · Score: 4, Insightful

    even when what you are doing is reasonable!

    --

    The only good weather is bad weather.

    1. Re:Publicly breakly the law is dumb by RandomCoil · · Score: 4, Insightful
      so what about using MacroVision - disabling VCRs?
      how about speeding on highways?


      I think the obvious difference here is that when one uses Macrovision-disabling VCRs, one doesn't usually:
      a) Send the RIAA/MPAA an email letting them know
      b) Tell the press what an easy time you had doing it

      Likewise, when speeding on the highways, one doesn't usually give the local police a call to let them know.

      Furthermore, I don't know about you, but I expect the law to enforced consistently. You certainly don't want Al Qaeda claiming that knocking down the WTC and was just some proof-of-concept work they were doing to point out inadequacies of airport security in the US.
    2. Re:Publicly breakly the law is dumb by Copperhead · · Score: 5, Insightful
      Your analogy is wrong... Try this.

      You're walking down the street in front of the bank where you've got your accounts, and there is a "Closed" sign on the bank front door. You check the door, and it's unlocked, and all the lights are on. You open the door and walk in, and see that there is money laid out in piles, and the safe is open. You still don't see anyone, so you walk out the front door, and you call a press conference saying that the bank is unlocked.

      That is what happened.

      The silly part on their part was holding the press conference, not checking the door. In this analogy, I would have told the bank officials first. Then, I would have checked the door a few days later. If the door was still unlocked, then I would hold the press conference.

      --
      Your reality is lies and balderdash and I'm delighted to say that I have no grasp of it whatsoever. - Baron Munchausen
  2. Honestly, I'd have to say they were pretty dumb... by Qwerpafw · · Score: 4, Insightful
    See, first they point out that the Governement has flaws. Ooooh, criticising those in power... can be risky...

    Then they point out specific, make-people-lose-their-jobs flaws. The kind of thing congressmen would love to jump on in order to criticise incompetency. Do it on a widely-read medium. This pisses more people off.

    Then make very clear how you did specific illegal acts, giving those you just pissed off a great and simple way to get back at you.

    Why not just walk right into jail...? I mean, its like spitting in the face of a police officer who is holding a gun, insulting them, and then making a threatening move while simultaneously pulling out a joint and smoking it. You might as well hand them the rubber hose...

    Why taunt someone and then give them an excuse to hurt you? To gain acclaim? Fame? Real hackers are not out to get publicity, but rather to expose vulnerabilities and try to fix them.

    Whats this you say? You sympathise with the "security firm?" well, take this quote into account:
    The consultants, inexperienced but armed with free, widely available software, identified unprotected PCs and then roamed at will
    I dunno about you, but that would be my definition of script kiddie. Especially someone who then brags about it for publicity.
  3. Re:Shooting the messenger? by ergo98 · · Score: 4, Insightful

    Do you really think that these rather amateur (or so it seems) security consultants were the first to find these lapses in security? I highly doubt it. Perhaps it was beneficial that they were so public about it simply because it makes it a lot harder to ignore.

    And regarding the IT being busy doing other things: If they can't secure the network then they should _GET_OFF_THE_BLOODY_INTERNET_. I'm 100% serious. There are countless government computers and networks that are theoretically publicly accessible with absolutely no justifiable reason but that it was easier for the IT department.

  4. Re:What is wrong with you all? by brooks_talley · · Score: 5, Insightful

    You're right. It's not like breaking into someone's house, stealing their stuff, then telling them they need a new lock.

    It *is* like breaking into someone's house, going through their papers and files, then telling the local newspaper that this particular house has a crappy lock that's easy to break into.

    Can you justify that?

    As for whether "every" group that hates the US has already broken into Army computers, I wouldn't speculate on that. I would say, though, that these folks sure helped anyone who hasn't done so already pick an easy target. How patriotic, eh?

    Yes, it could have been worse. However, what they did was 1) illegal (isn't everything these days?), 2) stupid, and 3) amateur. You can almost always get away with one out of those three. Often with two out of the three. Go for three out of three, though, and you're going to see some trouble.

    -b

  5. Re:Honestly, I'd have to say they were pretty dumb by Planesdragon · · Score: 4, Insightful

    Well they gotta make a point. If the government can monitor our phone calls, internet emails, conversations, etc. then why can't we spy on the government to? Or does the governemnt thinks that its better than us and that it got more rights than us?

    The government is us. When you or I deal with the will of the people, we are not forced to do so by the whim of the crowd, but by the powers elected and appointed to speak for and act in the interests of the people.

    The government, as a nebulous nonpersonal entity, is a slave to every one of its citizens, and exists for no other purpose than for the well being of those it serves.

    The problem, of course, arises in that "the government" may be an inpersonal slave, but the people who run the government are very personal, flawed, human beings. It is these people who are put in power that are watched--and they're watched by other people in power who got put there different ways and across different levels, until we get back to the elected representatives and the voters en masse.

    If you take away the government's unique right to spy & investigate with legal warrant, documentation, and accountability, (see: the FBI getting smacked for lying to judges), then you're left with either an illicit society of secrets ("If no one can see me do it, then I can get away with it") or a distopian society of eternal spying.

    I would rather have some suit who's salary is paid for by my taxes spying on me than some random looney off the street.

    Oh--and you (assuming that you're an American citizen) CAN spy on the government. You just need to do it with a time delay. Ever hear of FOIL? The fourth branch of government? The @#$ing drudge report? (slashdot?)

  6. Close but not quite... by Scratch-O-Matic · · Score: 4, Insightful

    Although I suspect that we are on opposite sides of this issue, I do think that your analogy is mostly correct. But you need to add the fact that you sat down at several of the desks, opened the files, and read them for a few hours. Loan agreements, account records, etc.

    Prosecution is completely appropriate. Let's not forget that the "seriousness" of the actual offense should be reflected in the sentence, eg. a fine and a few weeks in jail rather than years in the slammer.

    --


    Evil is the money of root.