Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anonymous Isn't Anonymous Anymore

Posted by samzenpus on from the pay-no-attention-to-the-man-behind-the-curtain dept.

An anonymous reader writes "Apparently some small security firm has been able to determine the real identities of several key Anonymous hackers which is resulting in a ton of arrests. From the article: 'An international investigation into cyber-activists who attacked businesses hostile to WikiLeaks is likely to yield arrests of senior members of the group after they left clues to their real identities on Facebook and in other electronic communications, it is claimed.'"

2 of 407 comments (clear)

  1. It's about time those namefags stopped trollin /b/ by VortexCortex · · Score: 1, Redundant

    Protip: Leave the name field blank!

    Seriously though: How hard could it really be to track down someone on the internet?

    0. Ask those sites attacked for IP addresses of the attackers.
    1. Open the linux terminal
    2. type: "host <ip-address-here>" and press [Enter]
    3. Subpoena the ISP that the IP belongs to requesting the name & contact info of the customer who was allocated the IP at the time of the attack.
    4. ...
    5. Profit?

    Eg; Using the IP of a visitor of my site...

    host 69.150.185.133

    133.185.150.69.in-addr.arpa domain name pointer adsl-69-150-185-133.dsl.hstntx.swbell.net.
     

    Ah, that's a Southwestern Bell (AT&T Yahoo) DSL subscriber that hails from Houston, Texas.
    GEOIP might even be more accurate.

    WTF folks, this is a non-story. LOIC does not spoof IP addresses, therefore it should be trivial to discover who attacked.

    IMHO, The real story here is that IP addresses are not being used to link online activities to people.

    What if I say online: "Everyone Point your browsers at: www.mastercard.com" -- Am I now a DDOS perpetrator?
    What if I write a program, say a Firefox plugin, that automatically reloads www.mastercard.com in a new tab, once a day?
    What if that plugin updates the website to load from my website, but the USERS of the plugin opt to install the software and download the daily dot-com to reload.
    What if the plugin is updated so that it refreshes several times a minute instead of once a day?

    The point is: I did not install the plugin to the user's browser, THE USERS DID -- They are the real attackers, NOT ME.
    Why are we holding the director, who did not even write the plugin, responsible?
    They basically did the equivalent of creating a web page that says: "Target=www.mastercard.com"

    What's next? Are we going to hold security researchers responsible for malware that uses their published exploits and/or proof of concept code? IMHO, If anyone should be arrested, it should be those that actually send syn floods to the websites -- It's not that hard to find out who the actual attackers are!

    As long as "leading" a DDOS is as easy as tweeting: "LOIC_Target=example.com; Refresh=6sec", discovering the "leaders" and arresting them is not going to have any effect. IMHO, arresting everyone who participated would have little effect -- Anyone who says otherwise has never spent any time at 4chan or any other (lowercase a) anonymous forum.

  2. Re: UID dick-waving by Anonymous Coward · · Score: 0, Redundant

    Wow, only on slashdot would there be an e-peen waving contest to see whose is smallest.