Slashdot Mirror
Anonymous Isn't Anonymous Anymore
An anonymous reader writes "Apparently some small security firm has been able to determine the real identities of several key Anonymous hackers which is resulting in a ton of arrests. From the article: 'An international investigation into cyber-activists who attacked businesses hostile to WikiLeaks is likely to yield arrests of senior members of the group after they left clues to their real identities on Facebook and in other electronic communications, it is claimed.'"
Seriously? Plurals are not denoted by apostrophes. Apostrophes are for possessives and contractions. 3rd grade stuff, that.
Yeah, if that isn't proof that the writer of this article doesn't know what the hell he's talking about, I don't know what is. There are no "senior members" of Anonymous. Someone could claim to be an oldfag, but that's about it. And a co-founder of Anonymous? REALLY? Where are they coming up with this horseshit? They caught some guys who were running a specific group, not "senior members" or "co-founders" of Anonymous.
"Anonymous" as a proper noun defies anonymity, so it's no real wonder that these people failed to cover their tracks.
Why is it that hackers can't resist toying with people or leaving riddles or boasting about their deeds on forums? This ALWAYS happens! The ones who don't get caught are the ones who just do things to do them and don't care about respect from others for their "legendary" accomplishments. The whole "I'm so cool, look at me!" hackers attitude isn't real compatible with staying 100% anonymous. I don't think this was pure carelessness in their case either because they're probably smarter than that. I think it's the same old hacker ego stroking that got them caught.
The weird thing is, this isn't what I'd have expected. The Anonymous hackers seemed like the type to just do what they do with complete security and privacy and keep quiet about it because what they did was politically and ethically motivated, not motivated by just their egos. But I guess some of them apparently couldn't resist posting links to other hackers to their Facebook profiles or something equally stupid.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
Anonymous is a concept, not a group. It is an intensional definition of a set, not the set extension.
So is Al Quaeda, Earth First! etc.
Some authorities tend not to get that.
Where are we going and why are we in a handbasket?
Any arrests seem unlikely to me, seeing how hard it would be to prove Facebook posts were really made by the people in question, and that they were unlikely to have done more than hint at involvement. It could only be taken a clue, not evidence.
Just because someone boasts they are part of Anonymous or claims responsibility for some act doesn't mean they were actually involved. The investigators will need to connect the dots via IP addresses, seizing and analyzing computers, etc. They won't be able to prove their case just because someone claims they spearheaded the attack on Mastercard.
Plus, I know they didn't get the right people because I'm the founder of Anonymous and I don't know any of those guys they mention in TFA.
"We make our world significant by the courage of our questions and by the depth of our answers." Carl Sagan
you suggesting tape of magnets?
thank God the internet isn't a human right.
Call me sceptical but I don't believe that any senior member of any group involved in any serious campaign is stupid enough to use Facebook and the like as a communication channel for sensible information regarding their operations. If we consider that this so called anonymous organization is supposed to be proficient with computers, networking and subversive campaigns then this allegation becomes even more unbelievable.
But hey, officials have to show that they work, and nothing like an attention-grabbing headline like this one to convey that image to the clueless masses.
Slashdot, fix your code or at least hire someone who is competent at it to do it for you.
Whole lot of issues the law had better be careful about, starting with whether attempting a DDoS attack should be considered a criminal offense. Is it so hard to tweak the Internet to make DDoS impossible? Seems like all that's needed is a bit of caching. Would the Slashdot Effect be criminal? Is repeatedly hitting F5 a felony?
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
Even a completely headless organization does have people who direct the masses. Even the simplest and most spontaneous mobs have their provocateurs - the 'leaders', so to speak. I'm thinking the media simply got all breathless about how they were labelled.
Also, technical skill is not uniformly high across the group (perhaps a ratio of 10k script kiddies for every 20 actual hackers, etc).
It wouldn't be unreasonable to have major organizers being caught (CnC and direction has to come from *somewhere*, after all), or perhaps (but less likely) catching the more technically-minded members.
Even if they didn't catch 'em all, taking out a large percentage of the technical leads* or Command/Control leads* would be sufficient to do some serious damage.
* note that I have zero idea what to actually call them, but the terms should suffice.
Quo usque tandem abutere, Nimbus, patientia nostra?
But maybe they take advantage of the angst and ego of those Script Kiddies, empowering them to be "real hackers" by doing the tough part and giving them the tools to carry out their operations. Who's to say there is even one "anonymous". Get a group of would be hackers together in secret, let them talk to one other member of a group claiming to be Anonymous, and BAM.. all of a sudden, they are part of Anonymous. It's just a word, a battle cry or flag at this point.
There are people out there with deliberate intentions and incentives to execute these attacks. They are just using the 4chan type to further their goals.
From TFA: "few hundred participants in operations, only about 30 are steadily active, with 10 people who "are the most senior and co-ordinate and manage most of the decisions"
That just about fits this type of hierarchy.
Outside of "terrorism" (if you can call this that), this system is employed time and time again.
1) Person or small group has Political/Economic Agenda that would not benefit Society as a whole, but needs to engineer support.
2) They get a few Champions that back a stance on a cause that is unrelated, but has a large number of supporters (immigration, abortion, same sex marriage, FREEDOM OF SPEECH). It's best when it's a black/white yes/no issue that has a population divided roughly 50/50. That way, the support group is large, but the opposition is as well. Without a viable opposition, you cannot rally together for a cause.
3) Wrap your own agenda into the priorities of this "front" clause. Bam. You've created an army fighting for something they don't care about.
Not sure what my point was here really. Just noticing a pattern. Though I would love to believe in the idea of true "freedom fighters" who genuinely feel they are protecting essential Liberties, I cannot help to think that there has to be a selfish person at the top of it all.
They did conduct some arrests ('ton' is a very subjective term in this context). The police can and does act without 'hard' proof while an investigation is conducted to either uncover hard proof, a confession, testimony, whatever or give up.
XML is like violence. If it doesn't solve the problem, use more.
"Why is it that hackers can't resist toying with people or leaving riddles or boasting about their deeds on forums?" - by ILuvRamen (1026668) on Sunday February 06, @12:56PM (#35119064)
It's because in reality, they are NOT "that good". I say that, because it's is EASY TO BE BOGUS, & destroy/hack, but much harder to make something that's actually useful and good... that's just a fact of life, & these "script kiddies" exemplify it.
Do I "knock them" for it?? Yes, & no: They produce 1 good thing in their antics & that's showing what needs to be secured/strengthened better... but, that's about it.
(I also agree with them on 1 account though: Giving J. Assange a hard time was a STUPID thing to do, by any parties who did so... the guy is doing what the presses do, and that's expose news... GOOD or BAD news!)
Still - they're just using tools others wrote to execute a DDoS/DoS, which doesn't take any brain power or effort really. That's NO "accomplishment".
APK
P.S.=> People, in my estimation at least, who have to "join a gang" or "team" to try to "be somebody"? They're WEAK, & can't "stand on their own", period... & that's what these people in "anonymous" exemplify (weakness)... apk
The problem is that anonymous are precisely the same as a totally different group called synonymous. The idea is that anonymous distract attention from synonymous who do the real work, which is identical to that of anonymous. There is currently a large UK secret service project dealing with the issues, codenamed antonymous.
Please consider this account deleted, I just can't be bothered with the spam anymore.
URGENT WARNING TO ALL ANONONYMOUS HACKTIVISTS:
Mr. Barr has successfully broken through our over 9000 proxy field and into our entirely non-public and secret insurgent IRC lair, where he then smashed through our fire labyrinth with vigor, collected all the gold rings on the way, opened a 50 silver key chest to find Anon’s legendary hackers on steroids password.
As Mr. Barr has discovered in spite of our best efforts, Anonymous was founded by Q last Thursday at the guilded Bilderberg Hotel after a tense meeting with one Morrowind mod collection, which itself includes the essential Morrowind Comes Alive 5.2 as well as several retexturing packs, all of which seem to lower one’s FPS unless one has also installed the latest Risc Architecture framework and thus obtained the killer refresh rate that is the right of all world citizens, except for noted heterosexual Tom Cruise.
In addition to the sudden disappearance of Anonymous leader Q, Anonymous co-founder Justin Bieber also disappeared just before his top-secret mission to Eritrea to offer physical succour to the rebels, suggesting that Mubarak is in our base, eating our Cheetos, likely with military support authorized by Hill Dawg. All of this comes at a low point for the Official Anonymous Organization, Inc. and its valued shareholders; several Anons had already lost their Fallout New Vegas saved games in the unwarranted and faggy raids perpetrated by the U.S. federales.
At this point, it is safe to assume that the underground server sites at the North Pole have been compromised as well. Back up all porn drives now, because the super secret P2P centralized distribution server of Backdoor Sluts 9 is presumed to be immediately threatened. Male Anons have been commanded to switch back to traditional tentacle porn while femanons, or “Rei Ayanami wannabes,” continue to be shared among the Echelon Nine Working Group that has since replaced Owen as sky marshall.
However, David Davidson (who might also be the legendary Ceiling Cat, as rumors have it) so far eludes custody, so all is not lost. Mr Davidson skyped the anonymous leaders from his hideout in Philadelphia to remind them that he was “Never gonna give them up, never gonna let them down”. Meanwhile, the board of directors remains little more than a gin-addled menagerie of puppets.
Despite these setbacks, the planned conference in Vienna is not slated for cancellation, although the buffet may be altered to include fewer Cheetos. The scheduled appearence of Boxxy is a subject of much contention within Anonymous ranks, being an event of considerably greater importance than the 4th return of Raptor Jesus, which itself is older than the internet.
We shall note in conclusion that we like the guy and want to believe him, but we still have to ask: Did Aaron Barr shave and murder Alexander Hamilton in 1993? We’re just asking questions here, people. At any rate, the Pink Horse prophecy will soon be fulfilled.
All Hail Xenu,
-Anonymous
As as been posted before, I'm sure these small security companies are also being hired to track down the people who were attacking WikiLeaks itself, right? Right?
anonymous is a movement. as such, it follows certain sociological rules. #1: in any movement, there is a small group of core fanatics, and a much larger group of one-offs and on-and-offs. same with wikipedia, or al qaeda, or drug gangs, or a whole set of other movements
now you could take out a portion of the core competency, and nothing will change. but if you tracked and profiled the core competency over time, and took them all out at once, you really would cripple the movement. yes, you would really cripple anonymous. that they are everyone and no one is mythology, not sociological fact. they are not the borg from start trek
however, since the "cause" of anonymous is so simplistic, others would quickly fill the void and anonymous would be back in action in no time. again, same with wikipedia or al qaeda or drug gangs, etc. but maybe not forever. if law enforcement keeps siphoning off the core fanatics, after 2,3,4x, anonymous will definitely be less influential. if you keep siphoning off the regular crop of persons who can do something with the idea of anonymous. law enforcement can profile, and cripple anonymous, by tracking its core competency, forever, and constantly hamstring it: the core fanatics of anonymous is a well that slowly refills over time. if law enforcement is constantly draining the well, anonymous as a potent force is permanently dimmed
the point is, you don't understand sociology, nor anonymous, if you don't understand that what anonymous is is primarily a core group of fanatics, with a much larger ring of sort-of-interesteds. remove the core, and you at least temporarily cripple the movment. continually remove the core as it tries to grow back, and you have permanently decimated the movement and weakened it to ineffectuality
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
"Apparently some small security firm has been able to determine the real identity's of several key Anonymous script kiddies which is r...
The game.
The US is operating a parallel operation, codenamed homonymous.
The point at which anyone is identified, they aren't anonymous. For the last time- anonymous is not a group, it is a quality- an adjective.
Yeah, and "Yahoo!" isn't a company but an expression of joy, "Apple" isn't a company but a fruit, and "/." isn't a web site but a way to name the root directory.
The Tao of math: The numbers you can count are not the real numbers.
No they are groups rallied around a concept.
You can't have a group without a concept but you can have a concept without a group as a concept can be grasped by a single individual.
In any case the authorities only really care about those that break the law/disrupt things so the concept is beside the point, a link only and nothing more.
How does one misspell the word "identities" and then also spell it again, correctly in the same paragraph?
i am pretty sure they took the mask for the idea, from V, not from the theocratic terrorist.
also, anonymous in this context is mostly a bunch of 4channers, the real group anonymous seems to have some better leadership.
Last time I joined in one of these threads, Rob Malda finished it a few comments later.
Police State UK - news and
>Person X does ddos... their public ip is in logs. >Small tech firm does a cat on the log file? >Gives IPs to feds? >feds goto court to get info from ISPs? wtf did this small tech firm do exactly? Why are the feds this incompetent?
Protip: Leave the name field blank!
Seriously though: How hard could it really be to track down someone on the internet?
0. Ask those sites attacked for IP addresses of the attackers. ...
1. Open the linux terminal
2. type: "host <ip-address-here>" and press [Enter]
3. Subpoena the ISP that the IP belongs to requesting the name & contact info of the customer who was allocated the IP at the time of the attack.
4.
5. Profit?
Eg; Using the IP of a visitor of my site...
host 69.150.185.133
133.185.150.69.in-addr.arpa domain name pointer adsl-69-150-185-133.dsl.hstntx.swbell.net.
Ah, that's a Southwestern Bell (AT&T Yahoo) DSL subscriber that hails from Houston, Texas.
GEOIP might even be more accurate.
WTF folks, this is a non-story. LOIC does not spoof IP addresses, therefore it should be trivial to discover who attacked.
IMHO, The real story here is that IP addresses are not being used to link online activities to people.
What if I say online: "Everyone Point your browsers at: www.mastercard.com" -- Am I now a DDOS perpetrator?
What if I write a program, say a Firefox plugin, that automatically reloads www.mastercard.com in a new tab, once a day?
What if that plugin updates the website to load from my website, but the USERS of the plugin opt to install the software and download the daily dot-com to reload.
What if the plugin is updated so that it refreshes several times a minute instead of once a day?
The point is: I did not install the plugin to the user's browser, THE USERS DID -- They are the real attackers, NOT ME.
Why are we holding the director, who did not even write the plugin, responsible?
They basically did the equivalent of creating a web page that says: "Target=www.mastercard.com"
What's next? Are we going to hold security researchers responsible for malware that uses their published exploits and/or proof of concept code? IMHO, If anyone should be arrested, it should be those that actually send syn floods to the websites -- It's not that hard to find out who the actual attackers are!
As long as "leading" a DDOS is as easy as tweeting: "LOIC_Target=example.com; Refresh=6sec", discovering the "leaders" and arresting them is not going to have any effect. IMHO, arresting everyone who participated would have little effect -- Anyone who says otherwise has never spent any time at 4chan or any other (lowercase a) anonymous forum.
In the end, it will turn out that the scineos created wikileaks knowing anonymous would attack and garner the attention of governments...
"Anonymous co-founder"? Has the writer of this article ever been on the internet before? Maybe someone should link him to Encyclopedia Dramatica so he can do some research before making himself look so uneducated about a topic he is writing about again.
Out of curiosity, how long would you put Starbucks, or Dominic's Pizza in jail for since they would show up as the owners of the free WIFI spot in Houston. I wouldn't even have to buy a coffee and you'd be putting tons of open router people in jail using your logic. How's that 4chan education treating you?
A little piece of me dies inside every time I read a news article that refers to Anonymous as a hacker group.
Carl Sagan quotes get you an automatic +5 on all posts.
Lets keep it going. My e-peen needs attention.
I am hardly new here, and I am well accustomed to the notion that the average /. reader has the attention span of a flea, but could we at least make some token attempt to stay on topic?
I'm fairly sure that most /. readers recognize the story as complete crap.
Every once in a while a story will be posted that makes me question whether I need to find a new news site.
Then what would you call a horse with three corns?
Don't go to bed with no price on your head
No... don't do it
Don't do the crime if you can't do the time
No... don't do it!
And keep your eye on the sparrow
When the going gets narrow!
#DeleteChrome
Well fed, if we're talking about corn the grain. In need of a doctor if you mean something else.
http://transformativeworks.org/
Damn it, uid envy
What if I say online: "Everyone Point your browsers at: www.mastercard.com" -- Am I now a DDOS perpetrator?
Probably yes. At least for conspiracy.
What if I write a program, say a Firefox plugin, that automatically reloads www.mastercard.com in a new tab, once a day?
Depends on why you do it. If you do it "to help increase world support for mastercard in the light of their terrible affliction" then no. If you do it to cause overload on their servers then yes. If you do it to help them but claim to be doing it to destroy them it's quite likely you will be unfairly and incorrectly arrested for damage.
What if that plugin updates the website to load from my website, but the USERS of the plugin opt to install the software and download the daily dot-com to reload. What if the plugin is updated so that it refreshes several times a minute instead of once a day?
Did you tell them to do it? Then you are in trouble. Even if it was just a hint and you get caught. Did someone else tell them to do it? Then that someone else is guilty.
What's next? Are we going to hold security researchers responsible for malware that uses their published exploits and/or proof of concept code?
Been tried. Mostly not done. Results may depend on jurisdiction and target.
discovering the "leaders" and arresting them is not going to have any effect. IMHO, arresting everyone who participated would have little effect -- Anyone who says otherwise has never spent any time at 4chan or any other (lowercase a) anonymous forum.
I think it will have an effect. At the very least, those who weren't caught will learn to be a little more careful next time.
=~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
I hear the Greeks have set up their own team and called it Hieronymus.
Over 10 years, and still not king of the hill?
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Bosh!
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Dumbest article ever, and if there is even a smidge of truth to it, dumbest script kiddies ever. I love the bit at the end
"Mr Barr also burrowed deep enough into a US military group and a US nuclear plant that he could trick workers there to click on web links that, if they had been malicious, could have installed spying software on their computers"
hahahahaha, too fucking right mr barr, you go get em! except wait.... thats complete bullshit.
Quick, lets hire Aaron Barr, he is the haxorz... I think he wrote this article!
sig loading.......
http://www.xkcd.com/834/
If I wanted to learn spelling I'd go talk with reporters and editors, not geeks. In an article about hacking, anonymity, wikileaks, and the law, you are talking about spelling???? For the first ten posts? Geez. Does anyone care about the problem of freedom of expression, censorship, anonymity, reporting of wrongdoing by international authorities? I'll be moving over to the Wikileaks forums I think.
Build your own energy sources from scratch. http://otherpower.com/
The point is, is there anonymity, or not? Anonymity is legal in the US, exactly for the use of activism and whistleblowing. So, where is it? Yes, these guys didn't know how to achieve it properly. Well, is anyone going to teach them? Or just keep letting them getting arrested and criticizing?
Build your own energy sources from scratch. http://otherpower.com/
Hi There! Thanks for playing!
This guy is trying to pin Anonymous as some traditional radical group. Anyone claiming to be the co-founder of Anonymous is lying and anyone can be "senor members" by simply saying they are. No one wants to be a newfag.
Author should actually do their research on what anonymous really is. This sounds like like that one Fox News cover story on Anonymous. Damn those pesky hackers on steroids!
Now behave children.....
(Forgot to login....oldage--)
Ha, that's some quality research.
I'll bet they made the arrests in less than twelve parsecs, too.
The media doesn't like it when they can't put people into labeled boxes.That is why Anonymous is so often misreported on. Anonymous isn't a group, it's a mindset. It's a bunch of people who think the same about a certain issue and decide to do something about it.
When Anonymous protested Scientology, I was a part of Anonymous. When Anonymous decided to send cards and flowers from all over the world to some veteran who was having a birthday, I was part of Anonymous. When Anonymous decided to track down a soldier that threw a puppy off a bridge, I was part of Anonymous.
It's not like you have to register somewhere, you just have to share the same mindset. Sometimes people do things that I disagree with, then I'm not part of that.
That said, there is no group, no leaders, no official press releases, no contribution, no clubhouse. It's a state of mind and sometimes I agree with a lot of like minded people.
Just for completeness sake, if the press is going to read this statement out of context, then please report that I'm the Grand Czar of Anonymous. I could use some more honorifics on my resume. :)
and that firm and the arrests have created even more activists to take the others' place, not to mention probably bringing the matter into the interest range of more serious and rebel segments of the internet. i would like to see those people deal with the latter type that they are slowly irritating.
Read radical news here
Now behave children..... (Forgot to login....oldage--)
Well! If anyone here has earned the appellation "oldfag" you certainly qualify. 111 ... I'm impressed.
The higher the technology, the sharper that two-edged sword.
What if I say online: "Everyone Point your browsers at: www.mastercard.com" -- Am I now a DDOS perpetrator?
Probably yes. At least for conspiracy.
Well, I just did -- Conspiracy to do what?
I think the Slashdot effect is more powerful than many of the LOIC attacks -- Slashdot posts links to websites; In essence this is exactly saying, "point your browser at: example.com". Surely you don't mean that when example.com goes down due to a slashdot article link all of us visitors are breaking the law? How do you distinguish a traffic from a Slashdot visitor repeatedly clicking an article link that points to a downed website from LOIC attack traffic that may be occurring at the same time? You don't.
What if I write a program, say a Firefox plugin, that automatically reloads www.mastercard.com in a new tab, once a day?
Depends on why you do it. If you do it "to help increase world support for mastercard in the light of their terrible affliction" then no. If you do it to cause overload on their servers then yes. If you do it to help them but claim to be doing it to destroy them it's quite likely you will be unfairly and incorrectly arrested for damage.
What if I do it for no reason at all? Can you really prove that such a plugin has a purpose other than to open a tab and reload it? Users could use the tool to tell when a website came back online after being slashdotted...
What if I do it so that people can run a traffic test on their own websites? This is what LOIC was designed to do... Guns designed to hunt ducks can be used on other objects -- It's not the gun maker's fault when a person is killed by firearms. It's not the security researcher's fault when someone takes their tools and uses them to cause harm. It's not Slashdot's fault that a website has insufficient bandwidth to support the visitor flood a frontpage article causes. It's not the creator of the LOIC tool's fault that it was used to DDOS someone.
What if that plugin updates the website to load from my website, but the USERS of the plugin opt to install the software and download the daily dot-com to reload.
What if the plugin is updated so that it refreshes several times a minute instead of once a day?
Did you tell them to do it? Then you are in trouble. Even if it was just a hint and you get caught. Did someone else tell them to do it? Then that someone else is guilty.
Reformat you hard drive, then run over pedestrians with your car.
There, now go do that and try to sue me for damaging your hard drive or injuring people with your car; You are responsible for your own actions. I won't be held liable -- Hint: the RIAA doesn't lose money when people use "The Music Made Me Do It" defence...
What's next? Are we going to hold security researchers responsible for malware that uses their published exploits and/or proof of concept code?
Been tried. Mostly not done. Results may depend on jurisdiction and target.
[citation needed]
Uhhm, excuse me, Many (and I do mean MANY) security research companies are currently submitting exploits to Microsoft. Some are even publishing before MS has fixed the exploits -- I remember a Google employee discovering and publishing MS flaws -- Jail? Nope.
discovering the "leaders" and arresting them is not going to have any effect. IMHO, arresting everyone who participated would have little effect -- Anyone who says otherwise has never spent any time at 4chan or any other (lowercase a) anonymous forum.
I think it will have an effect. At the very least, those who weren't caught will learn to be a little more careful next time.
ROFLMAO!
Seriously now, did you not just read that? Please enlighten me, how much time have you spent browsing 4chan? (You can't be serious!) You clearly have no clue as to the sort of people we're dealing with.
while the leadership does change frequently and the members fluctuate there are certainly Key people who organize and send the commands to LoiC in anon. Also remember the Anon of this doesn't equal the anon of /b on 4chan. 2 very seperate entities(4chan's userbase leaning more towards IHM than the Current political endeavors of Anon).
And for you newblet, a few words of wisdom, It is better to keep one's mouth shut and be thought a fool than to open it and remove any doubt. I made that up btw.
Just from what I have read about the IRA - you will get caught - you will not want to go back to prision - you will organise/encourage other people to get caught in their turn.
So I guess it is up to everyone to improve freedom fighting/hacking tools so the reckless young can have more of an impact. At least it gets us better jobs in the security forces in fact we should encouage them / run agents etc:)
Be Free: Free Software Tuition
Don't forget the magnesium ribbon and blowtorch to light it and get thr reaction going...
Yes, and when you put in the new drive and install your operating system, be sure to set your system clock back a couple of years first. Judges don't much like it when they find out that people accused of a crime erase all the evidence.
The higher the technology, the sharper that two-edged sword.
....or am I???
Let's see ... your name is Fred Perkins, husband to Patricia Perkins, your IP is 66.95.43.221, and you live at 443 W. McPherson St., Los Angeles, CA. Says here you live on the third floor, and you have a Cheshire cat named Bilbo.
The higher the technology, the sharper that two-edged sword.
At the bottom of the /. screen for this story there is this line:
In Seattle, Washington, it is illegal to carry a concealed weapon that is over six feet in length.
- only now I realize that I have been in violation of that law for the most of my life!
Which means you're either a martial arts expert of above-average height ... or you're very generously endowned.
I don't really care to know which.
The higher the technology, the sharper that two-edged sword.
New members come in all the time, old members they leave one way or another.
I don't think there are very many ways at all that old members leave such an organization.
The higher the technology, the sharper that two-edged sword.
Just hope they don't get it mixed up with acronymous.
(all those who, for some stupid reason, just lurked for the first few early years are now weeping, huddled in the corner)
One that hath name thou can not otter
I think it will have an effect. At the very least, those who weren't caught will learn to be a little more careful next time.
I agree. Evolution in action. And, if what they're doing is anything more to them than a lark, the tools they use will evolve to be less traceable, in much the same way the P2P has become harder to track (not impossible, but the bar has been raised.) If the Feds aren't very careful here, they may find themselves creating a true movement where there was none before.
The higher the technology, the sharper that two-edged sword.
He was ultimately caught because doing all the thing it took to avoid being caught ground him down and he made a mistake.
"When a place gets crowded enough to require ID's, social collapse is not far away. It is time to go elsewhere. The best thing about space travel is that it made it possible to go elsewhere." -- Lazarus Long
The higher the technology, the sharper that two-edged sword.
Yes but even 4chan wouldn't be so ignorant as to not know V's mask is a Guy Fawkes mask. At least, I assume they can google.
Man who leaps off cliff jumps to conclusion.
I don't think this specific breed of "Anonymous" refers to your average 4chan user, it is an organized group based on top of that. And your average 4channer doesn't like to be associated with these Guy Fawke's mask wearing morons.
Anonymous is a concept, not a group. It is an intensional definition of a set, not the set extension.
All the people who carried out the specific actions in the name of Anonymous are obviously a group, they didn't all coincidentally individually attack the same target at the same time through the same method, it was an organised attack.
Before I start; you are making the fundamental technical person's standard mistake of thinking that law deals with actions rather than intent. It's a very different way of thinking and really matters
What if I say online: "Everyone Point your browsers at: www.mastercard.com" -- Am I now a DDOS perpetrator?
Probably yes. At least for conspiracy.
Well, I just did -- Conspiracy to do what?
Conspiracy to deliberately overload the site.
I think the Slashdot effect is more powerful than many of the LOIC attacks -- Slashdot posts links to websites; In essence this is exactly saying, "point your browser at: example.com". Surely you don't mean that when example.com goes down due to a slashdot article link all of us visitors are breaking the law? How do you distinguish a traffic from a Slashdot visitor repeatedly clicking an article link that points to a downed website from LOIC attack traffic that may be occurring at the same time? You don't.
Check if someone posted a link on Slashdot. If not it wasn't related. Contact, randomly, a sample of the people who just visited the page. Ask them why they did it. 90% will just tell you in anything approaching a police interview. Once you have the main group pointing towards one web site, examine that site. Do most people post there to cause problems or for a good reason? Was there an alternative explanation for the posting? Raid the guy who posted the link and some of his friends. Did they discuss doing damage to mastercard or not? If so, you have your case. If not, use the drugs you will find in at least one guys house to get him to confess it was done deliberately. Use that confession to get a warrant on the poster. Start spying on him. Try to get him on tape saying he did it. Etc. etc.
N.B. If you post a link to Slashdot because you want to take down someone's site, that is a DoS attack. If you make the exact same posting because you want to advertise their service, that is a friendly act!
What if I do it for no reason at all? Can you really prove that such a plugin has a purpose other than to open a tab and reload it?
The phrase you really want here is "prove beyond reasonable doubt" and in fact that means "persuade a jury to accept voting for your guilt if I tell them it has to be beyond reasonable doubt". The first answer is, after this slashdot posting, it will be dead easy.
What if I do it so that people can run a traffic test on their own websites? This is what LOIC was designed to do... Guns designed to hunt ducks can be used on other objects -- It's not the gun maker's fault when a person is killed by firearms. It's not the security researcher's fault when someone takes their tools and uses them to cause harm. It's not Slashdot's fault that a website has insufficient bandwidth to support the visitor flood a frontpage article causes. It's not the creator of the LOIC tool's fault that it was used to DDOS someone.
These are all examples of "plausible deniability". This is a good strategy for getting away with things, but it's not nearly as good as most people think. Most of the time, people claim they did things for one reason and somehow or other it's shown that that wasn't true. E.g. you say "I did it because I love the mastercard corporation and want to see that their website is up all the time", all it takes is an ex-girlfriend who remembers some rant you gave about the evils of the company and you will be completely screwed. It is true, however, that even Richard Nixon managed to avoid impeachment by using this strategy.
Reformat you hard drive, then run over pedestrians with your car.
There, now go do that and try to sue me for damaging your har
=~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
To say it's not an organized group is either denial or not knowing what an organization is. Disorganized groups can't coordinate anything. If you can coordinate a night at the movies with three people, you have a three member organized group, with common objectives and interest of entertainment. Decentralized organization, loosely organized group, nameless and with shifting leadership, even a small and pointless group, whatever it is, but organized in some fashion nevertheless. Truly anonymous, in fact, if they coordinate any action, would mean a secret organization.
Build your own energy sources from scratch. http://otherpower.com/
And not only did they execute coordinated attacks but they even managed to *cancel* a coordinated attack, you can't do that without *some sort* of organizational structure.
To put it another way, everyone is a member and perhaps organizer in several organizations. A family, company, social sphere, bank, school, neighborhood, opinion group, social class, club. Except for insane or radical loner people, almost everyone is inside at least one "organization".
Build your own energy sources from scratch. http://otherpower.com/
The first rule of Anonymous club is......
Rules 1 and 2 kiddies. If they got caught bragging on Facebook, well, they broke the rules, and they deserve to get caught. Anyway, who uses a real facebook identity these days anyway?
Before I start; you are making the fundamental technical person's standard mistake of thinking that law deals with actions rather than intent. It's a very different way of thinking and really matters
The original intent of my post was to illuminate the fact that the law doesn't understand technology. I ask are each of these things illegal? You assume intent.
What if I say online: "Everyone Point your browsers at: www.mastercard.com" -- Am I now a DDOS perpetrator?
Probably yes. At least for conspiracy.
No. That statement alone does not make me a DDOS perpetrator. You are assuming intent when you say "probably yes". In conjunction with all of the following actions, you may attempt to prove implied intent, but not before. Much as I do not expect you to run over people in your car based on my words, I also do not expect everyone to visit the above domain... Ergo, you have made two conflicting statements. Either stating "Everyone visit example.com" does or doesn't, by itself, make me guilty of executing a DDOS. The correct answer, which you arrived at later, was that it depends on intent and contex.
What if I write a program, say a Firefox plugin, that automatically reloads www.mastercard.com in a new tab, once a day?
What if that plugin updates the website to load from my website, but the USERS of the plugin opt to install the software and download the daily dot-com to reload.
What if the plugin is updated so that it refreshes several times a minute instead of once a day?
Each step taken gets us closer to having a tool that could be used for a DDOS, it may have many other uses as well.
I would argue that even given all of the above, mass distribution of the tool would be needed in order to execute a DDOS. Simply having such a tool created does not actually cause a DDOS or demonstrate intent to do so.
LOIC lets you specify hit frequency as well as domain -- Only with intent to use the tool as a DDOS tool is the line crossed. I suppose that the config of the tool could also be aimed at a site without the intent or expectation that anyone will actually partake in a DDOS attack.
Should creating such a tool cause the creator to be as guilty as those performing illegal acts with the tool? You reply: It probably is. Being illegal already doesn't mean something should remain so, or that the current laws are just. Ask a professional skilled in the technical arts if they believe tools such as these should be illegal to create or posses. Why are the answers of skilled professionals frequently at odds with judges and jurors? The answer can only be that the judges and jurors don't fully grasp the concept -- Frequently the tool is banned when instead only the actions of those that used the tool, and their intent to do harm while performing the acts should be illegal.
You and I realise that creating these tools is like owning a tamper-proof-screwdriver, or a pistol -- Illegal Actions performed with malicious intent can be done with many tools; Creating the tools themselves should not illegal, yet some courts have found otherwise. The legal system does not understand technology -- this was what I was focusing on in my original post.
"IMHO, The real story here is that IP addresses are not being used to link online activities to people."
Preceding this statement: Technical examples of how simple it is to prosecute the ACTUAL attackers, using actual evidence.
Following the above statement: Over simplistic breakdown and comparison of basic tech-tools to guns.
Now, what I'm illustrating is that it's simple to find "perps" because their "DDOS weapons" left a paper trail. Those hard facts can lead to actual participators in the DDOS attack. It can be proven with a fair degree of certainty that those who opted to run the LOIC software intended to participate in a DDOS attack.
The LOIC
I stop reading articles when I reach the first use of the word (or prefix) "cyber". I made it five words into the linked article. Federal government related articles are the worst. Or maybe only? Who outside of the Feds and organizations working for the feds, uses "cyber"? I need to figure out what the approximate vernacular lag.
you'd need something to start it off, like magnesium powder.
Not sure termite would be that good, you'd still have bits of drive left.
probably better to go with a big magnet!
thank God the internet isn't a human right.
Seriously? How many times is the media going to call Anonymous a group? Calling Anonymous a group is like calling all customers of a certain shopping centre or clothing brand a group. For the last time, they do not have leaders. Anyone who thinks otherwise is a fool. They do not have "senior members". Can we all stop referring to them as any sort of organised group? Anyone can go by the name Anonymous. Anyone can participate in their raids. Anyone can start their own raid; it is just a question of whether other people who decide they are part of Anonymous decide to participate. Hell, even if you did start the idea of a raid as Anonymous, you do not become a senior member; you do not get any credit; you are just Anonymous. You can be a member of Anonymous one day, and not the next. Hopefully more people might start understanding this, and finally stop referring to Anonymous as an organised group with "leaders". The sooner we do that, the sooner we can all realise what makes Anonymous tick.
Hand-carved from meteorites by the Elders...
Surprise, surprise... the person who wrote the summary didn't read the article.
Nobody was arrested and likely nobody will be arrested because the security firm won't release their data to the authorities. The security firm did their digging using fake Facebook accounts and other methods that would make it difficult for authorities to be legally be allowed to use the info in court.
And apparently, all you need to do to be considered a senior member is to mouth off on Facebook.
~Syberz
It all depends how you go about being anonymous, I could show you how to really be anonymous, but then I would have to use all sorts of tricks that would take a lot of special tricks and time, I guess maybe these amateurish script kiddies had none, and went for broke thinking that international laws (or lack of) would be in their favor...
Triatomos.
I can see the fnords!
I guess /b/'s not safe anymore.
Has anyone bothered reading the linked story? Sounds like pure bullshit to me. Obviously made up to keep the more gullible script-kiddies from causing trouble during Assange's trial in London.
Oh, the beautiful gloss of greality!
we have tons of hackers doing real damage all day every day who barely get noticed or caught. why is our government putting so much energy into getting these activists?