HBGary Federal Hacked By Anonymous

An anonymous reader writes "As the coin was tossed to kick off Superbowl XLV, Anonymous unleashed their anger at a security firm who had been investigating their membership. HBGary Federal had been working on unmasking their identities in cooperation with an FBI investigation into the attacks against companies who were cutting off WikiLeaks access and financing. Unlike the DDoS attacks for which Anonymous has made headlines in recent months, this incident involved true hacking skills."

hack

And by true hacking, we mean true cracking.

Re:hack

And by true cracking, we mean true felony raps. Enjoy life in prison idiots.

Re:hack

[93+Escort+Wagon]

And by true hacking, we mean true cracking.

Languages are fluid, and you can't prevent it from happening. You've already lost this battle.

Re:hack

[Myopic]

Agreed. In fact, this battle was lost before it began. The world had settled on the word "hacker" before the word "cracker" was invented. Plus, "cracker" is a racial slur. There's even a damn movie called "Hackers". It's long since time to let it go.

Re:hack

[poetmatt]

if this is hacking, then what are we going to call blackhats?

Re:hack

[haderytn]

We should call them...blackhats.

Re:hack

[Ferzerp]

Well, keep in mind that it is about the least effective racial slur ever invented. I don't know of anyone who when called a cracker wouldn't just laugh.

Re:hack

[GameboyRMH]

Plus it's misleading to separate the two. It's like saying that shooting beer cans off a fence is shooting, while shooting another person is not shooting, but murdering. You can understand why the beer can plinkers don't want to be associated with the gangbangers, but coming up with a "new, stronger word" for shooting people is just intellectually dishonest.

Re:hack

[multisync]

And by true hacking, we mean true cracking.

And by "cracking," we mean "social engineering":

According to information from krebsonsecurity.com it appears HBGary was victimized by a combination of social engineering and a shared password between systems.

The company was done in by its own lax security, which is kind of funny, considering it purports to be a "security firm."

Re:hack

[wisty]

Hacker is a shibboleth, like spelling perl in lower case (as opposed to PERL). It lets people know that you are hip to the lingo of hackers.

I'm not sure what blackhats use.

Anyway, there's a subsection on wikipedia specifically on computer related shibboleths [1], and "hacker definition controversy" gets its own bloody article [2].

I'm pretty sure everyone on Slashdot knows, and they just leave it in there to generate meaningless discussions. That's half the point of slashdot.

[1] http://en.wikipedia.org/wiki/List_of_shibboleths#Shibboleths_in_computer_security
[2] http://en.wikipedia.org/wiki/Hacker_definition_controversy

Re:hack

[I8TheWorm]

If this is real, it was really social engineering.

Re:hack

[fahlesr1]

Wait, what? Shooting another person is murdering*! Sure in both cases shooting a gun took place, but the term murder can definitely be applied to the human shooting and not to the beer can shooting. Calling a shooting of another person a murder is not misleading at all, if anything its more accurate than calling it a shooting as its more specific.

Methinks you need to find another example to prove your point.

*At least if the victim dies, not all shootings are fatal, thank God.

Re:hack

[pknoll]

It's like saying that shooting beer cans off a fence is shooting

Actually there happens to be an applicable word for that - it's called "plinking".

Your point is a good one, though. The fight to keep the meaning of the word "hacker" pure is lost, and has been for some time. I think, though, that given context and knowledge of who's using the word about whom, we'll still be able to use it the way we always have ("Put a 3.2 GHz Phenom into your Linksys router? What a hack!") and let the rest of humanity use it however they will.

Re:hack

[GameboyRMH]

I agree with what you said, but in my example I used the comparison of calling shooting another person NOT shooting, but murdering. It is actually both of course.

Re:hack

[Jeremiah+Cornelius]

Joke 'em, if they can't take a fuck.

Re:hack

[Jeremiah+Cornelius]

Only some of 'em are crackers - but they all be peckerwoods.

Re:hack

[Entropius]

What's "peckerwood" refer to? I've only heard it as a humorous transposition of "woodpecker".

Re:hack

[spamking]

Peckerwood (or simply Wood) is a racial slur 19th century southern African Americans used to describe poor whites. http://en.wikipedia.org/wiki/Peckerwood

Re:hack

[fre1]

How is your definition of a cracker

(White, responsible, hard working individual who can speak).

and not

(White, poping out kids for the welfare check, gang banging, lazy, given almost nothing to the world pieces of shit.).

You so crazay

Re:hack

Because the latter is already called "white trash". Although to avoid being racist they should in fact simply be called "niggers", as the skin colour of the individual should rightly have no relevance on the meaning of that word.

Because obviously the right thing to do when a "responsible, hard working individual who can speak" notices a "poping (sic) out kids for the welfare check, gang banging, lazy, given almost nothing to the world piece of shit", the appropriate thing to do is to offer him a $20 because you had the luck to be so much better off than him, or perhaps to be nice and politely ignore him - certainly not actually make mention of the fact that he's a "poping (sic) out kids for the welfare check, gang banging, lazy, given almost nothing to the world piece of shit".

Of course, niggers would never dream that the true reason the responsible, hard-working individuals look down on them is not because they're black, but is actually because they're "poping (sic) out kids for the welfare check, gang banging, lazy, given almost nothing to the world pieces of shit". That would ruin their whole victim-of-circumstances paradigm and imply that they were somewhat responsible for their situation. They're too steeped in racism for that. I'm a racist, you're a racist, everyone's a racist, that's why their lives are so worthless, they got no fair chance at it - so why shouldn't they be racist too? And of course they needed a racial slur to retaliate with, so they came up with the word "cracker". But all it really means is "white guy who's more successful than I am".

Re:hack

[Securityemo]

Blackhats use the mainstream "hacker" and "hack", from what I've seen. Most seem to use the word for both "creative software developers" and "creative software smashers" equally.

Re:hack

[Yvanhoe]

We lost a battle but not the war. Now hackerspaces are becoming more and more common and people begin to understand what it is about.

Re:hack

[oliverthered]

more colloquial, and you can't prevent it from happening..

Re:hack

[Golddess]

As I understand it, "cracker" comes from the cracking of a whip by a slave owner. So everything else in GP's racist post aside, since a slave owner would most certainly be a responsible and hard-working white male (if you're managing slaves I'd imagine you'd have to be responsible and hard working, though not as much as the slaves themselves), I think GP's definition of cracker fits the origin better than yours does.

Re:hack

[Talderas]

Shooting someone does not always mean a murder has occurred. Many people have been shoot and the shooter never charged with murder. Murder requires the person being shot to die.

Re:hack

[juletre]

Languages are fluid, and you can't prevent it from happening. You've already lost this battle.

Are you saying he will loose this one?

That's right. loose.

Re:hack

[skids]

"blackers"? Oh wait. That's as racially loaded as "crackers." Damn.

Re:hack

[operagost]

It's all you can do when you're on the losing side of political correctness.

Re:hack

[HornWumpus]

Murder is the illegal, deliberate killing of a person.

There are lots of ways to shoot someone without murdering them.

Obviously you can just wound them, or you could shoot and kill them legally (self defense etc).

Murder is also not gun specific.

Re:hack

[VortexCortex]

A clever hack, much like any tool, can be used for good or evil.
A hacker creates hacks by hacking.
A cracker uses hacks to crack secure systems.

"I've managed to hack together a solution...."
"I've created a screen saver bypass hack by exploiting thumbnail previews and USB auto-open."
"I used that screen saver hack to crack my kid's screensaver-password prompt."
"Those pesky hackers cracked the Blu-Ray encryption again!"

Re:hack

[catmistake]

And by true hacking, we mean true cracking.

Languages are fluid, and you can't prevent it from happening. You've already lost this battle.

Our ability as speakers of this language to effectively communicate with each other and the future speakers of this language is under siege by malapropisms. "Hacker," and words, are not been redefined by misuse or use in overbroad applications.

Re:hack

[catmistake]

everyone knows they just leave it in there to generate meaningless discussions. That's the point of slashdot.

edit. better or worse?

Re:hack

[catmistake]

If this is real, it was really social engineering.

Agreed. But, in case there's any question of it, the word 'engineering' here is used sarcastically. This is unlike, say, how software engineering uses the term. I, for one, don't also want human resouces co-opting a perfectly meaningful word, ultimately serving to dilute the meaning of the word. Though I am not an engineer, I have a great respect for them, so I don't go around referring to myself as, say, an efficient mid-career operator in the ever-shrinking field of not-engineering.

Re:hack

[nzap]

Actually, they are been redefined by that. Language communicates ideas, and if people connect a word to an idea, then that is how it's defined. e.g. I've already adopted your new form of grammar.

Re:hack

[catmistake]

e.g. I've already adopted your new form of grammar.

I meant 'bean.'
Eventually all of language is reduced to a single word; it'll just be malapropisms all the way down.

Re:hack

[bryanp]

Casual, non-competitive target shooting does in fact have a separate term. It's called plinking.

Re:hack

[Requiem18th]

If languages are fluid then by definition he can influence it to change it whatever direction he wants.

Re:hack

[Requiem18th]

Because speaking up your mind against corporate and government collusion in corruption is idiocy and requires mockery.

Re:hack

[Gilmoure]

Cracker also refers to Anglo descended Florida drovers:

Historical usage

The term "cracker" was in use during the Elizabethan era to describe braggarts. The original root of this is the Middle English word crack meaning "entertaining conversation" (One may be said to "crack" a joke); this term and the Gaelicized spelling "craic" are still in use in Northern England, Ireland and Scotland. It is documented in William Shakespeare's King John (1595): "What cracker is this ... that deafes our ears / With this abundance of superfluous breath?"
By the 1760s the English, both at home and in the American colonies, applied the term “cracker” to Scots-Irish and English American settlers of the remote southern back country, as noted in a passage from a letter to the Earl of Dartmouth: "I should explain to your Lordship what is meant by Crackers; a name they have got from being great boasters; they are a lawless set of rascalls on the frontiers of Virginia, Maryland, the Carolinas, and Georgia, who often change their places of abode." The word was later associated with the cowboys of Georgia and Florida, many of them descendants of those early frontiersmen.
The term "cracker" in Florida usage relates to the whip that cowboys used to "crack" cattle out of the swamps and scrub. This is different from a Georgia cracker, who "cracked" corn.
[edit]Cracker Cowboys

The Florida "cowhunter" or "cracker cowboy" of the 19th and early 20th centuries was distinct from the Spanish vaquero and the Western cowboy. Florida cowboys did not use lassos to herd or capture cattle. Their primary tools were bullwhips and dogs. Florida cattle and horses were small. The "cracker cow", also known as the "native cow", or "scrub cow" averaged about 600 pounds, had large horns and large feet.[1]

Re:hack

[Gilmoure]

And even then, one is not always charged with murder. Self defense, soldiers, police, etc. all involve shooting and killing people. Murder is the unlawful killing of someone.

Not sure if you can plink someone, though.

Re:hack

[Securityemo]

That's not exactly how I've seen it used. "Crack" seems to be used almost exclusively for cracking protection mechanisms in software when reversing, and "hack" seems to be used as a shorthand for "manipulating a technological device or software in a highly technical and skilled manner, usually against the original designers intention and/or owner's wishes." The purest form of the verb seems to be "to break into and manipulate a computer remotely even though there is security in place to prevent this from happening."

The parent was not certain how blackhats used the word, and this is how I have seen professed blackhats use it, both in writing and by snooping on a few certain select forums. As in, people who write and sell software to botnet herders, who then steals grandma's pocket money.

Re:hack

[kaiidth]

Chicken.

Re:hack

[matrixskp]

Sometimes words can be used for multiple purposes... don't worry you can still use it to mean the branch of science concerned with design, building and use of mechanical structures. In this case 'engineering' is being used in this context (from the dictionary meaning): skillfully or artfully arrange for (an event or situation) to occur : she engineered another meeting with him. It's social engineering... (Now on topic) nice hack!

Re:hack

[Hucko]

I reckon we (the pedantic) should just reverse the meanings. Crackers create clever solutions, hackers just use cracks to destroy and break stuff for no reason. With crackers now good and hackers still bad, crackers would have done what homosexuals did to the word gay --- just not as effectively because it would still only be geek parlance

Re:hack

[Meski]

It's a racial slur? Really? Against who?

Someone calls me a cracker, I'd tell them to laugh it up, and oh, by the way, none of your plastic will work tomorrow...

Re:hack

[Meski]

But... no-one would understand what you meant! :^)

Re:hack

[Golddess]

Ah, thank you for informing me of additional definitions/origins for the term cracker.

Re:hack

[I8TheWorm]

That's well said. I was going to add that the term social engineering has been used for decades, and is still one of the most prevalent ways that "hackers" get in.

I used to argue with directors/CIOs over the use of the term software engineer vs. developer, programmer, systems analyst. Over time I've given up on the definitions, and just push the title that earns more :)

Now, the etymology of the word hacker is a topic all by itself....

Well, that'll be helpful

[Burb]

Another mature contribution from those grown-ups at Anonymous.

Re:Well, that'll be helpful

They are trying to protect the kiddys.

Re:Well, that'll be helpful

[Rakshasa+Taisab]

Yeah, they should have been doing renditions to Egypt of those responsible, like grown-ups do.

Re:Well, that'll be helpful

[Burb]

The only place where two wrongs make a right is boolean algebra. Revenge/retaliation just continues a cycle of aggression and destruction. I'm hardly happy about extraordinary rendition either. Whatever Anonymous' valid claims may be, this does nothing for their cause, except to give themselves hugely negative publicity. Way to go, generate sympathy for those you are against... sheesh.

Re:Well, that'll be helpful

[Securityemo]

Things like this might be more of a "blood knight" thing, though. E.g., whomever did this might find it primarily fun to hack a security firm, and only being secondarily motivated by some ephemeral "venegance".

Re:Well, that'll be helpful

[blahplusplus]

"Another mature contribution from those grown-ups at Anonymous."

There is nothing mature about this world.

Re:Well, that'll be helpful

[copponex]

Defacing a website and causing data loss is the same thing as torturing someone to death, or subverting democracy to keep an autocratic regime in power? That's news to anyone with an elementary understanding of ethics.

Re:Well, that'll be helpful

[TerranFury]

Helpful to whom? To you? To me? To the company which was targeted? To anons? To cops?

Helpful to anon and their cause. The problem is that this isn't.

Fucking around on a telecommunications network is not an exercise of real power. All it does is demonstrate how truly impotent Anonymous really is, while simultaneously giving those who do have real power excuses to further restrict use.

Ultimately, this is a political issue. The little guy wins at politics only through sheer force of numbers. That means being popular. I understand that "popular" is a word that Anon's members probably have a hard time identifying with, but it's one they really need to take and use for their own if they want to achieve their goals.

Anonymous needs to be appealing. It needs to be photogenic. People should want to have sex with it. That's how the world works: People do not clearly separate moral principles, from political goals, from personal desires, from sexual urges, from the respect of their peers. Study after study has shown, for instance, that people with more attractive faces are judged to be more honest; "beauty is good" is wired into our brains. When was the last time you saw a balding man, or a short man, elected president? Anonymous will not succeed if it looks like a bunch of smelly nerds. It needs a better image. People need to like them.

Assange, the paranoid, has an uphill battle; he is not a naturally likeable person. But he did one smart thing: When he found himself in the limelight, he got a haircut and bought a suit. That's what you do.

In politics, image is everything. Do you know how George Washington got the command of the Continental Army? He showed up to the Congress wearing his militia uniform -- and he was tall. Nevermind that he had no military experience of note; he looked the part. Why are actors -- unqualified in policy and unpracticed in analysis -- so successful at politics? Ronald Reagan, Jesse "The Body" Ventura, Arnold Schwarzenegger. They play a convincing, masculine role. People eat that shit up.

This is the game that Anonymous finds itself playing, whether it likes it or not. Image management is how you win at it.

Re:Well, that'll be helpful

Will no one think of the kiddiots?!

Re:Well, that'll be helpful

[1u3hr]

Seems a perfectly reasonable response to me. HBGary tried to out members of Anonymous; exposing their private information. Anonymous returned the favour. In the arena of public opinion, Anonymous are ahead. HBGary were made fools of.

But to talk about "aggression", "destruction" is silly. Actually in BOTH CASES the only ones at risk of real harm are Anonymous. If members of Anonymous are actually tracked down, they would get chewed up by the legal system.

Re:Well, that'll be helpful

[BitZtream]

Two wrongs never make a right, they only occasionally in algebra make a True, but never a right.

Re:Well, that'll be helpful

[jack2000]

Fucking around on a telecommunications network is not an exercise of real power. All it does is demonstrate how truly impotent Anonymous really is, while simultaneously giving those who do have real power excuses to further restrict use.

Would you rather have random /k/ nuts take up arms and go on shooting sprees? Because there's surely enough people with nothing to loose to go around.

They haven't been given a good enough reason yet to do anything.

Re:Well, that'll be helpful

[OldeTimeGeek]

Yeah, 'cause you'd never see a good conservative turn the other cheek, would you? It's not as though it's in any book that they'd be likely to read, would it...

Re:Well, that'll be helpful

[ElectricTurtle]

When was the last time you saw a balding man, or a short man, elected president?

1) Balding: Gerald Ford.
2) Short: Jimmy Carter.

Neither were the first.

(More interestingly, prior to the Civil War, for what heights were known, a man was more likely to be elected if he was not the tallest candidate. Perhaps that was because the electorate was not as superficial in that era. Interesting pattern given the demographic changes to enfranchisement over time, but I am not prepared to draw conclusions without further research.)

As for George Washington, 'no military experience of note' is far too harsh a criticism for somebody who rose to the rank of colonel and served five years before the Revolution, mostly with success and distinction. Who do you think would have been more qualified? Philip Schuyler? Artemas Ward? They were both made major generals even though they had barely seen any previous combat. The only more legitimate choice might have been Charles Lee, but he was not as politically powerful as Washington, nor was his loyalty as certain. He had both the history and attitude of a mercenary, and that rubbed revolutionary ideals the wrong way.

The take home point here is that it is overly simplistic to try to boil down political success to who looks best. It is also a mistake to think that Anonymous is looking for political success. Wikileaks might be, but Anonymous is only doing what it wants, primarily for the lulz.

Re:Well, that'll be helpful

[vertinox]

The only place where two wrongs make a right is boolean algebra. Revenge/retaliation just continues a cycle of aggression and destruction.

Technically, the American Revolution and the French Resistance was illegal.

Re:Well, that'll be helpful

[Maritz]

They might well do that.

But before getting into the virtuousness of the bible, we should bear in mind that if they're taking this thing literally then they better hope to have an obedient son, lest they have to bury him in sand and have angry men throw rocks at his head, e.g. Deuteronomy 21:

"If a man have a stubborn and rebellious son, which will not obey the voice of his father, or the voice of his mother, and that, when they have chastened him, will not hearken unto them: Then shall his father and his mother lay hold on him, and bring him out unto the elders of his city, and unto the gate of his place; And they shall say unto the elders of his city, This our son is stubborn and rebellious, he will not obey our voice; he is a glutton, and a drunkard. And all the men of his city shall stone him with stones, that he die: so shalt thou put evil away from among you; and all Israel shall hear, and fear."

Re:Well, that'll be helpful

[Big+Bill+the+Conjure]

Ford wasn't elected.

Re:Well, that'll be helpful

[Windowser]

Two wrongs never make a right, they only occasionally in algebra make a True, but never a right.

Maybe, but three left do

Re:Well, that'll be helpful

[geoskd]

The only place where two wrongs make a right is boolean algebra. Revenge/retaliation just continues a cycle of aggression and destruction.

Then why do our laws prosecute people who are not really criminals, and never really hurt anyone before, probably wont hurt anyone again? The reason is deterrent, the ultimate form of which is M.A.D. If it doesn't work, as you say, then why does virtually every government on earth employ this tactic? When an individual does it, its called revenge. When a government does it, its called justice. You can't tell me that's not the ultimate double standard.

-=Geoskd

Re:Well, that'll be helpful

[Labcoat+Samurai]

Is that what he said? I think the conversation went "A is bad" "Unrelated thing B is worse" "Sure, B is really bad, but back on A for the moment, here's why I think it's bad."

Re:Well, that'll be helpful

[Fulcrum+of+Evil]

If it doesn't work, as you say, then why does virtually every government on earth employ this tactic?

Because it gets votes. Over in europe, they're closing prisons, though - with effective rehab and social programs, they're running out of crims.

Re:Well, that'll be helpful

[tirefire]

(More interestingly, prior to the Civil War, for what heights were known, a man was more likely to be elected if he was not the tallest candidate. Perhaps that was because the electorate was not as superficial in that era. Interesting pattern given the demographic changes to enfranchisement over time, but I am not prepared to draw conclusions without further research.)

(emphasis mine)

Changing voter demographics is certainly one possible cause, but my money is on compulsory public schooling. "Public school" -- the anti-democratic environment where students were and are continuously and publicly ranked based on how well they obey the teacher (usually the tallest person in the room) -- was just getting started in Mass. and NY before the Civil War began. I'm terrible with dates in history, but if memory serves me it was right around the time of the Civil War when public school graduates constituted a majority of the electorate.

Re:Well, that'll be helpful

[Labcoat+Samurai]

He would... If you thought that what the revolutionaries were doing was wrong.

Re:Well, that'll be helpful

[westlake]

Do you know how George Washington got the command of the Continental Army? He showed up to the Congress wearing his militia uniform -- and he was tall. Nevermind that he had no military experience of note; he looked the part.

He had lived the part as well:

Washington's military experience began in the French and English struggles for domination of the upper Ohio Valley. Washington's surveying experience made him a logical choice to lead Virginian expeditions into the western territories, where he had a series of encounters with the French. In one encounter, in May 1754 near French Fort Duquesne (modern Pittsburgh), Washington's force ambushed a French detachment. Soon afterwards, Washington was forced to surrender his outnumbered force to the French and returned disarmed to Williamsburg.

The British sent General Braddock to Virginia to lead an expedition against the French. As an aide-de-camp, Washington marched with Braddock's army to the Monongahela River, south of Fort Duquesne. The French and their indian allies surprised the British with an attack in which Braddock was killed. Washington led the remnants of the English force in an orderly withdrawal.

The Virginia governor rewarded Washington with the rank of colonel and placed him in command of the colony's troops, with the main mission of guarding the western frontier.

Brief review of his military career

The survivors of Braddock's campaign included Daniel Boone, Thomas Gage, Daniel Morgan --- about twenty historically significant figures in all. It was one of those rare events which can make or break a man.

Braddock's Alumni

Re:Well, that'll be helpful

[westlake]

Perhaps that was because the electorate was not as superficial in that era. Interesting pattern given the demographic changes to enfranchisement over time, but I am not prepared to draw conclusions without further research.)

How likely were you to have seen so much as a woodcut portrait or cartoon caricature of a candidate before 1850? Leslie's one of the first and most ambitious of the national illustrated weeklies only had a circulation of about 65,000 as late as the 1890s.

Re:Well, that'll be helpful

[ElectricTurtle]

Actually, he was elected, but I understand your meaning, he just wasn't elected President. Dwight Eisenhower then.

Re:Well, that'll be helpful

[ElectricTurtle]

I could go to the Library of Congress and have a hundred antebellum political cartoons and presidential campaign pamphlets from the period by this time tomorrow, and there would be thrice plus as many more after that.

It's not a matter of one weekly periodical's circulation. (Not to mention that the number only seems small in contemporary terms. The whole antebellum nation was smaller than 30 million people. That's smaller than all of California today. And remember, prior to "Jacksonian Democracy" only the generally more literate, land-owning white men could vote, so those were the only ones political pamphlets and advertisements had to reach.) Every urban center had periodicals, and they were more valuable in that period than today. You can't judge them anachronistically by the modern standard of buying a paper and throwing it out an hour later. Periodicals of 18th-19th century were passed from person to person from the urban centers out into the rural areas. People sent each other clippings in the mail. I'm afraid if you're unaware of such basic social norms in the period you're unqualified to render judgment.

Re:Well, that'll be helpful

[Requiem18th]

If you mean the Fox News crowd sure, that's news to them and they wouldn't bite it, everyone knows Assange is a baby eating rapist and Anonymous are hackers on steroids clocking the series of tubes.

Re:Well, that'll be helpful

[Burb]

Hehe, well I am British. Who knows, maybe I would have been. Nice try at an ad hominem attack though.

Re:Well, that'll be helpful

[Burb]

By all means have an argument with the straw man you consider me to be. You'll always beat him. But did I say that? No, I didn't.

Sigh

[hirvonen]

Ought to have been better prepared if you go kicking a nest full of hornets...

Re:Sigh

[somersault]

Which side are you talking about, exactly? The stuff done here was presumably a lot more traceable and punishable than a DDoS attack by thousands of angsty teenagers.

Re:Sigh

[Spad]

Unlikely, these guys were probably behind 7 proxies.

Re:Sigh

[GooberToo]

Better prepared? Sounds like the perfect trap whereby idiots are lured into it.

Sure, a worthless website may have been hacked - but at what cost to themselves? How many telltale signs did they leave behind for yet more prosecutions?

Re:Sigh

[somersault]

Not sure why you were modded as funny.You never know, they might have been pretty dumb, or careless somewhere. And even if they were behind proxies, that doesn't make it impossible to trace them either. I suppose it depends on who was running the proxies, where they were (and therefore what laws are in effect), and how cooperative the involved ISPs are.

Re:Sigh

[somersault]

In retrospect I realised this may have been a quote (perhaps from the movie Hackers, which I haven't seen), then discovered it is in fact some random meme. Gotcha.

Re:Sigh

[hajus]

Whoosh!

http://knowyourmeme.com/memes/good-luck-im-behind-7-proxies

Re:Sigh

[man_of_mr_e]

Even worse, this may have been a honeypot, meant to attract more anonymous actions to gain more evidence to put them away for longer terms.

Those guys don't even think.

Re:Sigh

[Azghoul]

You are ascribing way too much intelligence to an average American company.

Set it up as a honey pot? Let them have the guy's Twitter account, SS# and so on, as some sort of elaborate ruse? No frigging way.

Re:Sigh

[Entropius]

If I were going to do something like this I'd do it from a public wifi point. My university runs one, at least, that has public unencrypted wifi that is port filtered.

The only ports you can access are 80, 110, skype, a few others, and ... ssh.

Re:Sigh

[BitZtream]

Idiot.

They are completely prepared.

'Anonymous' just walked into an ambush.

These guys have been watching whats going on, following what they've been doing, and are working with the FBI ... do you really think no one thought in advanced 'hey, when we piss them off, they'll come after us too!'

No ... they thought of it in advanced and said 'perfect, now lets set it up so we can have it setup in a perfect way for us to gleen the absolute most information in the process.

Anyone stupid enough to do this isn't a major player anyway, or won't be for long. They basically just started a war with the cops, the only thing you can do to piss off a cop more than embarrassing them is killing one of them. So now they've changed it from being an annoying bunch of twits who don't really do any damage and no one is going to invest any serious effort into finding ... into a matter of personal pride for every person working on it. They also have the advantage of funding and not having to cower in mommies basement.

This just shows the ignorance 'anonymous' has ...

If you'd have payed attention in school you'd know mob justice isn't a good idea, perfect example here.

Re:Sigh

[GooberToo]

You're missing the point. Knowing full well he'd be targeted, perhaps he didn't care and hoped to create a trail which would lead to yet more work. The degree of disclosure and penetration really doesn't matter if it allows for continued reciprocal discovery and as a result, arrests.

And what you're ascribing as an "elaborate ruse", could really be, indifference and a desire to get more work.

As a side note, just about every branch of military and three lettered organization is well documented to use such ploys.

Re:Sigh

[krazytekn0]

HPGary? HoneyPot Gary? AHA! I knew honeypot Gary was behind this. Him and one-eye Louie!

Re:Sigh

[somersault]

I'd prefer to do it from someone else's University, preferably in a different city, from a live CD.. with a spoofed MAC address..

Re:Sigh

I doubt the guy intentionally let his SSN go public, nobody's that much of a team player.

Re:Sigh

"If you'd have payed attention in school" LOLOLOL

Re:Sigh

[ginbot462]

Ensign Spigot: Sir! I've been tracing slashdot like you've assigned.
Admiral Bigguns: Spit it out..
Ensign Spigot: Well, it seems somebody has noticed a mistake they've made and gone back to correct themselves.
Admiral Bigguns: Not good ... I didn't expect to see these signs yet. We better get operation FIDOSMUT off the ground.

Admiral Bigguns: Ensign ... why are you transcribing our conversation in that submit window?
Ensign Spigot: Er .. um... You see

Re:Sigh

[vertinox]

This just shows the ignorance 'anonymous' has ...

I'm beginning to believe that anyone that refers to 'anonymous' as an organization is trolling.

And it seems to be happening on both sides of the argument, as the media and pro-government groups want to make these guys into the next Illuminati and the people doing the 'anonymous' posting seem to be getting a really raging epeep when they get attention like this even though they are in fact simply a bunch of people on a message board sharing porn most of the time.

I'll tell you what probably happen...

Some random person on the internet most likely went to a buys 'anonymous' forum (most likely 4chan) and posted "Let's go to this website and mash F5 a bunch of times!"

And it just happened that a few thousand people who read that said "Oh! Why didn't I post this first!" and proceed to go to that website and beat on their F5.

Then the page was in effect, slashdotted as they most likely had poor servers. Then proceed to review their IP logs and pick people at random to make an example.

Of course their are ignorant people who post 'anonymous', because majority of the people in the world aren't really that educated and if you put a large enough subset of people at any gathering, they tend to do stupid things (say a football mach riot in England).

But calling 'anonymous' ignorant is ignorant in itself because it assumes that that group is a unified organization but rather people who sit around and instead of having user names, they don't need to log into post and gather their porn pictures and lolcats.

Its like calling people who use "anonymous coward" on slashdot a corporation of single like minded collectivists who have one goal in mind.

These are simply individuals who post anonymous. Nothing more. Nothing less. Stop making it into something it is not.

Thank you.

Re:Sigh

[EdIII]

And even if they were behind proxies, that doesn't make it impossible to trace them either. I suppose it depends on who was running the proxies, where they were (and therefore what laws are in effect), and how cooperative the involved ISPs are.

That is a lot of assumptions.

Quite a number of proxies out there, even assuming they are anonymous, don't log by default. Privoxy does not log each destination by default, just the errors as one example. Even those that do log each destination are almost certainly log rotating.

Most ISPs do cooperate with law enforcement. Hard to last if you don't. However, law enforcement would not be pushing legislation to mandate storing logs of all traffic and DNS queries for two years if the ISPs were storing this information already. Running your traffic through multiple proxies is pretty damn hard to trace because most information is not there by default, and the costs of keeping such information for extended time periods is non trivial.

Of course, this also assumes that they are running their traffic through proxies operated by ISPs. I don't know of too many that really are, and not anonymous either, which makes them worthless for Anonymous. Anonymous proxies are usually operated by people *using* ISPs and until ISPs log all traffic you won't be able to get that information from those people in a timely and reliable fashion.

Everything I mentioned up to this point was *legal*. Non legal means like using a botnet to route traffic? Not logged on the compromised machine, and you could destroy the whole machine afterwards anyways.

The ability of government and hackers in the movies to magically trace anyone usually relies on an assumption that a tremendous amount of information is available to them in real time, regardless of how many jurisdictions and countries it takes. That information and capabilities is simply not there unless you believe that all the traffic going through the carriers is truly copied to NSA data centers. That would work given enough processing power. Sure there are many conspiracy theories that say this is true, just like the underground highways. If that were true, were fucked anyways. Anonymous is at least. I doubt the NSA is going to use their pretty tools to track down common thugs, so torrents are probably safe for now.

I think the truth is more than likely that tracing people forensically on the Internet is a bitch when it is determined and sophisticated people you are tracking.

Re:Sigh

[mcguyver]

HBGary Federal CEO: How can we catch anonymous?
HBGary Federal 1: How about we ask employees to use the same password everywhere, let them attack us and catch them in the act?
HBGary Federal CEO: Great idea, what should we use as bait?
HBGary Federal 1: How about all our emails including your social security number?
HBGary Federal CEO: Perfect, make it happen.

Surely the meeting went down just like that.

Re:Sigh

[HereIAmJH]

I doubt the guy intentionally let his SSN go public

Maybe he idolizes the founder of LifeLock.

Re:Sigh

[ImprovOmega]

The great thing about 'Anonymous' is that they're basically completely decentralized. There is no head to cut off, and at best you expend resources to get a handful of individuals.

Now the great thing about this approach is that the effort expended to capture these folks is directly proportional to how skilled they are. Thusly, the people with more skill who are doing more damage are masking themselves more effectively.

Catching a couple of hundred script kiddies in their mother's basement isn't going to dent the problem. And catching the people actually writing those scripts and causing real damage is going to be no mean feat.

Re:Sigh

[Heretic2]

Here's what interesting to me, and please whoever, don't feel like you need to hack me for this I'm just an observer that happens to be an Engineer in the field in which you may operate.

If you believe the command history then the ANON guy that logged in showed his own IP based in New Zealand:

bash-3.2# ssh hoglund@65.74.181.141 -p 47152
[unauthorized access prohibited]
hoglund@65.74.181.141's password:
[hoglund@www hoglund]$ unset
hoglund@www hoglund]$ w
11:23:50 up 30 days, 5:45, 4 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
jussi pts/0 cs145060.pp.htv. Wed11pm 59.00s 0.38s 0.35s screen -r
jussi pts/1 - Thu 5am 1:13 0.38s 4.90s SCREEN
jussi pts/2 - Thu 5am 59.00s 0.68s 4.90s SCREEN
hoglund pts/3 132.181.74.65.st 11:23am 0.00s 0.03s 0.00s w

And as an aside, rookit.com is running RHEL/CentOS 3 still???

[hoglund@www hoglund]$ uname -a;hostname
Linux www.rootkit.com 2.4.21-40.ELsmp #1 SMP Wed Mar 15 14:21:45 EST 2006 i686 i686 i386 GNU/Linux
www.rootkit.com

Re:Sigh

[mywhitewolf]

punishable yes, traceable unlikely. HBGary is a security firm, so I'd say they knew what they were doing.

clever!

so... "members" of "Anonymous" get investigated by the feds, and criminal charges brought.
so they counter this with more illegal activity which is even more serious and will get them even further into the shit

great plan numbnuts

Re:clever!

So, Americans decide to peacefully toss a few sacks of tea into Boston harbor and get the entire harbor shutdown.. so they counter with even more illegal activity and a revolution that will get them even further into the shit

great plan numbnuts

Point being... if everyone on Earth was afraid to break a few laws, we'd still be under the rule of British monarchs. Thank god some people don't tuck tail and run whenever Big Brother stares in their direction.

Re:clever!

[Pinky's+Brain]

"Them" is a near infinite pool of misanthropic neckbeards ... none of which gives a shit about what happens to the other misanthropic neckbeards currently in trouble.

Re:clever!

Anonymous knows exactly what they're doing and why.

Not really. There are as many different plans and motivations of Anonymous as there are members of Anonymous. The media, security companies, and other groups try to identify Anonymous as a single entity with a single will, but it's just not. Anonymous is a label, not an entity.

Re:clever!

[BinBoy]

so they counter this with more illegal activity which is even more serious and will get them even further into the shit

great plan numbnuts

Hmmmm. Might be risky rather than stupid. Maybe by proving the incompetence of the security company, they can have evidence thrown out.

Re:clever!

[TerranFury]

we'd still be under the rule of British monarchs

We'd be a god-forsaken hellhole roamed by cannibal gangs! Like Canada!

Re:clever!

[GameboyRMH]

British monarchs? We'd still be under the rule of the Unga tribe (or whatever the first tribe called themselves).

Re:clever!

[Ironhandx]

Troll? Really? What he said is a fair comparison, AND the situation is similar. The folks throwing the tea overboard were arguing against unfair taxation without representation. These guys, however potentially misguided at times, are fighting for what they believe is the protection of free speech, which is one of the CORE ideals of the same people that threw the damned tea overboard.

Some people around here need to grow a damned backbone, and a set of common sense. Regardless of that however, -1 Troll is not a replacement for -1 disagree.

Yes I realize that I'm in the minority here on /. and that the same people that modded our AC here troll are going to attempt to mod me into oblivion. But go nuts, I've got Karma to burn.

Re:clever!

[Pinky's+Brain]

Spoken like a true anonymous ... they would agree with you.

Re:clever!

If it's a label, not an entity, then how can it have "members"?

I don't know why people act as if "Anonymous" is a new thing. It's not. It's just a present-day version of something ancient - the lynch mob. The mob doesn't think, the mob doesn't consider, the mob just destroys. The mob is the barbarian horde burning down civilisation.

For a historical example of an earlier "Anonymous", think about the KKK. Just why did they wear those white hoods? The answer is easy. They did it to be "Anonymous", because if you are "Anonymous", you are released from the obligation to be a civilised human. You do what you like without consequence, so why not lynch a few negroes before they get uppity?

As XKCD says, "Anonymity + Audience = Asshole". Now, that's "Anonymous".

Re:clever!

[DurendalMac]

Tell me about it. The DDoS was one thing, but this is a completely different story. Whoever was behind this is probably going to so some serious hard time.

Re:clever!

[DurendalMac]

Anonymous has been "fighting for free speech" for years by trying to hand opportunistic politicians a reason to crack down on it for YEARS. Posting CP to 4chan? Yeah, that'll do it! Raiding people, such as grieving family members by sending them pictures of their car-crashed dead? Yeah, that's a great move for free speech! Hacking Facebook accounts so they can send everyone on a friend's list scat porn? Yay for free speech! Then there's the Palin email "hacker", a guy who hardly turned out to be a free speech activist, just a raging idiot. Those are just a handful of examples out of many. For people who like to think they're championing the idea of free speech and online anonymity, they sure are doing their damnedest to wreck it for the rest of us.

Until now, most Anonymous raids (outside of Chanology, which was a pretty unique one) have been low-level enough to be largely ignored by the feds, but all that just changed. This isn't equivalent to the Boston Tea Party. I don't think the Sons of Liberty did it for the lulz.

Re:clever!

[man_of_mr_e]

Or maybe they gave the security company even more evidence.

Re:clever!

[Charliemopps]

Actually this was probably a brilliant idea on their part. They just tainted the evidence against them. They deleted the companies backups and had access to the only copy of the data. So now the data is completely inadmissible in court.

Re:clever!

[lysdexia]

Mangani, I think.

Re:clever!

[theArtificial]

If it's a label, not an entity, then how can it have "members"?

I don't know why people act as if "Anonymous" is a new thing. It's not. It's just a present-day version of something ancient - the lynch mob. The mob doesn't think, the mob doesn't consider, the mob just destroys. The mob is the barbarian horde burning down civilisation.

For a historical example of an earlier "Anonymous", think about the KKK. Just why did they wear those white hoods? The answer is easy. They did it to be "Anonymous", because if you are "Anonymous", you are released from the obligation to be a civilised human. You do what you like without consequence, so why not lynch a few negroes before they get uppity?

blah blah blah blah?

As XKCD says, "Anonymity + Audience = Asshole". Now, that's "Anonymous".

Ah, I love it when there is an (incorect) fictional reference. It's not a complete thread without this!

Re:clever!

[operagost]

Didn't that guy use to coach the Browns and Jets? After the rule of the great Belichiki, everything went to hell.

Re:clever!

[EkriirkE]

If only I had mod points to burn, I'd waste then on this.

Re:clever!

[theArtificial]

Yes a giant joke *rolls eyes* speaking of jokes lets read your post. Sentences don't begin with And. How old are you, coward? Also you're a hyprocrite. You imply that I'm underestimating this group of people and incorrectly assuming that by posting here I'm unable to lurk another. I recall 3million get if that means anything to you. Since you can't get your other references correct why I keep feeding you is a mystery.

Fear of a mob isn't anything new, see Katrina, LA Riots etc. FYI if you don't want to make a point learn to do it correctly, it's really basic shit that avoids making the rest of what you say suspect.

Security is for Other people!

[Herkum01]

From the article,

HBGary was victimized by a combination of social engineering and a shared password between systems

Evidently, being a security firm means not having to following good security practices.

Re:Security is for Other people!

[sosume]

These guys use botnets, proxies, vpn tunnels, whatever it needs to obfuscate their origins. Don't be surprised if the feds come knocking on the HBGary owner's door, claiming the IP address traces back to his home PC.

Re:Security is for Other people!

[gox]

Erm, wouldn't that involve every ISP in the world having to keep record of ALL IP traffic? And you probably have to count in records of open wireless connections and internet cafe's and such. Plus, considering that end-to-end ecryption is being used, they would have to know security details of nodes involved. It's not even plausible.

Re:Security is for Other people!

[JamesP]

Yeah, it was as bad as 'hurr durr we're a security firm, what's the password to MS Bob again?! hurrr durr'

I'm surprised they actually know what SSH is

Too bad they never heard of auth by keypair. Next time they'll probably send the keys attached, and not use a passphrase =P

Re:Security is for Other people!

[DurendalMac]

So do a lot of other hackers. They still get caught. If the feds can track down the origin of a virus, they can find whoever did this. You'd think that the guy who got into Palin's email account would have done the same, but the idiot used a single US-based proxy.

Re:Security is for Other people!

[EasyTarget]

"FBI... Mastercard... Paypal... Visa....' blah... 'Some deep pockets'.. blah...

yes.. but in those deep pockets are their own hands firmly grasped around their own dicks..

That is a list of stagnating unintelligent grunts who have only got where they are by buying other peoples work and then aggressively maintaining their monopolies by force (through the medium of money, collusion, corruption and occasional broken legs). The only name there worth technical s**t is Amazon.

I doubt if they will find many worthwhile whitehats who would work for them no matter how much money they offer... Unreliable whitehats will, however, be crawling out of the woodwork as we speak... each of them after a slice of the 'anonymous bashing' cake.

Re:Security is for Other people!

[Piata]

I work for a telecom dealer that specializes in fulfilling corporate needs. All corporate sales are done through our website. A few of our clients are security companies. One of them (which will go unnamed) has a key purchaser who is completely computer illiterate. When trying to troubleshoot her difficulties using our website, I asked what browser she was using. She replied "Office 2003".

After patiently instructing her on how to determine her browser and version number, it turned out she was using IE6. That was about 2 years ago. They still use IE6 to this day and have no intentions of switching off of it. Having dealt with a large variety of companies over the years, I think security firms are the most technically inept and the most likely to completely disregard online security.

Re:Security is for Other people!

[Entropius]

... yet the reason he was caught is that he bragged about it, not that he was traced.

Re:Security is for Other people!

[BitZtream]

Did you ever consider it might have been intentional?

Re:Security is for Other people!

[modecx]

Not only that, but how/why do they come up with retarded company names like HBGary? I imagine this scenario, He got hacked? Yeah, I hear he went to HBGary®, (the galleria of security)... Yeah, why not take the time to come up with something respectable sounding?

Re:Security is for Other people!

[HornWumpus]

He bragged about it and posted screen shots that included the proxy that was used.

The operator of that proxy dimed him out.

That guy was a complete idiot who is getting what he deserves.

Re:Security is for Other people!

[InvisibleSoul]

I work for a telecom dealer that specializes in fulfilling corporate needs. All corporate sales are done through our website. A few of our clients are security companies. One of them (which will go unnamed) has a key purchaser who is completely computer illiterate. When trying to troubleshoot her difficulties using our website, I asked what browser she was using. She replied "Office 2003".

After patiently instructing her on how to determine her browser and version number, it turned out she was using IE6. That was about 2 years ago. They still use IE6 to this day and have no intentions of switching off of it. Having dealt with a large variety of companies over the years, I think security firms are the most technically inept and the most likely to completely disregard online security.

What kind of security company are we talking about here? Are they an IT security company, or some muscle-for-hire type security company? Huge difference. Granted, the key purchaser should still be competent on the computer, but the story doesn't quite carry the same punch as if this was a computer illiterate worker at an IT security firm.

Re:Security is for Other people!

[plover]

I work for a telecom dealer that specializes in fulfilling corporate needs. All corporate sales are done through our website. A few of our clients are security companies. One of them (which will go unnamed) has a key purchaser who is completely computer illiterate. When trying to troubleshoot her difficulties using our website, I asked what browser she was using. She replied "Office 2003".

After patiently instructing her on how to determine her browser and version number, it turned out she was using IE6. That was about 2 years ago. They still use IE6 to this day and have no intentions of switching off of it. Having dealt with a large variety of companies over the years, I think security firms are the most technically inept and the most likely to completely disregard online security.

I think the problem is "risk analysis". It's the latest project management buzzword circling Corporate America, but the ones tasked with doing it have no idea what they're really doing, or what the risks really are.

They'll put together a meeting to answer the question "what is the risk if we change everyone to IE8?" People in a conference room will toss out reasons like "It will break our internal web site, costing $50,000 to fix." "It will break compatibility with our trading partners, costing us $20,000 to mitigate." "It will mean we have to update our servers to the latest IIS, and upgrade our farm to Server 2008 and SQL 2008, and that's a huge risk for downtime, probably $10,000 in impact" which we all know is secret BOFH code for "I don't want to come in at 2:30 AM on Saturday to do this crapwork." So a business analyst puts up three fat tally marks under "IE 8 BREAKS ALL OUR STUFF!". Then someone says "It reduces our risk of malware" and "We can use Web 2.0" So the analyst puts a couple marks in the "IE8 BENEFITS" column, labels them each $0, and puts a sticky note reading Define 'malware' in the column labeled "PARKING LOT."

Nobody says "The Treasurer's admin will surf to a cute puppy site where her PC will be infected with a drive by key logger, and the corporate bank accounts will be wiped out" or "The HR person will open a malicious PDF resume and all our employee payroll data will get leaked" or "The lead network engineer will have a javascript injected into his cache next time he uses the free wifi at the coffee house, and the hackers will get domain admin rights and use them to dump the credit card database" because it doesn't occur to them that a tiny hole in the wall is all a decent hacker needs. For that matter, it's all a script kiddie needs. But according to risk analysis math, 3 tally marks worth $80,000 > 2 tally marks tagged $0, therefore the answer is "don't upgrade".

Any moderators who tag this '+1 Funny' obviously don't work in Corporate America, where we all know it's really '+1 Sad Truth'.

Ambivlance

[DoofusOfDeath]

It's hard to know how to feel about someone waging war against your own society.

Anonymous is fighting partially on behalf of Wikileaks. Wikileaks' recent releases put some sunlight on goverment/industry malfeasance, but also pointlessly harmed some diplomatic efforts by publishing unflattering personal opinions about people the US probably needs to get along with.

And the company Anonymous is going after probably helps stop real security threats that most of us would agree merit stopping; not just Cablegate-related stuff.

What a tangled mess of virtue and vice.

Re:Ambivlance

[kyz]

And the company Anonymous is going after probably helps stop real security threats that most of us would agree merit stopping; not just Cablegate-related stuff.

To help you out: HBGary is still running. HBGary Federal is a new spin-off company started in December 2009 to try and sell "cybersecurity" products to the Feds.

If they were cybersecurity experts, ones that were worth paying for with your tax dollars, then Anonymous would not have been able to pwn their website, twitter accounts, email, ....

According to some of those recently pwned emails, the spokesperson Aaron Barr admitted to his own staff that he was deliberately provoking Anonymous, because he knew that the press was interested in anything to do with Anonymous and they'd get good publicity and possibly sales.

The money quote from Aaron's company email: But it's not about them... it's about our audience having the right impression of our capability and the competency of our research. Anonymous will do what every they can to discredit that. and they have the mic to speak because they are on Al Jazeera, ABC, CNN, etc. I am going to keep up the debate because I think it's good business, but I will be smart about my public responses.

Does that help you swing one way or the other?

Re:Ambivlance

[Sarten-X]

I'm sorry, but where exactly is the virtue?

Wikileaks has done effectively nothing recently besides attack the US government. Where's all those high-finance leaks that were promised years ago? Where's the responsible redaction that every reputable journalist goes through? Where's the public editing and input that it began with? As far as I can tell, Wikileaks lost all attempt at virtue by the beginning of 2010. Since then, it's resorted to blackmail to maintain its interests, threatening to release unfiltered, uncensored information if anything happens to Julian Assange or the organization itself. Virtue, indeed.

Regardless of my opinions, Wikileaks may be worth fighting for. In that case, donate to it through any of the several channels that are still open. If they're all shut down today, wait until tomorrow and there'll be five more. Shrugging off law and order to throw rocks at companies isn't about a virtuous protest. It's a child's tantrum. What's more, it's a tantrum from children who don't dare consider that they're breaking laws with this farce of a protest. HBGary is now being attacked for investigating a criminal act. Last time I checked, breaking laws for any cause was still grounds to be arrested and put on trial. Often, it's even enough to be convicted.

Jack Ruby killed Lee Harvey Oswald who, conspiracies aside, killed President Kennedy. Ruby was convicted of murder, because he killed someone. What his victim may or may not have done is irrelevant. In my opinion, every participant in a DDoS ought to face justice according to their jurisdictions. They broke laws, and have no basis to complain now that they're being caught.

Perhaps I'd feel differently if there were no outlet for protest other than a DDoS, but there are. Wikileaks' supporters could raise a billboard encouraging support of Wikileaks' mission. They could send letters to representatives and picket assemblies and courthouses. They could follow any of the myriad forms of protest that have been established and respected over the past thousand years, without breaking any laws. They could, but Anonymous won't. Anonymous is a legion of crying children. Virtue doesn't hold their interest. Mayhem does.

Re:Ambivlance

[Inda]

If these Anons are, as we are led to believe, under the age of caring, why are these actions deemed so wrong? Shouldn't they be seen as the only appropriate action?

UK and US children have known nothing but war since they day they were born. Sadam makes a threat, we bomb him. Sadam does a naughty, we bomb him. Bomb on planes and trains, we carpet bomb someone.

And we expect our own offspring to behave themselves when faced with authority?

I think we're asking too much of them. Until our own actions change, virtual bombing will continue.

Re:Ambivlance

[fuzzyfuzzyfungus]

You really have to define "your own society" in clear terms to work this little moral conundrum out...

Wikileaks, and their anonymous friends, are definitely attacking the secrecy of certain state and corporate entities that exist on American soil and/or are paid for with US taxpayer funds. Is that enough to make them "our own society"? Or does the fact that a clandestine morass of opaque state functionaries, often quite a few levels removed from anything resembling a "representative" is dubiously in line with a democratic republic make them a sort of cancerous outgrowth of "our own society"?

I'm not playing the "Well, man, it's like, all relative; because one person's hero is another's terrorist, man." card. These are real questions that, arguably, have cogent answers(albeit ones reliant on certain axiomatic assumptions that the answerer brings to the table).

Societies constantly attack themselves in order to survive: the police spend basically all their time hunting down and hauling in for trial citizens and residents whose behavior is considered to have put them against society rather than in it. Politicians constantly attack one anothers' programmes, in a process intended to produce the best or most representative outcome. Assorted NGOs and individuals constantly bring suits against one another and the state trying to redress various perceived wrongs. As with a complex multicellular organism, where killing abberant cells before they metastasize and kill you is as important a job as killing external pathogens before they kill you, the maintenance of a complex society is a constant process of defense from external enemies and(particularly for a militarily strong and geographically lucky country like the US) culling internal enemies and dangerous trends.

Unless we define "our society" more or less tautologically as "whatever society we are participating in at the moment"; it is the case that there is an ideal "our society" and an actual "the society we are doing". When the two differ too much, "our society" becomes a dead letter, used primarily for propaganda purposes by "the society we are doing". Fighting against that trend, which frequently means attacking, sometimes in accordance with the rules of "the society we are doing"(as with constitutional challenge court cases), sometimes against those rules(leaks, hacks, etc.) "the society we are doing", is a necessary part of staying reasonably in line with "our society".

It is a matter of legitimate debate whether or not Wikileaks is attacking "our society" or "the society we are actually doing", and how different those two are; but it is not a matter of trivial debate.

Re:Ambivlance

No one is listening to you because you continue to make claims that are demonstratively false.

"Where's all those high-finance leaks that were promised years ago?"
I think you confused years with months.

"Where's the responsible redaction that every reputable journalist goes through?"
Um, you know. The entire Cable Gate release.

"Where's the public editing and input that it began with?"
What are you talking about? Does the Wikileaks name confuse you?

Re:Ambivlance

[kalirion]

And the company Anonymous is going after probably helps stop real security threats that most of us would agree merit stopping; not just Cablegate-related stuff.

Would you trust a mechanic whose engine just died because he screwed up his own oil change?

Re:Ambivlance

[Gunnut1124]

Ok, let's see if we can see through some of your old-school smoke screen here...

"Wikileaks' supporters could raise a billboard encouraging support of Wikileaks' mission. They could send letters to representatives and picket assemblies and courthouses"
Does that EVER work? The most effective protests I've seen involve showing up, en mass, at the doors of the offending party and picketing. Nothing like a group of dissenters outside your break-room window to make you think twice. As companies transition toward internet storefronts, it seem logical to me that those presences would be picketed too. DDoS isn't harm, it is interruption, in much the same way picketing is. Just because you cannot SEE the people standing around, doesn't mean that the interruption has a new aspect. To me, the escalation point beyond this is where the line is drawn. Much like a protest is considered civil until someone throws a brick through a window, the DDoS seems legit until someone hacks a site. I do not support this recent action.

On the nature of Wikileaks, I would suggest this; the information they are releasing is generated elsewhere. They are not forcing our nation to do terrible or embarrassing things, they are simply revealing the shit we like to keep buried. Why vilify them for doing something that punishes bad activity? Don't like the smear it puts on us? Well kick those politicians out of office, retire those generals, and hang those traitors that actually took part in the embarrassing activity, don't lynch the messenger.

Re:Ambivlance

[_Sprocket_]

So what you're saying is that you believe this company is a good stock pick because they know how to game people who game the media?

Re:Ambivlance

[Sarten-X]

I recall hearing about an "upcoming" Bank of America leak as one of Wikileaks' first projects. Apparently it's become a bigger deal in the past few weeks, but I'm not going to hold my breath.

The Cablegate documents still had exact names, places, and times included. It's enough to easily reveal cover identities for traveling VIPs, common itineraries, and political opinions that are supposed to remain private for diplomacy to work. Competent sanitizing requires removing not just things that look risky, but also tiny details that are only meaningful to someone who knows what to look for. To this end, leaked documents are usually (prior to publication) given to someone who already knows everything, to provide a chance for those little details to be cleaned up properly. Were the embassies given such a chance? Not by a long shot.

I'm talking about public editing and commenting, which used to be a major part of WikiLeaks when it launched, just like you'd expect from the name. Since then, however, less and less public input has been allowed, and now all editing comes from within Wikileaks itself.

Re:Ambivlance

[HeckRuler]

I like the USA. I'm a fan. It's done some good things in the past and it's a pretty good model for how to run things. On the whole, people here are more free and more prosperous then people elsewhere. But I like the USA because we're the good guys. When it was us vs. the NAZIs, it was pretty obvious who was the bad guys. I mean, they invaded countries and were conquerors. And while we really screwed over the local Japanese, the Japanese empire was really brutal.
When it was us vs. the Soviets, it was more or less apparent that we were the good guys. I mean, we really REALLY screwed over most of Latin America, and the whole "proxy war" thing was a series of quagmired that brought a lot of people down, but they kept their people in line with tanks, and had a culture of political murder. A bunch of people starved in the Urals, and people lived in fear. Well, ok, we lived in fear too, but it wasn't fear of our government.

And then we were kinda the top dogs for a little while. And we were supposed to be the good guys. We donated money, encouraged democracy, and were trying to do good. Our corporations kinda screwed over some people, but nothing as bad as interim camps.

But then we started invading nations. And breaking laws. And being international bullies. And lying about it. And then not even bothering to lie about it.
I like the USA because we're the good guys. But if we're doing things that paint us as the bad guy, then we need to stop doing that, and fix it. The first step to doing that is to know about it. And wikileaks certainly helped the USA there. There is the virtue.

As for throwing rocks, some people don't have any other resource. And wikileaks isn't exactly hurting for cash. Disobedience isn't a great option, but sometimes it's the best (although this LOIC thing was retarded). Or do you think that the colonies never should have revolted? Or that Tunisians and Egyptians should have just sat down and been quiet?

Re:Ambivlance

[MrSenile]

This is what happens when parents let government raise their children.

Look around, and stop pointing the finger at others.

Re:Ambivlance

[_Sprocket_]

If these Anons are, as we are led to believe, under the age of caring, why are these actions deemed so wrong? Shouldn't they be seen as the only appropriate action?

Do we know that these individuals are any given age? And is age itself an excuse for inappropriate behavior? How does age make this an "appropriate action?"

UK and US children have known nothing but war since they day they were born. Sadam makes a threat, we bomb him. Sadam does a naughty, we bomb him. Bomb on planes and trains, we carpet bomb someone. And we expect our own offspring to behave themselves when faced with authority? I think we're asking too much of them. Until our own actions change, virtual bombing will continue.

Oh please. Just because you don't agree with the politics associated with Iraq doesn't mean every other illegal act is excused. If it were, we could cherry-pick events from any given time in history and use that as our defense as we stand before a judge.

Re:Ambivlance

[hey!]

Well, I don't know about the revelations being pointless (although in the end I think they'll be largely harmless), but that has little to do with the ethics of Wikileaks. Reportedly Assange was initially indifferent to the risks the Iraq War Logs posed to civilians who may have talked to US forces, dismissing them as "collaborators". I've certainly heard his supporters taking this blanket position. This is really just the mirror image of George W. Bush's "you're with us or against us" way of looking at things. There are way more than two sides to the Iraq question, and even if there were only two sides, condemning somebody to the risk of reprisal based on hearsay seems unreasonably callous to me.

It's the apparent narcissism of Assange and his Anonymous partisans that arouses my skepticism. That doesn't mean they're necessarily wrong in every case, or that they can't do good things. It means their ethical judgment is questionable. At least it appears so to me. They don't seem to be able to imagine anything they do as wronging anyone so long as they have good intentions. I distrust self-righteous crusaders or jihadists of every stripe, because their world views so often deteriorate into simplistic, one-sided narratives of their personal persecution or heroism. Such people often do much good in the world, getting out ahead of other people on important issues, but their genuinely heroic deeds shouldn't cause us to view them uncritically.

Re:Ambivlance

[Sarten-X]

Politicians do not care

Politicians, like most humans, actually do care about doing what's right, and can be swayed by well-presented arguments. Show them a bunch of whining children, and they're not likely to think that cause if justified. Show them a well-written evaluation of options, and they're likely to listen. That's how lobbyists work: They're skilled at making persuasive presentations from any perspective.

Laws as you say apply to everyone, the US govt has broken many laws over the last 10 years

Laws do apply to everyone. If after a thorough investigation there is sufficient proof of wrongdoing, punishment may be applied. The military officers who intentionally commit war crimes get disciplinary measures. Fortunately, there is forgiveness for acting without criminal intent. Almost all reputable intelligence in 2003 believed that Iraq had weapons of mass destruction.

Also fortunately, just because you do not like something does not make it a crime. The issue of depleted uranium munitions has not been considered by the U.N., so it is not yet a crime. That's mostly because a bit of trivial research shows that there's no conclusive evidence that depleted uranium is particularly more harmful than any other kind of weapon.

When is Bush going to go on trial for selling his Arbusto shares?

Let's see, here... Bush sold $800,000 worth of his oil holdings in 1990, after investing in a baseball team in 1989 which had required a $600,000 loan. He devoted his time to the team and his father's presidential campaign. It looks like a standard financial shift to me. I could be wrong, though... I'm sure your keen investigative skills will come up with more evidence, despite a SEC investigation finding no wrongdoing. It looks like the answer to your question is "never, thankfully."

It seems the U.S. justice systems serves only laws, and not every whim of an easily influenced society. It also seems like that might be intentional. The representatives can quickly meet the opinions of those they represent, but actually passing laws takes time and stable effort. Enforcing those laws is steadfast and comes after an investigation. Those folks 200 years ago must have actually been thinking.

Re:Ambivlance

[Cormacus]

I wish I had mod points to use on your post. "...I like the USA because we're the good guys." And if we're not the good guys (ie, if people in the government are making "bad guy" decisions) then people need to know about it and it needs to be fixed. Taking the high road is never fun, but having that integrity as a nation just seems like an important goal.

Re:Ambivlance

[Sarten-X]

Does that EVER work?

I've personally been involved in several successful protests. Make enough of a show, and representatives can plainly see what their constituents want. On the commercial side, yes, protests also often work.

DDoS isn't harm, it is interruption, in much the same way picketing is.

Picketing works because it's visible. A DDoS harms because innocent bystanders, with nothing to gain from either side. To quote another poster in another thread, "what about all those mom-and-pop online stores that lost a day's business because of the attacks?" A DDoS is less like picketing and more like setting off a bomb inside the store. It's an interruption for a while, with no concern for consequences.

On the nature of Wikileaks

There is a major difference between honest reporting and actively seeking to cause damage. Did Wikileaks consult with the U.S. military to make sure its many war documents didn't reveal troop placement? Did they verify that the embassy cables didn't jeopardize diplomatic relations? Wikileaks isn't just punishing bad activity. They're pushing a political agenda that punishes anything Julian Assange doesn't like, with no concern for consequences.

That's not to say I approve of everything my government is doing, but I don't think Wikileaks' policy of bridge-burning is an appropriate mechanism for change. I'd rather stick to the more civil methods of protest, that don't involve putting others needlessly at risk.

Re:Ambivlance

[KingMotley]

A good security firm doesn't lock down everything super tight. It can be done of course, but doing so is a major inconvenience. A good security firm knows how to manage risk, and apply enough security to outweigh the risk. As if any of those things that got "pwned" are of any real consequence.

This is the equivalent of someone running up and spray painting the side of an armored truck and declaring victory in defeating their security. lol.

Or perhaps calling into question how safe a bank is because someone stole their mailbox.

Re:Ambivlance

[vertinox]

"Wikileaks' supporters could raise a billboard encouraging support of Wikileaks' mission."

In the USA, the majority of billboards worth a hoot are owned by Clearchannel, who I have a feeling would not allow a pro-Wikileaks billboard to be posted.

Also, in that regard, do you think Mubarak would even consider stepping down if the Egyptians posted a billboard? I think not. Hence, the 'illegal' protests in the street.

Re:Ambivlance

[ginbot462]

Calm and measured commentary. What's wrong with the internet today? "Everyman envisages eloquent effigy."

Re:Ambivlance

[Sarten-X]

And wikileaks certainly helped the USA there. There is the virtue.

I'm in agreement all the way up to that point. Is it virtue to set someone on fire if they're freezing to death?

My complaint isn't with the idea behind Wikileaks. I'm all for a transparent government, where it's necessary. I don't believe it's necessary to have every detail of daily military action paraded out for enemies to see, whether or not the war was justified. What I want to see is responsible redaction, impartial releases, and input from the public on every released item. So far, Wikileaks has failed on all of those.

As for throwing rocks, I think that just about everyone involved in the DDoS attacks could have sent an email or two to MasterCard's customer support, instead. A few hundred thousand emails has caused change before, and wouldn't involve breaking laws. Prior to the American Revolution, the colonists petitioned for over ten years to have their injustices addressed. Likewise, the Tunisian and Egyptian governments have ignored protests for quite a while.

It's certainly time for transparency and accountability, but not by abandoning all pretense of civil action.

Re:Ambivlance

[Sarten-X]

...except that a DDoS harms innocent bystanders, breaks laws, and carries all the tact and civility of a flying ball of manure.

Re:Ambivlance

[St.Creed]

Apparently, they didn't update their risk assessment after going live in the news about "how they are attacking anonymous" (who?). And that is a fatal flaw with a lot of security theater in companies: it only gets done once, when what you need is constant maintenance. Shees, even ITIL standard procedures recommend this for business continuity and that includes security.

Its like this: normally, you have a nice wooden house and open windows and a normal door. And suddenly a class IV hurricane approaches. You are warned in advance. So... you just pretend nothing changes, or do you board up all the windows and prepare the shelter? These folks just ignored the entire hurricane and are now turning into security laughingstocks.

This is nicely undoing their bold plan of first getting a lot of attention in the media (score on that) and capitalizing by showing what a professional and loyal security firm they are. I see nothing that could have hurt them worse than this, right now. Except when the files captured had included kiddy porn. And had been posted on wikileaks. But apart from that, their reputation just took a hit and reputation is all you have in business.

Re:Ambivlance

[publiclurker]

I'd consider the personal information and SSN of the firm's principal to be of real consequence. Then again, I'm apparently a lot more knowledgeable as to what constitutes a good security firm than you appear to be.

Re:Ambivlance

[HeckRuler]

Of course we don't need every detail of daily military action to be broadcast on the media. That's a ludicrous caricature, and is not what's being debated here. Wikileaks has certainly tried to have responsible reactions and we've certainly had input from the public and everything and anything. With their philosophy of dumping everything except the reactions rather then simply publishing the "juicy bits", they've probably missed a few sensitive portions. I've only seen one so far. And Iranian fencer. But they dump everything in an effort to be impartial. Remember when they posted that "collateral murder" video? Because they edited it for time, everyone claimed that they were blatantly anti-American. So there's a bit of a balance there. With the Internet age and everyone's mother being able to parse through all of it, I prefer the large dump which can be sifted through by the aggregates.

So I don't believe that wikileaks has completely failed on any of these counts, but could probably do more to remain impartial. I mean, Julian is kind of an ass.
But really, what could wikileaks do to make the public comment more on their actions?

You're right about the more moderate channels of protest being a more civil route of action. But I'm not so sure that it would have had as much of an impact as, well, throwing the digital rock through their front window. I've no doubt that Mastercard receives hundreds of thousands of email. Most of it spam. Which is completely ignored. A small public outcry from some punks on the internet would probably have about as much impact.

I agree about the civil action thing. I don't think it's time. But that time will come if and when I lose confidence in the ability of legal civil action to affect the world around me. Other people have differing levels of confidence. Some will never believe in the system, and society needs to deal with them. Others will never doubt the system, they too need to be dealt with.
You know what? I think I'm going to go write a round of flamemail to Mastercard and Amazon tonight. And maybe that dumbass in congress that wants drones to fire missiles into London.

Re:Ambivlance

[HeckRuler]

uuughhhh.... redactions....

Re:Ambivlance

[Sarten-X]

You missed "jury box" which is where law and order is upheld, and those who disrupt civilization for their own motives are brought to justice. Conveniently, it's also right where the DDoS participants are headed, where it will (possibly) be decided whether a DDoS is an act of protest or malice.

Re:Ambivlance

Hmm... I would say having 50,000+ corporate emails becoming public is a bit larger than spray painting their site.

Also... since the personal accounts of the CEO of the corp were hit... it would imply that he doesn't use strong passwords/uses the same password everywhere. It really is not someone you would want to take security advise from.

Re:Ambivlance

[Weegee_101]

Billboards would be impossible, but nobody in the United States nor most western nations would stop anyone from sitting in the streets protesting. The DDoS attacks were (in some cases) actively disrupting the companies ability to do business, and thus were illegal. Mubarak's regime had no concept of freedom of speech, but most of the western nations do, including the ones they were targeting, so they would have no problems here.

Nothing is stopping any of the anon people from holding a legal protest rally at multiple locations all over the world, the fact is that they didn't and they chose instead to attack these businesses. The sit-in metaphor doesn't work because a sit-in is legal as long as it doesn't cause a complete disruption of business. That is, you picket outside the front of the building, but people (if they want to try depending on the size of the crowd) can still get into the business. What Anon did is closer to sitting inside the lobby of a building making sure nobody could get past them.

The truth of the matter is that they're just children having tantrums. I'm guessing the lot of them have a distorted view of how the world works.

Re:Ambivlance

[Labcoat+Samurai]

Also, in that regard, do you think Mubarak would even consider stepping down if the Egyptians posted a billboard? I think not. Hence, the 'illegal' protests in the street.

What on earth does this have to do with Mubarak? He said: "Perhaps I'd feel differently if there were no outlet for protest other than a DDoS, but there are." You don't get to just point to Egypt and then sit back and congratulate yourself on a job well done. He's accounting for that already by expressing the opinion that this situation is inherently different.

Re:Ambivlance

[Labcoat+Samurai]

So the goal is press? Would you say, then, that Anonymous's press has helpful to Wikileaks? I know I wouldn' t.

Re:Ambivlance

[Wolfling1]

This is the closest thing I've seen to a mature assessment of Wikileaks and Anon so far. 'Our society' (as a member of the western world) exists somewhere between excessive government control and an absence of government. Our government is attempting to drag us towards one end of the scale, and anonymous are attempting to drag us back the other way.

I seriously doubt that Anonymous wants us dragged all the way to anarchy. Even on Fight Club, there was some sense of order. It occurs to me that Anonymous just believes that our society is too far towards the other end of the spectrum.

I don't believe that there is a perfect balance point in the middle. I believe there is a tolerable range, within which the majority of society can function. Anonymous believes that we are outside that range. If Anonymous turns out to be correct, it will receive wider support from society, and government will be forced to improve. In the meantime, the majority of society believes that Anonymous' actions are illegal, and will continue to support government action against them.

I suspect that many Slashdot readers, whilst not being active members of Anonymous, harbour a soft spot for them, and would actually be a little saddened if they were quashed by society's governing bodies. Anonymous serves a useful purpose in society, even if it does so illegally.

Re:Ambivlance

[mywhitewolf]

Were the embassies given such a chance? Not by a long shot.

I guess Wikileaks got disheartened last time they asked for the US to do this? the guy was being a vigilanti by "secretly" gaining knowledge of members of Anonymous. who then made a public announcement to the effect of "look at me, look how good i am, i could turn heaps of Senior members of anonymous into the feds if i wanted to". he should feel lucky that he didn't do this to the mafia. Anonymous responded by destroying that information (protect them selves) and destroying Aarons reputation as a security expert. This isn't an "anonymous protest against free speech", this is someone making public announcements at the expense of some random people. who have the means and the ability to exact revenge.

Re:Ambivlance

[Sarten-X]

Sorry, but you seem to misunderstand me a bit. My problem is mostly with Anonymous, not Wikileaks.

My opinion is that what Wikileaks has done is not against the law, but morally wrong nonetheless. They release sensitive information with only minimal care for whether harm could come from it. Whether it's against U.S. law or now is for a U.S. court to decide, which hasn't happened yet.

Since it wasn't apparently clear here, I draw the parallel between Jack Ruby and Anonymous. They break the law to do what they think is right, and as such they ought to face the consequences of breaking the law. Where they come from doesn't particularly matter. Jack Ruby was a boxer and business owner before he decided, apparently on a whim, to commit murder out of patriotism. Likewise, Anonymous might be touting "human rights" or "free speech" or whatever their cause of the week is, but at the end of the day they're still just causing havoc.

What sets the U.S. government apart from Scientology (or most other non-governmental groups, for that matter) is that the U.S. government is duly appointed by me to serve my interests. I voted for it, and I continue to express my interests to my representatives. Corruption and elitism, for as much as the media loves a good scandal, simply aren't that common. What's more common is plain old disagreement. It's hard for any politician to get anything accomplished, and I can understand that. I'm not going to start attacking businesses when my opinion isn't in the majority. The government isn't this elitist group of politicians from a higher caste. They're elected people like you and me. My hometown's mayor was the local barber before and after his term.

I intend to paint Anonymous as I see them: a disorganized mass of people without the courage to actually commit anything significant to a cause. They don't offer their time, their money, their name, their reputation, or any meaningful skills to a protest. That's why letters and petitions are actually meaningful. They represent an actual person's opinion, carrying the full weight of that person's contributions to society. In a DDoS, the only statement carried by an attack is "I cause harm." How is that kind of sentiment supposed to convince anyone that your cause is worthy?

Re:Ambivlance

[mywhitewolf]

Did Wikileaks consult with the U.S. military to make sure its many war documents didn't reveal troop placement?

Yes, they did. the U.S. military refused. guess that takes your wind out of your sales then?

Wikileaks is a media outlet just like fox news. you support the actions if its against China's propaganda machine but when it goes against your propaganda machine then you resist it.

Re:Ambivlance

[mywhitewolf]

its a protest, not a petition Geez. a 4 year old gets how to protest.

Re:Ambivlance

[virtualXTC]

This is the equivalent of someone running up and spray painting the side of an armored truck and declaring victory in defeating their security. lol.

Wrong! next time RTFA:

"in addition to the other damages, Anonymous also deleted the firm's backups"

Re:Ambivlance

[KingMotley]

Ok, it's the equivalent of stealing the spare tire that is bolted underneath the armored truck. Oh noes.

they have a remarkable sense of humour.

They deleted all the content on his iPad.

that's beyond hilarious

Re:they have a remarkable sense of humour.

[Chrisq]

They deleted all the content on his iPad.

that's beyond hilarious

He doesn't know which is worse, the loss of data or being publicly outed.

Re:they have a remarkable sense of humour.

[Stenchwarrior]

I'm sure he was one of the idiots who was scammed by Apple into buying a MobileMe account for peace of mind "cloud backup"..

Re:they have a remarkable sense of humour.

[EasyTarget]

The bit where they used his own twitter feed to announce and link to the release of the 'document' that he was going to sell to the Feds was quite funny too :-D

The moral of the story...

[Assmasher]

...don't jump into the deep end if you don't know how to swim.

Who saw this coming ?

[MooPi]

HBGary- Good god we didn't see this coming. We pissed off a bunch of volatile crackers and didn't prepare for this unexpected attack Hmmmmmm. But we a security experts :(

It's all fun and games until you end up in

Federal pound you in the ass prison. Seriously... It may be a laugh riot for the mob of 15 year old script kiddies to thumb their pimply noses at the suits and squares, and hide behind a "we r legion, lutz!"... but with any criminal conspiracy, the actions of one of the members all are attributable to the rest. All it will take is a few supoenas, some jail time for a few members, and anonymous will go away. No, for reals, yo. It's real brave to participate in a ddos when they can't fathom any consequences for their acts, but once they see other members getting thrown in the hoosegow, the whole "you can't shut us down!" becomes "gee, i hope the community college down the street will admit convicted felons." petty vandals hiding behind anonymity, not a bunch of masked crusaders for great justice.

Re:It's all fun and games until you end up in

[crow_t_robot]

hiding behind anonymity

*Posted by AC

Re:It's all fun and games until you end up in

To address your first point, no, not even a pile of convictions will shut down Anon. You are absolutely, unfathomably silly if you think it will. Or, maybe you just don't really know any of these guys. Sure, it'll scare off plenty, but for every Anon it scares off, it'll attract several more, some of which will actually have better than average skills in computer security... uh... testing.

As for petty vandals, I tend to agree. However, I assume that their lack of leadership, foresight and proper targeting of their group skills is why they end up looking like petty vandals. I also assume that a charismatic leader, with the right bent, could pretty easily corral Anon into a serious social force. Not that this is likely, but all the seeds are there.

Justice as a goal or not, Anon has proven that a bunch of twits with internet connections can have a real impact in the world. Unfortunately for them, they mostly proved that by getting themselves arrested. Better targeting and the same "for justice" spiel could take that group and make it something we'd all have to actually take seriously.

Don't worry, it won't happen.

I think this is great

[Stenchwarrior]

And I really do hope they get away with it...kinda like LeoDi's character in "Catch Me if You Can", but these things generally end up badly for the bad guys when things start to go public like this. HBGary will probably hire someone who actually knows his shit and tack them down; eventually someone will screw up and put a decimal in the wrong place or some mundane detail like that.

Re:Smells like....

I believe the OP was referring to the entire thing being an inside job. I.E. Someone within the company (or in the government) was the source of the idea in the first place. I see the thinking here (false-flag). The government gets the "information" for free, HB Gary gets tons of exposure and credit, Anonymous is painted as "getting more dangerous", etc..

Brilliant, really, if people buy into it. Many will.

Line between Civil Disobedience. . .

[JSBiff]

Civil Disobedience is, as far as I know, marked by breaking unjust laws, and then *accepting the consequences* by going to jail, or whatever, to show society the unjustness of the laws, and to win sympathy to your cause.

I believe Anonymous stepped way over the line of Civil Disobedience long ago, with retaliation upon retaliation and attempting to avoid being caught. I really just have to view Anonymous as largely a group of criminals who deserve to be in jail for engaging in openly criminal activity - I can't see that laws which make it illegal to perform DDoSes against legal businesses, or to make unauthorized access to other people's computers, are fundamentally unjust.

These guys are definitely not in the same class as the followers of Ghandi or MLK.

Re:Line between Civil Disobedience. . .

MLK's followers DDOS'ed lots of businesses by tying up tables while getting arrested when they refused to sit in the colored section.
Ghandi's followers DDOS'ed the whole country by marching around and not doing any work whatsoever.

I'm pretty sure these both occured to legal businesses as well.

Re:Line between Civil Disobedience. . .

[Rakshasa+Taisab]

The myth of 'Civil Disobedience is all about getting caught' is spread by those who don't like the goals of today's civil disobedience, only those of yesterday.

Seriously, imprisonment is how you _FIGHT_ civil disobedience, and you're a moron for thinking that's somehow how you go about succeeding in changing anything.

Re:Line between Civil Disobedience. . .

[Atrox666]

I hope they're not in the same class! Ghandi had his country break up and on both sides are now corrupt and autocratic. MLK got shot.

Let's let the assholes suffer the consequences instead of being stupid enough to fall on our swords in a vain attempt to elicit a pity party.

Re:Line between Civil Disobedience. . .

[chichilalescu]

In one of the Anonymous/DDOS discussions, I saw someone compare a DDOS to picketing, which is legal in some countries. I have no idea what the laws are in the various countries involved, but the question is like this: assume I don't like a store, and I go in front of it and try to stop people from going in. If that is legal (with certain conditions), than what type of action am I allowed to take against websites?
I'm just curious if someone has an answer to that.

Re:Line between Civil Disobedience. . .

[Jim+Hall]

I saw someone compare a DDOS to picketing, which is legal in some countries. I have no idea what the laws are in the various countries involved, but the question is like this: assume I don't like a store, and I go in front of it and try to stop people from going in. If that is legal (with certain conditions), than what type of action am I allowed to take against websites?

At least in the US, picketing is legal if you do not prevent people from going about their business. As soon as you prevent people from going into the store, or keep workers from crossing the picket line to get to their job, etc. then that's illegal.

Basically, picketing is based on the concept of free speech, and protected by the First Amendment. March up and down all you like, on the public sidewalk in front of the store, or in other public areas. Carry your signs, chant your slogans, that's all protected speech. The analogue for websites is that you can feel free to discuss the relative "badness" of a website (for example, HBGary) in the comments section on their website, on your blog, whatever. But that does not mean you can take down their website and replace it with an image/message of your own.

IANAL.

Re:Line between Civil Disobedience. . .

[fuzzyfuzzyfungus]

I suspect that neither Wikileaks nor Anonymous are interested in engaging in "Civil disobedience".

In the case of Wikileaks, they aren't "Civily disobedient"; because they don't actually tend to break laws. They do obviously have some contact with people who do; but their operations(while deeply unpopular) are not illegal.

Anonymous, on the other hand, is perfectly happy to do illegal things; but doesn't seem to see the point in getting punished in an effort to maintain the moral high ground. They are(aside from the ones who are in it purely for amusement), essentially engaging in the logic of retributive or revolutionary violence, albeit in bloodless and electronic forms. Irregular resistance fighters have no interest in being caught to "generate sympathy", they have an interest in inflicting damage on strategic targets, obtaining intelligence, discrediting their enemies, and then getting away(so do criminals, of course. The classification depends on the percieved legitimacy of their actions).

As you say, these guys are definitely not in the same class as the followers of Ghandi or MLK. This appears to be by design. Wikileaks, by all appearances, is interested in maintaining a legal operation to lower the cost of whistle-blowing in situations where that could open one to heavy retribution. Anonymous, while too nebulous to have a single agenda, consists of a sort of core that has embraced the logic of violent(but bloodless) direct action, along with a cloud of recreational me-toos who participate in some of the more trivial ops.

Whether you think that this is good, bad, or just a matter of style is a different question; but it would appear that they are not aiming at "Civil disobedience"(having judged it as either too personally costly, too ineffective, or perhaps both)...

Re:Line between Civil Disobedience. . .

[Herkum01]

While an ideal attribute, civil disobedience is often weak tea. If someone who is protesting something unjust, has to take all the risks to bring about a level playing field, it often just does not work. Unless a HUGE number of people are involved, it does not work.

Take the protests in Egypt, Mubarak has been president for 30 years! He has ruled completely for that time. It is taking over 2 million protesters showing up at once to even make a grudging change at all. And there is no guarantee that any of the changes being promised will be more than cosmetic at this point.

Anonymous is not going to organize a protest to actions taken against Wikileaks, (which has been anonymously DoS itself but unknown agencies), so they do a DoS at least for a noble ideal if not noble in action.

So you have a company that figures they can make a buck off of it. Should they expect their actions to be ignored? That their actions should not have consequences as well (actually, that is the whole point of a corporation, to avoid individual liability). The hacking by Anonymous to retaliate is really the only option they have.

Re:Line between Civil Disobedience. . .

[_0xd0ad]

picketing is legal if you do not prevent people from going about their business. As soon as you prevent people from going into the store, or keep workers from crossing the picket line to get to their job, etc. then that's illegal.

But your very presence prevents someone else from occupying the space that you're taking up. If a crowd of people descends on a business, its legitimate customers would have to press their way through that mass to do business there. Ever tried to get to the front of a concert?

Re:Line between Civil Disobedience. . .

[Paradoks]

The myth of 'Civil Disobedience is all about getting caught' is spread by those who don't like the goals of today's civil disobedience, only those of yesterday.

Please, don't make the English language less flexible.

Those who break laws publicly in order to point out the unjustness are practicing civil disobedience.

Those who break laws secretly in order to point out the unjustness, while hoping not to get caught, are practicing vigilantism.

Those who break laws secretly, while hoping not to get caught, are merely law-breakers.

None of those positions are inherently good or bad. If this were about copyright infringement, the civil disobedience group would be the people who admit they pirated stuff, but fight the charges anyway. The vigilante group would be those who go out of their way to pirate, oh, Disney films, and spread them far and wide anonymously. The law-breaker group would range from people singing "Happy Birthday" at public events to those making millions by pirating new movies and selling cheap copies.

Calling a vigilante someone who is practicing civil disobedience reduces the flexibility of the language in an attempt to drape the moral high ground of civil disobedience around the shoulders of the greyer vigilantism.

Re:Line between Civil Disobedience. . .

[Raenex]

The myth of 'Civil Disobedience is all about getting caught' is spread by those who don't like the goals of today's civil disobedience, only those of yesterday.

"Under a government which imprisons any unjustly, the true place for a just man is also a prison."

That's from Thoreau's Civil Disobedience essay. He refused to pay his taxes because of slavery and the war with Mexico. He was sent to jail, but ended only spending a day because somebody paid his taxes for him.

Whether you agree with him or not, that's the root of Civil Disobedience. It is true that he didn't say that you should go out of your way to be caught, but he was also willing to go to prison rather than fund the government.

Re:Line between Civil Disobedience. . .

[poity]

Blacks in America sat in whites-only establishments in direct contravention of an unjust law -- they broke laws of segregation in order to highlight to the public the systemic injustices placed upon black Americans. What law is Anon directly disobeying to highlight its injustice? All they've broken are laws against computer fraud and abuse. What injustices within computer fraud laws does that highlight? I can understand if Wikileaks mirrors were shut down or reading WL material were made forbidden to the public, and individuals come together to help each other set up servers and to access them in defiance of government censorship. You could draw an equivalence if that were to happen, but what Anon is doing right now is NOT the same as civil rights era civil disobedience.

Re:Line between Civil Disobedience. . .

[Maritz]

Mod parent informative.

Re:Line between Civil Disobedience. . .

[jsepeta]

Ghandi and MLK operated with the knowledge that there was a free press reporting on their actions, taking photos, and writing stories that got to the bottom of the truths for which they were standing up.

Today's press is mostly a bunch of cowardly slackers who don't do much investigative reporting and shell out poorly-written pieces with some minimal entertainment value. Anonymous cannot count on today's press to do any authoritative reporting that speaks truth to power. Since the environment has changed, so too must the methods of disrupting the status quo, a system which many of us find oppressive. As Jello Biafra encouraged us to do a decade ago, we must throw a monkey wrench into the system. Listening to No Agenda is not a bad way to begin your week.
http://noagenda.mevio.com/

In the morning to ya'!

Re:Line between Civil Disobedience. . .

[Raenex]

It's 100% relative if you want to talk about what Civil Disobedience means, and how it is being redefined or not.

Also, the fundamental issues haven't changed at all. Slavery might not still be an issue, but there are still unjust wars and laws. Just ignoring something because it was written a couple of hundred years ago is obtuse.

Re:Line between Civil Disobedience. . .

[publiclurker]

If that were the case, then he would have refused to have someone else pay his taxes and stayed in jail, rather than have his proxy do the "dirty work". I think you need to try another example.

Re:Line between Civil Disobedience. . .

[poity]

Name one of these laws that the government is using/abusing in order to keep people from accessing information, then tell me in what manner Anon has, with civility, disobeyed these laws in order to expose systemic injustice to the public. Only then can their actions be called civil disobedience. Until that time, we can only call it what it is: retributive attacks and vigilante justice.

Re:Line between Civil Disobedience. . .

[Raenex]

You want me to find another example of somebody who wrote the original essay on Civil Disobedience? Maybe you don't believe his actions went far enough, but his essay was the one that popularized the term Civil Disobedience.

There are plenty of people who have gone to jail over their refusal to follow an unjust law, without any get out of jail free cards either, so you really can't be asking for an example of that.

owned?

[myoparo]

From screenshot of defacement in TFA:

"But its not about themits about our audience having the right impression of our capability and the competency of our research. Anonymous will do what every they can to discredit that, and they have the mic so to speak because they are on Al Jazeera, ABC, CNN, etc. I am going to keep up the debate because I think it is good business but I will be smart about my public responses."

Wow, just wow. I'm sure what just happened is "good business" for this security firm, since they have been "hacked" by a group perceived to be nothing more (or sometimes even less) than "script kiddies". Embarrassing.

Now this is truly amusing

[1_brown_mouse]

Just reading the ./ post from yesterday and now this!

This is the best Monday EVAR!

Misleading summary as always

[SignalFreq]

source article

There was no FBI involved in this. It was some random company's attempt at PR (I'm sure they regret it now). The original article even says that the information would not be useful to police and that they planned to give it away at a conference in San Fransisco next week.

Not exactly "cooperation with an FBI investigation"

Seriously Slashdot... when are you going to hire editors who actually verify submissions before letting them onto the front page. No better than the national enquirer...

Re:Misleading summary as always

[Cruciform]

Slashdot is an aggregation site. The editors are better described as filters.
The readers are the verification process.
This is how it's been for well over a decade.

If you'd like to improve on the process, grab a copy of the software, start a site, and let us know where to find you. (not being facetious)

Re:Misleading summary as always

[krazytekn0]

Seriously Slashdot... when are you going to hire editors who actually verify submissions before letting them onto the front page. No better than the national enquirer...

haha..."editors"

Re:Misleading summary as always

[NoSig]

Please don't encourage the editors to edit. They just make the submissions worse. You are not here for the editing, you are here because other people are here to comment and submit stories.

Re:Misleading summary as always

[Fred+Ferrigno]

I'm sure they're cooperating with the FBI now. The attack is a crime in itself and will doubtlessly be investigated.

Good guys and bad guys

HBGary investigates and attempts to infiltrate Anonymous:Good guys just doin' their jobs.
Anonymous investigates and succeeds in infiltrating HBGary: Criminals... sick sick criminals.

Re:Good guys and bad guys

[mywhitewolf]

don't forget that anonymous also posted all the information they found, oh wait, HBGary was going to do the same thing on "supposed" AnonOps. i guess the plot thickens.

keep it up

I am sure that if they dig deep enough into "HBGary Federal" they will find enough crap to make the world say well screw you HBGary Federal , All the stuff they have hidden away that they have NO rights having at all in the first place like stuff on 90+% of you lot on here most of which you would rather was not known that would make you sweat like a stuffed pig if it got out .

If anything groups like Anonymous need your support

Why bother with proxys

[Doodlesmcpooh]

If the hackers were UK based then they just have to buy a wireless dongle. You just lie about the information on the registration screen and away you go untraceable. Granted they will be able to triangulate the signal but its easy enough to drive somewhere quiet with a laptop and do it. Failing that they could just hack some poor old ladys wireless and use that. Both of these options are simple to do and less hassle than proxys.

Re:Why bother with proxys

[medv4380]

The UK? The poster child of Big Brother is watching you with CCTV? They can only triangulate your position at a particular point in time? What's to stop them from say... looking at the CCTV footage at the particular point in time? Not only could they have a picture of you but then follow the footage of you though out the day. Who cares if you fibbed about your identity on the login screen. Eventually you have to go home or talk to friends and they'll see that.

Re:Why bother with proxys

[1u3hr]

No need to "hack" anyone to get untraceable access.

Just take a laptop to a cafe with wifi. Or a public library, university, hotel, etc, etc. Not to mention the large number of businesses and homes with unsecured wifi by default.

Re:Why bother with proxys

[Enigma23]

Just be careful that Google doesn't data mine your WiFi details in the meantime...

Re:Why bother with proxys

[ceoyoyo]

I'd suggest not doing it in downtown London. Although, it's probably pretty hard to figure out who it was given a zillion people in an area with laptops anyway.

CCTVs aren't magic. Not even in the UK.

Re:Why bother with proxys

[John3]

More and more businesses have digital video surveillance systems in place. They are installed to be used in cases of theft, robbery, assault, etc. and not to track the use of WiFi. However, if the police show up a few weeks later and subpoena the DVR they will have video of everyone in the coffee shop, library, etc. Look up on the ceiling next time you are in a hotel lobby, coffee shop, or university and see if there are camera domes.

Re:Why bother with proxys

[1u3hr]

However, if the police show up a few weeks later and subpoena the DVR they will have video of everyone in the coffee shop, library, etc. Look up on the ceiling

Unless you DO look up at the ceiling and hold your driver's license up to the camera, it will be pretty useless to ID you.

I like it!

[Nursie]

"They belvin'd me!"

Greg Hoglund the other owner of HBGary?

[Securityemo]

That guy's a really well-known security author/researcher, mostly from his books and from the rootkit devel community rootkit.com, which now seems to be down as well. Take a look at http://krebsonsecurity.com/2011/02/hbgary-federal-hacked-by-anonymous/

They managed to social engineer a site network admin into giving them SSH access. Hoglund has apparently given a phone interview of some sort, but I can't find a transcription if one exists.

Re:Greg Hoglund the other owner of HBGary?

[cbhacking]

Social engineering is occasionally made out to be far more complex than it really is. The impressive part was already having enough access (a commonly used password, and his email account) to be in position to gain more access. Once you've got that, it's not that hard to fabricate an email or two.

Of course, there are still security measure that would help. If he'd signed his mail and the social engineering messages had arrived unsigned or with the wrong signature, that would have been a tip-off.

Re:Greg Hoglund the other owner of HBGary?

[Securityemo]

What's difficult about social engineering is probably just the shamelessness required to directly lie to and misdirect people.

Re:Anomyous as largely a group of criminals.... WT

[JSBiff]

Normally, I would agree with you, but the DDoS, in particular, upon the credit card companies was an organized, concerted effort by a *group* of people all working together. They all communicate together in a common forum (4chan). They aren't acting individually, they are acting corporately.

Wow... you didn't see this coming?

[Raxxon]

Ever heard of a Joe Job (http://en.wikipedia.org/wiki/Joe_job)?

Re:Wow... you didn't see this coming?

[Securityemo]

...Nah. This is a world: it is made of confusion and stupid.

Lessons in security will never be learned

[erroneus]

Good security is too inconvenient for the typical business person. Easy security is invariably bad security. "We want to work from home or the coffee shop and not have to remember stupid passwords!" Tough!

This is especially bad when this is supposed to be a cyber-security focused company! If I were in a decision-making position in the FBI, I would simply walk away from this company without another word. This company is clearly not up to the task of defending itself. How can they be trusted to do good research and deliver good information?

Why is it that when the government(s) refuse to listen to their people, the people get angry? Why is it that governments don't understand or appreciate that this is no small matter? And isn't it a terrible sign that when a people begin acting out against the government and parties involved that the government closes up even tighter refusing to hear anything at all? The result of this behavior is ALWAYS the same -- the angry people get even more angry and will push back even harder.

Wouldn't it be more responsible for the government to at least open up some talks before things get like this and worse? No... I know that won't happen. "We don't negotiate with terrorists!" Fine. Who WILL you negotiate? They wouldn't be "terrorists" if you didn't listen and respond!!

Re:Herp derp

[eyrieowl]

It's amazing how many people don't understand this. "Anonymous" is as smart or as dumb as whichever person wants to ascribe their current actions to anonymous. And the more you have a "fight against anonymous", the more you make it real. It's like a self-fulfilling fiction...someone makes it up, people hear about it, decide they want to be a part of it, and make it real, even though it was never real to begin with. Also.

Re:Herp derp

[Schadrach]

But that's what makes it funny -- people have trouble even comprehending the idea of something that kinda functions as though it were an organization on the outside, but is instead a largely chaotic swarm people who enter and leave seemingly at random, with no real leadership or formal direction, beyond someone painting a target and inciting the great swarming mobs of the internet to attack it.

Hence the whole "We are Anonymous. We are legion. We do not forgive. We do not forget." It is an accurate description -- they are a largely nameless and faceless mob of uncountable number (because who is and is not part changes constantly at a whim), and so long as one of their number recalls something, it can be brought out as a "fresh" target again later.

I saw what was...

[hesaigo999ca]

I read the article to see that this was true hacking, some twitter accounts were compromised, and people's personal data was found, such as address and cell phone info...I guess if someone wants to they can track anyone down, who has not already thought of hiding themselves, but I wonder how they would fair against someone who off the bat, thought against being found, and acted accordingly in their every scenarios....

In the end, the message was made evident...screw with us, you get burned....they are sending a message, at first was just enough to let them know that they supported assange, and wikileaks, but not enough to deal out true damage, now they have gone 1 step further and shown that they can compromise a security firm within minutes...and ruin people's identity and social standing within minutes...seriously, let's look at what is going on....we heard the message, and need to ponder, but the government acting out is just an act of defiance to accept their
accountability in this....and that only leads to more ....so US gov. please accept that you did some wrong, and should maybe pull back

Re:I saw what was...

[Fred+Ferrigno]

but the government acting out is just an act of defiance to accept their
accountability in this....and that only leads to more ....so US gov. please accept that you did some wrong, and should maybe pull back

There's approximately a 0% chance that will happen. No, the government operates pretty much along the same lines that you described: screw with us, you get burned. Retaliation leads to more retaliation. The situation will escalate until the government makes participating in raids uncomfortably risky or the teenagers get bored.

Re:I saw what was...

[hesaigo999ca]

I agree, it boils down to their not giving in to terrorist attitude....but when your typical grandmother becomes a terrorist only because she left her computer plugged in and had some malware or trojan running, and that the acting bodies of the government are too blinded by their own power to see the forest for the trees, I tend to wonder if it is such a wonderful government after all.

Re:This is not hacking

[axl917]

If they want to do something useful they should be gaining access to the corporate intranet and wiping out the servers.

If you had actually read the article, you wouldn't be looking quite so foolish right now.

A honeypot isn't supposed to

[apparently]

give access to real data or harm your firm's business reputation:

From the article:
"The Twitter account of HBGary's CEO, Aaron Barr, was also compromised and tweeted multiple offensive messages, as well as his home address, social security number and cell phone. According to Forbes, the LinkedIn accounts of other HBGary executives were compromised "in minutes.""

That's a pretty piss-poor honeypot if you're a security firm in the business of assuring clients that you have the technical ability to protect private data.

Re:A honeypot isn't supposed to

[catmistake]

Don't you get it? The CEO *is* the honeypot. The real controller of the company is the CFO, in this instance Alexander Humilton, IIRC. Apparently, the two don't get along, resulting in the genius of having the top executive be the honeypot (rather than wasting resources).

Re:A honeypot isn't supposed to

[apparently]

You really need to explain how it is "genius" of the CFO to purposefully allow the firm's reputation to be destroyed. If a potential client can't expect their data to be protected, why would they do business with HBGary?

Re:A honeypot isn't supposed to

[diskofish]

I knew there was a joke in there somewhere.

Why would it be more traceable?

[apparently]

Which side are you talking about, exactly? The stuff done here was presumably a lot more traceable and punishable than a DDoS attack by thousands of angsty teenagers.

The DDoS was using that point-and-click "LOIC" tool that doesn't even attempt to conceal the user's IP Address; what about this attack makes it "a lot more traceable" than the simplest of script-kiddie tools?

Re:Why would it be more traceable?

[somersault]

Because if there are thousands of people taking part, it's going to be difficult to track down and punish everyone involved, if the logs even managed to keep up.

Wow. Black muslim history.

[HornWumpus]

Are you next going to tell us that black Americans invented the term 'motherfucker' and that all other cultures have translated and adopted it? (always as a nice short word, strangely)

That a prehistoric black scientist invented white people?

Black Muslims have an interesting mythology that says more about them then anything else.

Remember "the only way to deal with the devil is don't" and white people are the racists.

Re:Boolean algebra, yeah right.

[Labcoat+Samurai]

What does this have to do with Afghanistan or Iraq? Am I missing something? I thought the story was that HBGary Federal was trying to out people who participated in Anonymous's DDoS attacks and people passing themselves off as "members" of Anonymous responded by hacking their accounts and humiliating them. That's what we're talking about, right? Let's carry the "giant list of things that are worse than that" to another discussion. Or better yet, let's not talk about it at all, because it's beside the point.

And the PR spin:

[kozmico]

“They didn’t just pick on any company, but we try to protect the US government from hackers. They couldn’t have chosen a worse company to pick on.” -Greg Hoglund, co-founder HBGary Source: http://krebsonsecurity.com/2011/02/hbgary-federal-hacked-by-anonymous/

Re:Members

[Gilmoure]

So... where do all these gifts come from every Christmas. My daughter's friends have tried to tell her there's no Santa Claus but certainly seems real to us. Even brought me the Star Wars Landspeeder Lego set I wanted but didn't feel justified buying for myself, right before Christmas. Cool!

Re:This is not hacking

[mywhitewolf]

You didn't read the article did you? the things you're suggesting is exactly what they are doing.... which makes YOU A TERRORIST!.

Haven't I seen

[teknosapien]

this Anonymous around slashdot for years?

Yeah

[Grapplebeam]

Well, like, that's just your opinion, man. I'm also confused as to where people got the idea that Anonymous is anything other than basically the political idea of Anarchy in practice came from. Or that at least a handful of them aren't Black Hat hackers. Or that removing a few kids is going to stop an opt in group where no one else knows you. Or that this was going to be effective. And because I'm unfamiliar with law, is what HBGary did illegal or what?

Re:Anomyous as largely a group of criminals.... WT

[plover]

How can "anonymous" be a group?? People just say the act in the name of "anonymous" but they could say they act in the name of Holy Grail - it means nothing..

Maybe slashdot needs to change the name of the "not logged in user" because this is getting fucking ridicules. Anonymous is NOT a group. Anonymous is NOT a "movement". Anonymous is an idea that you can have privacy in today's world. Even fake privacy, like Anonymous Coward on slashdot.

People "acting in name of anonymous" or whatever is just retarded. There is no "anonymous" yet at almost all times we want to have that privacy - we all want all be anonymous. Anonymous is no one and it is everyone. How can people not understand something so simple???

You're too late, the word is already a proper noun in this context. Whether you agree with the semantics of the name or not, they are a group because they acted like a group against MasterCard, and they have claimed the protective cloak of anonymity. Lacking anything else to call them, yet needing a name in order to work with the phenomenon, they are now effectively a group called Anonymous. And that's happened regardless of how the individuals who fired the LOIC feel about the name.

It's just like a virus researcher calling a new worm Win32.Derp because he found the string "DERP" in the binary. People will create working names to refer to a thing. And several people acting in an organized or coordinated fashion is a thing we refer to as a group. The group who fired the LOIC at MasterCard did so beneath a screed that used the words "We are anonymous." It seems to me the rest of the people are perfectly justified in calling their group "Anonymous."

Your argument reads exactly like this: "But packers are a profession, they wrap meat in paper and cellophane! You can't call a football team Packers because they don't wrap meat in paper!" The fact that it's a word that you use to mean something else won't take away the new meaning.

Anonymous Win, HBGary Fail.

[Vryl]

Lets just score this:

Anonymous: No damage. No arrests, no lawsuits, no exposure of anyone that wasn't already in the open.

HBGary: Emails stolen. Websited pwnd. Crap security protocols exposed. Significant reputational damage. Corporate imaged tarnished (looking like fools will do that to you).

Summary: There IS such a thing as bad publicity.

Final Score:
Anonymous 5, HBGary, 0.

Re:Anonymous Win, HBGary Fail.

[KingMotley]

I guess it depends on your point of view. I see Anonymous as having proven that they are just a bunch of criminals. Unless you condone their behavior. In which case, I suppose you think it's right for anyoneto break into your house, search through your families stuff, and post pictures of your wife's underwear (and/or other personal items) and tweet/email it to all your friends/family -- all because you are supporting the "other side". Oh, and let's take your daughters diary and post that on her high school website for all to read.. In the name of openness, and freedom of information of course. Then come back here and score that as Burgler:5, Vryl: 0 and realize just what you posted.

Breaking into private property without consent, no matter the reason is still against the law. Anonymous has proven that they are not only criminal, but also malicious thieves that aren't doing things that are "right". They do them because they think they can, and still get away with it. Give a few of them a few years in jail with a "roommate" that shares the same philosophy of "because I can, and still get away with it", and perhaps they will change their tune as well.

Re:Anonymous Win, HBGary Fail.

[Vryl]

There is some truth to what you say, but I don't think this is publicity that the hive will mind.

They have been "hackers on steroids" for a long time now, and this just furthers their reputation as people not to mess with.

I doubt that anyone will do time for this - it's just simply to easy to be anon these days. The only members of the hive who have been caught are LOICers not proxying.

Regardless of all of that, this is still massive HBGary fail.

The emails are the gift that keeps giving, see wikileaks angle today.

cleartext rootkit.com passwords

[dazzlepod]

Cleartext rootkit.com passwords published at http://dazzlepod.com/rootkit/. Many passwords appear to be reused @ twitter, facebook, gmail, etc. Reminder to users to keep password unique to the site where it is used.

Defense dept. jobs

[feynmanfan1]

Think we need a well researched article on what percentage of U.S. tech work is not military or federal government related? After you pull out H1-B visas, just looking at the commercial tech jobs available to U.S. citizens. Not that I...'m against immigration but just to get an idea of the situation for U.S. citizen tech workers. Note that according to the "top secret America" Washington Post article there are 850,000 people with top secret security clearance, a large portion of the jobs that require a top secret clearance are related in intelligence collection technology or advanced weapons systems. Everything leaked by wikileaks so far has been classified as secret or lower, no top secret documents. Many of these government jobs have a 'don't ask, don't tell' policy on corruption.