Slashdot Mirror

← Back to Stories (view on slashdot.org)

HBGary Federal Hacked By Anonymous

Posted by CmdrTaco on from the are-you-anonymous dept.

An anonymous reader writes "As the coin was tossed to kick off Superbowl XLV, Anonymous unleashed their anger at a security firm who had been investigating their membership. HBGary Federal had been working on unmasking their identities in cooperation with an FBI investigation into the attacks against companies who were cutting off WikiLeaks access and financing. Unlike the DDoS attacks for which Anonymous has made headlines in recent months, this incident involved true hacking skills."

65 of 377 comments (clear)

  1. hack by Anonymous Coward · · Score: 4, Insightful

    And by true hacking, we mean true cracking.

    1. Re:hack by Anonymous Coward · · Score: 2, Insightful

      And by true cracking, we mean true felony raps. Enjoy life in prison idiots.

    2. Re:hack by 93+Escort+Wagon · · Score: 5, Insightful

      And by true hacking, we mean true cracking.

      Languages are fluid, and you can't prevent it from happening. You've already lost this battle.

      --
      #DeleteChrome
    3. Re:hack by Myopic · · Score: 4, Insightful

      Agreed. In fact, this battle was lost before it began. The world had settled on the word "hacker" before the word "cracker" was invented. Plus, "cracker" is a racial slur. There's even a damn movie called "Hackers". It's long since time to let it go.

    4. Re:hack by haderytn · · Score: 4, Funny

      We should call them...blackhats.

    5. Re:hack by Ferzerp · · Score: 2, Interesting

      Well, keep in mind that it is about the least effective racial slur ever invented. I don't know of anyone who when called a cracker wouldn't just laugh.

    6. Re:hack by GameboyRMH · · Score: 2

      Plus it's misleading to separate the two. It's like saying that shooting beer cans off a fence is shooting, while shooting another person is not shooting, but murdering. You can understand why the beer can plinkers don't want to be associated with the gangbangers, but coming up with a "new, stronger word" for shooting people is just intellectually dishonest.

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    7. Re:hack by multisync · · Score: 2

      And by true hacking, we mean true cracking.

      And by "cracking," we mean "social engineering":

      According to information from krebsonsecurity.com it appears HBGary was victimized by a combination of social engineering and a shared password between systems.

      The company was done in by its own lax security, which is kind of funny, considering it purports to be a "security firm."

      --
      I don't care why you're posting AC
    8. Re:hack by wisty · · Score: 2, Funny

      Hacker is a shibboleth, like spelling perl in lower case (as opposed to PERL). It lets people know that you are hip to the lingo of hackers.

      I'm not sure what blackhats use.

      Anyway, there's a subsection on wikipedia specifically on computer related shibboleths [1], and "hacker definition controversy" gets its own bloody article [2].

      I'm pretty sure everyone on Slashdot knows, and they just leave it in there to generate meaningless discussions. That's half the point of slashdot.

      [1] http://en.wikipedia.org/wiki/List_of_shibboleths#Shibboleths_in_computer_security
      [2] http://en.wikipedia.org/wiki/Hacker_definition_controversy

    9. Re:hack by I8TheWorm · · Score: 2

      If this is real, it was really social engineering.

      --
      Saying Android is a family of phones is akin to saying Linux is a family of PCs.
    10. Re:hack by juletre · · Score: 2

      Languages are fluid, and you can't prevent it from happening. You've already lost this battle.

      Are you saying he will loose this one?

      That's right. loose.

      --
      "he, who has quotes in his signature, is a douche" - unknown.
  2. Well, that'll be helpful by Burb · · Score: 3, Insightful

    Another mature contribution from those grown-ups at Anonymous.

    --

    1. Re:Well, that'll be helpful by Rakshasa+Taisab · · Score: 4, Insightful

      Yeah, they should have been doing renditions to Egypt of those responsible, like grown-ups do.

      --
      - These characters were randomly selected.
    2. Re:Well, that'll be helpful by Burb · · Score: 3, Insightful

      The only place where two wrongs make a right is boolean algebra. Revenge/retaliation just continues a cycle of aggression and destruction. I'm hardly happy about extraordinary rendition either. Whatever Anonymous' valid claims may be, this does nothing for their cause, except to give themselves hugely negative publicity. Way to go, generate sympathy for those you are against... sheesh.

      --

    3. Re:Well, that'll be helpful by blahplusplus · · Score: 2

      "Another mature contribution from those grown-ups at Anonymous."

      There is nothing mature about this world.

    4. Re:Well, that'll be helpful by copponex · · Score: 4, Insightful

      Defacing a website and causing data loss is the same thing as torturing someone to death, or subverting democracy to keep an autocratic regime in power? That's news to anyone with an elementary understanding of ethics.

    5. Re:Well, that'll be helpful by TerranFury · · Score: 3, Insightful

      Helpful to whom? To you? To me? To the company which was targeted? To anons? To cops?

      Helpful to anon and their cause. The problem is that this isn't.

      Fucking around on a telecommunications network is not an exercise of real power. All it does is demonstrate how truly impotent Anonymous really is, while simultaneously giving those who do have real power excuses to further restrict use.

      Ultimately, this is a political issue. The little guy wins at politics only through sheer force of numbers. That means being popular. I understand that "popular" is a word that Anon's members probably have a hard time identifying with, but it's one they really need to take and use for their own if they want to achieve their goals.

      Anonymous needs to be appealing. It needs to be photogenic. People should want to have sex with it. That's how the world works: People do not clearly separate moral principles, from political goals, from personal desires, from sexual urges, from the respect of their peers. Study after study has shown, for instance, that people with more attractive faces are judged to be more honest; "beauty is good" is wired into our brains. When was the last time you saw a balding man, or a short man, elected president? Anonymous will not succeed if it looks like a bunch of smelly nerds. It needs a better image. People need to like them.

      Assange, the paranoid, has an uphill battle; he is not a naturally likeable person. But he did one smart thing: When he found himself in the limelight, he got a haircut and bought a suit. That's what you do.

      In politics, image is everything. Do you know how George Washington got the command of the Continental Army? He showed up to the Congress wearing his militia uniform -- and he was tall. Nevermind that he had no military experience of note; he looked the part. Why are actors -- unqualified in policy and unpracticed in analysis -- so successful at politics? Ronald Reagan, Jesse "The Body" Ventura, Arnold Schwarzenegger. They play a convincing, masculine role. People eat that shit up.

      This is the game that Anonymous finds itself playing, whether it likes it or not. Image management is how you win at it.

    6. Re:Well, that'll be helpful by 1u3hr · · Score: 3, Insightful
      Seems a perfectly reasonable response to me. HBGary tried to out members of Anonymous; exposing their private information. Anonymous returned the favour. In the arena of public opinion, Anonymous are ahead. HBGary were made fools of.

      But to talk about "aggression", "destruction" is silly. Actually in BOTH CASES the only ones at risk of real harm are Anonymous. If members of Anonymous are actually tracked down, they would get chewed up by the legal system.

    7. Re:Well, that'll be helpful by ElectricTurtle · · Score: 2

      When was the last time you saw a balding man, or a short man, elected president?

      1) Balding: Gerald Ford.
      2) Short: Jimmy Carter.

      Neither were the first.

      (More interestingly, prior to the Civil War, for what heights were known, a man was more likely to be elected if he was not the tallest candidate. Perhaps that was because the electorate was not as superficial in that era. Interesting pattern given the demographic changes to enfranchisement over time, but I am not prepared to draw conclusions without further research.)

      As for George Washington, 'no military experience of note' is far too harsh a criticism for somebody who rose to the rank of colonel and served five years before the Revolution, mostly with success and distinction. Who do you think would have been more qualified? Philip Schuyler? Artemas Ward? They were both made major generals even though they had barely seen any previous combat. The only more legitimate choice might have been Charles Lee, but he was not as politically powerful as Washington, nor was his loyalty as certain. He had both the history and attitude of a mercenary, and that rubbed revolutionary ideals the wrong way.

      The take home point here is that it is overly simplistic to try to boil down political success to who looks best. It is also a mistake to think that Anonymous is looking for political success. Wikileaks might be, but Anonymous is only doing what it wants, primarily for the lulz.

      --
      I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
    8. Re:Well, that'll be helpful by Maritz · · Score: 2

      They might well do that.

      But before getting into the virtuousness of the bible, we should bear in mind that if they're taking this thing literally then they better hope to have an obedient son, lest they have to bury him in sand and have angry men throw rocks at his head, e.g. Deuteronomy 21:

      "If a man have a stubborn and rebellious son, which will not obey the voice of his father, or the voice of his mother, and that, when they have chastened him, will not hearken unto them: Then shall his father and his mother lay hold on him, and bring him out unto the elders of his city, and unto the gate of his place; And they shall say unto the elders of his city, This our son is stubborn and rebellious, he will not obey our voice; he is a glutton, and a drunkard. And all the men of his city shall stone him with stones, that he die: so shalt thou put evil away from among you; and all Israel shall hear, and fear."

      --
      I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
  3. Sigh by hirvonen · · Score: 5, Insightful

    Ought to have been better prepared if you go kicking a nest full of hornets...

    1. Re:Sigh by Spad · · Score: 4, Funny

      Unlikely, these guys were probably behind 7 proxies.

    2. Re:Sigh by man_of_mr_e · · Score: 4, Interesting

      Even worse, this may have been a honeypot, meant to attract more anonymous actions to gain more evidence to put them away for longer terms.

      Those guys don't even think.

      --
      If you need web hosting, you could do worse than here
    3. Re:Sigh by BitZtream · · Score: 4, Interesting

      Idiot.

      They are completely prepared.

      'Anonymous' just walked into an ambush.

      These guys have been watching whats going on, following what they've been doing, and are working with the FBI ... do you really think no one thought in advanced 'hey, when we piss them off, they'll come after us too!'

      No ... they thought of it in advanced and said 'perfect, now lets set it up so we can have it setup in a perfect way for us to gleen the absolute most information in the process.

      Anyone stupid enough to do this isn't a major player anyway, or won't be for long. They basically just started a war with the cops, the only thing you can do to piss off a cop more than embarrassing them is killing one of them. So now they've changed it from being an annoying bunch of twits who don't really do any damage and no one is going to invest any serious effort into finding ... into a matter of personal pride for every person working on it. They also have the advantage of funding and not having to cower in mommies basement.

      This just shows the ignorance 'anonymous' has ...

      If you'd have payed attention in school you'd know mob justice isn't a good idea, perfect example here.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    4. Re:Sigh by mcguyver · · Score: 2

      HBGary Federal CEO: How can we catch anonymous?
      HBGary Federal 1: How about we ask employees to use the same password everywhere, let them attack us and catch them in the act?
      HBGary Federal CEO: Great idea, what should we use as bait?
      HBGary Federal 1: How about all our emails including your social security number?
      HBGary Federal CEO: Perfect, make it happen.

      Surely the meeting went down just like that.

  4. Security is for Other people! by Herkum01 · · Score: 5, Insightful

    From the article,

    HBGary was victimized by a combination of social engineering and a shared password between systems

    Evidently, being a security firm means not having to following good security practices.

    1. Re:Security is for Other people! by sosume · · Score: 2

      These guys use botnets, proxies, vpn tunnels, whatever it needs to obfuscate their origins. Don't be surprised if the feds come knocking on the HBGary owner's door, claiming the IP address traces back to his home PC.

    2. Re:Security is for Other people! by gox · · Score: 2

      Erm, wouldn't that involve every ISP in the world having to keep record of ALL IP traffic? And you probably have to count in records of open wireless connections and internet cafe's and such. Plus, considering that end-to-end ecryption is being used, they would have to know security details of nodes involved. It's not even plausible.

    3. Re:Security is for Other people! by Piata · · Score: 4, Interesting

      I work for a telecom dealer that specializes in fulfilling corporate needs. All corporate sales are done through our website. A few of our clients are security companies. One of them (which will go unnamed) has a key purchaser who is completely computer illiterate. When trying to troubleshoot her difficulties using our website, I asked what browser she was using. She replied "Office 2003".

      After patiently instructing her on how to determine her browser and version number, it turned out she was using IE6. That was about 2 years ago. They still use IE6 to this day and have no intentions of switching off of it. Having dealt with a large variety of companies over the years, I think security firms are the most technically inept and the most likely to completely disregard online security.

    4. Re:Security is for Other people! by plover · · Score: 2

      I work for a telecom dealer that specializes in fulfilling corporate needs. All corporate sales are done through our website. A few of our clients are security companies. One of them (which will go unnamed) has a key purchaser who is completely computer illiterate. When trying to troubleshoot her difficulties using our website, I asked what browser she was using. She replied "Office 2003".

      After patiently instructing her on how to determine her browser and version number, it turned out she was using IE6. That was about 2 years ago. They still use IE6 to this day and have no intentions of switching off of it. Having dealt with a large variety of companies over the years, I think security firms are the most technically inept and the most likely to completely disregard online security.

      I think the problem is "risk analysis". It's the latest project management buzzword circling Corporate America, but the ones tasked with doing it have no idea what they're really doing, or what the risks really are.

      They'll put together a meeting to answer the question "what is the risk if we change everyone to IE8?" People in a conference room will toss out reasons like "It will break our internal web site, costing $50,000 to fix." "It will break compatibility with our trading partners, costing us $20,000 to mitigate." "It will mean we have to update our servers to the latest IIS, and upgrade our farm to Server 2008 and SQL 2008, and that's a huge risk for downtime, probably $10,000 in impact" which we all know is secret BOFH code for "I don't want to come in at 2:30 AM on Saturday to do this crapwork." So a business analyst puts up three fat tally marks under "IE 8 BREAKS ALL OUR STUFF!". Then someone says "It reduces our risk of malware" and "We can use Web 2.0" So the analyst puts a couple marks in the "IE8 BENEFITS" column, labels them each $0, and puts a sticky note reading Define 'malware' in the column labeled "PARKING LOT."

      Nobody says "The Treasurer's admin will surf to a cute puppy site where her PC will be infected with a drive by key logger, and the corporate bank accounts will be wiped out" or "The HR person will open a malicious PDF resume and all our employee payroll data will get leaked" or "The lead network engineer will have a javascript injected into his cache next time he uses the free wifi at the coffee house, and the hackers will get domain admin rights and use them to dump the credit card database" because it doesn't occur to them that a tiny hole in the wall is all a decent hacker needs. For that matter, it's all a script kiddie needs. But according to risk analysis math, 3 tally marks worth $80,000 > 2 tally marks tagged $0, therefore the answer is "don't upgrade".

      Any moderators who tag this '+1 Funny' obviously don't work in Corporate America, where we all know it's really '+1 Sad Truth'.

      --
      John
  5. Ambivlance by DoofusOfDeath · · Score: 4, Insightful

    It's hard to know how to feel about someone waging war against your own society.

    Anonymous is fighting partially on behalf of Wikileaks. Wikileaks' recent releases put some sunlight on goverment/industry malfeasance, but also pointlessly harmed some diplomatic efforts by publishing unflattering personal opinions about people the US probably needs to get along with.

    And the company Anonymous is going after probably helps stop real security threats that most of us would agree merit stopping; not just Cablegate-related stuff.

    What a tangled mess of virtue and vice.

    1. Re:Ambivlance by kyz · · Score: 5, Informative

      And the company Anonymous is going after probably helps stop real security threats that most of us would agree merit stopping; not just Cablegate-related stuff.

      To help you out: HBGary is still running. HBGary Federal is a new spin-off company started in December 2009 to try and sell "cybersecurity" products to the Feds.

      If they were cybersecurity experts, ones that were worth paying for with your tax dollars, then Anonymous would not have been able to pwn their website, twitter accounts, email, ....

      According to some of those recently pwned emails, the spokesperson Aaron Barr admitted to his own staff that he was deliberately provoking Anonymous, because he knew that the press was interested in anything to do with Anonymous and they'd get good publicity and possibly sales.

      The money quote from Aaron's company email: But it's not about them... it's about our audience having the right impression of our capability and the competency of our research. Anonymous will do what every they can to discredit that. and they have the mic to speak because they are on Al Jazeera, ABC, CNN, etc. I am going to keep up the debate because I think it's good business, but I will be smart about my public responses.

      Does that help you swing one way or the other?

      --
      Does my bum look big in this?
    2. Re:Ambivlance by Sarten-X · · Score: 2, Insightful

      I'm sorry, but where exactly is the virtue?

      Wikileaks has done effectively nothing recently besides attack the US government. Where's all those high-finance leaks that were promised years ago? Where's the responsible redaction that every reputable journalist goes through? Where's the public editing and input that it began with? As far as I can tell, Wikileaks lost all attempt at virtue by the beginning of 2010. Since then, it's resorted to blackmail to maintain its interests, threatening to release unfiltered, uncensored information if anything happens to Julian Assange or the organization itself. Virtue, indeed.

      Regardless of my opinions, Wikileaks may be worth fighting for. In that case, donate to it through any of the several channels that are still open. If they're all shut down today, wait until tomorrow and there'll be five more. Shrugging off law and order to throw rocks at companies isn't about a virtuous protest. It's a child's tantrum. What's more, it's a tantrum from children who don't dare consider that they're breaking laws with this farce of a protest. HBGary is now being attacked for investigating a criminal act. Last time I checked, breaking laws for any cause was still grounds to be arrested and put on trial. Often, it's even enough to be convicted.

      Jack Ruby killed Lee Harvey Oswald who, conspiracies aside, killed President Kennedy. Ruby was convicted of murder, because he killed someone. What his victim may or may not have done is irrelevant. In my opinion, every participant in a DDoS ought to face justice according to their jurisdictions. They broke laws, and have no basis to complain now that they're being caught.

      Perhaps I'd feel differently if there were no outlet for protest other than a DDoS, but there are. Wikileaks' supporters could raise a billboard encouraging support of Wikileaks' mission. They could send letters to representatives and picket assemblies and courthouses. They could follow any of the myriad forms of protest that have been established and respected over the past thousand years, without breaking any laws. They could, but Anonymous won't. Anonymous is a legion of crying children. Virtue doesn't hold their interest. Mayhem does.

      --
      You do not have a moral or legal right to do absolutely anything you want.
    3. Re:Ambivlance by fuzzyfuzzyfungus · · Score: 4, Insightful

      You really have to define "your own society" in clear terms to work this little moral conundrum out...

      Wikileaks, and their anonymous friends, are definitely attacking the secrecy of certain state and corporate entities that exist on American soil and/or are paid for with US taxpayer funds. Is that enough to make them "our own society"? Or does the fact that a clandestine morass of opaque state functionaries, often quite a few levels removed from anything resembling a "representative" is dubiously in line with a democratic republic make them a sort of cancerous outgrowth of "our own society"?

      I'm not playing the "Well, man, it's like, all relative; because one person's hero is another's terrorist, man." card. These are real questions that, arguably, have cogent answers(albeit ones reliant on certain axiomatic assumptions that the answerer brings to the table).

      Societies constantly attack themselves in order to survive: the police spend basically all their time hunting down and hauling in for trial citizens and residents whose behavior is considered to have put them against society rather than in it. Politicians constantly attack one anothers' programmes, in a process intended to produce the best or most representative outcome. Assorted NGOs and individuals constantly bring suits against one another and the state trying to redress various perceived wrongs. As with a complex multicellular organism, where killing abberant cells before they metastasize and kill you is as important a job as killing external pathogens before they kill you, the maintenance of a complex society is a constant process of defense from external enemies and(particularly for a militarily strong and geographically lucky country like the US) culling internal enemies and dangerous trends.

      Unless we define "our society" more or less tautologically as "whatever society we are participating in at the moment"; it is the case that there is an ideal "our society" and an actual "the society we are doing". When the two differ too much, "our society" becomes a dead letter, used primarily for propaganda purposes by "the society we are doing". Fighting against that trend, which frequently means attacking, sometimes in accordance with the rules of "the society we are doing"(as with constitutional challenge court cases), sometimes against those rules(leaks, hacks, etc.) "the society we are doing", is a necessary part of staying reasonably in line with "our society".

      It is a matter of legitimate debate whether or not Wikileaks is attacking "our society" or "the society we are actually doing", and how different those two are; but it is not a matter of trivial debate.

    4. Re:Ambivlance by hey! · · Score: 2

      Well, I don't know about the revelations being pointless (although in the end I think they'll be largely harmless), but that has little to do with the ethics of Wikileaks. Reportedly Assange was initially indifferent to the risks the Iraq War Logs posed to civilians who may have talked to US forces, dismissing them as "collaborators". I've certainly heard his supporters taking this blanket position. This is really just the mirror image of George W. Bush's "you're with us or against us" way of looking at things. There are way more than two sides to the Iraq question, and even if there were only two sides, condemning somebody to the risk of reprisal based on hearsay seems unreasonably callous to me.

      It's the apparent narcissism of Assange and his Anonymous partisans that arouses my skepticism. That doesn't mean they're necessarily wrong in every case, or that they can't do good things. It means their ethical judgment is questionable. At least it appears so to me. They don't seem to be able to imagine anything they do as wronging anyone so long as they have good intentions. I distrust self-righteous crusaders or jihadists of every stripe, because their world views so often deteriorate into simplistic, one-sided narratives of their personal persecution or heroism. Such people often do much good in the world, getting out ahead of other people on important issues, but their genuinely heroic deeds shouldn't cause us to view them uncritically.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
    5. Re:Ambivlance by Cormacus · · Score: 2

      I wish I had mod points to use on your post. "...I like the USA because we're the good guys." And if we're not the good guys (ie, if people in the government are making "bad guy" decisions) then people need to know about it and it needs to be fixed. Taking the high road is never fun, but having that integrity as a nation just seems like an important goal.

      --
      Mon chien, il n'a pas du nez. Comment scent-il? TrÃs mauvais!
    6. Re:Ambivlance by KingMotley · · Score: 3, Interesting

      A good security firm doesn't lock down everything super tight. It can be done of course, but doing so is a major inconvenience. A good security firm knows how to manage risk, and apply enough security to outweigh the risk. As if any of those things that got "pwned" are of any real consequence.

      This is the equivalent of someone running up and spray painting the side of an armored truck and declaring victory in defeating their security. lol.

      Or perhaps calling into question how safe a bank is because someone stole their mailbox.

    7. Re:Ambivlance by vertinox · · Score: 2

      "Wikileaks' supporters could raise a billboard encouraging support of Wikileaks' mission."

      In the USA, the majority of billboards worth a hoot are owned by Clearchannel, who I have a feeling would not allow a pro-Wikileaks billboard to be posted.

      Also, in that regard, do you think Mubarak would even consider stepping down if the Egyptians posted a billboard? I think not. Hence, the 'illegal' protests in the street.

      --
      "I am the king of the Romans, and am superior to rules of grammar!"
      -Sigismund, Holy Roman Emperor (1368-1437)
    8. Re:Ambivlance by Sarten-X · · Score: 2

      And wikileaks certainly helped the USA there. There is the virtue.

      I'm in agreement all the way up to that point. Is it virtue to set someone on fire if they're freezing to death?

      My complaint isn't with the idea behind Wikileaks. I'm all for a transparent government, where it's necessary. I don't believe it's necessary to have every detail of daily military action paraded out for enemies to see, whether or not the war was justified. What I want to see is responsible redaction, impartial releases, and input from the public on every released item. So far, Wikileaks has failed on all of those.

      As for throwing rocks, I think that just about everyone involved in the DDoS attacks could have sent an email or two to MasterCard's customer support, instead. A few hundred thousand emails has caused change before, and wouldn't involve breaking laws. Prior to the American Revolution, the colonists petitioned for over ten years to have their injustices addressed. Likewise, the Tunisian and Egyptian governments have ignored protests for quite a while.

      It's certainly time for transparency and accountability, but not by abandoning all pretense of civil action.

      --
      You do not have a moral or legal right to do absolutely anything you want.
    9. Re:Ambivlance by virtualXTC · · Score: 2

      This is the equivalent of someone running up and spray painting the side of an armored truck and declaring victory in defeating their security. lol.

      Wrong! next time RTFA:

      "in addition to the other damages, Anonymous also deleted the firm's backups"

  6. Re:clever! by Anonymous Coward · · Score: 5, Insightful

    So, Americans decide to peacefully toss a few sacks of tea into Boston harbor and get the entire harbor shutdown.. so they counter with even more illegal activity and a revolution that will get them even further into the shit

    great plan numbnuts

    Point being... if everyone on Earth was afraid to break a few laws, we'd still be under the rule of British monarchs. Thank god some people don't tuck tail and run whenever Big Brother stares in their direction.

  7. they have a remarkable sense of humour. by Anonymous Coward · · Score: 2, Funny

    They deleted all the content on his iPad.

    that's beyond hilarious

    1. Re:they have a remarkable sense of humour. by EasyTarget · · Score: 2

      The bit where they used his own twitter feed to announce and link to the release of the 'document' that he was going to sell to the Feds was quite funny too :-D

      --
      "Oops, I always forget the purpose of competition is to divide people into winners and losers." - Hobbes
  8. The moral of the story... by Assmasher · · Score: 4, Insightful

    ...don't jump into the deep end if you don't know how to swim.

    --
    Loading...
  9. It's all fun and games until you end up in by Anonymous Coward · · Score: 2, Funny

    Federal pound you in the ass prison. Seriously... It may be a laugh riot for the mob of 15 year old script kiddies to thumb their pimply noses at the suits and squares, and hide behind a "we r legion, lutz!"... but with any criminal conspiracy, the actions of one of the members all are attributable to the rest. All it will take is a few supoenas, some jail time for a few members, and anonymous will go away. No, for reals, yo. It's real brave to participate in a ddos when they can't fathom any consequences for their acts, but once they see other members getting thrown in the hoosegow, the whole "you can't shut us down!" becomes "gee, i hope the community college down the street will admit convicted felons." petty vandals hiding behind anonymity, not a bunch of masked crusaders for great justice.

  10. Line between Civil Disobedience. . . by JSBiff · · Score: 2, Insightful

    Civil Disobedience is, as far as I know, marked by breaking unjust laws, and then *accepting the consequences* by going to jail, or whatever, to show society the unjustness of the laws, and to win sympathy to your cause.

    I believe Anonymous stepped way over the line of Civil Disobedience long ago, with retaliation upon retaliation and attempting to avoid being caught. I really just have to view Anonymous as largely a group of criminals who deserve to be in jail for engaging in openly criminal activity - I can't see that laws which make it illegal to perform DDoSes against legal businesses, or to make unauthorized access to other people's computers, are fundamentally unjust.

    These guys are definitely not in the same class as the followers of Ghandi or MLK.

    1. Re:Line between Civil Disobedience. . . by Rakshasa+Taisab · · Score: 4, Insightful

      The myth of 'Civil Disobedience is all about getting caught' is spread by those who don't like the goals of today's civil disobedience, only those of yesterday.

      Seriously, imprisonment is how you _FIGHT_ civil disobedience, and you're a moron for thinking that's somehow how you go about succeeding in changing anything.

      --
      - These characters were randomly selected.
    2. Re:Line between Civil Disobedience. . . by fuzzyfuzzyfungus · · Score: 5, Insightful

      I suspect that neither Wikileaks nor Anonymous are interested in engaging in "Civil disobedience".

      In the case of Wikileaks, they aren't "Civily disobedient"; because they don't actually tend to break laws. They do obviously have some contact with people who do; but their operations(while deeply unpopular) are not illegal.

      Anonymous, on the other hand, is perfectly happy to do illegal things; but doesn't seem to see the point in getting punished in an effort to maintain the moral high ground. They are(aside from the ones who are in it purely for amusement), essentially engaging in the logic of retributive or revolutionary violence, albeit in bloodless and electronic forms. Irregular resistance fighters have no interest in being caught to "generate sympathy", they have an interest in inflicting damage on strategic targets, obtaining intelligence, discrediting their enemies, and then getting away(so do criminals, of course. The classification depends on the percieved legitimacy of their actions).

      As you say, these guys are definitely not in the same class as the followers of Ghandi or MLK. This appears to be by design. Wikileaks, by all appearances, is interested in maintaining a legal operation to lower the cost of whistle-blowing in situations where that could open one to heavy retribution. Anonymous, while too nebulous to have a single agenda, consists of a sort of core that has embraced the logic of violent(but bloodless) direct action, along with a cloud of recreational me-toos who participate in some of the more trivial ops.

      Whether you think that this is good, bad, or just a matter of style is a different question; but it would appear that they are not aiming at "Civil disobedience"(having judged it as either too personally costly, too ineffective, or perhaps both)...

    3. Re:Line between Civil Disobedience. . . by Herkum01 · · Score: 2

      While an ideal attribute, civil disobedience is often weak tea. If someone who is protesting something unjust, has to take all the risks to bring about a level playing field, it often just does not work. Unless a HUGE number of people are involved, it does not work.

      Take the protests in Egypt, Mubarak has been president for 30 years! He has ruled completely for that time. It is taking over 2 million protesters showing up at once to even make a grudging change at all. And there is no guarantee that any of the changes being promised will be more than cosmetic at this point.

      Anonymous is not going to organize a protest to actions taken against Wikileaks, (which has been anonymously DoS itself but unknown agencies), so they do a DoS at least for a noble ideal if not noble in action.

      So you have a company that figures they can make a buck off of it. Should they expect their actions to be ignored? That their actions should not have consequences as well (actually, that is the whole point of a corporation, to avoid individual liability). The hacking by Anonymous to retaliate is really the only option they have.

    4. Re:Line between Civil Disobedience. . . by Paradoks · · Score: 2

      The myth of 'Civil Disobedience is all about getting caught' is spread by those who don't like the goals of today's civil disobedience, only those of yesterday.

      Please, don't make the English language less flexible.

      Those who break laws publicly in order to point out the unjustness are practicing civil disobedience.

      Those who break laws secretly in order to point out the unjustness, while hoping not to get caught, are practicing vigilantism.

      Those who break laws secretly, while hoping not to get caught, are merely law-breakers.

      None of those positions are inherently good or bad. If this were about copyright infringement, the civil disobedience group would be the people who admit they pirated stuff, but fight the charges anyway. The vigilante group would be those who go out of their way to pirate, oh, Disney films, and spread them far and wide anonymously. The law-breaker group would range from people singing "Happy Birthday" at public events to those making millions by pirating new movies and selling cheap copies.

      Calling a vigilante someone who is practicing civil disobedience reduces the flexibility of the language in an attempt to drape the moral high ground of civil disobedience around the shoulders of the greyer vigilantism.

    5. Re:Line between Civil Disobedience. . . by Raenex · · Score: 2

      The myth of 'Civil Disobedience is all about getting caught' is spread by those who don't like the goals of today's civil disobedience, only those of yesterday.

      "Under a government which imprisons any unjustly, the true place for a just man is also a prison."

      That's from Thoreau's Civil Disobedience essay. He refused to pay his taxes because of slavery and the war with Mexico. He was sent to jail, but ended only spending a day because somebody paid his taxes for him.

      Whether you agree with him or not, that's the root of Civil Disobedience. It is true that he didn't say that you should go out of your way to be caught, but he was also willing to go to prison rather than fund the government.

    6. Re:Line between Civil Disobedience. . . by poity · · Score: 3, Informative

      Blacks in America sat in whites-only establishments in direct contravention of an unjust law -- they broke laws of segregation in order to highlight to the public the systemic injustices placed upon black Americans. What law is Anon directly disobeying to highlight its injustice? All they've broken are laws against computer fraud and abuse. What injustices within computer fraud laws does that highlight? I can understand if Wikileaks mirrors were shut down or reading WL material were made forbidden to the public, and individuals come together to help each other set up servers and to access them in defiance of government censorship. You could draw an equivalence if that were to happen, but what Anon is doing right now is NOT the same as civil rights era civil disobedience.

      --
      your thin skin doesn't make me a troll
  11. Re:clever! by BinBoy · · Score: 2

    so they counter this with more illegal activity which is even more serious and will get them even further into the shit

    great plan numbnuts

    Hmmmm. Might be risky rather than stupid. Maybe by proving the incompetence of the security company, they can have evidence thrown out.

  12. Re:clever! by Ironhandx · · Score: 2

    Troll? Really? What he said is a fair comparison, AND the situation is similar. The folks throwing the tea overboard were arguing against unfair taxation without representation. These guys, however potentially misguided at times, are fighting for what they believe is the protection of free speech, which is one of the CORE ideals of the same people that threw the damned tea overboard.

    Some people around here need to grow a damned backbone, and a set of common sense. Regardless of that however, -1 Troll is not a replacement for -1 disagree.

    Yes I realize that I'm in the minority here on /. and that the same people that modded our AC here troll are going to attempt to mod me into oblivion. But go nuts, I've got Karma to burn.

  13. Misleading summary as always by SignalFreq · · Score: 4, Informative

    source article

    There was no FBI involved in this. It was some random company's attempt at PR (I'm sure they regret it now). The original article even says that the information would not be useful to police and that they planned to give it away at a conference in San Fransisco next week.

    Not exactly "cooperation with an FBI investigation"

    Seriously Slashdot... when are you going to hire editors who actually verify submissions before letting them onto the front page. No better than the national enquirer...

  14. Good guys and bad guys by Anonymous Coward · · Score: 2, Insightful

    HBGary investigates and attempts to infiltrate Anonymous:Good guys just doin' their jobs.
    Anonymous investigates and succeeds in infiltrating HBGary: Criminals... sick sick criminals.

  15. Re:clever! by Anonymous Coward · · Score: 4, Insightful

    If it's a label, not an entity, then how can it have "members"?

    I don't know why people act as if "Anonymous" is a new thing. It's not. It's just a present-day version of something ancient - the lynch mob. The mob doesn't think, the mob doesn't consider, the mob just destroys. The mob is the barbarian horde burning down civilisation.

    For a historical example of an earlier "Anonymous", think about the KKK. Just why did they wear those white hoods? The answer is easy. They did it to be "Anonymous", because if you are "Anonymous", you are released from the obligation to be a civilised human. You do what you like without consequence, so why not lynch a few negroes before they get uppity?

    As XKCD says, "Anonymity + Audience = Asshole". Now, that's "Anonymous".

  16. Why bother with proxys by Doodlesmcpooh · · Score: 4, Informative

    If the hackers were UK based then they just have to buy a wireless dongle. You just lie about the information on the registration screen and away you go untraceable. Granted they will be able to triangulate the signal but its easy enough to drive somewhere quiet with a laptop and do it. Failing that they could just hack some poor old ladys wireless and use that. Both of these options are simple to do and less hassle than proxys.

    1. Re:Why bother with proxys by medv4380 · · Score: 2

      The UK? The poster child of Big Brother is watching you with CCTV? They can only triangulate your position at a particular point in time? What's to stop them from say... looking at the CCTV footage at the particular point in time? Not only could they have a picture of you but then follow the footage of you though out the day. Who cares if you fibbed about your identity on the login screen. Eventually you have to go home or talk to friends and they'll see that.

    2. Re:Why bother with proxys by ceoyoyo · · Score: 2

      I'd suggest not doing it in downtown London. Although, it's probably pretty hard to figure out who it was given a zillion people in an area with laptops anyway.

      CCTVs aren't magic. Not even in the UK.

  17. Greg Hoglund the other owner of HBGary? by Securityemo · · Score: 3, Informative

    That guy's a really well-known security author/researcher, mostly from his books and from the rootkit devel community rootkit.com, which now seems to be down as well. Take a look at http://krebsonsecurity.com/2011/02/hbgary-federal-hacked-by-anonymous/

    They managed to social engineer a site network admin into giving them SSH access. Hoglund has apparently given a phone interview of some sort, but I can't find a transcription if one exists.

    --
    Emotions! In your brain!
  18. Lessons in security will never be learned by erroneus · · Score: 3, Informative

    Good security is too inconvenient for the typical business person. Easy security is invariably bad security. "We want to work from home or the coffee shop and not have to remember stupid passwords!" Tough!

    This is especially bad when this is supposed to be a cyber-security focused company! If I were in a decision-making position in the FBI, I would simply walk away from this company without another word. This company is clearly not up to the task of defending itself. How can they be trusted to do good research and deliver good information?

    Why is it that when the government(s) refuse to listen to their people, the people get angry? Why is it that governments don't understand or appreciate that this is no small matter? And isn't it a terrible sign that when a people begin acting out against the government and parties involved that the government closes up even tighter refusing to hear anything at all? The result of this behavior is ALWAYS the same -- the angry people get even more angry and will push back even harder.

    Wouldn't it be more responsible for the government to at least open up some talks before things get like this and worse? No... I know that won't happen. "We don't negotiate with terrorists!" Fine. Who WILL you negotiate? They wouldn't be "terrorists" if you didn't listen and respond!!

  19. Re:Herp derp by eyrieowl · · Score: 3, Insightful

    It's amazing how many people don't understand this. "Anonymous" is as smart or as dumb as whichever person wants to ascribe their current actions to anonymous. And the more you have a "fight against anonymous", the more you make it real. It's like a self-fulfilling fiction...someone makes it up, people hear about it, decide they want to be a part of it, and make it real, even though it was never real to begin with. Also.

  20. Re:Herp derp by Schadrach · · Score: 2

    But that's what makes it funny -- people have trouble even comprehending the idea of something that kinda functions as though it were an organization on the outside, but is instead a largely chaotic swarm people who enter and leave seemingly at random, with no real leadership or formal direction, beyond someone painting a target and inciting the great swarming mobs of the internet to attack it.

    Hence the whole "We are Anonymous. We are legion. We do not forgive. We do not forget." It is an accurate description -- they are a largely nameless and faceless mob of uncountable number (because who is and is not part changes constantly at a whim), and so long as one of their number recalls something, it can be brought out as a "fresh" target again later.

  21. Re:I saw what was... by Fred+Ferrigno · · Score: 2

    but the government acting out is just an act of defiance to accept their
    accountability in this....and that only leads to more ....so US gov. please accept that you did some wrong, and should maybe pull back

    There's approximately a 0% chance that will happen. No, the government operates pretty much along the same lines that you described: screw with us, you get burned. Retaliation leads to more retaliation. The situation will escalate until the government makes participating in raids uncomfortably risky or the teenagers get bored.