Attacked By Anonymous, HBGary Pulls Out of RSA

itwbennett writes "HBGary Federal cancelled a talk the company's CEO Aaron Barr was planning to give at the BSides San Francisco conference on his investigation of WikiLeaks. 'I was receiving death threats,' Barr said in an interview Tuesday. 'There was lots of talk that was being made of in the Anonymous IRC channels of harassing us at our booth and sending people to heckle [HBGary speakers at the conference].' The company has also decided to pull its booth from the RSA Conference floor after it was vandalized on Sunday, said Jim Butterworth, HBGary's vice president of services. 'We... came back the next morning and it was very apparent that the group responsible for the activities in the news had decided to make another statement,' he said."

Anatomy of the Hack

[eldavojohn]

Ars has a really good summary of the attack that used really run-of-the-mill stuff from social engineering via e-mail to an SQL injection of HBGary's CMS using this URL: http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27

Re:Anatomy of the Hack

[cabjf]

I liked this article better. Not very technical, but it does show what kind of person Aaron Barr really is. The greatest part is that he tried to play Anonymous just to drum up government business and seemed to think there would be no repercussions.

Re:Anatomy of the Hack

[amicusNYCL]

I'm going to go out on a limb and say that putting a "large paper poster" on their booth doesn't really count as "vandalism".

Re:Anatomy of the Hack

[DarkOx]

Right a few things are evident from what has happened so far.

1. HB Gary is run by people who are arrogant, fool hardy, and hope to seek a public rent scoring themsevels a government security contract or two when they clear have nothing of value to add.

2. HB Gary as an organization is incompetent. When computer/network security is your business and you get hacked no matter how clever the hack is its a FAIL on your part. In this case while not exactly crude Anonymous ow3n4g3 of their site was not the most sophisticated crack ever seen either. HB Gary blew it big time.

3. Anonymous is in fact more than just a bunch of script kiddies, does have some organization, and does have some people of at least some sophistication. Dismissing them as a bunch of kids is worng just like dismissing the mob as a bunch of gang bangers is worng, yes there are alot of those in the organization but there betters are doing the thinking, They do represent threat if you become their adversary.

Re:Anatomy of the Hack

[Azureflare]

Just read the article. Is this guy for real? He sounds like he stepped out of a webcomic about wannabe-hacker IRC lurkers.

It's very frightening that someone could get 3 (potential?) innocents arrested with little to no evidence.

I mean honestly, using badly thought out heuristics to analyze social networking data and guaranteeing "100% Success"? This guy obviously never attended a CS class.

P.S. I am not condoning the actions of Anonymous in any way, this guy just seems like he could use some more schooling. (and he got some schooling in the great college of Real Life!)

Re:Anatomy of the Hack

[Wyatt+Earp]

Thats because the America Revolution wasn't "domestic terrorism".

From 1770 to 1776 the colonies had public conventions, meetings and publicly complained about their problems with the United Kingdom's rule. The colonies in today's Canada, Barbados, Bahamas and Florida (Florida wasn't part of the US until 1819, and not a state till 1845) were told and invited to send delegates.

While the colonies were complaining the United Kingdom kept turning up the heat by passing more laws and taxes designed to piss off the colonies.

It wasn't a bunch of men sitting around in a basement deciding what building to blow up, it turned into a civil war in North America and spawned European wars between the powers there.

Re:Anatomy of the Hack

[Bassman59]

Thats because the America Revolution wasn't "domestic terrorism".

From 1770 to 1776 the colonies had public conventions, meetings and publicly complained about their problems with the United Kingdom's rule. The colonies in today's Canada, Barbados, Bahamas and Florida (Florida wasn't part of the US until 1819, and not a state till 1845) were told and invited to send delegates.

While the colonies were complaining the United Kingdom kept turning up the heat by passing more laws and taxes designed to piss off the colonies.

It wasn't a bunch of men sitting around in a basement deciding what building to blow up, it turned into a civil war in North America and spawned European wars between the powers there.

I think the parent poster's point had nothing to do with British rule, and everything to do with how the native people were treated.

OK, so it's probably not entirely correct to call them "domestic terrorists." I suppose "foreign invaders" is a better description.

Re:Anatomy of the Hack

[Will.Woodhull]

While I generally agree that taking the law into your own hands is inexcusable criminal activity, I also understand that under certain circumstances, vigilante actions may be excusable. This is as true today as it was in the American Far West back in the days following the Civil War, when roaming bands of outlaws with cavalry training and deadly-crazy cases of PTSD were preying on isolated farms and ranches a day's hard ride or more from the nearest lawman.

Vigilante activity may be excusable when

1. The processes of law cannot be brought to bear quickly enough to prevent a major escalation of the problem;
2. The core integrity of a nascent and tenuous social structure is directly threatened.

There is a widely held belief that these conditions exist on today's Internet. Something new in the way people relate to each other is definitely happening there, and the law is definitely too far behind the technological advances to be able to do anything useful. The people who are spending time forging things like Tunisia and Egypt on these new and lawless fringes of society have to protect themselves and what they are trying to build, because the law is not yet capable of doing that.

Now whether this argument holds in the specific case of Anonymous' attack on HBGary Federal is something that historians will argue over after the dust is settled. I certainly won't venture a guess. The thing is unfolding now, and there is no way to judge who is right and who is wrong, under laws that do not yet even exist.

Re:Anatomy of the Hack

[PraiseBob]

"[HBGary] proposed services to clients like a law firm working with Bank of America and the U.S. Chamber of Commerce that included cyberattacks and misinformation campaigns, phishing emails and fake social networking profiles, pressuring journalists and intimidating the financial donors to clients’ enemies including WikiLeaks, unions and non-profits that opposed the Chamber."

"HBGary Federal’s Barr offered tactics like mining Classmates.com for information about a target individual’s friends, then building fake Facebook pages to gain access to subject’s personal details. He and Hoglund also discussed using spear phishing, a technique that typically plants malicious software on a user’s machine with a carefully spoofed email message."

Barr's company regularly engaged in criminal hacking behavior, working for the highest bidder and fighting against freedom. The hackers who broke into their systems and exposed this did in fact break the law also. But, they were targeting criminals. HBGary seemingly targets innocent people who have ideals about the freedom of information, journalists, and people in charities and non-profits who challenge the authority of big business. Their business is built on intimidating the weak & suppressing information.

So you think there are folks cheering for the anonymous "bad guys" who exposed all of this? You are damn right there are.

Re:Anatomy of the Hack

[Black+Parrot]

I liked this article better. Not very technical, but it does show what kind of person Aaron Barr really is. The greatest part is that he tried to play Anonymous just to drum up government business and seemed to think there would be no repercussions.

He also got caught managing a dirty tricks campaign to smear Wikileaks and critics of the US Chamber of Commerce. He was disseminating personal information about the people he wanted smeared, but threw a crybaby fit when his name came out in connection with it.

Re:Anatomy of the Hack

[sootman]

You're right. It's terrorism!!!!!11

Vandalized?

[sureshot007]

Vandalized booth = a sign that says "Anon...In it 4 The LuLz..." http://yfrog.com/gzbvtllj I was expecting the booth to have been burned to the ground or something.

Re:Vandalized?

[TaoPhoenix]

Nice tidbit.

So a "security company" is afraid of a sign?

I'd sooner place my bets they're in the Long Con to paint "Anonymous" (there can be only one, right?) as a Threat. Then everyone in power profits when draconian measures come along.

Re:Vandalized?

[Kokuyo]

I think this is just another perfect example of just how full of himself AND how much of a crybaby Mr. Barr is.

Re:Vandalized?

[Sockatume]

They were in the long con. Now they're outed and everyone's so sceptical when they cry "threat!" that people investigate, find out things like the nature of the vandalism, and they come out looking even stupider than they did before.

Re:Vandalized?

[Sarten-X]

HBGary is not in the business of preventing or withstanding attacks. They're the guys who will investigate events after the fact, compiling nice piles of evidence to hand over to the FBI/police/whomever.

The sign on the booth is a threat. Note that "vandalized" was ITworld's chosen word. The message is clear: "Anonymous is here, and has the same utter lack of respect in real life as online." Given that there were many threats ranging from harassing the booth staff to heckling the speakers, and even up to death, the sign potentially serves as a last warning: Let Anonymous ravage whatever they want, or die.

It makes sense for HBGary to step out of the line of fire, just in case somebody's crazy enough to act on those death threats. Death is not their business. I expect that the sign is being checked for fingerprints, the conference attendee list is being subpoenaed, and security cameras are being reviewed.

I'd also expect that HBGary will use this incident to paint Anonymous as a group of people who constitute a real threat. They stalk and harass a target organization for as long as they're interested, with expenses and lost income costs rising daily. This dedication is as much a problem to Anonymous as to their targets, and HBGary is now playing a great game: they're trolling the trolls. With every public move HBGary makes, Anonymous is drawn into acting. That's another 4chan post, another analysis, another page in HBGary's final report on Anonymous, and another customer impressed by the company's thorough attention to detail.

Re:Vandalized?

[jovius]

)

Whew!

Re:Vandalized?

[Kuukai]

HBGary is not in the business of preventing or withstanding attacks.

From their website title:

HBGary :: Detect. Diagnose. Respond.

Anonymous intruded on their network for several days without being detected, eventually just plain revealing themselves. Here's a totally-real testimonial on their front page from the esteemed research organization "Research Organization":

Greg Hoglund and the team at HBGary provide some of the most innovative products in cyberdefense. Our advantage in staying ahead of the evolving threat is HBGary's predictive knowledge of the entire malware culture and ecosystem. Their capability goes well beyond the usual, reactive response to individual exploits. We consider them one of our best partners.

Also from their front page:

HBGary, Inc., a leading provider of next-generation threat intelligence solutions for Fortune 500 and government organizations, announced Inoculator, a innovative, patent-pending enterprise agentless appliance solution designed to detect, remove, and, with its breakthrough Digital Antibody technology, PREVENT re-infection of known malware.

Anyone who hires them after this incident is an idiot who likes bright lights and noise. Amazon, a book store, was totally secure against Anonymous' attacks. There's no excuse for a security firm not to be.

Re:Vandalized?

[PraiseBob]

the sign potentially serves as a last warning: Let Anonymous ravage whatever they want, or die.

A sign that says, 'in it for the lulz' is a death threat? Do you really think that? If so, you must also think that Nelson on the Simpsons, going 'Ha Ha' is a death threat.

Re:Vandalized?

[Belial6]

Huh, leaving note is vandalism? Apparently my wife vandalized my kitchen table just this morning.

Seriously, while that certainly could be called harassment, calling it 'vandalism' is an out and out lie.

Re:Vandalized?

[horza]

HBGary is not in the business of preventing or withstanding attacks. They're the guys who will investigate events after the fact, compiling nice piles of evidence to hand over to the FBI/police/whomever.

Did you not read the leaked emails? All the slides about pre-emptive attacks, infiltration, planting of fraudulent documents, etc. Interesting use of the word 'nice' to try and paint HBGary as one of the 'good' guys instead of a company planning criminal acts.

The sign on the booth is a threat. Note that "vandalized" was ITworld's chosen word. The message is clear: "Anonymous is here, and has the same utter lack of respect in real life as online." Given that there were many threats ranging from harassing the booth staff to heckling the speakers, and even up to death, the sign potentially serves as a last warning: Let Anonymous ravage whatever they want, or die.

Ok now we know you are astro-turfing for a snake oil security company. Some kid drops a note on a stand with the standard Anon catch-phrase, known by all apart from yourself, and you try and hype up some massive imaginary drama. Pathetic.

It makes sense for HBGary to step out of the line of fire, just in case somebody's crazy enough to act on those death threats. Death is not their business.

Or maybe they've been busted, and have the decency to leave out of shame?

I expect that the sign is being checked for fingerprints, the conference attendee list is being subpoenaed, and security cameras are being reviewed.

Again the melo-drama. I am sure the whole attendee list is quaking.

I'd also expect that HBGary will use this incident to paint Anonymous as a group of people who constitute a real threat

Did you miss the Anon arrests that have already happened?

They stalk and harass a target organization for as long as they're interested, with expenses and lost income costs rising daily.

Do you even read Slashdot? Try doing a search for 'scientology'

This dedication is as much a problem to Anonymous as to their targets, and HBGary is now playing a great game: they're trolling the trolls. With every public move HBGary makes, Anonymous is drawn into acting. That's another 4chan post, another analysis, another page in HBGary's final report on Anonymous, and another customer impressed by the company's thorough attention to detail.

No, HBGary are screwed.

Phillip.

Re:Vandalized?

[Sarten-X]

Wow. Three posts in a row claiming I'm somehow in the employ of HBGary. Since yours is surprisingly the most complete, I'll respond to you.

I'm not connected to HBGary in any way (that I know of). I'm a software developer who's had projects sit on the receiving end of DDoS attacks, and has a bit of experience in the tactics used to investigate them.

After any initial threat comes investigation. In my case, I had a list of timestamps and IP addresses. A quick Perl script compiled a list of the most offensive ISPs, and we contacted them first. Some cooperated, some didn't. One of the nicest ISPs handed over a list of other places the DDoS participant had frequented. I set to work joining that community. It took several months, with little in the way of new leads, but with a few particular identifiers popping up repeatedly. Now and then, I'd drop in a reference to the DDoS against me, acting as though I had helped with it. I was soon introduced to the guy who called for the attack, and convinced him to go look at a website I had just set up, with the intent to attack it shortly. I had an admission of guilt and an IP address. He's not starting attacks anymore.

Mine was a trivially easy case, but it involved some misrepresentation, infiltration, and orchestrating another attack. Great security stuff, but I still wouldn't go speak in front of an audience of random people after getting a death threat.

HBGary is following sane procedures after a threat: they're playing it safe. Anonymous is indeed "in i 4 teh lulz", and nothing else. If a psychopath finds it funny to kill a speaker at a conference, he'll do it, and Anonymous will find it hilarious. Would you risk your life on Anonymous's real-life cowardice?

To most of the public, Anonymous is either an ill-defined group that connects with that Interweb thing, or they're a well-armed and well-organized militia that attacks online services. In truth, they're a bunch of people who merely act with no regard for consequences. As such, they are a threat. There is no central authority to broker peace with, and no predictable actions to defend against. In the case of the HBGary presenters, Anonymous simply may or may not kill them.

Anonymous does whatever the hive-mind feels like. If someone has a particular grudge against an organization, and can convince others that it'd be fun to attack, they do so. There is no regard for morality or consequences. Scientology and HBGary may both be horrible companies, but that does not excuse Anonymous's ridiculous ignorance of the consequences of their own actions.

If I promise to find it funny, do you mind if I burn down your house? Maybe your neighbors', too, because they called the fire department...

Let sleeping Agent Smiths lie.

[Even+on+Slashdot+FOE]

Let sleeping Agent Smiths lie. Even if they don't have cool matrix moves, there are a lot of them, they are functionally identical for most e-combat related purposes, and of course, they have a record of pulling this kind of stuff off.

Some_Group: Hey guys, let's attack Anonymous! It'll make us rich if we can hack them, an our security can stop their counterattack, right?
Anonymous: No it can't. I'm putting all your embarrassing/incriminating email messages onto the net.
Some_Group: FFFFFFFFFFFFFFFFFFFFUUUUU-

Drama Queens

For supposed 'security experts' they do seem pretty weak.

Also I suspect this might well be a publicity stunt to get more attention.

Re:That's War

It's an all-out war between the forces of good and evil that has never stopped and will never stop.

Wait, is that part of the Green Lantern Corps creed or something from the Thundercats?

I could take stuff like this more seriously if people didn't have such cartoonish perceptions of what "good" and "evil" actually mean, and stopped trying to pretend they are some sort of freedom fighters when all they are is vandals and bullies who get off on what they are doing

If *real* fascists ever took control in this country, most of these people would shit themselves on a continuous basis before the secret police killed them, their families, their pets, burned down their houses and killed a few others standing around just to send a message.

Re:Anonymous booth visits/hecklers?

[pcgfx805]

You can't possibly label everyone in Anonymous as a coward in person.

Re:That's War

[LWATCDR]

Want to mess with the NSA, DOD, CIA, and FBI? People talk about when dealing with Anonymous that you shouldn't "poke the bear".
In this case if they want to go to war it would be wise to take a good look at the bears that Anonymous is poking. So this is war... The problem is they are starting a war with people that fight wars for a living and have real guns.
Across the world thousands of basements will soon be going dark.
 

Right.....

[fuzzyfuzzyfungus]

So, let's take a look at this:

Option 1: Members or associates of a loose-knit group of hackers who are likely subjects of federal interest after illegally penetrating and utterly humiliating a private-sector spook shop decide that it would be a great idea to show up, in person, at an event with some amount of security likely to be in the vicinity, just to heckle somebody they have already pwned good and hard. They think that this is a good idea because showing up in crowded areas and making a disturbance is an excellent way to remain anonymous.

Option 2: Aaron Barr and the rest of the losers at HBGary really don't want to show their faces at RSA, after having been ruthlessly punked by a bunch of amateurs; but decide to cry about "security threats" in an attempt to look less than totally pathetic.

Y'know, I don't think that this is a terribly difficult decision...

Re:Right.....

[L4t3r4lu5]

I'm in no way associated with Anonymous, 4Chan, or any of the stuff that's gone on, but I've read through this saga with keen interest, and think Barr got exactly what was coming to him. To use the vernacular, he got "served" good and proper.

The great thing about Anonymous is that, had I been at RSA and placed that sign, I would have been in Anonymous for that time, despite having never been associated with them in any other way. It's an ideal, not a club you apply to join.

If you still don't get that, you don't get Anonymous at all.

Re:Right.....

[Zironic]

While there are horders of kids doing things for the lulz, it will probably stop being funny if there are real life consequences and the subset of people involved in these activities with real technical skills is probably vanishingly small although they should be a bit harder to get hold of (As they should be smart enough to use proxies and whatnot)

You don't really need to try to dismantle the movement called Anonymous as such, you just need to harshly go after anyone involved in illegal activities.

Re:Right.....

[bmajik]

I'd bother to post a rebuttal to this that had some kind of insightful analysis of what anonymous is, why "it" does what it does, and what it means, and what it's point is..

but then "they" would make fun of me and troll me, because, after all, its all for the lulz, and i sound like a moralfag.

So i'll give you a really short version of how i understand things to be.

there are people out there -- authorities in the "old world", the meat-space world.. who want very much to project their authority onto the internet.

the internet is not a hobby, not a business, not a "thing", but which is, for many people of my generation, and most people younger than me.. an internet that has certain essential qualities, like being free (as in freedom), which have infused themselves into the identities of who we are.

And so when self-righteous dipshits (like Co$, or HBGary, or the RIAA, or whomever) want to go ruin "our" internet, and when there are a group of non-affiliated people who share, at least on one general topic, the same ideology of what the internet should be and who it should be for... and when these same people can communicate with each other easily, and when they have a broad and deep toolbox of "capabilities",

well, why should they listen to the dipshits?

They OWN your websites, your identities, "your" internet. It's all theirs, if they feel like being assertive. And when you intrude on their electronic domain, after mocking you, they will happily intrude back into YOUR safe place -- the physical world -- where you _think_ your authority matters and holds water.

It doesn't.

You are naked, and you are powerless. You are guilty of taking yourself too seriously.

Re:That's War

[fuzzyfuzzyfungus]

If *real* fascists ever took control in this country, most of these people would shit themselves on a continuous basis before the secret police killed them, their families, their pets, burned down their houses and killed a few others standing around just to send a message.

Which is why attempting to foil incremental steps in that direction, before they reach fruition, is sort of a good idea, no?

Sigh...

[maliamnon]

Backing down from your beliefs due to threats and attacks will only breed more attacks and threats. While I'm not necessary against Anon, their acts are that of terrorism in this case, and unfortunately, those tactics work.

Re:Sigh...

[Nethemas+the+Great]

Yup, this is definitely the work of hardcore terrorists. Time to extraordinarily rendition them and ship them to Git'mo.

Death threats and vandalism = NOT okay

[davidwr]

Protesting is one thing but wanton destruction of property is another. Death threats are well over the top.

These are not things responsible protests groups do in a situation like this. Next time, keep it to rhetoric and, if you are willing to be !Anonymous, picketing in person.

Re:Death threats and vandalism = NOT okay

[GameboyRMH]

This doesn't look like destruction of property:

http://yfrog.com/gzbvtllj

Re:Death threats and vandalism = NOT okay

[Hatta]

Turn about is fair play. Government pressure has cost Wikileaks donations and Assange has been the target of death threats by American officials for months. Let's not pretend Anonymous threw the first stone here.

Re:Anonymous booth visits/hecklers?

[Tr3vin]

That is why they never carried out protests against the scientologists, right? I'd fully expect them to show up, though many of them would wear those Guy Fawkes masks.

You can't beat the crowd

[GoNINzo]

Anonymous is just the first of many future darknets that will be nearly impossible to destroy. You might take out a ringleader or two, but 4 others would stand up to take their place if they felt that it was unjust. And in the end, it's death by a thousand harmless cuts, or in this case, 1,000 users that don't like something running the their Ion cannons under central control. In this case, this dude is using social networking like facebook to figure out who are hackers. I doubt they have many connections to other hackers on facebook or twitter. It's most likely random unrelated acquaintances, so I think the guy's research is flawed anyway.

The best example of what one of these organized systems could do is a story by Bruce Sterling called Maneki Neko. It is what happens when people get organized but maintain some level of anonymity. We are not to this level yet, but I suspect it right around the corner. It will do strictly good at first, but eventually it will ruin someone's life. Just as Anonymous has ruined some people's lives, they've done a little good for some, like a great birthday. It doesn't justify the destruction, but it's bored kids on the internet, so what are you going to do?

The news media will make a big deal about future 'attacks', but some will be harmless kids having fun. But if you start to push that everyone involved in these groups must be destroyed, those people who are marginally involved will suddenly get VERY involved in your destruction. So be careful.

Re:You can't beat the crowd

[Zironic]

Personally I suspect that if a number of "Anonymous" "Ringleaders" got caught by the FBI and sentenced to pretty hefty sentences the overall membership of their activities will probably sharply decline.

Most of them are in it for the lulz after all and lulz are not worth several years in prison or higher fines then you can pay off in your lifetime.

Re:You can't beat the crowd

[mangu]

Personally I suspect that if a number of "Anonymous" "Ringleaders" got caught by the FBI and sentenced to pretty hefty sentences the overall membership of their activities will probably sharply decline.

Most of them are in it for the lulz after all and lulz are not worth several years in prison or higher fines then you can pay off in your lifetime.

Yes, because the "war on drugs" worked so well its tactics must be adopted everywhere, right?

But who is good and who is Evil?

[LWATCDR]

Anonymous good?
Is making death threats because you do not like someone is going to say at a conference good? Is heckling and yelling them down good? Funny but I have seen those actions in old news reels from the 30s and from old news stories from the 60s. The folks using those tactics where the ones in the brown shirts and the white sheets.
I don't think MLK or Gandhi ever made any death threats to people or hecked them when they presented papers at conferences. I could be wrong but I am pretty sure about that.

Since when is when someone says something you do agree with you make death threats been a sign of being good?
Anonymous is a gang of bullies. People often see bullies and thugs as heroes if they themselves do not ones being bullied. There are people that think the KKK are a bunch of brave freedom fighters.

Anonymous is no differn't right down to hiding their faces. And their fans do not like they people they are abusing.
Anonymous are those peoples brave Knights in white sheets.

Re:But who is good and who is Evil?

[Kell+Bengal]

Death threats seem incongruous when you consider that the clearly identifiable action Anonymous has taken here came in the form of 'vandalism', by which he means "A paper sign written with black sharpie."

Perhaps I'm mistaken, but people intend on actually doing you injury tend not to leave signs around saying they're in it for the fun of it.

Re:But who is good and who is Evil?

[ElectricTurtle]

Oversimplification. Gandhi may have never made death threats etc., but I can guaranty you that some of his followers did (and don't even think of rebutting that with some variant of 'no true Scotsman'). That's the challenge of any movement's leadership, to keep people both motivated and controlled. Where a group has little to no leadership but is based on momentary consensus/buy-in like Anonymous, this issue can't even be solved.

The question becomes how does one judge a movement. Was the civil rights movement evil because groups like the Black Panthers advocated violence? Was Dr. King somehow negligent in being unable to stop the formation of the Black Panthers or control their (wholly separate) activities? (Granted MLK was assassinated two years after the Black Panthers formed.) The point is you should judge a movement by its core values, not its fringe actors. The civil rights movement was validated by the millions who worked for positive change, not the handful who sought to murder police officers. Anonymous, while by nature not unified by a standing cause or principle, should at least be judged by a majority of its actors and its primary effects. So unless HBGary is getting threats from thousands of different actors instead of one or two, I think it is disingenuous at a minimum to be comparing them to the KKK.

Re:But who is good and who is Evil?

[ElectricTurtle]

You're in love with a false dichotomy born of a monochromatic view of reality. I doubt I have the capacity to disillusion you of what is obviously a vigorously held perspective. I will try, once:

Thought experiment: Of the thousands of people who call themselves Anonymous, one guy claiming to act in Anonymous' "name" assassinates a world leader. Does this act make all the others assassins, even though they had no knowledge, and the one acted with no conspiracy or direction? By your logic, it does. So, were all anarchists made evil assassins by the work of Leon Czolgosz?

It's really nothing more than bigotry at its core, attempting to assign blame by association to very large groups based on fringe actors. To return to the examples, it's like blaming the KKK on all white people or the Black Panthers on all black people. What made those organizations despicable was not simply that they killed innocents, but that was their organizations' stated mission. The KKK publicly called for innocent blacks to be lynched in the name of the defense of 'white American culture/society/values', and the Black Panthers publicly called for the murder of police in the name of black nationalist 'revolution'. That people then followed through with the mandates of these movements' platforms is then no surprise, and there is no grey area in denouncing both the actors and their organizations as a whole.

However, Anonymous is in the first place not a centralized organization and has neither leadership nor platform as such, but insofar as it is possible to assign analogs, Anonymous has no 'group mandate' to make death threats etc. and so transferring the culpability of a few people to a group of more than thousands is, quite frankly, an absurd stretch of ethics and logic beyond credibility. Anonymous must be judged on its majority principles and majority actions precisely because it is a (momentary) consensus driven movement.

Re:But who is good and who is Evil?

[Falconhell]

                                                No you didnt fix it

                                                No really I did, your'e just a clueless moron, trying to put a spin on hiding the truth. You have a long history of this kind of bullshit.

                                                For someone who claims not to be American you sure seem to always have a irrrational point of view.

                                                FT properly FY

You do have my sympathy for your obvious delusional state though.

Re:That's War

[Nethemas+the+Great]

Tell that to Anonymous in Egypt.

Re:That's War

[spun]

If *real* fascists ever took control in this country, most of these people would shit themselves on a continuous basis before the secret police killed them, their families, their pets, burned down their houses and killed a few others standing around just to send a message.

Which is why attempting to foil incremental steps in that direction, before they reach fruition, is sort of a good idea, no?

Yes, but there is the whole "boy who cried wolf" aspect to constantly calling everything you don't like "fascism." Not everything presages the immanent collapse of American civilization. And the AC has a good point about people's cartoonish perception of good and evil.

Property = NOT destructed

[mangu]

Protesting is one thing but wanton destruction of property is another

Do you want to see how much property was "destroyed"? Look here

That's it, what they call "vandalism" was a piece of paper with something written. If someone could prove they are "Anonymous" they would have grounds to sue HBGary for libel.

Re:Property = NOT destructed

[DarkOx]

Yea, it looks like they vandalized HB Gary's booth about as much as Joe's lawn service vandalized my home by hanging their flier on my door knob.

Re:That's War

[ISoldat53]

Who would believe anything he says?

Irony of Anonymous' position

[caseih]

I can't comment on what kind of snobs HBGary folks are, but the actions of Anonymous seem quite hypocritical to me in general. So "Anonymous" fights for wikileaks, which is expressly set up for the purpose of sharing secrets and revealing things. Then I read about how someone tried to expose who various members of Anonymous were, after which Anonymous got all upset and attacked him for doing the very things that wikileaks does, which they work to support. Seems like they value secrecy above everything else, kind of like the people that feel the most threatened by wikileaks. Ironic.

Re:Irony of Anonymous' position

[TexVex]

It's not ironic or hypocritical at all!

When you are in a position of authority over other people, you must be held to a higher standard. With your greater authority comes greater responsibility. Responsibility requires transparency. Therefore, the more power you have, the less secrecy you should be allowed to have, because secrecy allows you to abuse your power.

All of the above applies to groups as well as individuals. Churches and their clergy, goverments and their bureaucrats, corporations and their executives, military and their officers, ALL have great power over people and therefore must be held accountable for their use of that power. However, private individuals who do not exercise power over others should have no requirement for higher transparency. If you aren't in a position to harm others, any exposition of your private affairs won't do anything to help anyone else. It can only be used to harm you, and is an abuse of power. Therefore, you in fact should have a right to privacy.

Consider the issue of gun ownership. If you choose to own a gun, you are taking some power. With that power comes responsibility. That gun's characteristics should be on file with law enforcement, so they can potentially match crime scene bullets fired from your gun. Make sense? More power = more transparency.

Re:Irony of Anonymous' position

[uniquename72]

I don't see the hypocrisy. After all, Anon themselves released the information you claim they were trying to suppress.

Re:Irony of Anonymous' position

[Infiniti2000]

So, your claim is that Anonymous has no power at all? You know that's not true. They've proven otherwise that they not only have power, they have power over a lot of people and can wreck a lot of people's livelihoods and lives. In fact, the more power we allow such groups to have (e.g. Anonymous, Wikileaks), by your argument they must become fully transparent. That's why caseih's point is valid.

Re:Irony of Anonymous' position

[Infiniti2000]

He didn't say that at all. ... Anonymous is not the police. They have no authority over us

No authority or no power? Didn't they try to get people to do certain things, and succeed? Right, they don't have authority (I never said they do) but they do hold some power. And that power (be it only reputation even) can cause people to act. I wouldn't call it authority, however, because they likely have no idea who could/will respond to the request.

So, anyway, let's make a bad analogy. A government organization uses both its power (in terms of affecting laws or enforcing them) and its authority (people have jobs and report to people who make the decisions to act) to take certain actions. The claim is therefore that because of this power/authority, this organization should operate transparently. Fair enough.

Anonymous (or any similar group) uses its power (in terms of influencing members' actions to write posters, heckle speakers, shut down websites, etc.) to take certain actions. It has no authority over those people, however, so it can't (or won't) fire Ricky Bobby from his day job if he doesn't comply. Because it doesn't have the authority, it's okay for this organization to be completely opaque.

Is that accurate? If not, please explain where my bad analogy or reading comprehension broke down. It certainly seems like hypocrisy there, though that amount of hypocrisy is likely palatable to most readers on /. because they tend to support one side and not the other.

Now, regarding whether I have as much power as Anonymous, you can't be serious. You really think that people give a fuck what "Infiniti2000" or "guspasho" says? Now, if I posted something as coming from Anonymous (not AC!), then you don't think that would have any more weight? You're daft if you think that.

They are behaving like a corporation or gov't

[copponex]

What happened when Assange started releasing diplomatic cables? Oh, that's right: he received public death threats from US officials. What happens when an individual starts complaining about a corporation, or about scientology? Oh, that's right: they get bullied by a team of lawyers that cost more per hour than the individual makes in a month.

I don't support making death threats or using baser harassment to get a point across, but the only thing newsworthy about the tactics of Anonymous is that now it's regular citizens making the threats and engaging in bullying tactics instead of governments and corporations. If governments and corporations only respect the law when they aren't the ones in power anymore, fuck'em.

No, still not getting it

[SmallFurryCreature]

You are still in Fox mode, trying to see the conspiracy behind events because your mind cannot grasp that shit just happens.

Anonymous has no organization, it cannot by its very nature. Some people who HAVE grouped together have used the name for themselves BUT by that they have seized to become Anonymous.

Is it really that hard to grasp? Just because you know the identity of ONE A. Nonymous author doesn't mean that every other book written under that name is linked to it in anyway. Anonymous, the concept to give a mystic to the random actions of people that sometimes seem to work together and groups calling themselves anonymous are NOT the same thing.

Re:No, still not getting it

[ElectricTurtle]

It does matter, because if you kill/capture "people calling themselves Anonymous" and the attacks don't stop because somebody completely new/different steps in to do the same things, you're creating martyrs that create more Anons. Anonymous is a headless horseman. You can't cut off its head because it doesn't have one.

Re:No, still not getting it

[Zironic]

The people calling themselves "Anonymous" isn't some rebel movement willing to die for the cause, most of them are kids doing it for the lulz, do you really think anyone of them wants to be a martyr?

Re:No, still not getting it

[ElectricTurtle]

Several have been imprisoned already. How much momentum has been lost? How much more momentum has been potentially gained by those acts fostering a vengeful sentiment? Unknowable, but it certainly hasn't stopped anything, that's for damn sure.

let me put it in cartoon context :

[unity100]

me knowing what my government is doing with my money : good.

anyone trying to prevent me from knowing what my government is doing with my money, for ANY reason : evil

anyone helping me know what my government is doing : good.

anyone defending those who are helping me know what my government is doing : good.

at our time and age, with the point our societal corruption has hit, unfortunately things are as black & white as this.

...............

and talking about fascism and lack of freedom - dont worry. fascists already have taken over your country long ago - you are just being repressed willingly, living only in proportion to your material wealth, while the rich has cornered the economy before you and controlling you through their bigger wealth, and you think that as freedom. you have nothing to fear - you are already willingly participating in what you fear.

Re:let me put it in cartoon context :

[kevinNCSU]

me knowing what my government is doing with my money : good.

anyone trying to prevent me from knowing what my government is doing with my money, for ANY reason : evil

anyone helping me know what my government is doing : good.

So if the government relocates a witness for their protection using your tax money you need the line-item details that could give their location away or can we abstract it to a budget for witness relocation used by the Marshals Service? At what level of abstraction does the flip immediately switch from Good [tm] to Evil [tm]? Do the motives for someone leaking what the government is doing with that witness (because they want the witness killed or because there's some sort of government scam) matter or is it just plain good either way?

Re:let me put it in cartoon context :

[kevinNCSU]

I didn't exaggerate a single thing. I asked where you draw the line when it comes to real things that the government does every single day in your claim that everything is black and white, good and evil. I didn't even make any claim to invalidate your statements I merely asked you questions related to the application of your claims. It's a very difficult question to answer so I can understand your reluctance to try, but that is why no one reasonably believes things are so perfectly clear as black and white, good and evil when it comes to transparency, secrets and privacy. All of these issues are an immensely complex tangle of give and take, balance of freedom of information and protection of both innocents and national interests.

Re:That's War

[fuzzyfuzzyfungus]

Do you think that the acquisition of documentary evidence(that would never otherwise have come to light) of the sort of dirty-tricks tactics used by entities like the "Chamber of Commerce" is actually of zero value? Or the revelation that comparatively well respected US contractors would be putting out proposals to do the hatchet work?

I have no wish to claim that every member of anonymous(to the degree that there are "members") is some sort of heroic altruist. I strongly suspect that many of them are just pranksters, vandals, or dumb kids. Similarly, I would be wholly unsurprised to discover that Assuage is a creepy attention whore with serious grandiosity issues.

However, judgement-by-personality is only relevant for people I have to deal with personally. In this realm, I only care about results. I care what they are doing, not why they are doing it.

Re:That's War

[_Sprocket_]

Which sounds all nice and fine. Unless you start really looking at where the lines of "good" and "evil" are drawn and who's drawing them. I'm wary of anyone who wants to put the signs of "good" and "evil" above any of these actors.

What. The. FUCK

[DavidTC]

...is wrong with editors here?

Having a sign put on your booth is not being 'attacked', you goddamn fucktards. Nor is it a 'threat'. I know the article claims that,but it's clearly insane nonsense.

What the fuck is wrong with you, CmdrTaco? Why are you repeating lies?

And what is wrong with the people who here repeat the 'vandalism' claim without actually look at what was done? Laying a poster on top of someone else's table is not even legally vandalism, and that's a crime with a pretty low bar.

Perhaps, you know, we shouldn't be repeating claims that HGBGray makes, an organization that has been demonstrated they will lie about people they are paid to lie about.

Re:That's War

[uniquename72]

The CIA doesn't operate inside the USA...

Hahahahaha!!!!

No Irony there!

[quadrox]

Wikileaks, as you mentioned, works to reveal secrets. As a part of that work they also have to keep some secrets however, for example about their sources.

This is not the great paradox you make it out to be.

There is a difference between trying to reveal crimes/unethical behavior/corrupt and all that stuff, and to reveal personal information just out of spite or to harm someone. Not all secrets are bad, but those that are must be exposed.

Re:Government fraud

[OeLeWaPpErKe]

My impression from all this is that HBGary were incompetent and as a Government contractor, they should be investigated for fraud.

Absolutely. Now how does that excuse attacks, stalking, or even "mere" vandalism ?

Why is this ridiculous sort of mob justice tolerated ? We've all been in the playground, we've all seen mob justice in action, and we all know what WILL happen. So why do these people get any support whatsoever ?

Are we truly such hypocrites ? Insist on rights, when it's about us ... And then demand and defend swift illegal and criminal action against anyone we don't like ? Is that what is meant by "internet protest" ? Because if it is, frankly, it must be squashed with any amount of violence necessary.

Re:That's War

[moxley]

Totally agree - what does this guy think that everything is flowers and puppies and then one day all at once the fascism starts?

No, it happpens incrementally, just as it is happening here, just as it happened in the Weimar Republic transition to fascist Germany, just as it happened in Italy and Spain, (though in addition to economic crisises there was post war faction/partisan street violence at times which helped stoke a lot of public fear and a desire for strength and stability in government) - now days we have the ever present "terrorism," fear mongering, economic crisises, war, government corruption etc - we are still headed down the same path.

Hitler made gradual changes early on, and there were a lot of people worried and criticizing him, explaining where the country was headed. They were derided by national socialist press and others as being alarmist - guess where they ended up shortly there after? Among the first to be put in camps. As is oft quoted, Everything Hitler did was legal - he made it that way.

military-industrial-security complex snake oil

[Thud457]

Apparently, with today's abysmal science (or even critical thinking) teaching, it's quite common to sell magic beans to teh gubbemint.
Why should the cybersecurity market be any different?
http://en.wikipedia.org/wiki/ADE_651
http://en.wikipedia.org/wiki/GT200
http://en.wikipedia.org/wiki/Quadro_Tracker
http://en.wikipedia.org/wiki/Sniffex
http://en.wikipedia.org/wiki/Alpha_6

Re:Government fraud

[AlamedaStone]

Why is this ridiculous sort of mob justice tolerated ? We've all been in the playground, we've all seen mob justice in action, and we all know what WILL happen. So why do these people get any support whatsoever ?

Are we truly such hypocrites ? Insist on rights, when it's about us ... And then demand and defend swift illegal and criminal action against anyone we don't like ? Is that what is meant by "internet protest" ? Because if it is, frankly, it must be squashed with any amount of violence necessary.

I can't say I'd participate, but I can certainly understand the frustration of seeing an incompetent government security firm in action. Think about the last 12 years for more than a second, and the word 'security'... well, a shiver runs down my spine. The *immediate* surrender of the country's principles and well-being following the bombings in 2001 while dissenters are booed from the spotlight and ostracized. All the things done in the name of security that made us less secure, all (all!) of the money spent on endless, fruitless military operations and grandma groping. Like many /.ers it troubles me deeply, and I see the country breathe a cheeto-stench sigh of disinterest while all but a handful of legislators jerk off on their bases while doing nothing to manage the cancerous meme of security uber alles, all out of cowardice and greed.

Maybe some people think mob justice is the closest they'll ever get to the real thing.

Huh. Guess I'm a little more pissed off than I thought... I'm going to go get some coff... eh, decaf.

Re:Government fraud

[number11]

Why is this ridiculous sort of mob justice tolerated ?

Because, in cases like this, it's the only sort of justice that there is likely to be. It's not like a government that protects torturers will do anything, even if it wasn't that very government who recommended HBGary in the first place.

Now, that doesn't excuse "death threats". If there were in fact any (those might merely be a face-saving excuse for backing out of the conference).

Re:Government fraud

[Zeinfeld]

They are self confessed liars. So why accept the claims of vandalism at face value?

I am at RSA, I was part of a long conversation with Art Coviello last night and he did not mention it. It his his confernce and it is a security conference. If the ckaim was true and had been reported i would have expected it to be mentined.

I think it rather more likely that they did not have the courage to show their faces.

They have been punked for a start. That is an embarrassment. But what would make them pariahs was the proposal to engage in criminal attacks and political misinformation. Many of us are ex law enforcement or ex intelligence. Others work closely with them. You cant do that if you are committing criminal acts yourself.

If i thought there was a chance he might show his face i would have gone to his session earlier. But that was never likely.

Last year he was talking about hacking online games and club penguin.

Re:Government fraud

[conspirator57]

i will exhibit concern for HBGary as a victim the moment the jury in the criminal case against them is sequestered. Unfortunately, since DoJ connected BoA with the law firm that was soliciting these plans from HBGary and companies, I don't expect those crimes will ever be prosecuted, much less convicted on. So unless you're prepared to show some concern for the life and livelihoods of those targeted by HBGary for persecution (investigative reporter Glenn Greenwald for one) then I think you're just concern trolling for the powerful. They don't need your help. They have enough power already.