Slashdot Mirror

← Back to Stories (view on slashdot.org)

LulzSec Hacks the US Senate

Posted by Soulskill on from the going-for-the-gusto dept.

jfruhlinger writes "LulzSec might not be as famous as Anonymous — they're really best known for hacking sites they like, to prove a point about security — but they may have just raised their profile significantly, posting what appears to be data taken from an internally facing server at the US Senate. However, the fun-loving group might find that the Senate reacts a lot more harshly to intrusions than, say, PBS did." The group also recently grabbed data from Bethesda Softworks.

20 of 344 comments (clear)

  1. Somebody is on a power trip by gweihir · · Score: 4, Insightful

    Usually these end in tears. Only the most stupid black-hats (and that is all these morons are now) brag publicly.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:Somebody is on a power trip by Hatta · · Score: 3, Insightful

      All things considered, LulzSec has a better track record than the US Senate.

      --
      Give me Classic Slashdot or give me death!
    2. Re:Somebody is on a power trip by selven · · Score: 3, Insightful

      I take it you have not heard of the concepts of "lawful evil" and "chaotic good"?

    3. Re:Somebody is on a power trip by wickerprints · · Score: 4, Insightful

      Well, of course the US Senate has the law on its side. They wrote the law, arguably to serve their own interests, just like the Fed is a group of bankers that regulate the banking industry. It's not accountability if you are only accountable to yourself.

  2. Re:Bethesda by gweihir · · Score: 3, Insightful

    They want attention. They do not care what kind of attention. Like some emotionally disturbed kids.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  3. Re:Fed Reserve is up next by gweihir · · Score: 2, Insightful

    It is good criminal practice, to stay on "annoyance level". If you exceed that, law enforcement comes after you. If you exceed that enough, the people that come after you actually know what they are doing, are well funded and very, very persistent. If these clowns really manage to break into or do several damage to the federal reserve, they will end up in federal prison for a few decades. May take months or years to get them, but they will get caught.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  4. Comment removed by account_deleted · · Score: 5, Insightful

    Comment removed based on user account deletion

  5. Re:Interesting by gweihir · · Score: 1, Insightful

    I hope these guys are as good as they claim to be, otherwise we will be seeing their faces with the caption "Further arrests from anonymous hacking group"

    They are not. Competent black hats do not brag publicly. These are attention whores with some mediocre IT security skills. Most break-ins are not that hard to do.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  6. Is hacking spate supporting internet lockdown? by Savantissimo · · Score: 4, Insightful

    It seems like the recent outbreak of high-profile cases of computer break-ins is almost calculated to provoke legislation locking down the internet. First the kill-switch proposal, the announcement by the US military that computer intrusion would be considered an act of war, now a constant drumbeat of reporting in the media about major cracks.

    Perhaps the hacks are all just being done by people who don't see how useful such stories are to those who want to assert control over the net, but it would be foolish to think that the "problem-reaction-solution" method has stopped being used by those who are after power, or to discount the possibility that some of this hacking and the publicity it receives is actually being provoked or even orchestrated by those seeking to expand government control over the internet.

    --
    "Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery?" - Patrick Henry
  7. It's a setup. by hellop2 · · Score: 3, Insightful

    This will be used to push forth legislation making script kiddies equivalent to terrorists.

    --
    How many more years will slashdot have an off-by-one error on your Score in your profile?
  8. Re:Interesting by LearnToSpell · · Score: 3, Insightful

    Competent black hats *who take the proper precautions* brag publicly.

    No. There is zero benefit to having people know what you're up to as a black hat. That's like leaving riddles inside the bank safe.

    --
    Haida Manga
  9. Re:Interesting by Jeremi · · Score: 3, Insightful

    No. There is zero benefit to having people know what you're up to as a black hat. That's like leaving riddles inside the bank safe.

    Unless, of course, your goal is to get publicity and make a point about something. (if Lulzsec or whoever just hacked into senate.gov and didn't tell anyone, do you think we'd ever hear about it?)

    --


    I don't care if it's 90,000 hectares. That lake was not my doing.
  10. Re:Interesting by DrBoumBoum · · Score: 5, Insightful

    You're either a black hat for two reasons

    Maybe they're doing it for the lulz?

  11. There's nothing important there by Animats · · Score: 4, Insightful

    That's not some inside server. Look at their list of files. It's the Senate's outward-facing web server, "www.senate.gov". It also hosts the public web sites of individual senators. It looks like what you can see on a UNIX system with a guest account. Big deal. Every staffer on the Senate side has that much access.

    They have the complete directory of all the paintings in the Capitol. The forms for registering as a lobbyist. Pictures of all the Senators. Lots of stuff for tourists. This session's voting results, in HTML. The base Apache config. Nothing exciting.

  12. Re:Not what Obama meant by "open government"... by adri · · Score: 3, Insightful

    I'm not sure if you've ever really sent an anonymous "your shit is broken" message to a site, but I bet the level of positive response would be inversely related to how big the company is.

    No-one wants their management to find out their stuff is insecure. They'd be looking for a new job. So they likely bottle it and pretend it ain't happening.

    I hate to say it, but I think Lulzsec is doing a disturbing but necessary deed. When no-one wants to improve the state of security, are quite happy accepting budget increases for "more security hardware" instead of doing it right the first time and externalise all security issues as vendor problems, there's no real motivation to actually pursue securely developed options. Lulzsec is outing that practice.

    I only hope that somehow this crap makes its way to pointing out inherent security flaws in OSes that make it tangible enough to lawmakers to suddenly care. Not "care" as in "pursue legal options rather than fix", not "care" as in "buy more layers of badly managed and ineffective security theatre", but "care" as in "we need to hire people who know what they're doing, then keep them around and include security in all stages of planning, development and operations."

  13. Who's "we"? by zooblethorpe · · Score: 3, Insightful

    Oh, the FedRes functions buddy boy. it just functions in ways we never intended it to.

    What do you mean, "we"?

    Hugs and kisses,

    -- Hank Paulson

    --
    "What in the name of Fats Waller is that?"
    "A four-foot prune."
  14. Re:Interesting by TooMuchToDo · · Score: 3, Insightful

    The world is many shades of gray. My opinion (although it counts very little) is that intent matters very much. Breaking in to steal credit card/personal info? Black hat. Breaking in to get information to help political prisoners? White hat. Just because you're breaking in to a secure system that isn't yours doesn't mean you are a black hat (depending on what you're doing; http://www.google.com/search?q=wikileaks+good). Just like helping the Chinese government find holes to patch in their systems used to prevent the expression of their citizen's human rights doesn't mean you're a white hat.

    What is your end goal?

  15. Re:Not what Obama meant by "open government"... by cstdenis · · Score: 3, Insightful

    The solution is to stop letting HR people with no technical knowledge hire technical people.

    This is what results in the common practice of putting a know-nothing idiot with good social skills in charge of doing technical work they can't handle.

    --
    1984 was not supposed to be an instruction manual.
  16. Re:Fed Reserve is up next by Anonymous Coward · · Score: 2, Insightful

    In fiscal year 2010, the FBI requested almost $50,000,000 in new resources for internet crimes. Any bets they get more than that in new resources this year?

    Considering the recent story on how a large part of hackers are FBI moles, I wouldn't be surprised if Lulzsec is just a secret three-letter-agency operation to justify a budget increase.

  17. Wild guess by ThatsNotPudding · · Score: 3, Insightful

    Then ask yourself who the larges employer of mathematicians (not an easy study by any means) in the world is. And they have other pretty good people too.

    Let me take a wild guess: number of ethicists: zero.