LulzSec Hacks the US Senate

← Back to Stories (view on slashdot.org)

Posted by Soulskill on Monday June 13, 2011 @10:33AM from the going-for-the-gusto dept.

jfruhlinger writes "LulzSec might not be as famous as Anonymous — they're really best known for hacking sites they like, to prove a point about security — but they may have just raised their profile significantly, posting what appears to be data taken from an internally facing server at the US Senate. However, the fun-loving group might find that the Senate reacts a lot more harshly to intrusions than, say, PBS did." The group also recently grabbed data from Bethesda Softworks.

246 of 344 comments (clear)

Min score:

Reason:

Sort:

Interesting by Jibekn · 2011-06-13 10:36 · Score: 4, Interesting

I hope these guys are as good as they claim to be, otherwise we will be seeing their faces with the caption "Further arrests from anonymous hacking group"
1. Re:Interesting by gweihir · 2011-06-13 10:44 · Score: 1, Insightful
  
  I hope these guys are as good as they claim to be, otherwise we will be seeing their faces with the caption "Further arrests from anonymous hacking group"
  They are not. Competent black hats do not brag publicly. These are attention whores with some mediocre IT security skills. Most break-ins are not that hard to do.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
2. Re:Interesting by biodata · 2011-06-13 10:45 · Score: 4, Interesting
  
  I'm sure we will see this anyway. It's easy to arrest a few people on suspicion whether they did it or not. It doesn't matter if anyone gets convicted, the arrests are just a bit of media theatre and have to happen soon after the event. Like in Spain, Holland, Turkey, etc.
  
  --
  Korma: Good
3. Re:Interesting by TooMuchToDo · 2011-06-13 11:06 · Score: 2
  
  Competent black hats *who take the proper precautions* brag publicly. Insert pic of "Good luck! I'm behind 7 proxies!" dude here.
  On another note, does Amazon keep any sort of network/VM logging from someone who spun up/used/spun down a virtual machine with a prepaid visa card?
4. Re:Interesting by LearnToSpell · 2011-06-13 11:09 · Score: 3, Insightful
  
  Competent black hats *who take the proper precautions* brag publicly.
  
  No. There is zero benefit to having people know what you're up to as a black hat. That's like leaving riddles inside the bank safe.
  
  --
  Haida Manga
5. Re:Interesting by Anonymous Coward · 2011-06-13 11:10 · Score: 4, Funny
  
  On another note, does Amazon keep any sort of network/VM logging from someone who spun up/used/spun down a virtual machine with a prepaid visa card?
  No, but they have shipping addresses of everybody who ever ordered a Guy Fawkes mask, which should be close enough for government work.
6. Re:Interesting by Tr3vin · 2011-06-13 11:11 · Score: 3, Funny
  
  The real question here is "Who is afraid of the big black bat?"
7. Re:Interesting by dontbgay · 2011-06-13 11:13 · Score: 1
  
  Wait, this is the senate... Isn't it supposed to be hard?
  
  --
  Sig not found.
8. Re:Interesting by lambent · 2011-06-13 11:14 · Score: 3
  
  Two things come to mind:
  "Those who speak, do not know; those who know, do not speak."
  and ...
  "Loose lips sink ships."
  You're correct; there's no benefit to these childish displays. Their juvenile antics will be their own downfall.
9. Re:Interesting by Ruke · 2011-06-13 11:14 · Score: 3, Interesting
  
  These guys aren't black hats; they're a different breed. They're clearly not in it for the money. They're not in it to help people. They're in it for the chaos, and the power trip, and, well, the lulz.
  They're probably going to get caught, but I don't think it's quite fair to characterize them as "incompetent," just because they're playing a different game than everyone else.
10. Re:Interesting by Jeremi · 2011-06-13 11:16 · Score: 3, Insightful
  
  No. There is zero benefit to having people know what you're up to as a black hat. That's like leaving riddles inside the bank safe.
  Unless, of course, your goal is to get publicity and make a point about something. (if Lulzsec or whoever just hacked into senate.gov and didn't tell anyone, do you think we'd ever hear about it?)
  
  --
  
  I don't care if it's 90,000 hectares. That lake was not my doing.
11. Re:Interesting by Anonymous Coward · 2011-06-13 11:16 · Score: 3, Informative
  
  Assuming perfectly rational actors... which don't exist.
  In the real world, people are complex, and just because you don't see a clear "benefit" to a behavior doesn't mean it won't occur.
  And before you claim "but then they wouldn't be competent", I suggest you read up on the No True Scotsman fallacy.
12. Re:Interesting by Anonymous Coward · 2011-06-13 11:19 · Score: 1
  
  Records are kept. They just poked a group that has access to those nice taps the NSA once put into AT&T down on Folsom street. http://www.eff.org/files/nsa/att.pdf
  That group also has access to massive computing power and the actual guys that wrote the algorithms underlying whatever encryption the group uses. This will be quietly fixed and three or five or twenty years from now whoever did it will get a knock at the door. Anon's motto applies to bureaucrat wronged even more than Anon - They do not forgive, they do not forget, expect them.
13. Re:Interesting by TooMuchToDo · 2011-06-13 11:21 · Score: 3, Informative
  
  You're either a black hat for two reasons: a) financial gain or b) publicity. You keep your mouth shut if you're in scenario A. B? Not so much.
14. Re:Interesting by mirix · 2011-06-13 11:25 · Score: 1
  
  chaotic-neutral-for-the-lulz hat, then?
  
  --
  Sent from my PDP-11
15. Re:Interesting by kirbysuperstar · 2011-06-13 11:33 · Score: 2
  
  Longcat-hat.
16. Re:Interesting by Ruke · 2011-06-13 11:36 · Score: 2
  
  Day-glo orange hat, maybe? I honestly don't believe that they're in it for the technical side of hacking, which is what brings the best white- and black-hats to the table. They're in it for the social and political aspects of hacking. They don't look at a system and say, "How can I do this?" but rather have a set of tools, and say "Who should I do this to?"
17. Re:Interesting by DrBoumBoum · 2011-06-13 11:37 · Score: 5, Insightful
  
  You're either a black hat for two reasons
  Maybe they're doing it for the lulz?
18. Re:Interesting by newcastlejon · 2011-06-13 11:37 · Score: 1
  
  That's like leaving riddles inside the bank safe.
  That seems like a good idea, if you're not The Riddler. There is non-zero benefit to having someone believe you are something you are not.
  Heh... intrigue in the US Senate: who'da thunk it?
  
  --
  If God forks the Universe every time you roll a die, he'd better have a damned good memory.
19. Re:Interesting by simoncpu+was+here · 2011-06-13 11:40 · Score: 1
  
  Chaotic Neutral: Youtube users, BitTorrent users
  Chaotic Evil: LulzSec
  Chaotic Good: Open Source developers, especially kernel hackers
20. Re:Interesting by TooMuchToDo · 2011-06-13 12:07 · Score: 1
  
  Ok. Three reasons =)
21. Re:Interesting by Runaway1956 · 2011-06-13 12:07 · Score: 1
  
  Uhhhh - I'm not buying any of that. BitTorrent and YouTube aren't exactly "chaotic". Neutral, I might buy into.
  LulzSec evil? Nahhh.
  Open source developers aren't chaotic at all. As a group, I'd rank them somewhere close to "lawful good". Of course, your idea of "lawful" may differ drastically from my own idea of "lawful". I don't recognize deep pockets as having authority to write law, ie, Microsoft, Oracle, Apple, AT&T, IBM, etc ad nauseum. "Lawful" means, or should mean, "for the good of the people", not "for the good of the companies".
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
22. Re:Interesting by Slutticus · 2011-06-13 12:08 · Score: 1
  
  Competent black hats *who take the proper precautions* brag publicly. No. There is zero benefit to having people know what you're up to as a black hat. That's like leaving riddles inside the bank safe.
  Not really. It's like leaving riddles in a bank safe that is so insecure that almost anyone can just walk in and take customers money. It's like leaving riddles that humiliate the bank operator into taking the right fucking precautions to protect the customers money.
23. Re:Interesting by kirbysuperstar · 2011-06-13 12:21 · Score: 2
  
  Youtubers are more "Brain-dead Neutral".
24. Re:Interesting by Jailbrekr · 2011-06-13 12:35 · Score: 1
  
  Loose lips also make for thrilling blumpkins.
  
  --
  Feed the need: Digitaladdiction.net
25. Re:Interesting by Demonoid-Penguin · 2011-06-13 12:57 · Score: 1
  
  I hope these guys are as good as they claim to be, otherwise we will be seeing their faces with the caption "Further arrests from anonymous hacking group"
  They are not. Competent black hats do not brag publicly. These are attention whores with some mediocre IT security skills. Most break-ins are not that hard to do.
  If it was me, the access is something I'd want to cover in mud, so I'd find some McKinnon type to take the rap. There's no shortage of hormonated young fools not only willing to claim credit for the actions of others - but willing to keep lying even after they've been arrested, bagged, been made to "stand around" for a bit, give a little "snorkel", a bit of a "jump", the "nuts"... and by the "potty training" time the interrogators won't believe them if they decide all the attention isn't worth it and they'd like to change their mind.
  Strangely that uber-haxor and master hairdresser Gary McKinnon's ability didn't extend as far as screen shots. Go back through his stories. He actually says "I could see the UFO pictures on his desktop" but "the software they had running stopped me taking a picture". Go figure.
26. Re:Interesting by Culture20 · 2011-06-13 13:26 · Score: 2
  
  Wait, this is the senate... Isn't it supposed to be hard?
  Naw, Weiner's a member of the House of Representatives, not the Senate.
27. Re:Interesting by Culture20 · 2011-06-13 13:36 · Score: 1
  
  Even if lulzsec is CN, that still means they're dangerous in a DnD sense. Paladins, Rangers, and Town Guards would gladly see them dead or in chains. As Macross the Black stated to Pug, evil intent isn't necessary for something to be so dangerous it needs to be stopped for the good of organized society.
28. Re:Interesting by Rary · 2011-06-13 13:52 · Score: 1
  
  I hope these guys are as good as they claim to be, otherwise we will be seeing their faces with the caption "Further arrests from anonymous hacking group"
  I don't. I look forward to seeing them shut down.
  As much as I agree with some of their target selections, they're just an annoying bunch of juvenile delinquents who are giving activists a bad name, and will probably provoke the creation of more draconian laws or harsher penalties.
  
  --
  "You cannot simultaneously prevent and prepare for war." -- Albert Einstein
29. Re:Interesting by scubamage · 2011-06-13 14:19 · Score: 2
  
  Network logging isn't going to do much if they start their path from a wifi hotspot that's poorly secured. Hop on, create an account, use a prepaid card, and go.
30. Re:Interesting by NevarMore · 2011-06-13 14:23 · Score: 1
  
  ... giving activists a bad name, and will probably provoke the creation of more draconian laws or harsher penalties.
  Which is a hallmark of activists that are actually close to achieving something.
31. Re:Interesting by pclminion · 2011-06-13 14:24 · Score: 1
  
  You're either a black hat for two reasons: a) financial gain or b) publicity.
  False dichotomy. They could be trying to push the various swinging pendula of modern society in certain directions. I am not equating this with terrorism, but to use terrorism as an example, it would be a mistake to say they do it for "publicity." That's grossly oversimplifying it.
  I'm not saying there's some deeper meaning behind any of this, just that it's possible and you shouldn't discount it out of hand.
32. Re:Interesting by TooMuchToDo · 2011-06-13 14:28 · Score: 1
  
  That was somewhat my point.
33. Re:Interesting by TooMuchToDo · 2011-06-13 14:33 · Score: 3, Insightful
  
  The world is many shades of gray. My opinion (although it counts very little) is that intent matters very much. Breaking in to steal credit card/personal info? Black hat. Breaking in to get information to help political prisoners? White hat. Just because you're breaking in to a secure system that isn't yours doesn't mean you are a black hat (depending on what you're doing; http://www.google.com/search?q=wikileaks+good). Just like helping the Chinese government find holes to patch in their systems used to prevent the expression of their citizen's human rights doesn't mean you're a white hat.
  What is your end goal?
34. Re:Interesting by scubamage · 2011-06-13 14:36 · Score: 1
  
  It happens though, and quite often people get away with it. Remember the Son of Sam was only caught on a fluke that they realized there was a parking ticket on his car at one of the crime scenes. He sent letters to everyone and it terrified a city.
35. Re:Interesting by scubamage · 2011-06-13 14:37 · Score: 1
  
  cat hat is cat. Or something like that.
36. Re:Interesting by gweihir · 2011-06-13 15:03 · Score: 1
  
  There are no "proper precautions". Time and again people have gotten very inventive in identifying others that they had communications from. Your proxies are not nearly as impressive as you think and only cover a small part of the problem space.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
37. Re:Interesting by gweihir · 2011-06-13 15:11 · Score: 1
  
  Maliciousness as motivation clearly marks an even deeper shade of black than money does. These people are on the lowest moral level a human being can sink to. Even more dangerous than conventional terrorists, because they at least have some defined goal, misguided as that may be.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
38. Re:Interesting by simoncpu+was+here · 2011-06-13 15:15 · Score: 1
  
  Some BSD Developers are probably Chaotic Neutral, since I have the strong impression that they're more concerned on how their code would work. They don't care if companies would commercialize their code, and release them as closed source. GNU Developers (or devs that use GPL licenses) are probably Chaotic Good, because they're passionate on the principles of "Free Software". I don't agree with their Leftist ideals though.
  
  OT: I think Slashdot needs to fix their JavaScript GUI.
39. Re:Interesting by TooMuchToDo · 2011-06-13 15:25 · Score: 2
  
  Open Wifi/Public Locations + Proxies + Various Virtual Machine Providers + Tor + Etc. = Come at me brah
  If you've got time to bury your connections across technologies and the world, good farking luck coming after the person.
40. Re:Interesting by Elbereth · 2011-06-13 15:34 · Score: 1
  
  Because being a script kiddie is achieving something noble.
41. Re:Interesting by bill_mcgonigle · 2011-06-13 16:07 · Score: 1
  
  I follow the rest, but:
  Various Virtual Machine Providers
  do you mean as a relay or to do some brute forcing? Perhaps something else?
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
42. Re:Interesting by TooMuchToDo · 2011-06-13 16:14 · Score: 1
  
  As a relay, although you could always use rainbow tables stored on elastic block storage devices EC2 instances could mount to quickly chomp through passwd/shadow files. Alternatively, you could run open source utilities that seek out web forms where SQL injections may work. You'd never know someone was looking depending on the scanner in question, as it'll just appear as GET requests.
43. Re:Interesting by Opportunist · 2011-06-13 16:25 · Score: 1
  
  And that's exactly why I'm wondering... A lot of targets, a lot of high profile targets, what does that lead to? Cui bono?
  a) Better security because people start to shape up, fire incompetent morons and hire security experts that actually deserve that title
  b) More intrusive and draconian laws that outlaws pretty much every kind of security tool unless you can prove that you "should" have it, aimed at protecting the stupid
  Take your experience with life and answer accordingly.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
44. Re:Interesting by Opportunist · 2011-06-13 16:32 · Score: 1
  
  Hard? Not really, usually it's just expensive to make them your bitch.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
45. Re:Interesting by rtb61 · 2011-06-13 16:39 · Score: 2
  
  Of course there are billions of dollars in privatised computer security profits with each and every 'False Flag' http://en.wikipedia.org/wiki/False_flag. Just look at how successful a couple of envelopes of anthrax was in generating not only new profit potential but in wholesale major changes to the law.
  Question, what is the difference between a 'Anonymous' attack and a false flag 'Anonymous' attack. Answer, none, they were both done in the name of 'Anonymous' and as everyone is a member of 'Anonymous' (only choosing whether or not to carry out attacks in it's name), by definition it is an 'Anonymous' attack.
  So false flagging could be seen as a successful subversion of the security apparatus into carrying out attacks.
  
  --
  Chaos - everything, everywhere, everywhen
46. Re:Interesting by smellotron · 2011-06-13 16:55 · Score: 1
  
  Even if lulzsec is CN, that still means they're dangerous in a DnD sense. Paladins, Rangers, and Town Guards would gladly see them dead or in chains.
  
  You must fall from grace a lot! I would expect a proper paladin to at least attempt to rehabilitate lulzsec before resorting to confinement.
47. Re:Interesting by smellotron · 2011-06-13 17:01 · Score: 1
  
  GNU Developers (or devs that use GPL licenses) are probably Chaotic Good, because they're passionate on the principles of "Free Software".
  
  The GPL requires strict enforcement in order to be meaningful. I would peg most GPL-favoring developers as lawful-something based on that alone. The good/evil axis is more about what the developers are doing with the code. For example, GPL'ed pacemaker software is more "obviously good" than GPL'ed pacemaker-interference software. I don't believe that "free software" is inherently good, it is just a legal construct that favors community over an individual. YMMV depending on your DM, of course.
48. Re:Interesting by Bahamut_Omega · 2011-06-13 18:59 · Score: 1
  
  I'd be willing to bet they come after the Canadian Senate if they had a chance. I would so laugh if they did it; and likely all the way to the bank if they did pull it off.
49. Re:Interesting by DaveV1.0 · 2011-06-13 23:25 · Score: 1
  
  "Hey, thanks for leaving the faucets running in all the houses you hit. Now we know exactly how many burglary charges to put against you."
  
  --
  There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
50. Re:Interesting by Digital+Vomit · 2011-06-13 23:31 · Score: 1
  
  A proper paladin, yes, but not a paladin as originally envisioned by Gary Gygax. Out of his own mouth from the many archived Gygax Q&A threads on ENWorld:
  
  "Paladins are indeed meant to be the bravest, most loyal, and purest of knights. [An] example is the killing evil prisoners that have surrendered and asserted a change of alignment to the paladin's own. This is not generally unacceptable, for that act assures the former lost ones will go on to a better reward in the after life and no returning to their evil ways.
  ...
  Also, as I have often noted, a paladin can freely dispatch prisoners of Evil alignment that have surrrendered and renounced that alignment in favor of Lawful Good. They are then sent on to their reward before thay can backslide"
  He may have been the Father or RPGs, but he knew fuck all about what it meant to be "good".
  
  --
  Modern copyright is theft of culture from everyone and it retards the progress of the useful arts and sciences.
51. Re:Interesting by Geminii · 2011-06-13 23:33 · Score: 1
  
  Exactly. Show anyone being stuffed into a police car and put up a caption saying it's a terroristic hacking group. Who's going to say any different? And there are so many people in Hollywood who are looking for screentime...
52. Re:Interesting by silentcoder · 2011-06-13 23:56 · Score: 1
  
  OP's point was that there WERE no Anthrax attacks. Not a single one. There was a major anthrax scare in the USA after 9/11 but there was never any actual attacks.
  There were however many, many hoax attacks. Envelopes with white powder sent to public recipients claiming to be anthrax. For all the reasons hoaxes are spread. Lulz, genuine attempts to sow panic, kids trying to get a day out of school.
  We have no real list of which were which and how much of what really occurred, what we do know is that not a single one of those "anthrax attacks" wewre genuine, they were all hoaxes, and that is what makes them False Flag attacks - yet - despite being hoaxes they led to major legal and economic change.
  
  --
  Unicode killed the ASCII-art *
53. Re:Interesting by silentcoder · 2011-06-14 00:00 · Score: 1
  
  Black Hat Hacktivism ? Interesting suggestion... and we know there have been some in the past, we also know that there have been very little of that - ever (despite the movie perception that it's almost all hacking).
  
  --
  Unicode killed the ASCII-art *
54. Re:Interesting by BeanThere · 2011-06-14 00:28 · Score: 1
  
  That's not entirely true, black hats who sell their services e.g. to the mafia need to earn a reputation in order to find customers and market themselves.
55. Re:Interesting by silentcoder · 2011-06-14 00:29 · Score: 2
  
  You don't understand character alignments !
  â-Lawful characters are absolutely obedient to laws and authority, they believe in order above all and never question the status quo. The most difficult thing for a lawful character to ever do would be to question his superiors. Knights would almost always play lawful characters.
  â-Neutral characters pragmatists. They see the law as useful and needed, but not as something to admire or revere â" they will question laws and work to end bad laws. If authority is wrong they will question it, but they won't actively lead a rebellion except as a last resort. Many classes fall in this area, a typical wizard for example will often be neutral.
  â-Chaotic characters are actively opposed to all forms of law and authority and will actively and deliberately ignore rules and work against authority whenever they want to.
  Those who buy laws are decidedly NOT lawful !
  â-Good characters are primarily concerned with the welfare of others. They are selfless about working to defend the weak, feed the hungry and all their actions are governed by intensely caring attitudes toward others. Almost all healing classes are aligned as good.
  â-Neutral characters are unconcerned with other people's welfare â" they won't go out of their way to help others, but they don't actively try to harm them either (unless the gain is very good) They care about their own success and believe that the success and happiness of ever other member of society is their own responsibility.
  â-Evil characters are selfish and care only for their own advancement and needs. They will actively and readily harm others to get their way. If somebody has something an evil character wants, they will take it, even if they have to kill the other person to get it.
  
  --
  Unicode killed the ASCII-art *
56. Re:Interesting by silentcoder · 2011-06-14 00:38 · Score: 1
  
  All corporations are chaotic/evil aligned - by their very nature. US law prohibits them from placing ANY consideration above personal gain - and they frequently file the law in the same category, breaking it when they think they can get away with it (or the penalties are less than the profit they can make) - buying laws when they feel it will suit them.
  Open-Source developers are in fact mostly neutral-neutral. They don't actively promote the law, nor do they seek to change or circumvent it - they just don't care about it (they are the ones who say "open source is convenient for removing the problem of worrying about legal stuff") and they take the same approach to social matters. Open Source developers develop under open licenses for pragmatic convenience or gain - not for the good of others. They are not harming others, nor are they hurting them - hence they are neutral.
  Free Software is actually a bit tricky, switching between lawful good and chaotic good. Most free software developers believe in a chaotic good ideal, but nonetheless operate in a legal manner - though they (without breaking it) subvert the law to their own ends (that's what copyleft is - and Stallman has described it as such)
  They are thus almost certainly much more chaotic good than anything else.
  Their closest political likeness is socialist-libertarians or left-anarchist. Basically free software takes a Noam Chomsky/Catalan approach to the world.
  Lulsec ? Their not chaotic evil, they are chaotic neutral at best.
  
  --
  Unicode killed the ASCII-art *
57. Re:Interesting by Defenestrar · 2011-06-14 01:01 · Score: 1
  
  OP's point was that there WERE no Anthrax attacks. Not a single one. There was a major anthrax scare in the USA after 9/11 but there was never any actual attacks. There were however many, many hoax attacks. ...what we do know is that not a single one of those "anthrax attacks" wewre genuine, they were all hoaxes...
  I beg to differ, speaking for the five dead whom for obvious reasons won't be replying. There's a chance the other 17 infected who did survive may reply, but given the relative obscurity of Slashdot comments...
  That's not counting other deaths such as suspected researcher Ivins who was apparently harassed to the point of suicide by the Bureau's invasive full court investigation (which never did turn up evidence more compelling than Ivins was one of dozens of people who had access to the original strain).
58. Re:Interesting by N0Man74 · 2011-06-14 01:15 · Score: 1
  
  See, all these disagreements about what constitutes what alignment is exactly why they removed enforcement of alignment through game mechanics in 4th Edition D&D. ;-)
59. Re:Interesting by blueg3 · 2011-06-14 01:24 · Score: 1
  
  Breaking in to get information to help political prisoners? White hat.
  That's grey at best. White-hat hacking is generally limited to penetration testing and research proofs-of-concept.
60. Re:Interesting by blueg3 · 2011-06-14 01:30 · Score: 1
  
  Single actions generally shouldn't be given a particular "alignment". They can often fit into a pattern of behavior that's appropriate for many different alignments.
  Buying laws is certainly acceptable for LE. Lawful evil manipulates the rules to their own personal advantage.
  The more general "bribery", on the other hand, could be acceptable to most alignments, except perhaps LG and LN. (Even then, LN would accept bribery if it was socially accepted.)
61. Re:Interesting by pnutjam · 2011-06-14 02:14 · Score: 1
  
  More evil has been done by the Lawful-Neutral in this world.
  
  --
  Cheap storage VM.
62. Re:Interesting by gweihir · 2011-06-14 02:20 · Score: 1
  
  Strangely that uber-haxor and master hairdresser Gary McKinnon's ability didn't extend as far as screen shots. Go back through his stories. He actually says "I could see the UFO pictures on his desktop" but "the software they had running stopped me taking a picture". Go figure.
  There are several instances of people called "Ueber-Hacker" by the press. Many could barely or not at all code. Many could only hack the most easiest targets. In the case of the screenshot, not being able to take one is a mark of truly high incompetence: Just use a camera.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
63. Re:Interesting by rilian4 · 2011-06-14 02:59 · Score: 2
  
  You wonder why Batman always caught those super-villains? They loved bragging about their exploits. If the Riddler had simply absconded w/ some cash from a bank and not left a calling-card, Batman would have had a far harder time figuring out... Lulzsec obviously has a modicum of skill but all their bragging is going to do is get them caught.
  
  --
  
  ...quicker, easier, more seductive the darkside is...but more powerful, it is not.
64. Re:Interesting by Rary · 2011-06-14 03:05 · Score: 1
  
  ... giving activists a bad name, and will probably provoke the creation of more draconian laws or harsher penalties.
  Which is a hallmark of activists that are actually close to achieving something.
  Except that they're not even trying to achieve anything. They're doing it because they feel like it. They think it's funny and fun. They won't accomplish anything because they're not trying to accomplish anything. They're not activists, but they will damage the credibility of activists.
  
  --
  "You cannot simultaneously prevent and prepare for war." -- Albert Einstein
65. Re:Interesting by NevarMore · 2011-06-14 03:16 · Score: 1
  
  What I'm getting at is that despite being in it for the lulz, LulzSec has actually accomplished something that activists have been working on for years, in a very short period of time. They've made these providers accountable for securing their customers information. They've made consumers somewhat aware of the risks.
  This is an opportunity for less aggressive activists to step in and be the reasonable voices in the room. Point out that this is what they've been harping on for years and that there are solutions out there that don't involve the digital equivalent of smashing windows.
66. Re:Interesting by DaveV1.0 · 2011-06-14 05:04 · Score: 1
  
  Letters containing anthrax spores were mailed to several news media offices and two Democratic U.S. Senators, killing five people and infecting 17 others.
  
  Attorney General John Ashcroft said Monday that the FBI is investigating whether the anthrax bacteria detected in two Florida men was the work of terrorists.
  
  The bacteria that killed a man last week has been detected in the nose of an employee who works in the mail room and on a computer keyboard in the newspaper office where both men worked, health officials said.
  
  Congratulations on being a liar, asshole. Maybe you should change your sig to reference your own stupidity.
  
  --
  There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
67. Re:Interesting by Tr3vin · 2011-06-14 05:21 · Score: 1
  
  Being caught is part of the fun. Very few of the super-villains did it for the money. The Joker did it for shits and giggles (with an emphasis on giggles). If it was about the money, I'm pretty sure Mr. Wayne would be able to pay them off.
  As a side note, I think we should replace all of the typical car analogies used here on slashdot with Batman analogies. Frankly, I would be happy to stop pretending that I know about cars.
68. Re:Interesting by horza · 2011-06-14 06:58 · Score: 1
  
  Breaking in to get information to help political prisoners? White hat.
  I would say it is somebody wearing a black hat riding a white horse...
  Phillip.
  
  --
  Property for sale in Nice, France
69. Re:Interesting by jvkjvk · 2011-06-14 08:26 · Score: 1
  
  You do understand that the Parent is not using the Standard Model don't you?
  Please either justify your response using his model, or examine what makes his model incorrect, and not just "different".
  Regards
70. Re:Interesting by cffrost · 2011-06-14 09:22 · Score: 1
  
  Breaking in to get information to help political prisoners? White hat.
  Breaking in to rescue political prisoners? Hard hat.
  
  --
  Thank you, Edward Snowden.
  
  "Arguments from authority are worthless." —Carl Sagan
71. Re:Interesting by gweihir · 2011-06-14 09:36 · Score: 1
  
  Ah, I see. One of those. Thanks for the info.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
72. Re:Interesting by TooMuchToDo · 2011-06-14 12:00 · Score: 1
  
  Hard hat? That's fucking Dig Dug. Hardcore.
73. Re:Interesting by DaveV1.0 · 2011-06-14 23:46 · Score: 1
  
  Awww, did you get one of your sock puppets to mod me down because you were proven to be a lying shit? Or, is it just the return of my mod stalker?
  
  --
  There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
Fed Reserve is up next by milbournosphere · 2011-06-13 10:37 · Score: 5, Interesting

Apparently, Anonymous announced an intention to go after the federal reserve next: http://gizmodo.com/5811546/anonymous-goes-after-federal-reserve. It'll be quite interesting if they attempt it. I'm interested in seeing how the fed handles this.
1. Re:Fed Reserve is up next by gweihir · 2011-06-13 10:42 · Score: 2, Insightful
  
  It is good criminal practice, to stay on "annoyance level". If you exceed that, law enforcement comes after you. If you exceed that enough, the people that come after you actually know what they are doing, are well funded and very, very persistent. If these clowns really manage to break into or do several damage to the federal reserve, they will end up in federal prison for a few decades. May take months or years to get them, but they will get caught.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
2. Re:Fed Reserve is up next by Dunbal · 2011-06-13 10:53 · Score: 5, Funny
  
  Severe damage to the federal reserve. Hahaha that made my day, thanks. Buddy, the damage has already been done. There's nothing left.
  
  --
  Seven puppies were harmed during the making of this post.
3. Re:Fed Reserve is up next by Ruke · 2011-06-13 11:17 · Score: 1
  
  While I don't disagree with you, I'm not sure that they're the type to take your advice. Nothing these guys have done has been a "good idea;" honestly, they seem more the type to try, just to see if they can, and, if they can, to brag about it.
4. Re:Fed Reserve is up next by losfromla · 2011-06-13 12:01 · Score: 2
  
  mod parent oblivious, obvious. ;-)
  
  --
  Only I can judge you.
5. Re:Fed Reserve is up next by johncandale · 2011-06-13 12:02 · Score: 2
  
  lol, this guy thinks the fed is still a functioning system,
6. Re:Fed Reserve is up next by Gryle · 2011-06-13 12:04 · Score: 2
  
  Oh, the FedRes functions buddy boy. it just functions in ways we never intended it to.
  
  --
  Only two things are infinite, the universe and human stupidity, and I'm not entirely sure about the universe - Einstein
7. Re:Fed Reserve is up next by Slutticus · 2011-06-13 12:10 · Score: 1
  
  I think his comment still stands.
8. Re:Fed Reserve is up next by cold+fjord · 2011-06-13 12:41 · Score: 4, Informative
  
  It is good criminal practice, to stay on "annoyance level". If you exceed that, law enforcement comes after you. If you exceed that enough, the people that come after you actually know what they are doing, are well funded and very, very persistent. If these clowns really manage to break into or do several damage to the federal reserve, they will end up in federal prison for a few decades. May take months or years to get them, but they will get caught.
  In fiscal year 2010, the FBI requested almost $50,000,000 in new resources for internet crimes. Any bets they get more than that in new resources this year?
  
  --
  much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
9. Re:Fed Reserve is up next by lightknight · 2011-06-13 13:27 · Score: 1
  
  You're assuming that someone of any capability would want to work for them. Typically, the only people working for them are failures ("I got caught, so now I have to work for Uncle Sam, but I'm still a 1337 h@x0r!") or the wanna-bes ("I studied cryptography + network security, downloaded a few scripts / tools (I installed that hacker operating system "linux" and can use nmap), and while I could be a totally 'leet black hat, I've decided to fight for truth, justice, and the American way, because I am a good guy!").
  All the money in the world can't buy talent if they don't want to work for you. See any large company where management has made their best programmers flee.
  
  --
  I am John Hurt.
10. Re:Fed Reserve is up next by base3 · 2011-06-13 13:33 · Score: 1
  
  And they'll actually spend that money going after kids sharing whatever garbage the entertainment industry is putting out. What a country!
  
  --
  One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
11. Re:Fed Reserve is up next by Beardydog · 2011-06-13 14:16 · Score: 2
  
  I've been playing Uplink all weekend... Can I join?
12. Re:Fed Reserve is up next by ArundelCastle · 2011-06-13 14:25 · Score: 1
  
  I'm interested in seeing how the fed handles this.
  Erm, probably much the same as when they used to get phreaked back in the 80s?
  I don't have my issues of 2600 anymore, but I'm sure you can dig up some articles.
13. Re:Fed Reserve is up next by scubamage · 2011-06-13 14:43 · Score: 1
  
  If they "have intention to" they most likely already have.
14. Re:Fed Reserve is up next by gweihir · 2011-06-13 15:16 · Score: 4, Interesting
  
  Believe that all you like. Then ask yourself who the larges employer of mathematicians (not an easy study by any means) in the world is. And they have other pretty good people too.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
15. Re:Fed Reserve is up next by JumperCable · 2011-06-13 15:24 · Score: 1
  
  Anyone can edit a video with Microsoft Movie Maker and claim the banner of Anonymous. But it doesn't mean anyone will bother following that individual. If you look at the first video that account released it's the same Anti-Fed crackpots that everyone ignores now. I think this is one guy and seven of his friends wishing people would listen to them so they sexed it up with an Anonymous flag.
  They even have a facebook page for everyone to RSPV with their real names as to who will be attending their protests. That doesn't sound very anonymous to me.
16. Re:Fed Reserve is up next by johncandale · 2011-06-13 15:36 · Score: 1
  
  your ability to completely miss Hyperbole is sort of cute. You might make a good logic programmer
17. Re:Fed Reserve is up next by Elbereth · 2011-06-13 15:36 · Score: 1
  
  Because everyone who is smart and competent must think exactly like him.
18. Re:Fed Reserve is up next by Khyber · 2011-06-13 15:56 · Score: 1
  
  "the people that come after you actually know what they are doing"
  Well, that leaves the USA completely out of the running. They're stupid enough to have critical defense networks exposed to the open internet and ZERO airgap.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
19. Re:Fed Reserve is up next by Anonymous Coward · 2011-06-13 18:38 · Score: 2, Insightful
  
  In fiscal year 2010, the FBI requested almost $50,000,000 in new resources for internet crimes. Any bets they get more than that in new resources this year?
  Considering the recent story on how a large part of hackers are FBI moles, I wouldn't be surprised if Lulzsec is just a secret three-letter-agency operation to justify a budget increase.
20. Re:Fed Reserve is up next by Geminii · 2011-06-13 23:35 · Score: 1
  
  Next: Wikileaks reveals Anonymous to be FBI...
21. Re:Fed Reserve is up next by nosferatu1001 · 2011-06-14 00:10 · Score: 1
  
  Assuming they are in a country which respects extradition requests.
22. Re:Fed Reserve is up next by blueg3 · 2011-06-14 01:33 · Score: 1
  
  What critical defense network is connected to the Internet?
23. Re:Fed Reserve is up next by DCFusor · 2011-06-14 04:05 · Score: 1
  
  In fiscal year 2010, the FBI requested almost $50,000,000 in new resources for internet crimes. Any bets they get more than that in new resources this year?
  
  Whatcha want to be this justifies more resources for them? Which leads direction in a "follow the money" sort of way to....want to bet this is all a ruse -- by them -- to get that money? These are the same set of guys who thought it'd be cool to facilitate guns to mexican cartels after all. And a long list of other stuff they admit to...and plenty they don't but it's obvious.
  
  Sure was cool them wrecking that ferrari though. Some competence.
  
  --
  Why guess when you can know? Measure!
24. Re:Fed Reserve is up next by endymion.nz · 2011-06-14 05:54 · Score: 1
  
  Probably because hyper competence in any discipline is related to the ability to think critically and rationally, qualities that tend to make people question the will of authority.
  
  --
  mediocrity rules, man
25. Re:Fed Reserve is up next by Khyber · 2011-06-14 07:57 · Score: 1
  
  IBM researchers were able to gain access to Nuclear Reactors, for one, from the outside.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
26. Re:Fed Reserve is up next by blueg3 · 2011-06-14 08:23 · Score: 1
  
  Surely you know the difference between a defense network and a civilian power plant. They're run by entirely different people and do very different things. Infrastructure security is a concern, but it's not at all the same as defense.
27. Re:Fed Reserve is up next by hexagonc · 2011-06-14 11:14 · Score: 1
  
  You're assuming that someone of any capability would want to work for them. Typically, the only people working for them are failures . . .
  You may have a point when it comes to the FBI, but it's a mistake to think that only incompetent geeks work in law enforcement or, even more importantly, in national security. It really doesn't have anything to do with competency and everything to do with basic outlook on life. "Law and order" types exist at all intelligence levels. At a minimum, you get access (especially if you work for the NSA) to hardware, like supercomputers, that wouldn't normally be available to a civilian. Imagine what a determined person like Aaron Barr could do if he had a Watson-like supercomputer monitoring Facebook, chat-rooms and every major social networking site. Moreover, with the power of subpoena and warrantless wiretapping, a security expert working for the Federal government could potentially do a lot more damage to these hacker groups than someone in the private sector. Even if there aren't any hacker-superstars working for the government now, I could see this changing quickly with a sufficiently outrageous "stunt". Imagine what would happen if LulzSec took credit (no pun intended) for hacking a major credit card processing company and indiscriminately releasing people's financial info onto bittorrent. This is likely to hurt other hackers. I think many people can be called to arms if they perceive a personal threat or lots of innocents being harmed, especially people that they know. I know a guy from MIT who put school aside and joined the Marines after the September 11th attacks.
28. Re:Fed Reserve is up next by Khyber · 2011-06-14 13:46 · Score: 1
  
  Yea, Nuclear power plants can cause much more damage if forced to go critical.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
29. Re:Fed Reserve is up next by blueg3 · 2011-06-14 13:59 · Score: 1
  
  Depends. But both the hacker and the NRC agreed that it was unlikely that he could have cause a meltdown or serious damage. Shut off power to their customers, yes -- which is a problem.
Somebody is on a power trip by gweihir · 2011-06-13 10:37 · Score: 4, Insightful

Usually these end in tears. Only the most stupid black-hats (and that is all these morons are now) brag publicly.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
1. Re:Somebody is on a power trip by Hatta · 2011-06-13 10:51 · Score: 3, Insightful
  
  All things considered, LulzSec has a better track record than the US Senate.
  
  --
  Give me Classic Slashdot or give me death!
2. Re:Somebody is on a power trip by DigiShaman · 2011-06-13 10:58 · Score: 1
  
  They might even find a cruise missile headed their way. Multiple of them, for each node associated in the attack.
  Ok, so I'm kidding - a little. But the last thing you do is fuck with the feds. They will get their pound of flesh. That you can safely bet on.
  
  --
  Life is not for the lazy.
3. Re:Somebody is on a power trip by Jeremi · 2011-06-13 11:13 · Score: 1
  
  Ok, so I'm kidding - a little. But the last thing you do is fuck with the feds. They will get their pound of flesh. That you can safely bet on.
  Wait, I thought the Federal gov't was incompetent at everything except wasting taxpayer money. Which is it?
  
  --
  
  I don't care if it's 90,000 hectares. That lake was not my doing.
4. Re:Somebody is on a power trip by Dragon+Bait · 2011-06-13 11:18 · Score: 5, Funny
  
  Most likely have nothing to live for and are probably wanting to end it all by making others suffer.
  Are you talking about the hackers or the senators?
5. Re:Somebody is on a power trip by betterunixthanunix · 2011-06-13 11:31 · Score: 3, Informative
  
  Yet the US senate has the law on its side, and LulzSec does not.
  
  --
  Palm trees and 8
6. Re:Somebody is on a power trip by selven · 2011-06-13 12:07 · Score: 3, Insightful
  
  I take it you have not heard of the concepts of "lawful evil" and "chaotic good"?
7. Re:Somebody is on a power trip by Anonymous Coward · 2011-06-13 12:12 · Score: 1
  
  Law is the same thing as having all of the guns.
8. Re:Somebody is on a power trip by Bing+Tsher+E · 2011-06-13 12:18 · Score: 1
  
  The Federal Bureau of Investigation does not roll twelve-siders.
  It isn't a game on a card table in the basement for them.
  So, uh....
9. Re:Somebody is on a power trip by wickerprints · 2011-06-13 12:20 · Score: 4, Insightful
  
  Well, of course the US Senate has the law on its side. They wrote the law, arguably to serve their own interests, just like the Fed is a group of bankers that regulate the banking industry. It's not accountability if you are only accountable to yourself.
10. Re:Somebody is on a power trip by francium+de+neobie · 2011-06-13 13:08 · Score: 1
  
  You can still get the basement alright, somewhere in Guantanamo.
11. Re:Somebody is on a power trip by lightknight · 2011-06-13 13:38 · Score: 1
  
  They are both.
  It's like this: the feds are kind of like a slow, plodding police inspector (of the Javert variety). They miss a lot of things every day, tons of crimes going on everywhere that never get solved. We all know this, but people are loathe to acknowledge it. To acknowledge it is to admit that something is wrong, and if something is wrong, you may feel some compulsion to do something about it.
  So, when they finally do catch someone, they make sure to punish them extra brutally, supposedly to set an example to all the others. The reality is, they punish them extra brutally so the populace will feel that justice is being served, that something is being done about all the lawlessness. It's nothing more than politics, a classic misdirection, but it works so fr*cking well that it's become a law enforcement staple.
  
  --
  I am John Hurt.
12. Re:Somebody is on a power trip by betterunixthanunix · 2011-06-13 13:46 · Score: 1
  
  Which is exactly the point. We may believe that LulzSec is in the right, but at the end of the day they are breaking the law and if caught, they will be prosecuted for it. Chances are that a jury of their peers (at least in this country) will not acquit them, since most Americans buy into the notion that dangerous hackers are out to ruin their lives and their childrens' lives (or something like that).
  
  --
  Palm trees and 8
13. Re:Somebody is on a power trip by Bill_the_Engineer · 2011-06-13 13:54 · Score: 1
  
  Or they are a bunch of script kiddies that are bored because school is out for the summer.
  
  --
  These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
14. Re:Somebody is on a power trip by repapetilto · 2011-06-13 14:22 · Score: 1
  
  They could inadvertently ruin the life of a quadriplegic or something..
15. Re:Somebody is on a power trip by Anonymous Coward · 2011-06-13 15:17 · Score: 1
  
  No, law is the same as having a small, poorly-trained, and minimally-equipped standing army. Law enforcers don't stand up terribly well to a well-trained, well-equipped army, but they stand up to most anything that doesn't have that kind of backing.
  See also: Pretty much all attempts at revolution ever, successful or un-.
16. Re:Somebody is on a power trip by shimpei · 2011-06-13 16:06 · Score: 1
  
  dangerous hackers are out to ruin their lives and their childrens' lives (or something like that).
  You sound as if you do not personally believe this, but by exposing passwords to porn sites, LulzSec has done exactly that--ruin people's lives.
17. Re:Somebody is on a power trip by KingBenny · 2011-06-13 17:24 · Score: 1
  
  hear hear, if they really only want to point out flaws in security there's no need for most of their adventures to go public. I think a few guys hacked a bag of audax powder and got stuck in it. The worst thing i see, coming from all this media attention, is a great excuse for officials to go witch hunting and take down any convenient collaterals while they're at it. Exposing government officials who pay for porn however, i think that was quite a nice touch against hypocrisy :)
  
  --
  Free speech was meant to be free for all... how can anyone grow up in a nanny state ?
18. Re:Somebody is on a power trip by SomePgmr · 2011-06-13 17:29 · Score: 1
  
  Between senate.gov and the Fed... I foresee the NSA's Red Team being temporarily re-purposed. This could be bad news for a few folks.
19. Re:Somebody is on a power trip by AmiMoJo · 2011-06-13 22:06 · Score: 2
  
  Assuming that LulzSec members are in the US. You guys still don't have Gary McKinnon and the UK is supposed to be your best pal with a Special Relationship.
  If you think your laws should apply world wide because the attack was on a US institution then presumably you will be handing over the authors of the Struxnet virus to Iran, right?
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
20. Re:Somebody is on a power trip by PhxBlue · 2011-06-14 02:17 · Score: 1
  
  There are no basements in Guantanamo for the same reason there are very few basements in Florida: anytime you dig more than a couple of feet, you hit the water table. No, all the detainees at GTMO get to live above ground, in the 100-degree heat and 95-percent humidity ...
  
  --
  !#@%*)anks for hanging up the phone, dear.
21. Re:Somebody is on a power trip by Borland · 2011-06-14 02:24 · Score: 1
  
  I'm pretty sure that Lulzsec qualifies for Chaotic Neutral at this point.
22. Re:Somebody is on a power trip by Borland · 2011-06-14 02:36 · Score: 1
  
  Such bland classifications are only useful in fantasy where you can pigeonhole intentions so clearly. Or if you're just doing that for the lulz.
Bethesda by Anonymous Coward · 2011-06-13 10:37 · Score: 1

Why target Bethesda? And what are their plans for a bunch of forum accounts? I don't get it.
1. Re:Bethesda by gweihir · 2011-06-13 10:38 · Score: 3, Insightful
  
  They want attention. They do not care what kind of attention. Like some emotionally disturbed kids.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
2. Re:Bethesda by rodgster · 2011-06-13 10:38 · Score: 1
  
  two words
  password reuse
  
  --
  Who will guard the guards?
3. Re:Bethesda by loufoque · 2011-06-13 10:44 · Score: 2
  
  They probably wanted to play Skyrim early.
4. Re:Bethesda by ctrimm · 2011-06-13 11:10 · Score: 1
  
  Any press is good press. The more spotlight they get, the more impact their actions have.
5. Re:Bethesda by ctrimm · 2011-06-13 12:24 · Score: 1
  
  It's this idea that they somehow "impact" people beyond those they actually hack that I don't understand at all. Silly people with big egos.
  Sometimes just the knowledge that something is possible (has been done before) is enough to change a persons opinion about a subject. Those opinions, if there are enough of them, can influence anything from economics to politics. Do not underestimate the power of propaganda.
And so it begins.... by Sawopox · 2011-06-13 10:42 · Score: 1

All I can picture in my head is a mash-up of War Games, National Treasure, Highlander, and Mortal Kombat. If there data post is legit it represents a huge breach in security. More importantly, it's one of the first times a breach has been brazenly flaunted.

--
[http://it-tastes-so-good.blogspot.com] Are you hungry?
I want to see some Juicy stuff by future+assassin · 2011-06-13 10:42 · Score: 3, Interesting

As much as I like chaos brought to the powers that be none of this hacking will have any long lasting effects. want to see some serious info leaked that damages someone with real power. I'd rather see these guy dig out info that calls out the hypocrites in positions of power.

--
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
1. Re:I want to see some Juicy stuff by EdIII · 2011-06-13 13:52 · Score: 2
  
  Yeah. No Shit.
  If these guys are that good, then let's make Wikileaks look like an accidental slip on the tongue in a White House press conference.
  I want to see them stop fucking around with Sony, because it won't achieve anything, and go after the big ass people. Like the banks, sealed government records, etc.
  What respect are they really going to get from us when all they do is annoyance and harm when their skills could get put to very good use. Specifically, and forcefully, creating transparent governments.
  THAT I would respect. My only regrets and concerns would be about putting active military personnel in danger and our intelligence network operatives to a degree, but that's it. They should get all the information and just turn it over to the AP or a hundred different news networks, Wikileaks, etc.
  So far these people have demonstrated themselves to be nothing but criminals and Slashdot's sympathy or sense of justice allows us to laugh and give them some leeway when they attack targets like Sony, which are also criminals.
  Like I said before, this is not helping anything or changing it for the better.
  Lulzsec, for fuck's sake put those skills to good use once in awhile and just chalk it up to charity. Then rob the Federal Reserve.
2. Re:I want to see some Juicy stuff by gweihir · 2011-06-13 15:23 · Score: 1
  
  You assume they have any real skills. Looks not very much like it. They currently go for low-hanging fruit like any bunch of self-important amateurs does. Part of the way they publish their results is just to obscure that their hacks are easy.
  If you want hacking on a medium competency level, look at the RSA SecureID hack. (Not high competence level. A highly competent attack would not have been detected.)
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
3. Re:I want to see some Juicy stuff by Khyber · 2011-06-13 16:01 · Score: 2
  
  "You assume they have any real skills"
  Some weeks ago, we smashed into Brink with our heavy artillery Lulz
  Cannons and decided to switch to ninja mode. From our LFI entry point,
  we acquired command execution via local file inclusion of enemy fleet
  Apache vessel. We then found that the HTTPD had SSH auth keys, which
  let our ship SSH into other servers. See where this is going?
  We then switched to root ammunition rounds.
  And we rooted... and rooted... and rooted...
  After mapping their internal network and thoroughly pillaging all of
  their servers, we grabbed all their source code and database passwords,
  which we proceeded to shift silently back to our storage deck.
  Sounds competent enough to me. It's Bethesda who was incompetent.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
4. Re:I want to see some Juicy stuff by JimboFBX · 2011-06-13 18:05 · Score: 1
  
  Sounds like someone didn't learn their lesson in high school when they were given swirlies for talking like a complete nerd. I suppose I wouldn't expect any less from "LulzSec".
5. Re:I want to see some Juicy stuff by AmiMoJo · 2011-06-13 22:12 · Score: 1
  
  I wouldn't say fucking with Sony is a waste of time. If it gets consumers to realise they can't trust Sony, or for that matter many other companies, with their private details that have real monetary value and result in real loss when stolen.
  It would actually have been better if LulzSec had hacked PSN because they would have made all the data public and the victims could then check if their details were on there and do something about it. Visa and Mastercard could have bulk re-issued all affected credit cards. Instead we have no idea exactly what details were taken and what was done with them.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
6. Re:I want to see some Juicy stuff by GameboyRMH · 2011-06-14 00:54 · Score: 1
  
  Hey this is Slashdot and we encourage nerd-speak around here.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
7. Re:I want to see some Juicy stuff by Borland · 2011-06-14 02:49 · Score: 1
  
  You underestimate the laziness of the public. How many logged back onto the PSN and saw the requirement to change their password as a chore? And if they somehow miraculously stop trusting the company, then how many will assume that the lax PSN security was just a fluke? Nah, if anything the benefit is to prod companies into bolstering their defenses to shield their own asses -- for a time at least.
  As for releasing the data publicly I think that would have been as well received as the RIAA lawsuits. Besides, if you want to think evil then realize that *not* knowing what criminals have their hands on is far worse mentally.
8. Re:I want to see some Juicy stuff by AmiMoJo · 2011-06-14 02:53 · Score: 1
  
  I never underestimate lazyness. I bet a good proportion of the new passwords were the same as the old password with a '1' tacked on the end.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
9. Re:I want to see some Juicy stuff by DCFusor · 2011-06-14 04:14 · Score: 1
  
  + several for good point. It'd be nice to see the dirt, and the fact there's plenty should be obvious simply by what happens daily.
  
  I think that might be a doomed to failure exercise. Since the politicians and their masters have gotten good at this stuff, they don't speak where there's a tape recorder -- Nixon taught them that -- and they don't send this stuff in emails -- the insider traders getting caught taught them that. Remember, the pols *specialty* is doing corruption without getting caught.
  
  --
  Why guess when you can know? Measure!
10. Re:I want to see some Juicy stuff by gweihir · 2011-06-14 09:45 · Score: 1
  
  As I said, "low hanging fruit". Despite the bombastic language, nothing described there is above low to very low hacking difficulty. The surprising fact is how easy it sometimes is to get some supposedly secure networks. For others it is close to impossible. Just browsing around until you find some badly secured network and then claim you have great skills is just pathetic.
  Incidentally, all the press releases and the Twitter feed have me convinced that law enforcement is currently already in the process of deciding when to arrest these guys and already knows most of them. I mean, how stupid and traceable can you get? Could still take a while though.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Comment removed by account_deleted · 2011-06-13 10:43 · Score: 5, Insightful

Comment removed based on user account deletion
Re:Vizzini Says: by gweihir · 2011-06-13 10:47 · Score: 1

Risky. What if the other one is a great fool? There is ample evidence these for a significant part of the population and that intelligence and education are not reasonable predictor of this state.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Is hacking spate supporting internet lockdown? by Savantissimo · 2011-06-13 10:48 · Score: 4, Insightful

It seems like the recent outbreak of high-profile cases of computer break-ins is almost calculated to provoke legislation locking down the internet. First the kill-switch proposal, the announcement by the US military that computer intrusion would be considered an act of war, now a constant drumbeat of reporting in the media about major cracks.
Perhaps the hacks are all just being done by people who don't see how useful such stories are to those who want to assert control over the net, but it would be foolish to think that the "problem-reaction-solution" method has stopped being used by those who are after power, or to discount the possibility that some of this hacking and the publicity it receives is actually being provoked or even orchestrated by those seeking to expand government control over the internet.

--
"Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery?" - Patrick Henry
1. Re:Is hacking spate supporting internet lockdown? by VortexCortex · 2011-06-13 11:07 · Score: 4, Informative
  
  Perhaps that's exactly why the hacks are occurring...
  
  It seems like the recent outbreak of high-profile cases of computer break-ins is almost calculated to provoke legislation locking down the internet. First the kill-switch proposal, the announcement by the US military that computer intrusion would be considered an act of war, now a constant drumbeat of reporting in the media about major cracks.
  Perhaps the hacks are all just being done by people who don't see how useful such stories are to those who want to assert control over the net, but it would be foolish to think that the "problem-reaction-solution" method has stopped being used by those who are after power, or to discount the possibility that some of this hacking and the publicity it receives is actually being provoked or even orchestrated by those seeking to expand government control over the internet.
  Its remarkable how quickly the PATRIOT Act was "created" after 911. Most likely was waiting in a desk drawer waiting for something to polarize the public... Now we have teams of hackers that could literally be anyone, causing security problems across the board, from government, to business, to gamers. Clearly the people will now agree the government must put an end to it all...
2. Re:Is hacking spate supporting internet lockdown? by Dragon+Bait · 2011-06-13 11:23 · Score: 1
  
  Its remarkable how quickly the PATRIOT Act was "created" after 911.
  And depressing how quickly it was renewed with so little hue and cry. Sigh.
3. Re:Is hacking spate supporting internet lockdown? by ACS+Solver · 2011-06-13 11:49 · Score: 1
  
  I'll say this... I'm afraid we're globally heading, and quickly so, for a regulated, locked-down Internet. We'll look back fondly at the decade of 2000s, when the Internet had already reached massive, worldwide use and importance but also remained, for the most part, free. Now we'll likely see increased efforts by some governments to censor the Internet, legislation that would allow governments to easily take down certain sites or networks, legislation that forces ISPs to keep (and reveal upon request) increasingly more information on their customers and their net use.
  That's a very saddening though actually. The Internet is one of the greatest contributors ever to people's freedom - at least looking at what the Internet can be. Now though, it's headed another way and I can only hope for something to reverse that trend now.
4. Re:Is hacking spate supporting internet lockdown? by spydum · 2011-06-13 12:10 · Score: 1
  
  And how exactly do you "lock-down" the internet? That isn't as simple as flipping a switch. Even the great firewall of china has it's limitations.
5. Re:Is hacking spate supporting internet lockdown? by Bing+Tsher+E · 2011-06-13 12:22 · Score: 2
  
  Well, you see, Barry is behind it now, so it can't be criticized much.
6. Re:Is hacking spate supporting internet lockdown? by Bing+Tsher+E · 2011-06-13 12:26 · Score: 1
  
  The Internet Service Providers provide connectivity to the backbone. So, simply put, the number of ISPs is truncated a little, and some protocol changes are made. The 'mainstream' protocol is already due for a major update, in the form of IPV6. 'Why not do a little more tinkering around with it,' I am sure the authorities are saying....
  Granted, you'll still be able to throw Slackware on a bunch of boxes in your basement and throw files back and forth between them. Nobody is saying you actually have to connect to The New Gateway To The New Secure Information Superhighway.
7. Re:Is hacking spate supporting internet lockdown? by ACS+Solver · 2011-06-13 12:33 · Score: 3, Informative
  
  Who needs a total lockdown? Make a lockdown that's "tight enough" and that will already have most of the population under control. You don't even need anything too sophisticated. Let's say the government requires that all ISPs have their DNS servers use a centralized government blacklist of sites, resolving any site on the list to 127.0.0.1. That simple measure would prevent most Internet users in that country from accessing sites on the govt's blacklist.
  It's impossible to completely lock down the Internet without changing the entire infrastructure of it, if even then. There will always be the tech savvy 5% of users that are hard to limit. But with very simple technical solutions, you could limit 95% of the users. And probably limit half of the remaining 5% with a bunch of moderately more difficult measures.
8. Re:Is hacking spate supporting internet lockdown? by nedlohs · 2011-06-13 12:55 · Score: 1
  
  How so?
  The "Government knows best", "big government" party would be expected to be all for the government trampling over the rights of the people.
  The "state's rights", "small government" party is the one you would expect to be against it - so why would having a Democrat President make the Republicans less likely to criticize it?
9. Re:Is hacking spate supporting internet lockdown? by Fjandr · 2011-06-13 13:15 · Score: 2
  
  It's always "the other side's" fault. Partisans are incapable of being consistent in laying blame where it is due, since that frequently requires blaming both of the major parties.
10. Re:Is hacking spate supporting internet lockdown? by DerekLyons · 2011-06-13 13:35 · Score: 1
  
  Its remarkable how quickly the PATRIOT Act was "created" after 911. Most likely was waiting in a desk drawer waiting for something to polarize the public...
  Or more likely you underestimate the capabilities of a couple of hundred Congressmen, a thousand or more high level aides/advisers, and who knows how many lower level drones when focused on a task.
11. Re:Is hacking spate supporting internet lockdown? by prichardson · 2011-06-13 16:14 · Score: 1
  
  polarize the public...
  I don't think that means what you think it means.
  But yes, they did have it in a drawer. That's not to say 9/11 was a US government conspiracy; rather they just got to get it all through at once rather than as a rider here and there for each provision.
  
  --
  Help I'm a rock.
12. Re:Is hacking spate supporting internet lockdown? by melikamp · 2011-06-13 18:01 · Score: 1
  
  Internet cannot be locked down. It can, of course, be destroyed by taking out the infrastructure, but that won't happen. It can be fragmented and made somewhat more expensive through legislation, but it won't change the simple fact that, given desire and some minimal know-how, anyone can transfer GiBs of arbitrary data from anywhere to anywhere, do it secretly, and do it cheaply. And this is the bright side of Internet. There is also the dark side, where spammers and criminals control millions (soon, billions) of computers worldwide, as long as there are stupid people in the world. Criminals enjoy strong anonymity on the Net, and nothing will change that. Internet, and with it the freedom of expression, are limited only by the width of the pipe. China has wide shiny pipes, so when they try to control Internet, people have a good laugh (I know it, I ran a proxy for a while). Syria has crap for pipes, so their Internet would be deficient even if they didn't censor it.
13. Re:Is hacking spate supporting internet lockdown? by kramerd · 2011-06-13 20:20 · Score: 1
  
  I believe the PATRIOT act was signed into law on October 26, 2001, whereas 911 was September 11th. Then it took another 90 days to go into effect. So So it took at least 4 months in which public opinion had the opportunity to fight back. It still (sadly) does. Regardless of what legislation is signed into law, the internet is not locked down. I can still play online poker (for real money, with real cashouts), I can still create an online alias if I choose to do so,
  On a relevant point, I definitely believe that government exists to stop hackers. The alternative is vigilante justice, While I want people who release personal information that has been contracted to be held private through an act of breaking security to be punished (as much as I want someone who breaks into my house by breaking the locks on my doors), I certainly don't want random people deciding the punishment without oversight.
  Take away their internet permanently. Put them in prison for a while (I hear that jail is worse than having your porn habits released publicly, and quite possibly worse than having to replace your credit cards). Your insinuation that government shouldn't stop harassing hackers is absurd. I don't know how that will happen (it won't be through legislation directly), but I certainly hope it isn't through people like you.
14. Re:Is hacking spate supporting internet lockdown? by jvkjvk · 2011-06-14 05:37 · Score: 1
  
  The Patriot Act wasn't created after 911.
  It was dreamt up by the neo-cons quite a few decades before that. Including published stragegy and goals that more or less match, if not precisely.
  I am too lazy to find the docs, but *I* don't have to - i did that once already and was disgusted enough.
  They simply waited until the crisis. When things heat up, people's choices get plastic. Lay down a new Law Pattern, then stomp.
  Nice new waffle imprint on the faces of the Citizens.
  Regards
15. Re:Is hacking spate supporting internet lockdown? by Savantissimo · 2011-06-14 11:15 · Score: 1
  
  That should be "principle" not "principal"
  -OP, Gruppenführer Grammar Nazi.
  
  --
  "Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery?" - Patrick Henry
16. Re:Is hacking spate supporting internet lockdown? by Savantissimo · 2011-06-14 11:27 · Score: 1
  
  OP - Tight enough is good enough. it's a statistical game, anyway.
  
  --
  "Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery?" - Patrick Henry
It's a setup. by hellop2 · 2011-06-13 10:49 · Score: 3, Insightful

This will be used to push forth legislation making script kiddies equivalent to terrorists.

--
How many more years will slashdot have an off-by-one error on your Score in your profile?
1. Re:It's a setup. by Cl1mh4224rd · 2011-06-13 15:04 · Score: 1
  
  This will be used to push forth legislation making script kiddies equivalent to terrorists.
  Very probable. That doesn't mean it's a setup, though. Some smart people are "that dumb".
  
  --
  People will pass up steak once a week, for crap every day.
Not what Obama meant by "open government"... by jaskelling · 2011-06-13 10:49 · Score: 1

Or at least I'd hope not. (It's a joke, put down the pen and paper and/or your vehement email responses.) I'd actually hope this gets someone's ass kicked in the Senate's IT office. While there may not be much interesting found on there, it's still dangerous. If some silly media loving hacking group can gain access like this, it's certainly just as easy for some other malicious government or entity to get in and do worse. But I'm sure they're still too busy worrying about how to control the rights of the citizens to worry about something as trivial as this....
1. Re:Not what Obama meant by "open government"... by Hatta · 2011-06-13 10:55 · Score: 5, Interesting
  
  And when that ass gets kicked in the Senate's IT office, you'll have LulzSec to thank. If LulzSec could hack it, so could Iran. We should be grateful for the service they are providing.
  
  --
  Give me Classic Slashdot or give me death!
2. Re:Not what Obama meant by "open government"... by artor3 · 2011-06-13 12:04 · Score: 1
  
  Fuck that. If they were altruistic, they'd be quietly alerting the site's owners of the vulnerabilities. Not posting the email addresses of porn accounts and trying to publicly humiliate thousands of people "for the lulz". They are sociopaths, getting off on causing others misery. They need to be locked up.
3. Re:Not what Obama meant by "open government"... by Anonymous Coward · 2011-06-13 12:15 · Score: 1
  
  Your argument is not incompatible with the GP's. They're providing a useful service, for sociopathic reasons.
4. Re:Not what Obama meant by "open government"... by Bing+Tsher+E · 2011-06-13 12:28 · Score: 1
  
  They are sociopaths, getting off on causing others misery. They need to be locked up.
  Did your wife look at your Facebook page this morning and subsequently pee in your oatmeal or something?
  I guess that wasn't the kind of porn you liked, eh?
5. Re:Not what Obama meant by "open government"... by Lehk228 · 2011-06-13 12:29 · Score: 2
  
  good luck, they were certainly behind at least 7 proxies.
  
  these guys are not amateurs like the bank DDOS kids
  
  --
  Snowden and Manning are heroes.
6. Re:Not what Obama meant by "open government"... by adri · 2011-06-13 12:31 · Score: 3, Insightful
  
  I'm not sure if you've ever really sent an anonymous "your shit is broken" message to a site, but I bet the level of positive response would be inversely related to how big the company is.
  No-one wants their management to find out their stuff is insecure. They'd be looking for a new job. So they likely bottle it and pretend it ain't happening.
  I hate to say it, but I think Lulzsec is doing a disturbing but necessary deed. When no-one wants to improve the state of security, are quite happy accepting budget increases for "more security hardware" instead of doing it right the first time and externalise all security issues as vendor problems, there's no real motivation to actually pursue securely developed options. Lulzsec is outing that practice.
  I only hope that somehow this crap makes its way to pointing out inherent security flaws in OSes that make it tangible enough to lawmakers to suddenly care. Not "care" as in "pursue legal options rather than fix", not "care" as in "buy more layers of badly managed and ineffective security theatre", but "care" as in "we need to hire people who know what they're doing, then keep them around and include security in all stages of planning, development and operations."
7. Re:Not what Obama meant by "open government"... by marcosdumay · 2011-06-13 14:20 · Score: 1
  
  The only problem is that they don't know how to "hire people who know what they're doing, then keep them around and include security in all stages of planning, development and operations." To be specific, they don't know how to do that "hire people who know what they're doing" on any big organization, on any kind of professional they want to hire.
  Not that big organizations' managers are all bad, it is that hiring is HARD, and administration courses teach you should delegate that to people that don't understand what they are hiring for...
  
  --
  Rethinking email
8. Re:Not what Obama meant by "open government"... by cstdenis · 2011-06-13 14:52 · Score: 3, Insightful
  
  The solution is to stop letting HR people with no technical knowledge hire technical people.
  This is what results in the common practice of putting a know-nothing idiot with good social skills in charge of doing technical work they can't handle.
  
  --
  1984 was not supposed to be an instruction manual.
9. Re:Not what Obama meant by "open government"... by ISurfTooMuch · 2011-06-14 03:51 · Score: 1
  
  The solution is to stop letting HR people with no technical knowledge hire technical people.
  This is what results in the common practice of putting a know-nothing idiot with good social skills in charge of doing technical work they can't handle.
  HR? They aren't the problem, at least not in my organization. Here, as happens in many places, the hiring is decentralized, with HR just processing the applications and other assorted paperwork. No, the real problem is people hiring based on who knows who. Now, granted, looking more closely at a candidate who is referred by someone else isn't necessarily a bad thing, since those references often prove useful when evaluating their personality and work ethic. No, what I'm talking about is someone getting hired because they're buddies with the departmental manager or, even worse, somehow related to him/her. Then there are the cases where someone is putting pressure on the manager to hire someone, even though everyone knows that the applicant doesn't know a damn thing. It happens more times than I can count, and the outcome is usually either bad or sometimes disastrous. At that point, the employee is whisked off to some other position that his connected friend or relative can find for him, or the argument will be made that he was doing a fine job but had too many responsibilities on him, at which point he'll be promoted into a managerial position, and one or two people--the people who should have been in his original position in the first place--will be placed under him. He'll be a shitty manager, his underlings will do all the work, and, if things work out, he'll get all the credit, and, if things don't, he'll just fire and replace his underlings until he finds some who can make him look good.
10. Re:Not what Obama meant by "open government"... by DCFusor · 2011-06-14 04:18 · Score: 1
  
  Hey, HR tries! They demand meaningless Certs, degrees, and 5 years experience in things that have only existed for two!
  
  --
  Why guess when you can know? Measure!
Welp by elysiuan · 2011-06-13 10:50 · Score: 1

Well there's a big red line to cross. Would could possibly go wrong?!
Too much attention by Anonymous Coward · 2011-06-13 10:51 · Score: 1

Am I the only one thinking that these hacks get too much attention? Inform the people who are affected, but maybe keeping this stuff from the front pages would make it less lulz?
1. Re:Too much attention by Ruke · 2011-06-13 11:22 · Score: 1
  
  Who is paying them too much attention? The news organizations? They've got a tight balance that they have to maintain; they have to weigh the benefits of publishing this kind of information (a more informed public) against the costs (possibly "enabling" LulzSec). In the end, I think they made the correct decision, but that's up for debate.
2. Re:Too much attention by countertrolling · 2011-06-13 11:48 · Score: 1
  
  They gotta print something.. Not much happening at Apple today
  
  --
  For justice, we must go to Don Corleone
3. Re:Too much attention by fermat1313 · 2011-06-13 12:05 · Score: 1
  
  Who is paying them too much attention? The news organizations? They've got a tight balance that they have to maintain; they have to weigh the benefits of publishing this kind of information (a more informed public) against the costs (possibly "enabling" LulzSec).
  That's precious. Do you think that news organizations really work to maintain the balance of information here? Those days are long gone, if they ever really existed. Here's what gets on the news: Stories that people click on. How else do you think we got 3 weeks non-stop of Charlie Sheen updates? Because the public needs to know? Hardly.
4. Re:Too much attention by Ruke · 2011-06-13 12:30 · Score: 1
  
  No, of course I don't. I was talking about how they should act, which is completely divorced from how they do act. They publish the stories that bring in readers. Hell, this story was probably posted by an unpaid intern who thought it was interesting and put in his 15 minutes worth of research before hitting the "Submit" button. Looking at his profile over at ITworld, this dude writes pretty much exclusively about Anonymous's latest exploits; this isn't quite the pinnacle of journalism we're dealing with here.
5. Re:Too much attention by Bing+Tsher+E · 2011-06-13 12:32 · Score: 1
  
  Because the public needs to know? Hardly.
  The days when a group of people who flunked out of Calculus (and couldn't get into the English Department so they transferred to J school) get to decide what 'the public needs to know' are long gone.
  A lot of us are fricking glad that 'news organizations' don't 'work to maintain the balance of information' any longer. The situation isn't really that much improved from before, but at least some of the pomposity has been eradicated. Fucking Walter Concrete might be your hero, but to a lot of us he was just another stuffed shirt. Dan Rather was the last of the line, and it wasn't sad to see him go.
6. Re:Too much attention by inglorion_on_the_net · 2011-06-13 18:55 · Score: 1
  
  Actually, I am rather happy that the break-ins are being reported. LulzSec is going after high-profile targets, and succeeding. This is a wake-up call for the world: these are targets who should know they are targets, and they're falling to the attacks. We need better security!
  
  --
  Please correct me if I got my facts wrong.
7. Re:Too much attention by Datamonstar · 2011-06-13 20:18 · Score: 1
  
  No you are not. In fact, I really think this LulzSec is a false flag operation. I'm predicting it now. Within a year, LulzSec will be brought to "justice."
  
  --
  The eternal struggle of good vs. evil begins within one's self.
8. Re:Too much attention by GameboyRMH · 2011-06-14 01:12 · Score: 1
  
  They're not getting more than a short blurb in the mainstream media - and that's from the "infotainment" channels, on a proper news channel they might not get more than a mention in the ticker. Only tech sites are making a big thing out of it. I don't think the BoA leak got any TV news coverage at all.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
Uninteresting. by Anonymous Coward · 2011-06-13 10:52 · Score: 1

Looks like they got access to a web server and were able to list the apache conf and some files being served up.
Meh ... by lennier1 · 2011-06-13 10:55 · Score: 1

I would've given bonus points had they manipulated the system into displaying random Wikileaks embassy cables.
Re:Why is the government wasting money... by magamiako1 · 2011-06-13 10:57 · Score: 1

Because it's more secure than Linux? har har ;)
Er, what? by Daetrin · 2011-06-13 10:58 · Score: 1

"LulzSec might not be as famous as Anonymous â" they're really best known for hacking sites they like, to prove a point about security"
Wait, so is LulzSec known for hacking sites they like? Or is Anonymous known for hacking sites they like? Which one of them actually likes Sony since both groups hacked them? (Even disregarding Sony's claims about the stolen PSN information, Anonymous admitted to being responsible for the prior DDoS attack.) Does Anonymous like the Scientologists or does LulzSec like InfraGard? I'm kinda confused by the claim.

--
This Space Intentionally Left Blank
Re:Vizzini Says: by fishingmachine · 2011-06-13 11:07 · Score: 1

clearly the expected thing to do would be to build up an immunity to a specific poison for years and poison both
Shooting one's self in the foot? by TheRealQuestor · 2011-06-13 11:07 · Score: 1

Or is this more of a case of stepping on the tail of a tiger?
Yes by Anonymous Coward · 2011-06-13 11:23 · Score: 1

Which is unfortunate. The legislation should instead instill some sort of competence insurance program for security specialists, and compliance audits for all businesses that handle personally-identifying information (PII).
The greater the amount of PII, the higher the legal requirement for security, and the more stringent and frequent the audits.
Make PII a cost center rather than a profitable resource, and watch the situation improve dramatically.
The end of an era? by makubesu · 2011-06-13 11:25 · Score: 1

It seems like a new high profile hack happens every day. Is this just a fad? Will things calm down again? Or is this the beginning of a radical change for the internet. It used to be that you could get away with just a few weak security measures, but now that doesn't look sustainable. Not to mention the rise of DDOS attacks recently. Will we see a radical shift in the way tech companies operate? Is it really affordable to be secure? Maybe new technologies will be required to bring the cost down. Is it even possible to be secure? I'm sure all these companies thought they had locked the door tight.
1. Re:The end of an era? by Mashiki · 2011-06-13 12:38 · Score: 1
  
  Seems to me that a lot of these breeches happen to enter the 'shit you should always cover' territory. I.e. secure your SQL database, don't leave open inputs, make sure it's sanitized, hash and salt passwords. Don't store passes in plaintext. And so on.
  Sure the hell makes me wonder who's being hired for their network security. Or if a lot of these companies are simply farming it out.
  
  --
  Om, nomnomnom...
Private key for senate.gov! by mveloso · 2011-06-13 11:32 · Score: 1

Looks like the lucky senate.gov webmaster gets to see if the key revocation process actually works.
1. Re:Private key for senate.gov! by wvmarle · 2011-06-13 19:33 · Score: 1
  
  The server was hacked, if that key was stored on the same server it's not guaranteed safe any more. Better safe than sorry: revoke the current key, get a new one. It's a basic security measure when recovering from a breach.
Re:Thanks Guys by drpimp · 2011-06-13 11:47 · Score: 1

I am waiting for ...
Fingers to get pointed at [INSERT ROGUE NATION] and we start a another un-just war. /halfempty
On the brighter side maybe these guys [IT staff of the compromised servers, I am looking at you] will actually start considering tougher security on front facing servers /halffull

--
-- Brought to you by Carl's JR
Re:Vizzini Says: by CronoCloud · 2011-06-13 11:51 · Score: 1

And never go against someone who's read or seen The Princess Bride a thousand times, when death is on the line.
Hacking increase! by thecounterweight · 2011-06-13 12:04 · Score: 1

Damn, I had just posted a comment two days ago on another Slashdot thread about Anonymous hacking a Libyan website stating that there has been a huge increase in high-profile hacking this year. Now the US Senate? While I appreciate the work that Anonymous has done, this LulzSec crew seems to be much less interested in helping people, and more interested in just causing ruckus. Well see how long it takes before their lulzboat has a hole in it.
1. Re:Hacking increase! by thecounterweight · 2011-06-13 12:07 · Score: 1
  
  Sorry, it was a Turkish website http://yro.slashdot.org/story/11/06/11/1834226/Anonymous-Takes-Down-Turkish-Government-Site
2. Re:Hacking increase! by DaveV1.0 · 2011-06-13 23:41 · Score: 1
  
  Anonymous isn't interested in helping anyone. They are just a bunch of cowardly cyber-thugs trying to impose their will on others. Just look at the PBS attack. They didn't like the opinion expressed by a show, so they attacked PBS to intimidate PBS and its shows into not expressing that opinion. They are lying hypocrites who complain about censorship and non-transparency, while trying to censor others and keeping themselves anonymous so they can not be examined, which is pretty nontransparent.
  
  --
  There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
3. Re:Hacking increase! by Xest · 2011-06-14 01:05 · Score: 1
  
  I think really they're just trying to show how utterly hopeless it is of governments trying to regulate the web. They've been on about it for years, and people have told them it's futile yet still they legislate.
  I think they're hoping that by repeated, regular, high profile hacks like this it will show governments they cannot win, they're going to have to accept, whatever they think, the web is out of their reach, it's a new concept for them- for the first time it's something they can't really control.
There's nothing important there by Animats · 2011-06-13 12:12 · Score: 4, Insightful

That's not some inside server. Look at their list of files. It's the Senate's outward-facing web server, "www.senate.gov". It also hosts the public web sites of individual senators. It looks like what you can see on a UNIX system with a guest account. Big deal. Every staffer on the Senate side has that much access.
They have the complete directory of all the paintings in the Capitol. The forms for registering as a lobbyist. Pictures of all the Senators. Lots of stuff for tourists. This session's voting results, in HTML. The base Apache config. Nothing exciting.
1. Re:There's nothing important there by wvmarle · 2011-06-13 19:37 · Score: 1
  
  Why would a general staffer have any more access to that server than to the directory (and subdirs of it) where their part of the web site is stored?
  Most of the things you list are probably public indeed; the base Apache config is NOT. Even a guest account should not have access to that kind of information. And what would guest accounts do on a production server to begin with? Too easy a starting point to explore what's exactly on that computer, and work from there.
2. Re:There's nothing important there by proton · 2011-06-14 00:19 · Score: 1
  
  Dude, filesystem access is a very dangerous thing to give a competent hacker. Access to read config files (or just /etc/passwd (free usernames -> password guessing just got extremely simplified)) is VERY dangerous. Once you have filesystem access, elevating your privileges to root is usually not that big a challenge on a mismanaged UNIX system. I havent read TFA but in the 90's if you had shell/filesystem access, getting to root from there was minutes away, sometimes seconds.
  We're talking about one of the highest levels of government here, in the only remaining superpower in the world, the website should be locked down like nothing else.
3. Re:There's nothing important there by blueg3 · 2011-06-14 01:39 · Score: 1
  
  Hello, /etc/shadow, how are you?
4. Re:There's nothing important there by quarterbuck · 2011-06-14 10:00 · Score: 1
  
  Nothing exciting.
  If they got write permissions they could do some damage/fun stuff... ranging from putting out a news release of "Weiner quits" to "Obama and Castro kiss and make up". And of course there is the secondary effects by modifying a page and getting a senator to comment on it. Say put up a post saying "Obama says Medicare to be cut to zero by 2015/military budget to be cut to zero by 2015" and asking democrat/republican senators to comment on it.
  
  --
  http://slashdot.org/submission/1062723/Cheap-mobile-data-plan?art_pos=2
Remember when Valve got hacked? by Radical+Moderate · 2011-06-13 12:25 · Score: 2

...and HalfLife 2 got delayed for months? If this stunt delays Skyrim, these tools deserve a kick in the nuts!

--
Never let a lack of data get in the way of a good rant.
Re:Thanks Guys by EnsilZah · 2011-06-13 12:46 · Score: 5, Informative

I know what they did is wrong and all but what you wrote sounds like "Look what you did, you've angered the master, now he's sure to give us all a good whippin'"
Apache 0day by Anonymous Coward · 2011-06-13 12:55 · Score: 2, Interesting

Lulzsec's primary means of access is an Apache 0day. Also, one of their primary members works for a Tier 1 ISP, thus giving him privileged access to some high level routers/customer information.
1. Re:Apache 0day by biodata · 2011-06-13 19:51 · Score: 2
  
  We'll need a citation on this.
  
  --
  Korma: Good
Re:Thanks Guys by Alystair · 2011-06-13 12:56 · Score: 1

This is the exact concern I've had since the start of these highly publicized intrusions. Instead of blaming lax security guidelines and policy at the places of intrusion, the public media is placing the blame in the hands of the people bringing making this knowledge public. Surly there are better ways to notify the companies at fault, but with the new development of "let's only solve problems when the public makes a giant scene out of it" (ex. people complaining on Twitter about issues they are having) this was bound to happen sooner rather than later. I really hope the people in power see the true issue and don't use it as an excuse to lock down and regulate even further (ha, yeah right). Prevention is the key measure, not treatment of the problem once it happens.
IF Lulzu can do it, the question is ... by Jerry · 2011-06-13 12:58 · Score: 1

just how long have the Russians and Chinese been lounging around in that system? A year? A decade?

--
Running with Linux for over 20 years!
Re:Thanks Guys by spachib · 2011-06-13 13:48 · Score: 1

This is the wrong reason to condemn their actions.
Who's "we"? by zooblethorpe · 2011-06-13 14:04 · Score: 3, Insightful

Oh, the FedRes functions buddy boy. it just functions in ways we never intended it to.
What do you mean, "we"?
Hugs and kisses,
-- Hank Paulson

--
"What in the name of Fats Waller is that?"
"A four-foot prune."
Re:Thanks Guys by shutdown+-p+now · 2011-06-13 14:27 · Score: 1

Yeah, well, that's the "lulz" part of it.
Re:Thanks Guys by repapetilto · 2011-06-13 14:30 · Score: 1

I actually heard a blurb on a "conservative" radio station today that referred to them as "a hacking group devoted to exposing security flaws." So the narrative is changing. Then again I also heard a blurb a couple weeks ago talking about K2 like it was a new thing when its been around for a decade and already outlawed in a few states.
i bet by Nihn · 2011-06-13 15:09 · Score: 1

I will laugh when Lulz turns out to be a group of 12yo kids from japan
Bad idea, guys. by jcr · 2011-06-13 15:32 · Score: 1

Ask John Draper sometime what happens when you taunt the government like this.
-jcr

--
The only title of honor that a tyrant can grant is "Enemy of the State."
LulzSec Learns Nothing From Lesson of Pvt Manning by CodeBuster · 2011-06-13 16:17 · Score: 1

Did these people learn nothing from the lesson of Pvt Manning? Do they believe that they won't be found by the USSS and the three letter agencies? If these people are US citizens then they are being really dumb. If they aren't US citizens then it will be even worse for them when they are eventually caught. Will they still be laughing after the Feds make examples of them? We shall see.
I'm waiting for LulzSec to hack Slashdot. by Elbereth · 2011-06-13 16:41 · Score: 2

I think it would be hilarious for LulzSec to hack Slashdot and post every single username and password, along with any financial details that they found on Thinkgeek.. Come on. Slashdot is so buggy, their security simply must be a joke. I'd be curious to see what the reaction is. My guess is that some people would still support LulzSec, even saying that they're glad that such a fine group of principled and honorable white hat hackers took the time to demonstrate the flaws of Slashdot's security.
Back when I was in college, I had a friend who used to break into cars that used The Club. He wouldn't steal anything but The Club itself, to demonstrate to them the uselessness of the product. I found it hilarious. Much like these web site hacks, it was just a harmless prank by some punk kid. But it was also pretty fucking antisocial. Did those people learn a valuable lesson? I don't know. Maybe. That doesn't change the fact that it was wrong to break into those cars.
By the way, I'm not saying that I'm some paragon of virtue, because, obviously, I'm not (I found the whole thing rather amusing and probably indirectly encouraged his activities by laughing). I don't think you need to be virtuous in order to speak about virtue, however.
1. Re:I'm waiting for LulzSec to hack Slashdot. by DigiShaman · 2011-06-14 13:05 · Score: 1
  
  I don't think you need to be virtuous in order to speak about virtue, however.
  No, but it sure helps.
  
  --
  Life is not for the lazy.
Cui bono? by Opportunist · 2011-06-13 16:54 · Score: 1

Ok, for the lulz, all nice and dandy, but bragging only works in your favor if the one you're bragging to actually admires what you do. While we might have admired the person who egged the principal's car in school, we all hated him when we all had to stay longer "'til someone confesses". And this could easily end the same way, just more severe.
What will happen? What is to be expected as the reaction of the government? Just shaking their fists, then going on their knees and beg to stop? We live in an age where the most minimal of excuses is used to eliminate any traces of privacy left, especially in the vicinity of computers, and this is maybe more of an excuse than many things before. Can anyone here see this as a very welcome reason to tighten the screw on privacy? From outlawing open WiFi Routers and open onion proxies to mandatory backdoors for the feds in your machine, there's little anymore that's simply beyond discussion.
And what for? Did we actually get any "dirt" on any of the targets? What came out of the senate hack but a defacement? Any information? Anything the public would actually benefit from? Or is the only "benefit" that we now have an excuse for any kind of law crammed down our throat because we need "more safety"?

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
1. Re:Cui bono? by Drafell · 2011-06-14 00:55 · Score: 1
  
  Unfortunately, most drastic change only comes through revolution.
  It would be sad to see that occurring in a G-20 country, but at this point is is looking inevitable.
  We are currently undergoing a technological revolution, and society will invariably be changed by it; not just in the States, but worldwide.
2. Re:Cui bono? by Borland · 2011-06-14 02:59 · Score: 2
  
  The most drastic change occurs by revolution, but I'd say the best change occurs by evolution. And good outcomes certainly don't come from idealists without a real plan for replacing the establishment. Crap, that's just asking for the guillotine.
3. Re:Cui bono? by Opportunist · 2011-06-14 04:20 · Score: 2
  
  Revolutions rarely have a good ending. 1789? Led to a reign of terror. 1917? Led to a reign of terror. 1776 is maybe the only one that led to more freedom. But it seems, only temporarily so.
  The main problem is that we replaced aristocracy with plutocracy. Instead of birthright and divine providence, money is now the deciding factor of your worth in society. And while superficially more porous, since anyone could get rich, nothing really changed but the people on top. It is still the same flawed system.
  Originally, aristocracy was a meritocratic concept. Those of virtue (be it battle prowess or great leadership) were put in charge, since they proved they can rule and lead people. And as it is very natural for us, these people wanted to leave a legacy, and titles and offices became hereditary. Unfortunately, virtue and leadership are not. And without challenge to their rule, there was no need to distinguish themselves and prove they're "worthy" to lead. The result was their ultimate demise when it became blatantly obvious that the king had no clothes.
  The current plutocratic system suffers from the same flaw. Originally, those who came to riches had to be good investors, careful planners, foresighted industrial thinkers and hard workers who knew the value of work and the hardships associated with them. The current generation of industrial leaders never had to distinguish themselves. They got their position due to a network of other plutocrats that elevated them into the positions they hold today, they have no connection to the company they lead, they never "built" it, they don't care about it or anything done in it. Most of all, they also have no responsibility for it as the current "too big to fail" scam shows. It does not matter whether they know what they're doing or whether they are essentially playing the lottery.
  It's the same shit all over again. Another time, another set of players, another "merit" to have to be one. But else, same shit as 300 years ago.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Re:Thanks Guys by SomePgmr · 2011-06-13 17:11 · Score: 1

You're right, but it's still reasonable to be afraid of a good whippin. Particularly if no good came of it.
Coherence by peppepz · 2011-06-13 17:31 · Score: 1

Where are all the security experts pontificating about Sony's incompetence now? And those who applauded the hackers?
Once again, hackers got their lulz, and we'll enjoy the consequences, i.e. the "patriot act"-like laws for the Internet which are sure to follow.
Sad sad days ahead by Petbe · 2011-06-13 18:21 · Score: 1

Since 9/11, it has been made quite clear that the liberties and freedoms people take for granted can and will most likely be hindered by threats. The government has already shown that it is willing to step on freedoms and grey areas (such as the internet) in attempts to secure the "safety" of its people. And I think what Lulz has been doing with these sporadic attacks will lead to some unforeseen and unfortunate circumstances. Tread lightly; something that is not being used. It might be too late though. The government may respond, and the response may be limitations. And from those limitations will come more hackavist like activities and attacks which will lead to more limitations. Lulz most likely bit off more than they can chew at this point.
Re:prediction for tomorrow's slashdot story by dintech · 2011-06-13 20:17 · Score: 1

No, but you'll notice their release gives an address to make Bitcoin donations. "Bitcoin used to fund drugs and government-destroying hackers."
Two birds, one stone.
They uncovered something very serious by camperslo · 2011-06-13 20:47 · Score: 1

US-Advised-on-using-Stuxnet-style-attacks-in-Libya
http://www.mercurynews.com/breaking-news/ci_18263468
http://slashdot.org/submission/1647610/US-Advised-on-using-Stuxnet-style-attacks-in-Libya
Re:Thanks Guys by vegiVamp · 2011-06-13 20:58 · Score: 1

Which, incidentally, is very likely to be more accurate than either of you want it to be.

--
What a depressingly stupid machine.
Wild guess by ThatsNotPudding · 2011-06-13 23:41 · Score: 3, Insightful

Then ask yourself who the larges employer of mathematicians (not an easy study by any means) in the world is. And they have other pretty good people too.
Let me take a wild guess: number of ethicists: zero.
1. Re:Wild guess by DCFusor · 2011-06-14 04:09 · Score: 1
  
  Number of security experts who get the shot and resources for doing a good job of it -- less than zero. Math doesn't have much to do with security in this sense -- theory isn't practice. And as to how good they are at math, I seem to recall "the housing crisis is contained" and a few other laughable statements out of these academic mathematicians who know precisely squat that their corporate masters don't tell them to think.
  
  You think the Fed is well run, predicted and prevented any of this disaster? Or even raised an alarm? Go learn some stuff, then talk. I watch them every day, as a trader. Puleese, they're not real good at what they try to do -- or deciding what they should do.
  
  --
  Why guess when you can know? Measure!
2. Re:Wild guess by gweihir · 2011-06-14 09:47 · Score: 1
  
  Advice:
  1. Research facts
  2. Then shoot of mount.
  The largest employer of mathematicians on this planet is the NSA.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Lame hack by BeanThere · 2011-06-14 00:26 · Score: 2

I hope these guys are as good as they claim to be, otherwise we will be seeing their faces with the caption "Further arrests from anonymous hacking group"
I agree, if they really claim to "not like the US government", then a much smarter move would be to snoop around quietly and dig up something REALLY juicy. Where's the meat? They brag about hacking the Senate but then give us what looks like little more than a list of mundane files on a webserver, or something. Whoop. Sounds more like they managed to find one unsecured machine, and just couldn't wait to brag about it ... I can just see it ... 'ZOMG dude we hacked teh Senate!!11!' 'Oh yeah we're awesome!'. It has no class. They had an opportunity to get onto the network and look around for something really interesting, like evidence of corruption or something, instead they just hollered as loud as they could and now security will be stepped up, helping close the opportunity to do something good.
I stand somewhat corrected by BeanThere · 2011-06-14 00:29 · Score: 1

Hmm, seems they aren't doing nothing useful: http://www.mercurynews.com/breaking-news/ci_18263468?nclick_check=1
the True state of our country... by GReaToaK_2000 · 2011-06-14 01:16 · Score: 1

The media doesn't work anymore when it comes to whistle blowing news about our government.
- can't photo or record cops - guy that got brought in for recording a shoot out
- the entire decade of 2000 to 2010 lack of real coverage of anything to do with the middle east wars.
- any protection of anonymity.
The media has been "recovering" from the Bush era controls, but they still don't really do as good a job as they have in the past. They are more interested in selling the news that reporting it.
So, its up to US (people of the US) to record the news on our cells and post it to the internet before that gets controlled.
It also occurs to me that Hackers may become a form of Journalism at this point in order to protect the people from it's government.
Some may think this obvious but I felt it needed to be stated.
Sounds like more SQL Injection by jonescb · 2011-06-14 01:55 · Score: 1

Come on LulzSec. Do something a bit more sophisticated than SQL Injections and XSS.
Any dingbat can put "a'; select * from users where '1'='1" into a search form on a random website.
can't ketch me, I'm the gingerbread man! by Thud457 · 2011-06-14 02:35 · Score: 1

nyah nyah!

--
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Re:Huh.. by datapharmer · 2011-06-14 03:31 · Score: 1

trying to figure out why there were all these unexplained logins from the wan.

--
Get a web developer
I wonder... by slapout · 2011-06-14 05:50 · Score: 1

...if these guys could find Obama's Senate records....

--
Coder's Stone: The programming language quick ref for iPad
Government & IT Security by Synerg1y · 2011-06-14 06:12 · Score: 1

needs to hire less of the former and invest more in the latter. The only way the government can lock a determined individual down in their country via an internet restrictions approach is to cut the ethernet cable running to that person's computer. The internet as is is not by design meant to be restrictive, it's all technologies that have come after it that have waged the war.
Re:Thanks Guys by horza · 2011-06-14 07:18 · Score: 1

I read it as "I, cozzbp, am a pathetic coward" but your description is good too. We have laws, LulzSec committed a criminal act, but if you are afraid that a few random teenagers will inspire Orwellian legislation then the problem is with the government not with LulzSec. The responsible citizens have to stand up to both cyber-bullies AND to power-mongers. If you yanks can still not have guns legislated against, after all that's happened, then allowing cyber legislation to screw you over is just sheer laziness.
Phillip.

--
Property for sale in Nice, France