Slashdot Mirror
Anonymous Releases 90,000 Military E-Mail Accounts
jjp9999 writes "Anonymous Operations posted 90,000 military email addresses and passwords to the Pirate Bay on July 11, in what they're calling 'Military Meltdown Monday.' They obtained the emails while hacking government contracting and consulting firm Booz Allen Hamilton. They hinted at other information obtained during the breach, which they describe as 'maps and keys for various other treasure chests buried on the islands of government agencies, federal contractors and shady whitehat companies.' The breach comes just days after Anonymous hacked government contractor IRC Federal. Both breaches are linked to the new AntiSec movement, which LulzSec joined forces with shortly before disbanding."
The pirate bay is still around!??!?!?
I don't think I'll be grabbing that torrent...
That name itself just screams trustworthiness, doesn't it? I know I would happily hand over my secrets to someone named Booz to keep confidential and secured.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Not sure when this is going to end. Maybe Operating Systems needs to be redesigned with built in security.
~nt~
Your hair look like poop, Bob! - Wanker.
Anonymous has an agenda. That's fine. Originally they were after Scientology. If they've shifted focus, I have no problem with that. If they're trying to become another Wikileaks and expose government wrongdoing, that also makes sense.
What I don't understand is the wholesale posting of email addresses and passwords. What are they trying to accomplish? Military or not, these are email addresses of real people. This is no longer a crusade against "bad guys" whoever they may be, or even against bad activities. This is now a crusade against privacy. You know, the concept that keeps Anonymous, well, anonymous.
If we use exactly the same standard that they use to judge what should be public information, then the names, email addresses, and passwords of everyone who calls himself/herself Anonymous should be public as well.
Comment removed based on user account deletion
How does releasing email addresses and passwords aid the fight for good and thwart evildoers? They should go back to the Scientology thing.
Sorry, but gray text on gray background is making my eyes bleed.
Or Komics !! Or Kovaks !! I can't tell !! I won't tell.
You can still collect IP addresses with an HTTP download.
I just can't help but think what has changed recently which might explain the flood of all these high profile attacks.
A critical mass of stupidity? (OWASP greatest fails)
TLA false flagging for 1984 legislation?
Two hacking groups (lulz and anon) with nothing better to do?
Whatever the reason I hope people are taking this opportunity to wake up.
It would be very easy to take down the server, but it's much harder to take down a distributed tracker. Also, you don't need to buy large quantities of traffic.
The recording industry really, really7 sux. Evil city Their RIAA, too. Please, go after them. These guys are on our side.
You got to hand it to them: These blackhat/lulz Hacker types sure do have some balls. I'd be scared shitless to pull such a stunt, even if I *did* have the information. I'd be super-ultra-extreme paranoid and cover my tracks many times over. I actually wouldn't know where to start when attemting that.
Probably something like this:
1. Multiple levels of undetected low-profile unix breakins to start off a botnet.
2. Multiple levels of botnets on top of that to finally hack the systems involved in the attack and breach, using totally different malware strategies as to go undetected among the usual hodge-podge of criminal botnets.
3. Low-profile IDS on all levels to scout for detection or suspicious tracing activity 24/7.
4. Encrypted, low-profile bit-by-bit intrusion and trickle-data-grab over weeks or months.
5. Complete rollback and teardown of the entire network with IDS remaining on the last lines of defense (see 1.) ready to send out signals if someone comes for you.
6. Wait. A long time.
7. Release data and press release over simularly complex channels.
Imagine what happens to you if the CIA or some other 3-letter blackops finds out where you're at. Your life is pretty much over then.
We suffer more in our imagination than in reality. - Seneca
Its the Jachin and Boaz show, once again..
http://www.jewishvirtuallibrary.org/jsource/judaica/ejud_0002_0011_0_09825.html
someday you somnambulists will arise from your stupor..
If a nuclear explosion would cause the government to fund a free software development initiative to ensure the security of systems I think I would want it to occur. The insanity of writing insecure programs and fixing bugs later is not the way to design software. It should be written from the ground up with security in mind. Updates adding new features should not be applied without serious review and consideration. AND features should be modular so that components aren't needed aren't installed and thus can't be exploited.
And messing up Libya. I wonder what that tells about them.
With HTTP you have one peer - the HTTP server. With torrent you have many peers. In both cases they have access to your IP address. So it depends on how much you trust the server.
The reason they use torrent and not HTTP for stuff like this is because
A) they don't want to pay for the bandwidth of serving that file to thousands of people, nor to be able to be traced to that server.
B) Free HTTP sharing sites have bandwidth limits, rat people out, and are a general PITA.
C) With bitorrent there is less centralization so it is harder to stop distribution of the file.
Wouldn't it be best to use Tor to distribute it?
The hosting server can. An arbitrary client can't hop on and grab a list of everyone else downloading it at the same time, though.
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
Don't be dense. This is Lulzsec. They're just calling themselves Anonymous to get some form of protection.
Nice work guys !! Stick it to them and keep it up... wars suck and government just love to have them
You can still use TOR if you need to.
On the one hand, the military and its contractors are assholes for exposing tens of thousands (and surely more) of military people's accounts to cracking and outing.
On the other hand, Anonymous is assholes cracking and outing tens of thousands (and surely more) of military people's accounts.
That's both hands assholes. Have you noticed that everyone in public life these days is an asshole?
--
make install -not war
TOR is an end-user decision. Host it on the web and the people downloading it could use TOR, but you don't really specifically distribute via TOR.
What you're talking about is more akin to Freenet.
"People who think they know everything are very annoying to those of us who do."-Mark Twain
Russia says, "Thank you."
China says, "Thank you."
You are known by your chosen friends.
It's "Tor", and you can host anonymously with "hidden services".
The government is doing this to incense people enough that they can put forth draconian laws about hacking and internet use.
You know, like how we used 9/11 to start multiple wars.
Anonymous... why would you make this move? This serves no purpose but to aggravate the military and focus even more attention on P2P. I suspect the Lulzsec kiddies are now a rogue branch of anonymous.
Look, yeah sure not much good can come from posting those accounts...
BUT If they were able to get the account information.. Well then you have to assume that other countries' cyber warriors (whatever you want to call them) also had that information and potentially more.
It the very least it brings (the lack of) security to the publics mind as well as
Govt/Corps. Personally, I think the illusion of security does much more harm than good.
false flag ops designed to facilitate a locked down internet.
What these guys are doing now is mush more serious and may get them killed instead of jailed. They are playing Espionage Vs the US military. Selling,or giving or using for there own benefit military data that doesn't belong to them might get them a date with a firing line. And guess what, im all for it. Just because you CAN do something doesn't make it the right thing to do. If you want to play you better be ready to pay and some of theses guys might pay an ultimate price. Time will tell
Jack of all trades,master of none
No, safer way is to hack a WEP protected wireless, preferably in the downtown area. Then used it to grab the torrent.
that'll teach them a lesson not to use WEP
This is the real deal guys. Don't use torrents, or the peers will have your IP. Download from the RapidShare link over Tor.
I guess Allen Hamilton will really be hitting the Booz!
"Politicians and diapers must be changed often, and for the same reason."
I have no problem pointing out the fuckedup'ness of our stupid fucking country... because it is our country...
However. I would like to see Anon start tackling OTHER countries, because America is not the old land of BS. It is also every other nation who we compete with.
Not as ironic as Standard & Poor's.
That's not ironic its descriptive for a credit rating agency. Either you make their arbitrary standard you'll be poor...just ask the Greek Government.
I suspect the Lulzsec kiddies are now a rogue branch of anonymous.
No, this is Anonymous. Not that other Anonymous full of assholes you'd like to pin this on, to keep thinking the first Anonymous was any better.
They're all assholes. This is what they do.
you could distribute it as http published to a Tor hidden service... but then hardly anyone would see it.
Yeah, don't click the link.
Why the fuck would you post something like that? Warning to all: scatology in its worst form. Do not look.
Laws are like sausages. It's better not to see them being made. - Otto von Bismarck
Didn't some top ranking official recently say something about an internet "Pearl Harbor?" You see, this isn't Anonymous, or any other basement hackers looking for lulz in all the wrong places. This is the fucking government working to tighten control over the internet.
WTF? where do you get turds that big?
You're not at negative karma yet?
And aiding a bunch of filthy "rebels" , which are a minority and quite the chunk of them are religious fanatics on par with those in pakistan and afghanistan.
Besides, tell me, how is bombarding Tripolis in the OSN mandate which was to prevent civillian losses?
Allow one or two deaths of "Our Heroic Sons and Defenders" apparently as the result of it.
Crack down savagely on all 'net freedoms whilst Middle America cheers.
Profit.
Just not for you or I.
B) Free HTTP sharing sites have bandwidth limits, rat people out, and are a general PITA.
They only rat out the file sharers (uploaders), and in many countries sharing files is not illegal.
LOL, where you bullied at school too?
Fear makes the wolf look bigger
-
Oh yeah? How do you know that they aren't really some chinese special ops who convinced all you gwailo anons to do their work for them?
-
i'll tell her to change her password
And with an http server, anyone in the middle can see exactly what you are grabbing as well.
If I were government investigating the leak of such, you'd be sure I'd be watching the distributors and who expresses interest.
Wow, anonymous ups it's morality closer to that of SPAMMER (I know that's scraping the bottom of the barrel). How about "molester of mental patients". Though that's probably still a compliment at worse.
Strong pro military comments here. It would be better if A. only hacked the emails of high military leaders, up from a General, but it's just against the law to hack the email accounts, think about it this way:
If I bunch of teenagers could do it, so can other states do it. Who knows how long the email accounts are actually already hacked by China or N. Korea. Now A. exposed the security hole and at least the military needs to change their passwords.
Also the US military are not good Samaritans. Who known how much dirt someone can find in their emails, like contracts to the industry, killing people, torture, etc.
http://www.mueller-public.de - My site http://www.anr-institute.com/ - Advanced Natural Research Institute
First: They don't actually count our votes. See: Diebold.
Second: There IS no fourth estate. It's all a megacorporation with vested interest. See: Freedom of the Press, The FCC, Etc..
Third: The ONLY candidates that are "realistic" are corporate employees. See: Obama, Bush Jr, Clinton, Bush Sr, Reagan, Carter, Ford, Nixon, and Johnson.
Fourth: Elections do not matter when those elected are gunned down in the street. See: JFK, RFK, MLK, Paul Wellstone.
Fifth: It seems the ONLY thing the US has done since WWII is muck around in shit it shouldn't have. See: Korea, Vietnam, Panama, Iraq, Iran, Afghanistan, Libya, etc..
Sixth: The country is run by economic interests. The FED is privately owned.
"If Americans ever allow banks to control the issue of their currency, first by inflation and then by deflation, the banks will deprive the people of all property until their children will wake up homeless." - Thomas Jefferson
But yeah, I mean, I guess people should've voted differently at some point? LOLZ GO ANONYMOUS!!!
I hold very few opinions. I hold information based on observation and fact. If you wish to disagree, please use facts.
100% unequivocal support. Let it burn! You are batman!
Two things should probably be made clear, if they aren't already.
1. Anyone's email address in the military is first.last - the 'outing' of that particular data is meaningless.
2. These aren't the passwords to those email accounts.
The only collateral damage that could occur is, again, password reuse. Keep in mind that personnel log into their accounts with their ID Card - while there is a text password associated with military email accounts, you are going to get asked a bunch of security questions trying to use it.
The important aspect of this leak is, of course, how utterly ridiculous the security practices of BAH are, particularly considering its "status".
I post too much and mod too little.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
You're still assuming some kind of organization in the whole mess. Anonymous is no "group" in the common sense, and I somehow doubt that LulzSec is. It's a bunch of people who sail under the same flag, but that doesn't make them a nation.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Do America a favor and do NOT do it!
When it's time for war with China, the last thing you need is that they got a heads-up that their systems were insecure.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Comment removed based on user account deletion
And *you* could win a special meeting with the boys from Seal Team Six in the comfort of your very own home.
It's not fair that the US is the only one who gets hacked like that, they should hack all countries equally. I'm sure my own country has plenty of dirty laundry as do many others. Especially China.
Justice is the sheep getting arrested while an impartial judge declares the vote void.
http://www.telegraph.co.uk/news/worldnews/africaandindianocean/libya/8407047/Libyan-rebel-commander-admits-his-fighters-have-al-Qaeda-links.html
And messing up Libya? Libya was up to now one of the more prosperous African countries, with a semi-decent standard of living, even compared to places like south african republic. It also has a large amount of gold, and also wasn't particularly happy about selling oil to the americans. This , as usual is just another instance of installing a government that is at least for now supposed to have deep ties to CIA and as such will bow to US whims.
As for the elections... that points a flaw in so-called "democracy" in the USA, and definitely isn't an argument for the insurgents. You might as well be telling that being fat is healthy since a large amount of americans is obese.
These are the email addresses of men and women who are serving for the freedom of their country, I dont agree with this.
Oh yeah, heavily armed people, many with twitchy faces and PTSD. This will turn out well.
...going to realize that organizations are made up of individuals. Want to change an organization? Start holding the individuals accountable. My knee-jerk reaction is to condemn them too, but lets face it, the military isn't a faceless machine, its an organization of individuals.
When are people going to get that Anonymous is not a single entity? The same people doing the Scientology stuff are not the same ones doing this are not the same ones laughing at pictures of cats with funny captions. They're all different people who call themselves "anonymous" because it fits: they're random people who aren't giving away their names.
The name associated with this post is "anonymous coward;" do you think I'm going out and protesting Scientology, hacking government emails, and laughing at pictures of cats with funny captions? Maybe the last one just a little.
Carter? CARTER?!!!
The man builds houses for the poor brown peoples for Habitrail for Humanities majors.
He's an engineer. A nuklear engineer. Hell, that's almost a rocket sciecetamist or brain sturgeon.
He put solar panels on the Whitehouse roof and raised awareness of the conservation of energy.
He was elected in reaction to Nixon.
Aside for the supporting the Palestinians (wait isn't support for Israel on of the tenants of the evil corrupt machine?...), the guy doesn't seem like a agent of the lizard people.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
I'm not going to quote logical fallacies to you or use odd home/car/bank analogies. Nope. I'll adapt an old cliche: "If all your friends act like dicks and steal personal information, should you?"
And what the fsck have they accomplished anyway? Do I know what's going on in Area 51 or what the Chinese Premier's secret world domination plans are? No, I know that the Neverwinter Nights forum and a shit-ton of secondary servers aren't well protected. Mein Gott! Who knew that many systems, some important, aren't locked down tighter than a virgin at a promise-ring concert.
and says they have a 'cyber warfare' division...they need to step their game up big time.
No big deal. You know somebody in the Army? firstname.lastname@us.army.mil. And voila, you have their email address. No hacking here, is there?
Genie ->bottle ; not going to happen.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
A non issue if you use Tor or something alike... Though you can use it for non-http protocols as well I should think...
In capitalist USA corporations control the government.