Slashdot Mirror
Details Of FBI Surveillance In Lulzsec Takedown Emerge
uigrad_2000 writes "Yesterday, we learned that one of the top members of LulzSec (Sabu) had been an FBI informant for almost 6 months, and that this confidant of the LulzSec leader 'anarchaos' had given the feds what they needed to take him down. More details have come out now, completing a picture of how the sting took place from start to finish. It turns out that even the server space given from Sabu to anarchaos storing the details of 30,000 credit cards (from the Stratfor hack) had been funded by the FBI."
I don't condole the activities of LulzSec, but fuck snitches. As one said by the great Capt Jack Sparrow: "The deepest circle of hell is reserved for betrayers and mutineers." If there was a hell, this asshole belongs there.
Set out code-words you can use to indicate that you're under coercion.
"When information is power, privacy is freedom" - Jah-Wren Ryel
This Hammond person is basically exactly who you'd expect him to be. There will be more. The amount of effort it took to catch him was considerable, and required an inside man. More people will follow this path. This problem cannot be solved this way.
It could be solved if the man had turned out to be duping everybody about his values and beliefs. It could've soured and destroyed his credibility and made it less likely that anybody would trust the motives of anybody else who tried to do things like this. And while I expect a smear campaign, I also expect the smear campaign to be obvious and easily rebutted.
The FBI is fighting an idea, and is under the mistaken impression they can shut it down by finding and arresting people. It won't happen.
Need a Python, C++, Unix, Linux develop
After all that's what he did. Worse still he had actually taken a formal and solemn oath (written and oral) not to reveal the secrets he did.
I think the most interesting part of this by far is how the FBI managed to undermine the credibility of Wikileaks by getting them to leak arguably bogus material: Sabu actually used FBI equipment to hack Stratfor while under their employment. So... next time an intelligence leak rolls around, how are we supposed to know it wasn't a three-letter-agency spreading disinformation?
If Bradley Manning had revealed those secrets because someone had bribed him or for some other sort of personal gain, sure.
Though, I do not apply the term 'traitor' to this Sabu fellow. The FBI can bring a lot of pressure to bear and were highly motivated to solve this case. I wouldn't be surprised if his children were obliquely threatened with some sort of negative consequence should he not cooperate. So, just like I would not apply the label 'traitor' to a soldier who cracked under torture, I will not call Sabu a traitor. I do not think highly of him, but a traitor he is not.
Need a Python, C++, Unix, Linux develop
You have to remember the deals the police make are very much a "You help us and get results or all bets are off." So if you agree to turn CI and then tip all your mates off, well they are going to figure it out. Mysteriously everyone disappears after you talk to them and so on. Then you get no deal.
Remember the reason people do this is to get a better deal for themselves. The prosecution says "We've got X evidence on you which can result in Y different charges giving you Z time in prison. However cooperate with us and we'll drop/reduce some charges and you'll spend less time in prison." It is a carrot and stick situation. They offer you a reduced (or sometimes even eliminated, but that's rare) sentence if you help them.
The people who cooperate do so willingly. Some don't, they tell them to fuck off. That was a big thing with the original mob back in the day, the Omerta, the code of silence. When someone got caught they wouldn't say a thing, they'd take the fall. Made the organization hard to break up. However many others do. People are often self interested, and criminals often even more so. So they'll cooperate willingly to get themselves a better deal.
They were working too closely together and trusted each other, rookie mistakes get behind 7 proxies and LURK MOAR
Snowden and Manning are heroes.
TFA: As it turns out, this Sabu guy wasn't the real target of the FBI. They just used him as the linchpin for a long effort to ensnare Hammond, who already has quite the lengthy rap sheet. This implies to me that the FBI was not conducting detective work to bust Lulzsec/Anonymous, but were more interested in hunting down someone who was known to be an effective anti-government actor and finding a way to put him behind bars for a long time. For all the slashdotters who often claim that allowing political dissent is the difference between US and China, well, this is how we silence political dissent in the US. Take out the people who can actually effect change and reform, and allow the masses of the powerless to believe that they are free because they can speak (and nothing more). This government is no better than China's, it's just more tactful/less blatant about achieving its end goal and thereby more insidious. In either country, the average citizen is powerless against the marriage of government and corporation.
It raises a lot of questions about which initiatives of Lulzsec are actually genuinely their work and which as really the work of FBI, carried out by the willing hands of Lulzsec. Maybe FBI wanted to take down Stratfor, but lacking a legitimate way, siced their inside man on it. It will also make for a very obvious defence for anybody arrested - they have a very easy way of claiming that what they did was on orders of Sabu and hence the law enforcement agency themselves now trying to prosecute them.
This is also going to be a big blow to credibility of FBI.
While sympathetic to the fact that Sabu's children may have influenced his decision, he didn't understand how Sabu could have put his family at risk in the first place. "Why would you get involved with something like this if you had kids that relied on you?" he asked. "If I had kids I would get a 'responsible' job/hobby."
It appears that his children and their future were used against him to coerce him into snitching on LulzSec.
... you know ... he's a conflicted man with an internal conflict between morals and money. Sabu could have very much so been in a similar position.
... well ... that doesn't mean the situation is completely black and white.
It appears that Sabu's children were an exploited liability. Would you risk your loved ones for your ideals? Or is your answer still simply and obviously "fuck snitches"?
And since you're quoting imaginary Disney characters, I'll remind you <Scarface spoiler alert> of the scene in Scarface where they're going to blow up a car of a politician's family in order to stop legislation but at the last moment Scarface realizes there are children in the vehicle and instead shoots the bomber in the face? Yeah, Scarface is a traitor at that point but
Please note, this Sabu character appears to be an unsavory character with delusions of grandeur who maybe should have his children taken away from him anyway but
My work here is dung.
"Now, those beliefs could land him in serious trouble."
Hammond is not in trouble because of his beliefs. He is free to have beliefs and advocate for change. Instead of building and making, he destroyed and discredited his ideas.
At least now I can go after them. Let me call the FBI to start an investigation... Wait... who are the "good guys" again? Can I really ask the authorities to prosecute themselves? And then the rest of the world wonders why some are drawn to vigilante justice.
If telephones are outlawed, then only outlaws will have telephones.
The FBI can bring a lot of pressure to bear and were highly motivated to solve this case. I wouldn't be surprised if his children were obliquely threatened with some sort of negative consequence should he not cooperate.
That was indeed the case. The threat to his children was not seeing their father when in prison. That's why he agreed to cooperate. [src]
The lesson for us to learn --- never have kids.
NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
LulzSec (much like Anonymous) and other Hacktivists have high minded goals about online security and privacy. But their behavior is of the most misguided sort. To bring about change you must win the hearts and minds of the public. LulzSec did neither. They may have entertained, but the generally just ticked a lot of people off and gave hackers everywhere a bad name. Remember, the average voter is not a geek/hacker and does not find LulzSec's work particularly "Lulzy"
~theCzar
I freaking knew this forever alone life choice was gonna come in handy some day!
Humor must not professedly teach and it must not professedly preach, but it must do both if it would live forever. -Mark
The guys overseas in the War hurt *themselves* with their dishonorable treatment of civilians and prisoners of war. Bradley Manning just made their mistakes visible to the public. True soldiers should applaud his stand for justice.
Particularly the FBI. They'd figure this out. The "convenient" breaking up of a group wouldn't fly.
Also you have to keep in mind the mindset of a CI. So let's say you've been doing something highly illegal the FBI shows up at your place and arrests you. They take you away and sit you in an interview room. You ask for and get a lawyer. They then proceed to lay out the evidence they have against you and the crimes you are guilty of. You can see that their evidence is through, they've got you. You are looking at a LONG time in prison.
Then they have a proposition. You turn states evidence, you work for them and help them bust the people you were working with and they'll reduce your sentence a LOT. You were looking at 60 years, now you are looking at 5 and could be out in 2. The charges are a lot less too, they'll reflect less poorly on you upon release. Your lawyer says "Do it, it is a good deal."
What do you do? Remember getting the deal is predicated on you helping them completely and it getting results. You tip off your buddies and they scat and at best you get back to your original charges and at worst they can stick a new tampering charge on you.
Think about this seriously, don't try and play Internet Toughguy and say "Of course I'd do it! Fuck da' police!" Would you really? Or would you act in your own interests?
Also please remember that this guy was probably in complete shock. Like most of these haxs0r types I'm sure he thought he was invincible and untraceable. So all this crashing down on him scared the hell out of him. I'm sure he was extremely willing to cooperate.
(Not the OP.)
Thinking about your children and the impact that your actions have on them is awesome. I fully encourage it. It is, I think, part of the responsibility of parenthood: Your life is no longer just about you, and you need to be cognizant of that fact.
But it's rather late at the government informant stage to throw down the "look how good of a parent I am!" card, isn't it?
Would I risk my loved ones for my ideals? Probably not. But see, I would make that determination before I decided to commit federal crimes and then not commit them. If I decide to commit the crimes, I have already abandoned my children to the hope I am never caught. Having a last-minute change of heart doesn't make him noble and it doesn't make up for what he did to his kids--he's still likely to go to jail.
Since we're quoting media it reminds me of a scene from The Simpsons, where Bart is talking to an, ahem, faith healer:
Sorry, Sabu; you don't get full coverage. So yeah, he deserves our derision for being a scumbag to his children. He also deserves our derision for squealing like a stuck pig the second he was caught, and for throwing everybody who acted with him under the bus to save himself.
Every single turn on this whole LulzSec trip he has shown himself to be utterly and completely self-interested. "Should I commit crimes? Forget the kids." "Oh no, consequences! Forget the others!" He can try to paint it however he wants, but he's still a little fuck from every perspective I can see.
Like it or not, the FBI did outsmart many of the members of Lulzsec.
While the Feds may lack the technology skills, they are able to make it up with their expertise in social engineering.
Manning took the same oath that everyone entering the military takes, to defend the Constitution of the United States.
Part of every soldier's training states that if you see an officer or other members of your squad, platoon, battalion, or even Joe Random Officer committing crimes, treason, or acts unbecoming of an officer or enlisted man of the United States military, you are to take the appropriate action.
I feel he took most of the appropriate action. He saw how the war in Afghanistan was being handled, and how civilian casualties and torture of prisoners was condoned by those all the way up the CoC. He also saw how our allies were smoking up before patrols and putting the lives of every single American soldier they were near at risk.
Manning did the right thing. In hindsight, he probably shouldn't have turned the data dump over to someone like Asange, but he didn't seem aware of anything other than "Wikileaks is a safe place to get the word out and not have the data suppressed."
The response from the military and the government has been absolutely deplorable.
Manning's oath was to protect the Constitution, not American Imperialism.
Speaking of kids, you would think the FBI would have some sympathy for his. They way they outed it all for maximum publicity with total disregard to the impact on his children. Kids are cruel and you can imagine the kind of attacks his kids will suffer as the children and such a publicly exposed betrayer.
Also one has to wonder at how those victims of the FBI orchestrated attacks over many months must feel. If I was one of those victims I'd be lawyering up to sue the hell out of the FBI for the crimes they orchestrated, not only allowing them to occur but initiating them. Easy money to make because the FBI will be forced to settle rather than battle out their criminal actions in court and considering wilful damages and penalties as well as loss of reputation and long term harm settlements could readily blow out to the millions.
Chaos - everything, everywhere, everywhen
The FBI cannot prevent someone from having visitors in prison - it's just an empty threat used along with other lies and 'games' (good cop, bad cop for instance) to intimidate their suspects.
The judge can and the prison can, given proper justification. Preventing children from visiting is even harder as they have a right to visit their father, a right that can only be removed if the father is convicted of something directly involving the children (violence, incest etc.).
Can't believe that that people still fall for this. Bad lawyers perhaps?
A good lawyer would advise the defendant to shut up and not do anything until a written plea is on the table. If no plea is offered, continue to say nothing no matter what. Make the FBI work for every inch. Agreeing to work as as informant is a defacto admission of guilt which means that once he's in, there' no way out - ever.
Finally, this guy has killed his career here. Nobody would ever trust him, especially in the hacker environment.
A guy like Kevin Mitnick can work as a security consultant these days and is also still respected in the hacker community because he didn't sell out. He stood his ground and it has since become evident that he didn't give away anything the authorities hadn't already figured out. He still has active backdoors here and there and he can still do his magic. Oh, and the technical part of his work is just a minor thing. His true force is the ability to manipulate people to do his bidding ("social engineering"). The book "The Art of Deception" hold many examples, all supposedly something somebody else did, but rest assured that some of his own work hides in there. The message being that any system that includes humans can be broken with very little effort if you know what you're doing. Anonymous did just that when they hacked HBGary, and combined with a classic lack of security protocols (and revisions that would have caught it), they completely owned everything - mails, servers, social media accounts etc. - and the feat has been repeated a dozen times now with targets including both security firms and the FBI itself, and it's still incredibly efficient.
Oh, and social engineering in itself isn't illegal. It's only if you use the information/access you are given that you start breaking laws, i.e. using obtained names and letterhead paper (found legally in a dumpster) to forge a document, or use acquired login credentials to gain access to resources you're not authorized to use.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --