Hackers Release AAPT Data To Protest Aussie Policies

An anonymous reader writes "Anonymous is releasing some of the 40GB of data it claims to have stolen from Australian internet service provider AAPT. The hack is reportedly in protest against Australia's proposed data retention regime, which would mandate ISPs to collect and hold transmission data from its users for up to two years."

Government monitoring will not stop terrorism.

[bejiitas_wrath]

This will not stop the terrorism that we are facing these days, and how much data storage will this entail? All of the torrents, Debian packages and music I have downloaded will be stored? Treating the commoners like terrorists.

Re:Government monitoring will not stop terrorism.

[thesaintar]

quidquid latine dictum, altum sonatur.

Re:Government monitoring will not stop terrorism.

That's only funny when said in response to something else in latin.

Re:Government monitoring will not stop terrorism.

[Z00L00K]

The daily download of the full Linux kernel sources?

Generate enough junk traffic and the data to sift through will be useless and misleading.

Re:Government monitoring will not stop terrorism.

disagree, if you were not that lazy, youd translate message. Its stupidly funny on it's own.

Re:Government monitoring will not stop terrorism.

Si tacuisses, philosiphus mansisses.

Re:Government monitoring will not stop terrorism.

[drinkypoo]

Generate enough junk traffic and the data to sift through will be useless and misleading.

Computers are very good at rapidly discarding obvious junk traffic. It ain't the 1950s where everything had to be checked by humans. Besides, they don't have to get everyone to keep the majority in line.

Re:Government monitoring will not stop terrorism.

[fustakrakich]

Computers are very good at rapidly discarding obvious junk traffic.

Obvious junk traffic, yes. But a few well placed typos just might do the trick. Look at what happened to poor Mr. Buttle

Re:Government monitoring will not stop terrorism.

[Nyder]

This will not stop the terrorism that we are facing these days, and how much data storage will this entail? All of the torrents, Debian packages and music I have downloaded will be stored? Treating the commoners like terrorists.

The Government is the true terrorist.

Torrent where?

I need to check so my data is not in there. Security, you know how it goes.

Re:Torrent where?

[commlinx]

I noticed in TFA there's a twitter link to #OpAustralia that mentions it's being released next Saturday. I'm not sure which definition of "next" they're using.

Re:nice post

[kh31d4r]

Shounds like cushy job, only working 13h days (unless you wanna work on weekends).

Not sure this is the best idea

[tiggertaebo]

I'm really not a fan of ISPs doing mass data retention but I'm not sure that going around endangering customers privacy is the best way of getting ISPs to respect people's privacy.

The problem really is that Anonymous only really has two tools at it's disposal for dealing with people and organisations they don't like - data grab 'n' release and DoS. And you know what they say about when the only thing you've got is a hammer everything starts to look like a nail...

Re:Not sure this is the best idea

I suppose that be demonstrating that ISPs are leaky one demonstrates that the data they could latch on to later isn't stored safely.

Re:Not sure this is the best idea

This is exactly the way to do so.
Even if you think the government can do no wrong
Even if you think businesses would do nothing to risk pissing off their customers
Collecting everyone's data and retaining it is a huge liability, and criminals will always have access to it.

"So criminals stole 2 years worth of private customer data?"
"Yes! Track them down!"
"And what were you doing storing all that data in the first place, which is no good to anyone other than criminals?"

Re:Not sure this is the best idea

[JimboG]

Oh I wish I had mod-points.

This is kind of why it's a good thing. At least this issue is getting some more news coverage now, so people know about it enough to get upset about it. It's the people's opinion that the Gillard govt. is reacting so strongly to, well that and other third party interests... but I bet at the moment they are more interested in being popular than anything else.

At least this kind of activity puts a question in the layman’s mind. "Hrmmm maybe this data retention thingy isn't such a good idea after all. I don't want my neighbours to know I'm looking at midget porn"

Re:Not sure this is the best idea

I'm really not a fan of ISPs doing mass data retention but I'm not sure that going around endangering customers privacy is the best way of getting ISPs to respect people's privacy.

The collection of the data is what is "endangering customers privacy" in the first place. This release simply illustrates that.

I'm sure the Chinese and Russians have already gotten the data by now, even before Anonymous. More specifically they've probably gotten the data on government, military, and commercial/industrial persons of interest and their families.

The collection of data is like playing golf in a lightning storm: you're just asking for trouble, so you better have a good reason for doing it.

Re:Not sure this is the best idea

[biodata]

I think the point is that data stored on the internet are all public. There is no real security. There are no private online data. If we want ISPs to store everything we do online then we are effectively saying we want it all to be public.

Re:Not sure this is the best idea

//"And what were you doing storing all that data in the first place, which is no good to anyone other than criminals?"

Government criminals are the ones we have to worry about. They are above the law and you are the sheep.

Re:Not sure this is the best idea

[rastoboy29]

They are trying to make the point that your data, collected against your will, is not safe.

Unless the people can be made to understand this, they will go along with government requirements like this like sheep.

In this case, I agree with the tactic.

Raw data maybe not good enough deterrent

They should instead find parliament members and their families IP addresses and point out what they've downloaded. Raw data of 40GB of something is not a good enough deterrent.

Re:Raw data maybe not good enough deterrent

This is exactly what is needed. If they can show a politician's browsing history in sufficient detail, it might just be enough for those politicians to decide that maybe this idea isn't worth supporting. After all, it's quite different when you're on the receiving end.

Way to go guys! What an achievement!!

[xQx]

Anonymous is releasing some "historic" data files with "limited personal customer information" that came from a web server of an outsourced company hosting the website for Australia's third or fourth largest ISP ... in protest against the Australian Government's data retention policies?

Now AFIK AAPT hasn't exactly been an advocate of the government's policies... nor are they a particularly prominent ISP now they've sold their residential customer base to iiNet - It's not like they would have been targeted specifically. Seems to me either someone has an axe to grind, or these guys are just releasing what they've got - which isn't much.

What next? They'll release some hacked data found from old hard drives stolen from the IT firm that ran the computers of the marketing company that the Howard government used when they were introducing the GST in protest for ... umm... the mistreatment of wikileaks founder Julian Assange by the current government.

Seriously, this is supposed to be an elite group of hackers.... Is this the best they can do?

Re:Way to go guys! What an achievement!!

[mwvdlee]

IMHO, Anonymous has always been about hacking first, thinking up a justification second.

Re:Way to go guys! What an achievement!!

[LordLucless]

Anonymous is releasing some "historic" data files with "limited personal customer information" that came from a web server of an outsourced company hosting the website for Australia's third or fourth largest ISP ... in protest against the Australian Government's data retention policies?

While I'll be the first to say that Anonymous' actions are frequently useless and counter-productive, this particular one isn't. It's a perfect example of (one of the reasons) why these data retention laws suck. The people required to retain them will not secure them properly, as Anonymous just demonstrated. Reassurances that only authorized people will be able to access them are lies.

...or these guys are just releasing what they've got - which isn't much...

Probably. But that's the point. They're releasing data that the ISPs should have protected, and didn't.

Seriously, this is supposed to be an elite group of hackers.... Is this the best they can do?

Haha, seriously? Anonymous are a group of trolls who hang out on an image board. They're might be some hackers among them, but that's not what Anonymous is known for.

Re:Way to go guys! What an achievement!!

Yeah, and even the small number of hackers are mostly amateurs running basic SQL injections / XSS and the like. Lulzsec were more sophisticated but still not up there with the oldskool crews like 8lgm, GOBBLES, l0pht etcetera. The fact that they often manage to compromise something in spite of this is more of a testament to the fact that the average large organisation's network tends to have a fairly obvious vulnerability somewhere, and/or staff susceptible to social engineering, than their technical skills.

It's also absolutely true that they hack because i)hacking is fun and ii)they find their media notoriety amusing. They do some good sometimes but it's largely by accident.

Re:Way to go guys! What an achievement!!

IMHO, Anonymous has always been about hacking first, thinking up a justification second.

Anonymous is a meme, idiot. Anyone that what to publish something and make it look like it's backed by many will sign 'Anonymous, we haz legion'. It is only a twist on signing plain 'Anonymous' like it was done for centuries. Keep that anonymous-is-an-organized-internet-hate-machine-criminal-organisation speech for mass media forum. It is funny to see news anchors fall for it, but it has no place here..

Re:Way to go guys! What an achievement!!

[Viol8]

"Anonymous is a meme for idiots"

FTFY.

Re:Way to go guys! What an achievement!!

[fustakrakich]

...as Anonymous just demonstrated...

Anthropomorphizing things that don't exist are we? A creation of pure thought has been given life. We are indeed gods.

If only they knew how to even use a hammer

[Viol8]

I'll get modded down for this by all the basement dwelling keyboard warriors on here but frankly I don't give a sh1t . Anonymous are a load of self righteous juvenile morons. They see an issue they have a gripe about, they jump on the bandwagon, make a mess and a lot of noise and chuck stuff off like a bunch of chimps in a bad mood, then jump off again thinking they've done some profound social service and made a grand gesture for freedom - when in actual fact all they've done is cause the bandwagon to crash into a tree.

So, releasing private customer data into the public domain because you object to a company keeping private customer data in case it falls into the wrong hands. Riiiight. If there was any logic in doing that it obviously got completely lost in the noise from all the raging teenage hormones behind the "decision" (I use that term lightly) to do it. What a complete bunch of fecking @rsewipes.

Re:If only they knew how to even use a hammer

[equex]

The best thing about anon is that they created so much noise lately that i've seen 'civilians' knowing about them. (and in most cases sympathize with them). they might come off as juvenile, but if it can improve the general knowledge about issues, it's a good thing. i for one usually don't shed a tear for the people targeted by anon.

Re:If only they knew how to even use a hammer

[Viol8]

"i for one usually don't shed a tear for the people targeted by anon."

Except in this case the victims are the innocent people who's data has been released. The ISP has been embarrassed but in a few weeks everyone will have forgotten and moved onto something else. The customers could suffer severe privacy breaches because of this which could last years.

Re:If only they knew how to even use a hammer

[jamesh]

I kind of agree, but what's the alternative? And I don't mean some idealistic alternative that you think should happen, I mean in an alternate universe where anonymous didn't exist, what would have happened instead? Would we have been better or worse off?

As I see it, the alternative's are:
. Our universe. A bunch of self righteous idiots break in and steal data from AAPT to prove how easy it is.
. Alternate universe possibility 1 - nothing happens. AAPT is insecure but nobody wiggles the door handle.
. Alternate universe possibility 2 - someone with a brain and malicious intent steals data from AAPT and nobody finds out until much, much later.

I'm not sure which is worse.

Re:If only they knew how to even use a hammer

[hawkinspeter]

The real issue is why people allow companies to store data in such a way that juvenile morons can get hold of it. Whatever you think of Anonymous, at least they're not as incompetent as this ISP.

Re:If only they knew how to even use a hammer

[bloodhawk]

The problem is how are we any better off for their actions? a whole heap of innocent victims get their privacy arseraped because of a bunch of juvenile twats while the people that they are supposedly yelling at won't even bat an eyelid. Many things in this world are insecure, some like AAPT horribly so, screwing over the victims doubly so doesn't help anyone. It's like shooting someone in the head with a gun to demonstrate to them why you should be careful where they point it.

Re:If only they knew how to even use a hammer

Whatever you think of Anonymous, they are not as competent as the criminal organizations that actually make use of this data without publicly announcing that they have it.

Re:If only they knew how to even use a hammer

[Kalriath]

You've actually met people who sympathise with Anonymous? Wow, everyone I know of who's heard of them recognises them for the criminals they are. Not one single sympathiser.

Re:If only they knew how to even use a hammer

[Bobakitoo]

Except in this case the victims are the innocent people who's data has been released.

That crime was committed by the ISP, who collected the data in the first place, and the state for mandating the data to be stored for 2 years. Anonymous can only be blamed for the embarrassment the ISP suffered and everything else is not their fault. Put the blame where it is due, the ISP and the Australian government should be sued and damage should be paid to the affected customers.

Re:If only they knew how to even use a hammer

[Viol8]

"That crime was committed by the ISP"

No.

It wasn't.

The crime was commited by anonymous who deliberately broke in and released it.

Grow up.

Re:If only they knew how to even use a hammer

[Urza9814]

People tend to consider threats like this entirely theoretical and something that will never ever actually happen -- until it does. I think there's definitely some value is showing just how easy these things are.

Re:If only they knew how to even use a hammer

So, releasing private customer data into the public domain because you object to a company keeping private customer data in case it falls into the wrong hands. Riiiight.

I don't necessarily disagree with you, but the fact of the matter is that it has fallen into the wrong hands: Anonymous'.

Re:If only they knew how to even use a hammer

[Bobakitoo]

It was only a matter of time before leak or misuse happen. Sure 'anonymous' also committed a crime here, but the real criminal responsibility lies with the ISP and the Australian government for hoarding data they had no business to collect.

Sorry for the misunderstanding, I thought this was explicit enough in the original message.

Re:If only they knew how to even use a hammer

[PopeRatzo]

Anonymous are a load of self righteous juvenile morons.

That's why I love them. If a bunch of "juvenile morons" can take on governments and corporations, that means any of us can.

And "self-righteous" can be a good start. A lot of people aren't righteous at all.

They see an issue they have a gripe about, they jump on the bandwagon, make a mess and a lot of noise and chuck stuff off like a bunch of chimps in a bad mood

That's why they're effective. Most people are way too scared of protecting their jobs, their bank accounts, their comfortable consumerist way of life to even consider challenging the corporate tyranny. And brother, that corporate tyranny has a hamster wheel with your name on it and a slim box for you when you get tired. Given the failure of every other social institution, throwing one's toys out of the playpen is about the most appropriate response I can think of.

If there was ever a time in our history where a group of juvenile bomb-throwers was necessary, this is that time. We are rushing headlong into a very ugly future. A monkey-wrench is exactly the tool for this job.

Re:If only they knew how to even use a hammer

[Viol8]

"If a bunch of "juvenile morons" can take on governments and corporations, that means any of us can"

Except they haven't, they're just a fly on the bulls back. A minor nuisance soon flicked away.

"Most people are way too scared of protecting their jobs, their bank accounts, their comfortable consumerist way of life to even consider challenging the corporate tyranny"

Yes , odd that people have to life isn't it. Its very easy to criticise if mum and dad are paying your bills.

"And brother, that corporate tyranny has a hamster wheel with your name on it "

If you think you're not on a hamster wheel then I've got news for you pal. Its just painted a different colour and makes a bit more noise.

"If there was ever a time in our history where a group of juvenile bomb-throwers was necessary, this is that time."

Oh yawn, Standard issue angry-young-man Dahn Wiv Da System speech. It was cliched 40 years ago.

"We are rushing headlong into a very ugly future."

If you want to see ugly visit any one of a number of african states where human rights consist of the right not to be shot in the head along with your family or live in a tent in a refugee camp eating a cup of rice a day and drinking filthy water. While you sit there in front of your expensive computer made by virtual slave labour in china you might want to reflect on just how damn lucky you are to live in a western democracy and stop bitching.

Re:If only they knew how to even use a hammer

It's funny cos the only one I see doing any bitching in this thread is YOU.

Re:If only they knew how to even use a hammer

[Baloroth]

So if I shoot and kill you, I didn't commit a crime because you would have died eventually anyways? Anon went in, stole the private data of innocent people who were completely uninvolved in what anon was protesting, and released it to the public, likely resulting in grave harm to those individuals, all so that Anon could make a point. Yes, maybe it would have happened eventually anyway, but that doesn't matter in the slightest. Anon did something that directly results in harm towards others. Simply put: the ends do not justify the means. You cannot harm innocent people simply because your intended result is good.

Re:If only they knew how to even use a hammer

[Like2Byte]

Certainly the collection of the data should have never happened. However, instead of punishing the ISP, Anonymous is punishing the people who's data was copied from the ISP by publishing it to 'teh interwebs'. The ISP isn't going to be held accountable if someone (AKA: a criminal) uses this information to steal identities.

Here's the crux. Let's say that the stolen data isn't used by a criminal organisation for 5, 10 or more years. Enough of it will still be valid for identity thieves to use 10 years from now. Companies usually only pay for about 2 years of identity protection after a data breach like this. (Which is another problem, I agree!) That being said... Good job, Anonymous! You effectively made more than a few victims to your childish antics which will negatively effect these peoples lives for years to come.

So. Who did Anonymous victimize again? The ISP or ump-teen thousand innocent people?

I'll end this by discussion by filling in the typical idealistic response now. "But,...but,...those people shouldn't allow their data to be retained and shouldn't be doing business with that ISP."

As if they had a choice. By the ISP, by the government, or by Anonymous.

Re:If only they knew how to even use a hammer

[fustakrakich]

I think the term is 'humanitarian bombing'.

Re:If only they knew how to even use a hammer

The ISP isn't going to be held accountable if someone (AKA: a criminal) uses this information to steal identities.

Not with that attitude, indeed... Thank you for being part of the problem. Have a nice day.

TLDC; Chose to blame the cause rather then the anecdote.

Re:If only they knew how to even use a hammer

[Pav]

To play devils advocate : if you tap my bedhead setting off the gun hidden under my pillow, and it drew attention to the fact that guns were being hidden under everyones pillows, perhaps my death would serve a public good.

Anonymising the records might have been nicer, but not gained much attention.

Re:If only they knew how to even use a hammer

[PopeRatzo]

If you think you're not on a hamster wheel then I've got news for you pal. Its just painted a different colour and makes a bit more noise.

Son, I'm retired. I broke the wheel.

Yes , odd that people have to life isn't it. Its very easy to criticise if mum and dad are paying your bills.

That's a pretty big assumption you're making there. You know anonymous so well that you can predict their household setup?

Oh yawn, Standard issue angry-young-man Dahn Wiv Da System speech. It was cliched 40 years ago.

I like it when people think I'm young. I like it better when they use lame misspellings to denigrate another's opinion, such as "Dahn Wiv Da System"

If you want to see ugly visit any one of a number of african states where human rights consist of the right not to be shot in the head along with your family or live in a tent in a refugee camp eating a cup of rice a day and drinking filthy water. While you sit there in front of your expensive computer made by virtual slave labour in china you might want to reflect on just how damn lucky you are to live in a western democracy and stop bitching.

I've been to a couple of those sub-Saharan African states, and believe it or not, the conditions in one place do not mean that a situation elsewhere is any less real.

I'll bet you're one of those folks who likes to tell new employees who are getting minimum wage that "You could be replaced by someone in China making 90 cents a day, so shut up" while at the same time watching your own income shrivel. You accept what society lays out for you because you're so pissed at the dirty hippies. You'll line up behind whichever local boss is most likely to bash the heads of the weenies, right?

I've got a feeling you're just one step away from the "If you're so smart, why ain't you rich argument" so let me save you some time: don't be so pissed off at people whose names you don't even know. Let's hope someday that you are in a position in life where the future matters more than "setting those occupy fags straight". When you have more of a stake in things, you may find your perspective changes.

Re:If only they knew how to even use a hammer

[Viol8]

"Son, I'm retired. I broke the wheel."

Ah , probably a 60s baby boomer hippie then. That explains a lot. Your generation never did grow up.

"You know anonymous so well that you can predict their household setup?"

Pretty much - so far all the ones who've been nicked fit that profile nicely.

"I've been to a couple of those sub-Saharan African states, and believe it or not, the conditions in one place do not mean that a situation elsewhere is any less real"

So have I. And I think you'd agree it rather puts the problems of the west in perspective.

Re:If only they knew how to even use a hammer

[PlusFiveTroll]

-The problem is how are we any better off for their actions?

One possible means.. Citizen outrage... "Hey hackers can get our data that the government makes the ISPs keep for poor reasons, LETS STOP THE GOVERNMENT FROM MANDATING DATA COLLECTION."

See the capitalized part. Yes some number of people were hurt by the hackers actions, but in this scenario many many more people were protected in the future. Now the proverbial ball is in the hands of the citizens of Australia 'to do the right thing', and make laws that protect them from not only hackers but dangerous governments too.

Making horrible insecure systems that concentrate data that would not normally be concentrated in one place is a terrible idea. Every single user of such systems is screwed the moment a system like that goes in effect. Your analogy is wrong, it goes like this.

"The government mandates that a gun is pointed at your head so they can pull the trigger if you act out of line. Anonymous pulls the triggers at random to show why this is a stupid fucking idea."

Re:If only they knew how to even use a hammer

so far all the ones who've been nicked fit that profile nicely.

Oh yeah, the ones who got caught are definitely the oldest and most intelligent of the bunch.

Re:If only they knew how to even use a hammer

[PopeRatzo]

Ah , probably a 60s baby boomer hippie then.

I was a toddler during Woodstock.

"You know anonymous so well that you can predict their household setup?"

Pretty much - so far all the ones who've been nicked fit that profile nicely.

It's likely the ones that have been caught are not the best of the bunch, don't you think?

Re:few hours

Go to hell

Kelly Richards of document.write(geoip_city());, document.write(geoip_region_name());

Re:few hours

[Kalriath]

It's really funny, because their ad is apparently claiming that I can take a massive pay cut in order to earn as little as Kelly Richards, who is some magic quantum lady who is in every city at once - and yet hasn't used this quantum power to rob a fucking bank yet.

WHOA!

[amoeba1911]

Hold on there buddy! That's 40GB of data the users downloaded? Does the ISP have the right to make copies of the data the users downloaded? What gave them the copyright over the user's data?

Is there a DMCA take-down equivalent you can issue in Australia to have them remove the content that they are illegally duplicating? Send a cease and desist letter to your ISP, threaten them with legal action if they do not immediately erase the material they are illegally storing on their servers.

It's about time we get serious about copyright violation. One thing is very clear: you never gave the ISP any permission to make copies of the data you're transmitting. The information you are transmitting is for you and the server you're transmitting to. Any operation to capture and duplicate the transmission is a violation of the copyright law. What they are doing is a violation of your copyright.

As they say: "Shit just got real."

Re:WHOA!

[PlusFiveTroll]

Um, no. ISPs do not monitor the data per say. They will keep the connection information and possible http header information.

user: timestamp: localip: remoteip: header:
amoeba1911; (27/07/2012-13:01:52.001); 9.9.9.9:2340; 8.8.8.8:53; (dns lookup packet: www.goatporn.com)
amoeba1911; (27/07/2012-13:01:53.201); 9.9.9.9:2341; 123.12.34.4:80; HTTP/1.1 http://www.goat/ porn.com/mangoatporn.html
amoeba1911; (27/07/2012-13:01:54.322); 9.9.9.9:2342; 123.12.34.4:80; HTTP/1.1 http://www.goat/ porn.com/videos/man-does-goat.wmv

Would be closer to what one would see in the logs that anonymous released. Not the actual content of what the users downloaded (of which 40GB would only be a few seconds of data for an isp.

(broke the links on purpose in case that site exists)

Retain transmitted data??!

[m1ndcrash]

Who's gonna pay for hard drives? lol