Federal investigators have seized servers allegedly abused to launch a denial of service attack against PayPal earlier this month. An affidavit obtained by the Smoking Gun contains testimony by federal agents convinced that systems at Texan hosting firm Tailor Made Services are likely to contain clues in the hunt for hacktivists …
I know it's tempting to leave a few crumbs, but putting that in the logs? Script Kiddies seem to be quite good at shooting themselves in the foot.
Unless, of course, they were under the delusion that no retribution would come from DDoSing PayPal.
@John - Sort your spellcheck out, WTF are PayApl?
I pondered this and came to the conclusion that this was some new firm that specialises in allowing you to afford new Macs on an installment plan...
...that's one of those new made-up words I can't stand.
Get with the program
It's "skiddies" now. Script kiddie is passe.
Title goes where?
Oh, you mean like those brown streaks that appear in the tightey-whiteys after the curry's revenge?
Chargin Mah Lazer
So are we not allowed to mention Low-Orbit Ion Cannon by name, then? Is that really going to prevent people finding out what it is and using it? Even though you know whose IP is responsible? And your ISP is looking for that sort of thing?
hope you were good over xmas
the FBI & CIA want you to have coal.......
Whilst there are laws against ...
... electronic DDoS attacks, there are no laws against analogue ones. Thus it is perfectly legal for you to write a letter to your bank, and far more expensive for them to deal with it. There are no spam filters on a letterbox. It only takes a few 1000 at most messages to bring the system down, and the system is down for longer.
analouge ones are also quite a bit more expensive to run. (I'm going to base this on US numbers, as a large portion of anonymous are probibly in the US, but acknowlage that it is probibly MORE expensive for others outside the US)
at .44 / letter
.44 USD / 1 letter = 1320 USD / 3000 letter
Ofcourse, that DOES assume one has to pay the postage. One could under-pay the postage, then you lower your cost by .01 USD / letter, and cost them an additional .01 USD / letter (maybe a little more, if you consider you are wasteing someones time to deal with paying the .01 USD. I don't know if this still works though, I havent recived a letter "low-postage" for some time, really I only get spam in the snail-mail it seems anyway.
now, the REAL exception is if you have some of the postage-paid envalopes from these organizations! in that case, carry on!
Are you kidding?
There is a simple, low tech yet very effective anti spam system in place at most businesses for dealing with spam via post. It's called a dustbin.
Since you only get post once a day it's not particularly difficult to deal with and takes only a few minutes to filter out spam. Plus, mail has the best spam filter yet devised.
Never worked in a bank, have you?
Re: Whilst there are laws against ...
> ... electronic DDoS attacks, there are no laws against analogue ones.
That's because sending a letter costs the sender too - even if it's a freepost address there's the cost of the letter & envelope, and of course the time it takes to prepare and send them reduces its scalability.
As for the recipient, it doesn't take as long to filter out the template-based letters as you'd imagine.
There was a grammar nazi* sitting next to me, reading your post, and his head exploded!!!
* Does this count also as a Godwin? please? Little please?
It's all good
The only good hacker or perp who initiates a DoS, is in prison or dead. May they all RIP.
Nail 'em up I say, nail some sense into 'em.
And I don't mean these stupid kids, I mean people like you that call for the death penalty for such minor crimes.
Re: It's all good
yeah, well I can guarantee you won't be seeing any of the "patriotic" anti-wikileaks / anti-anon ddos-ers behind bars
Can't help wondering
if the FBI will be equally concerned to find the perpetrators of the DDoS attacks on 4chan (that is, if they weren't done «intra muros», so to speak) - and if «Anonymous Coward» would applaud their being imprisoned or killed ?...
Since the Anonymous lot seem to have decided (with the scattergun DDoS response to limited anti-piracy DDoSing) that they have the right to decide what kind of DDoS is good and what bad, I'm not sure what grounds they have to complain if anyone else claims the same right.
Particularly if they were working under the assumption that people won't have the resources to go after them, could they really claim 'unfair' if the FBI or whoever actually chooses who to expend their limited resources in pursuing, and goes after people disrupting taxpaying domestic businesses rather than chasing people inconveniencing 4chan?
Or at least, if they did claim 'unfair', would anyone outside the hive actually pay attention?
It takes a site like Wikileaks or a grassroots movie like "Stock Shock-The Short Selling of the American Dream" (which saved me a bunch of money) to identify and punish the people taking advantage of U.S. citizens. I recommend we all watch and learn. The DVD is at www.stockshockmovie.com site if you want to save a buck. Let's take the power back.
Equality before the law?
Will there be an investigation into the DDoS attack on 4chan. No. Thought not.
Did they report it to the relevent authorities and carry out a forensic examination? More to the point do they really want the FBI crawling all over their servers.
Can't investigate a crime that hasn't been reported is the main point.
RE: Equality before the law?
"Will there be an investigation into the DDoS attack on 4chan....." Of course there will be, it's just that the FBI got started on the Anonymous one first. There's also the fact the Anonymous attack is attacking the financial institutions the Gubbermint want running smoothly in order for Christmas to be an economic success, so it will get priority. Those financial bodies are supplying evidence to help the FBI - will 4chan? You stupidly assume that the FBI will somehow view the 4chan attackers as "like-minded", whereas the reality is the FBI just thinks all skiddies and kiddiots are the same, regardless of political orientation. The reason you can't see this is because you are letting your own political sympathies for Wikileaks, and hence 4chan, cloud your judgement.
A simple comparrison would be the wars between two rival drug gangs - the FBI don't care if the two are wasting each other as long as the public don't get caught in the cross-fire, it just gives them an opportunity to identify the foot soldiers from both sides. End result - the two gangs wear each other down and the FBI gets a bonanza of info and arrests. Unless those attacking 4chan are a lot smarter than the Anonymous crowd, they are just as likley to be caught. Unfortunately for you, they do seem smarter - they have hacked LOIC to make it target 4chan, without giving up there own IP addresses, and without including stupid, self-gratifying log messages. Seems some skiddies do learn from the mistakes of others.
This sounds like a quite technically competent investigation. It's not storming in the wguns and taking away everything that might be computer.
FBI Raids aren't what they used to be. And what did they actually "seize"?
Anyone using the smoking gun as an "authority" is not all that competant.
Re: Headline English
"FBI Raids aren't what they used to be. And what did they actually "seize"?"
If you read fully you will have seen this line "Agents copied two hard drives from the targeted server during this raid.". There's a technical reason why this is not good enough, a reason to have swapped the copy with the original, so I consider that to be very slack.
@It's all good
But is it RIPv1 or RIPv2 ?? Ok ok I'll get my coat
obviously they are looking for the clowns that DDoSed 4Chan.
.... anonymous, because they are coming for you too
Posting as anon for obvious reasons.
Thing is, chaps, when all this was first talked about (in regard to Assange rather than earlier Payback ops), a decision was deliberately taken NOT to engage botnets of compromised machines. For a start, that would have gathered precisely this kind of investigation and secondly, Anonymous wished to show massive support. Support from zombies is hardly big news, whereas individuals using LOIC regardless of the risk to themselves is a big deal by anyone's measure.
Obviously, we knew you'd get bored halfwitted and unskilled trainee sysops around the globe muttering about "skiddies" - see 90% of above comments - but that's okay. Some people will never take action for themselves and will never see beyond the basic façade regardless of how inyerface the actions of others are.
It may be that some anons did indeed tie botnets to the Paypal attack; it certainly took a while to raise sufficient firepower to take down their payment processing servers. I hope they didn't. It was supposed to be individuals acting en masse to show public outcry.
Not that this or anything else about what actually happened, will matter to the Feds, of course.
Maybe, just maybe
I wonder if , now there is a 'proper' reason for going after botnets, there will be a more concerted effort by the 'authorities' to shut botnets down or disrupt them. Previously it was a damned nuisance but now it's REAL MONEY* at stake and prime examples of 'free enterprise' that are targets it becomes a federal matter.
* a bit loud but that's how it seems to me - it's not penis pills anymore, it's the profits of 'real' companies at stake and we can't let that happen.
RE: Fundamental Miscalculations
Hooooboy, this one is a corker just full of delusions of self-grandeur! I'm trying really hard to think that was a fishing piece, maybe it should have sarc tags?
"....Anonymous wished to show massive support...." OK, so out of a population of what, 50 million in the UK alone, how many patsies did you find? A dozen? A few hundred at most? So, less than a fraction of a single percentile of the population. Even being kind and saying we accept only 10% of the UK populance are Web-connected enough to be capable of running the LOIC tool, you're still talking less support than the Monster Raving Loonies, the BNP, or the UK Communist Party (yeah, the latter still exists, apparently!).
"....whereas individuals using LOIC regardless of the risk to themselves is a big deal by anyone's measure...." A big measure of stupidity, more likely.
"....we knew you'd get bored halfwitted and unskilled trainee sysops around the globe muttering about "skiddies"...." So, in your opinion, everyone that disagrees with you is "halfwitted and unskilled"? Then, going on the lack of quality of your LOIC tool, the ego-massaging log messages used, and the calm assumption that all the LOIC patsies understood they would be engaging in an illegal activity (I have already had to give advice to one very upset individual who took the tool on faith from an equally-deluded friend, and is now horrified that someone will be calling her boss because she used a company laptop for your stupidity), and I'm very glad to be in that number, thanks. Your opinion seems to be rather lacking in any regard, tbh. What would really hurt would be if someone said I was stupid enough to be in cahoots with someone like you.
"....Some people will never take action for themselves...." And there is the big self-delusion that is the anchor to all the self-justification sprouted by anarchists - "the public aren't doing what I'm doing because they're too scared to, but they support me and my actions even if they don't say so in public, and what I do is for their good". Newsflash - the majority of the populance think you lot are a bunch of idiots, as shown by the complete lack of public support for your actions.
".....Not that this or anything else about what actually happened, will matter to the Feds, of course." It's still a crime to use a single computer in a denial of service attack. The fact that some of your supporters saw that support wasn't strong enough and then went to zombie nets (yeah, I really believe that was spontaneous - not!) is besides the point, it just adds more criminal charges to the indiviual cases.
You guys should have stuck to kicking cults like the Scientologists, rather than falling for the Cult of Assange.
What else would you call someone who downloads a program someone else wrote, makes no changes to it, and uses it to attack another system? Wouldn't call them elite would you?
There's a big difference between taking action and doing something productive. You knocked out PayPal, amusing as it might be what has it changed?
You said - "And there is the big self-delusion that is the anchor to all the self-justification sprouted by anarchists - "the public aren't doing what I'm doing because they're too scared to, but they support me and my actions even if they don't say so in public, and what I do is for their good". Newsflash - the majority of the populance think you lot are a bunch of idiots, as shown by the complete lack of public support for your actions."
And this was as wrong as pretty much everything else you've ever written. The people who won't take action for themselves are you. They're the people who say "Government should do something! Give more power to the police! Shoot that man!"
They're cowards. In the end, the Register gets it wrong. You're either a coward or you're Anonymous.
Matt Bryant is a coward.
Happy New Year!!!
"And this was as wrong as pretty much everything else you've ever written. The people who won't take action for themselves are you."
Actually, it's just that some of us have more sense. I've done my fair share of things I shouldn't, and I continue to act against things I disagree with. What I don't do is stamp my feet like a belligerent kid using a tool someone else wrote whilst claiming to be a 'hacker'.
It wouldn't surprise me to know that 99% of Anonymous are 15 year old kids who consider themselves 'l337'.
DDoS isn't the way, and you engender no support from the general public through your actions. It's nothing more than a waste of time and of bandwidth. Are you hoping that the likes of PayPal etc are suddenly going to say "we'd better support Wikileaks lest we get DDoS'd again!". If so, you're clearly suffering from serious delusion and should seek immediate psychiatric help!
There are legal ways to take action, and yes, some may seem ineffectual. But fucking up everyone elses use of the Internet isn't the way to go. There was a recent statement saying that Anonymous had decided not to re-attack Amazon as it would impact on consumers (and not as the evidence suggests because you didn't have the resources!) yet you'll try to interrupt payment processing services? Pull your head out of your ass, all these actions do is portray you as snotty nosed brats worshipping an alleged rapist, and supporting the dumping of documents for which no public interest argument exists.
Anonymous may have done some sterling work against Scientology (and even then DDoS is not justified), but in this they've revealed themselves for the script kiddies that many of them clearly are.
"....The people who won't take action for themselves are you...." You blindly believe that I need to "take action" - why? I accept that our economic and governmental models aren't perfect, but they're probably the best we're going to get given human nature. Am I a happy little capitalist drone, just a "small cog in the big machinery of oppression by the elites"? Whatever label keeps you happy. You see, whilst my circumstances are not perfect, they're not all that bad either. I have travelled and seen the World, I have seen far, far worse living conditions amongst people "liberated" by so-called socialist or "Peoples" governments, to the point where I actually think myself lucky to be living under such buffoons as Brooon. Worse case, I could vote Brooon out when enough people came to the same opinion of his capabilities or lack thereof. The problem for people like you that want to "remake the World" is the majority of us just aren't p*ssed off enough to risk losing what we've got. That's not "cowardice", that's simply being practical and democratic.
So, you seem to believe that, because I'm too much of a "coward" to "help myself", you have the right to make decisions and act in my name? Guess again. There is a whole range of grey between the black and white of "cowards" and Anonymous, it's just you don't have the experience or willingness to see it. Please stay happy in your deluded little state, it has zero relevance to me, but don't expect me to join you, and don't expect me to stay silent when your moronic actions do impinge on my World. You think you were justified in attacking PayPal, Visa et al, I just think you were a bunch of twits. Either way, it's just opinions, but you need to accept that other people don't all share yours.
Matt Bryant is pitying you.
>>There is a whole range of grey between the black and white of "cowards" and Anonymous, it's just you don't have the experience or willingness to see it."
This whole thing seems to be driven by people who either only can or only want to see things in black and white, who consider even a mention of the possibility of grey areas as Deepest Heresy.
Because they can see that some freedom of information is good, they have to assume that total freedom of information is best.
Because they think that Wikileaks is good (and therefore Absolutely Good), they assume Assange must be some kind of modern saint fundamentally incapable of any kind of wrongdoing.
Because they think that they are Good, it follows that someone not entirely with them *must* be entirely against them, as a result of either idiocy or malice, rather than someone who actually has their own personal opinion, based on experience of the world possibly greater than their own.
Fortunately, for most people, that's just a phase they eventually grow out of.
I just want to say
Matt, you and I have disagreed on a number of things in this forum, some rather vocally, but in this statement, you have my full support.
"Anonymous" needs to collectively grow up.
Does this now appease all the crazy conspiracy theorists out there?
Maybe now they will understand how LITTLE control the government has over things! And, how little knowledge they have of networking. There's other ways to bring machines down without doing the ever so clever (and obvious) "RAID!!!!!!"
...Or so I've heard....
>>"Does this now appease all the crazy conspiracy theorists out there?"
>>"Maybe now they will understand how LITTLE control the government has over things! "
But surely, by the CT's logic, anything The Government does that makes Grand Conspiracies seem less credible must be a blind done to make conspiracies seem less credible to the sheeple, or have some other nefarious purpose.
There's nothing that can happen that can't be explained as being the result of a conspiracy.
Good to see where they lie.
Let's just go looking all over and maybe we can find something to nail somebody with...yeah, that's the ticket.
Sorry, don't see why the FBI needs to be involved with some people causing mischief. Don't you guys have any transit police who can deal with this kind of thing? They'd probably welcome the change away from chasing taggers and fare dodgers.
Unfortunately, it is under the FBI's remit to investigate "wire crime" as it's seen as inter-state. They probably do have a lot more pressing problems with real criminals to deal with, like people-smugglers or drug gangs, but instead they have to send people to look for kiddiots trying to "change the World" from their Moms' basements.
Also, it's not "mischief", it's crime. DDoS attacks impact businesses, they reduce takings and therefore are quantifiable and can be likened to vandals destroying assets. If you had a shop and someone was standing outside preventing your customers coming in to buy your goods I'm pretty sure you wouldn't characterise it as just "mischief".
"knocking its corporate blog offline"
Sounds more like a service to the community.
And equally, good luck to the FBI...
...in their no doubt equally diligent pursuit of the evil hackers who we hear have been DDoSing WikiLeaks itself. ...What? Oh.
Ahhhh the Federal Bureau of Investigation......
Yeah they are the ones who let the ex president and all of his mates walk the streets - after murdering a million or so people in Iraq, and stealing their oil.... falsifying evidence, lying under oath, stealing trillions of dollars of tax payers money..... war profiteering for their companies...
But speak up about the scummy Amarican government and the companies who support this or are complicit in crimes against humanity?
"Ohhhhh we can't have that can we."
The FBI = 0% credibility.
Ahhhh the Federal Bureau of Investigation......
Please return to IndyMedia, this is a technical website for people with a clue. Whilst amusing, your rant simply does little other than expose your naivety.
This event will highlight what CYBERCOMMAND is all about which is the intergration of the FBI, CIA, DoD & other goverment agencies cyber divisons trying work together towards a common goal.
Curious how this will play out
Because assuming they do ID some anons, and I think it's a given they will, what they're mostly going to have is a bunch of 'too young for prison' kids, a lot of whom will be foreigners.
-"what they're mostly going to have is a bunch of 'too young for prison' kids"
Wouldn't it still have some PR value to have the Heroes of Anonymous shown as being people not judged mentally competent enough to vote, for whom even having their toys taken away may be sufficient punishment?
Also, there's the chance they could be redeemed and grow up into Decent Citizens.
Especially if the USA was planning on running a tack of 'Poor little impressionable Bradley Manning seduced to the dark side by evil foreign anarchist Assange", it might do their case no harm to have a parade of impressionable kids shown to have done stupid things at the urgings of malign influencers on the Internet.
Remember, the more they can blame someone else, the more they can dodge the blame for their personnel selection and their allowing unfettered access to information.
For example, it's far easier to blame some Mata Hari character (especially a foreign one) for being Evil than to admit you employed loads of people who would happily spill top secrets to anyone who stroked their dick.
Was it really the FBI?
Re "Agents copied two hard drives from the targeted server during this raid", are you sure it was the FBI? I thought their standard operating procedure was to seize all the equipment in the server farm, even if it didn't belong to the company under investigation, and plunder employees' homes as well, as reported in http://www.wired.com/threatlevel/2009/04/data-centers-ra/
- Breaking news: Google exec veep in terrifying SKY PLUNGE DRAMA
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Google CEO Larry Page gives Sundar Pichai keys to the kingdom
- Something for the Weekend, Sir? SKYPE has the HOTS for my NAKED WIFE