UK police have taken the unusual step of warning prospective hacktivists that they risk arrest and prosecution if they get involved in denial of service or other forms of cyberattack. An update on the Met Police's official Twitter account points surfers towards a notice stating that defacing websites, running denial of service …
I expect we'll see some example setting sentences for the lulzsec chaps to put some scare into these warnings.
Some people support what LulzSec/Project AntiSec are doing, and argue that making examples out of high-profile targets will help spur others to implement strong IT security policies and procedures.
Other people are against what LulzSec/Project AntiSec are doing, and indicate that it doesn't matter what the underlying motivation is; intruding upon a protected system and releasing the data it contains is trespass and theft at best, and cyberterrorism at worst.
Either way, one thing is for sure: If LulzSec/Project AntiSec keeps things up, eventually the good folks in the UK are going to see a return of Wacki Jacqui-esque rhetoric, with talk of IMP, massive data silos, mandatory ISP monitoring, and everything else that comes with it. People will demand that the Internet be made "safe," resulting in Parliamentary knee-jerk reactions that turn the UK into an Orwellian state.
They're already back to reimplementing that with a new name anyway.
What they should do is have far harsher for companies that are incompetent. Whether you support the recent raids or not, everyone should be aghast at the ineptitude of corporate, government, military and, law enforcement security and the complete lack of accountability they have for their mind boggling failures.
not sure how I did that
"What they should do is have far harsher for companies that are incompetent"
"What they should do is have far harsher penalties for companies that are incompetent"
dont give a crap either way
Your passage demonstrated the psychological phenomenon of 'perceptual filling' in my instance; your correction is how I read the original passage. I frequently make similar mistakes, and I suspect that perceptual filling lies behind the lapses I make in 'proof checking' my text. I used to use a package like 'Read please'; hearing the text read back to me increases my ability to analyse my text critically.
As to the article itself, this ominous passage, "Even attacks aimed at targets outside the UK can be prosecuted in Britain" ought to warn people off cracking away as well as at home.
Genuine hackers (as opposed to script kiddies et al.) have been publicising security loopholes for decades, literally. Breaking and entering, and then publicising data so retrieved, that is another matter.
Hmm. China is waging intellectual war.
"Genuine hackers ... have been publicising security loopholes for decades,"
Noted and agreed.
However, my comments were not meant to include legal "white-hat" cracking, in which the intruder is performing research on his/her own systems, or on systems he/she was contracted to maintain.
Many would say that cracking a system (that the intruder does not own or maintain), intentionally doing no damage, then notifying the owner that there's a problem with its security falls somewhere in between the "white-hat" and "gray-hat" camps, while others would argue that such behaviour is a fundamentally "gray-hat" activity, if not "dark gray."
I would also venture that most network security admins regard cracking a system and leaking its contents (or defacing a web page) -- regardless of motivation -- as a wholly "black-hat" operation
Simple script-kiddie DDoS attacks are "black-hat" from a motivation standpoint, but in my mind hardly rate as a legitimate demonstration of "31337 $|<i112"...
Re: "Genuine hackers ... have been publicising security loopholes for decades,"
Yup, it seems that we are in agreement. It seems to me that the more recent phenomena associated with Web 2x - mp3 files, video files - along with FOIA have somehow contributed to a blurring of categories of legitimate and illicit behaviours.
Bearing also in mind that these destructive twits so often rely on 'kits' than skills, it seems that this is not an exercise in ethics and skills, but something which more closely resembles joy riding.
Also, when I read in Reg fora ignorant comments concerning WWII soldiers and how they supposedly represented the establishment, and do not deserve remembrance, then I become more certain that a cultural shift has occurred. It's often said that rights are only truly understood when they are recently hard won. I'd hate us to have to go through that again, tempting though it is for the ex serviceman in me to suggest that they could be used to make up a 'cannon fodder' brigade, thereby saving the lives of people who matter.
There is a middle way - what LulzSec et al are doing is inevitable, expected and it's not worth fretting about (we're the savvy and safe ones right?). They're slightly annoying, like the lads in the alleyway on the way to the shop. Buddhism, the apathetic religion.
Then again, they're going to grow up soon. It'd be wise to make sure we've got strong passwords.
"... Labour's Orwellian plans were foiled because no one wanted them and they lost mandate to rule."
However, both internal (within the government) and external (among the citizenry) political sentiment can change swiftly, as recent legislative history has shown in both the US and the UK.
For example, after the 9/11 attacks, the United States Congress rushed to create the USA PATRIOT Act, which was signed into law a mere 45 days later, on October 26, 2001, with very little public discourse. The citizens of the United States demanded that the Federal Government "do something" in the wake of the terrorist incidents, and in knee-jerk form, it did, to the detriment of our individual Liberties.
On top of that, people -- somewhat paradoxically -- also tend to be pretty complacent about the legislation they get as a result, if they perceive it does not (or will not) affect them directly. A lot of citizens have undoubtedly read the text and/or analyses of the PATRIOT Act since its passage, but since they don't see themselves as being a target of the Act, they don't care much about its impact on civil liberties, as long as it's used against "the bad guys." This can lead to a legal slippery slope, as summarised succinctly by Pastor Martin Niemöller, in relation to the Nazi's rise to power before World War II:
-- -- First they came for the communists,
-- -- -- -- and I didn't speak out because I wasn't a communist.
-- -- Then they came for the trade unionists,
-- -- -- -- and I didn't speak out because I wasn't a trade unionist.
-- -- Then they came for the Jews,
-- -- -- -- and I didn't speak out because I wasn't a Jew.
-- -- Then they came for me
-- -- -- -- and there was no one left to speak out for me.
The bit Anonymous need to remember is
Once you start attacking the institutions of state you put your self at risk of the state taking an interest in you. Once the state decides you are enough of a nuisance to take an interest in, then it has far more resources to find you, than you do to avoid it, so it just becomes a matter of time, and there is a line that if you cross, then the state will not stop.
That line is usually causing significant economic harm, or putting other people in harms way, like publishing a list of Police officers names and addresses. The law is clear about this, pass on a secret, regardless of how easy it was to get it, and you are culpable, and what's more the state has a duty to pursue you on behalf of its citizens. Get someone hurt, and in effect you become a terrorist.
Successful criminals get away with stuff, either because they don't do it themselves, or they don't do it very often.
but hang on a second...
OK, try this experiment at home: Take something valuable to others, let's say for example your entire DVD collection, and put in on your front lawn for a week. When it disappears, try going to your local friendly Police station and demanding that they hunt down the culprits. While you're there, get a crime number and then try and claim the cost of your lovely DVDs from your insurer.
Assuming you agree with me on the futility of persuading the forces of law and order to pursue your case, then let's move on to the next case. If we change your DVD collection to a thing that could potentially do harm to others, let's say a (legally owned by you) handgun and box of bullets. Now go to the police and you'll get quite a different reaction, one that will possibly involve you doing hard time for anyone killed by your irresponsible actions.
Now change the actors. Instead of you leaving a dangerous handgun on your front lawn, we have the police leaving a dangerous set of data ineffectively secured. Surely, just as you were liable in the previous case, they're liable now?
This is, after all, why we have data protection legislation. If you're going to collect other people's personal information, you take responsibility for making sure that it doesn't fall into the wrong hands (just like when you apply for a gun license you take responsibility for ensuring it doesn't get into the wrong hands). Being the police or other state agency doing the collecting and protecting doesn't suddenly remove the responsibility to protect the information.
Yes, the thieves are still bad guys, but the people nicking the DVD's from your front lawn are just as much bad guys and they'll never get prosecuted for it.
Anonymous are the local 'bad kids' of the internet...they'll nick anything you leave on your lawn. Don't leave anything out there that you don't want nicked.
The hackers all know what they are doing is illegal. Just prosecute and imprison them and get on with life. They make prison cells for people who can't live within the laws of society.
Quite right too!
It is clearly completely wrong that a person should break the law even if it is to highlight the poor security of some organisation.
Oh wait! I had forgotten:
Heh. Never thought I'd be agreeing with police actions here on the Reg.
Shades of grey
> The hackers all know what they are doing is illegal
True, but there are degrees of illegality. Is hacking a website (where the security is far too lax, akin to waling into a reception area and asking where the secrets are kept) on a par with dropping a sweet wrapper on a street or is it on the same level as shooting down a passenger aircraft? Is it _more_ illegal, or deserving a harsher penalty if the security is weapons-grade and it took nearly half an hour to crack?
At present there seems to be a disconnect between how the hackers view it I'd guess: somewhere between an abstract puzzle and minor transgression (no bunnies were hurt in the hacking of this website). Whereas any shareholders, who's stock took a dive would be less tolerant - even if the puiblic viewed the target as a "bad" company <cough>BP, last year</cough> and privately thought: "go! hackers!". And if any harm was done to doe-eyed little orphans then the more rabid factions of the press would be campaigning to bring back hanging. Until we can reach a consensus it's impossible for a society to communicate just how we feel about hacking.
 though how blame should be apportioned between the hackers and the sloppy management that gave rise to a vulnerable taget is another debate. Maybe 50:50 is a good start, what one is sentenced to, the other (named individuals/managers/directors) should get, too.
black and white...
I know some kids find it difficult to grasp the few basic rules of modern civilisation, but i'll try anyway.
The reason we have laws is to prevent people taking matters into their own hands. Some people appear to favour the idea of being able to do whatever THEY want. They seem to miss that this would lead to a situation where anybody else can do what they want to do as well
Taking this to it's fullest extent, In this "ideal" world the response would be that if script kiddie X decides that he can hack Mr Y's webserver because it was insufficiently secure, Mr Y could just as easily track you down and come visiting with half a dozen burly blokes who could express their displeasure by demonstrating script kiddie X's lack of self defence skills. Because it's your fault that you can't protect yourself against half a dozen over muscled gorillas pissed at you screwing with their employers webserver, obviously.
Presumably script kiddies want to be protected from the over aggressive gorilla types. That's fine. The Gorilla's want to be protected from script kiddies screwing with their webservers as well though, hence the laws we have. Then we have the police and courts to deal with criminals instead of people taking matters into their own hands and dealing a punishment they deem appropriate.
Saying that something was/is a "little bit illegal" is a bit like saying that your a "little bit pregnant". There is no such thing, your either one or the other. Beware messing with the law, because the law will mess with you. The system only works by the common consent of everybody involved, and complaining that the law is to harsh is not the answer. The reason the law is harsh is because absent of it's protection there are an awful lot of people who would deal with you far more harshly than fines or prisons would dream of doing.
Except for the fact that there are an awful lot of things that are 'a little bit illegal'...speeding, being drunk in public, answering a mobile while driving at 50kph on a deserted country road.
It's not the law that counts, it's the enforcement. We all break laws all the time, most of the time without even knowing it, it's whether the police choose to enforce the law that counts.
And then there's the courts. Everyone has stories of minor infractions being dealt with harshly while what seems like 'proper' crimes get let off with nothing. Obviously, these were only a 'little bit illegal'.
Remember it's all about law and order, not about justice.
If you wish to hold a protest outside a physical property you fill out a form and the police let you get on with it for a reasonable time before telling you to clear off or unblock the streets. Happens in London all the time.
So why can you not use the same proceedure for running an online protest as well?
Some of the conspiracy nuts suggest that Anonymous/LulzSec etc. are manufactured false flags to rile public opinion and justify the pushing through and implementation of new cybersecurity laws. Given the way they're behaving and some of the targets they are brazenly attacking with a smirk on their face, I can see why people might think that way.
Even if that's not the intention, certain elements of the group seem hellbent on harming innocents and stealing data for the sheer sake of it. This is nothing to do with "censorship" or the AntiSec movement so much as data theft and criminal activity, and these guys must be really stupid if they honestly think stealing data from law enforcement and governments is a good idea and that they'll never be caught. Quite frankly getting sick of the sanctimonious attitudes being thrown around by BOTH side, to be honest, and the "Free Topiary" campaign had me cringing.
Anonymous, because it's the cool thing to do these days.
>They make prison cells for people who can't live within the laws of society
Break into computer systems, bribe police and intimidate terrorist victims and their family - get knighthood
Throw pie at criminal that does this - go to jail.
cant we just banish these hackers to somewhere on the internet they can do no harm?
20 years exile in second life or world of warcraft should work
The pie throwing prick deserved a taste of jail just because he is such a massive tool! He did break the law I suppose? I also suspect it'll take a bit longer to process hacking criminals compared to the pie throwing evil dastardly pretend comedian? ROFL
Black and White... ...Shades of Grey
I'm afraid, Peter2, that the 'ideal world' you mention exists only in your head, the rest of us have to make do with reality. One very sad reality is that sometimes the law is an ass! The only way to change this is to 'take matters into your own hands'. Whether it's to walk in front of the kings horse, or sit at the front of the bus, or even set yourself on fire. Someone must act before there is change.
While I agree (obviously) that rules are necessary for society to function, slavish obedience is bad.
Remember: "I was following orders" is not a defence. And the classic "who watches the watchmen".
while I would agree with your point that there is no such thing as an "ideal world", and slavish obedience can be less than ideal, the reality is that society decrees that you as an individual cannot follow or ignore a law as you see fit, or if you do decide to ignore a law and you are caught then there may consequences to face.
The taking matters into your own hands might be the only way you can think of to getting others to recognise or understand a problem that you wish to change/highlight, however I think the crux of the issue is how far do you go to pursue your goal. Where does it change from merely protesting or making a point to outright criminality. I guess that some of these fellows are going to find out when if have their day in court.
In the UK or not.
"Even attacks aimed at targets outside the UK can be prosecuted in Britain."
The police cant touch the hackers in Indonesia that hacked one of my clients sites a few months ago. Why the hell should they have the right to prosecute me if i retaliated in the same way ?
Flailing at shadows.
It's hard to arrest an idea.
"The reason we have laws is to prevent people taking matters into their own hands. Some people appear to favour the idea of being able to do whatever THEY want. They seem to miss that this would lead to a situation where anybody else can do what they want to do as well"
Yes, we have laws. We have laws on data protection, financial transactions, misrepresentation, pollution, environmental controls, workers rights, political limitations, and many, many others.
Every day we are subject to those laws, but the corporations seem to think THEY are not. They buy politicians, media, judges and they change the laws so that what they're doing, unconsionable as it is, is no longer illegal.
Since the 1950's corporations have the legal status of people, just like you and I, but they have vastly greater power and can't be subjected to the same penalties and sanctions that we are.
If the law was independant; if the corporations, government and law-enforcement officers all knew and obeyed those laws then we'd be happy to as well. Instead, they get up to their filthy tricks, their abuses of society in order to pursue profit, and we suffer for it. DMCA, IMP, Digital Economy Bill, RIPA, RIAA, Securioty Theatre - the list goes on and on.
Anonymous is simply the public answer to these faceless overlords. Many people have tried following the formal channels, obeying the law, only to see our voices and rights degraded even further.
Well, here is our voice, faceless and legion, just like the opposition, and for each one of us that gets arrested, a dozen more spring up.
"a dozen more spring up"
The traditional rate is 'one every minute'. We haven't yet reached the rate of 5 arrests an hour.
One might suggest that the public reaction to the items you mentioned above would be a democratic one; actually working towards political change is hard though so what we'd all rather do is sit behind a veil of anonymity and make relatively unexciting attacks against relatively uninteresting targets. Yeah, power to the people.
Actually, Ru, I agree with you as do many of my compatriots. Political change IS the best way to tackle these things, but there are a few issues that get in the way of such political change. Let me highlight some of the main ones.
Let me highlight one here for you to start with, quoting from an earlier poster:
"If you wish to hold a protest outside a physical property you fill out a form and the police let you get on with it for a reasonable time before telling you to clear off or unblock the streets. Happens in London all the time."
So, to protest against something I feel is unjust I need the authority of the state? To protest against the state? Thats not free speech, so I am not free to speak am I? There's a reason that nu-labour banned all protests within 1 MILE of parliament - it's so they didn't have to listen to us. Even when we DO shout loudly (remember the 1 million person anti-war march?) we are ignored.
If we elect another party, we find their policies, despite their promises, are basically the same. I direct you towards IMP as an example. I voted for the Conservatives this time round because they were promising to return some of our liberties to us and made specific promises regarding IMP. They lied. It doesn't matter who you vote for, the government has a tendancy to win.
Government is made of ministers who have external interests in large corporations. Our democratic rights weigh very lightly against corporate money when it comes down to it. Look at the Murdoch affair to see just how corrupt things can get. Do we really believe that no other companies are using other dirty tricks to get their own way with legislation? I think we'd be naive to.
They obscure with weasal-words, complex processes and outright lies constantly. If they had nothing to hide, then they could sit back, relax, and laugh at us "conspiracy nutjobs" fairly, but the fact is we KEEP turning up their dirty laundry, don't we? It's not a conspiracy theory when there's evidence, and the powers-that-be are currently going to some lengths to limit or control the tools that we use to find that evidence; the internet primarily.
So, why not take the next logical step and form a political party of our own? Well, that's doomed to failure because of the "traditional establishment" or the "political class". Bah, I hear you say, those are artifacts of a previous era! We are democratic and politics is open to all.
No, it's not. It's a closed game and you can't get into power in any meaningful way. Look at our top politico's profiles, see where they came from, look at who backs them and it becomes clear. If you're not in that club, you're not in power. Want an example? Remember when the very lovely Joanna Lumley fought for the Gurhka's rights to be British? After she won that through protest and the raising of public opinion she announced that she intended to run as an MP. She never did, and was condemned on the british media as being "not of the political class".
As I recall, the phrase that was used went along the lines of "What would she, an actress, know about politics? She's never run a company, been on the board of directors, or been properly educated for such a role. It's a joke that she could even conceive of joining the political class."
Is THAT our democracy? No. It's an elitist club ruled over by money.
If you think your vote changes anything then you carry on assuming thats the only power you have and you exercise it (as should we all!)
In the meantime, I will continue to support Wikileaks, Anons and the Arab Spring, all of which have revealed truths that were hidden and improved our understanding of the world. In these ways we CAN express our feelings, we CAN be heard, and the establishment are terrified of that.
As another poster said, the Politics of Fear are coming to an end.
Lessons from History
For everyone who is saying that the correct course of action is to obey the law without question or go to prison for your 'anarchist tendancies', I would advise a long course on social history and politics. Take a look at the list of things that wouldn't have happened if not for groups of people or even strong-willed individuals standing up for what they believed was right, regardless of the law.
Rosa Parks would be turning in her grave, and everyone in the US would still be living under British rule. at the very least.
- Game Theory The agony and ecstasy of SteamOS: WHERE ARE MY GAMES?
- Review Is it an iPad? Is it a MacBook Air? No, it's a Surface Pro 3
- Hello, police, El Reg here. Are we a bunch of terrorists now?
- Intel's Raspberry Pi rival Galileo can now run Windows
- Microsoft and HTC are M8s again: New One mobe sports WinPhone