null
These kids need to get out more.
Fifteen suspected members of Anonymous have been arrested following a joint Italian-Swiss police investigation, AFP reports. Police reckon the group formed a cell that attacked the websites of the Italian government and prominent Italian companies, energy firms ENEL and ENI, as well as state broadcaster RAI. The group, …
are you honestly that naive?
do you have wireless?
do you think i'd be able to get onto the internet through your connection (i'm not even close to being a hacker)?
why do you think i wont be able to get in?
why do you think an actual hacker wouldn't be able to get in?
and how about on the train? with a spoofed MAC address?
come on, if i can come up with simple stuff like this, don't you think someone who's paranoid by nature (a given trait of hackers), wont be able to do MUCH better?
anonymity is not that hard to maintain on the net.
How can you be so selfish. These are clearly kids with psychological problems. To my mind the authorities are overreacting to this.
As a parent my heart goes out to the mothers. To have a son is hard enough but to have them arrested for simply messing about on the Internet is just dreadful. I can't imagine what it must be like to have a disturbed child, and then worse have to cope with them being arrested.
Clare,
you claim to be a web specialist. Interesting, so if a group of kids "messing about" tear down your website, deny you acess, hack you customer databases and expose their data, slander you name, kock your business ofline for weeks at a time...costing you thousands of pounds in lost business and worse, lost reputation.
Would your sympathies still be there?
What about bored kids that decide to go along slashing car tyres and throwing brick through windows?
How about kids from poor background, is it ok for them to go mugging people or breaking into property.
"I can't imagine what it must be like to have a disturbed child", where does it say that? Where?
You of all people (if indeed are web specialist) should know the damage that can be caused by s DDoS attack, website defacements or damaged reputation by compromises accounts.
I program Microsoft FrontPage 2002. I have never seen the problems you mention, maybe this is more secure than what you use for your web sites?
The other things you mention cause physical harm, I have seen stories on here about companies with very poor security surely they are equally to blame for losing data?
"I program Microsoft FrontPage 2002"
Stop right there. Go straight to web quarantine, do not pass go and do not install any more software until you can spell CSS.
A bit of "knock and run" might be okay but some of the attacks have been sustained DDoS that will take down websites and even data centres without professional, round the clock support. You soon stop laughing if that ever happens to your sites.
As for highlighting security weaknesses the generally accepted procedure is to inform the owner directly and agree a time limit for fixing any problems. Not in the interests of hiding the problem but in an utilitarian to minimise any damage. Simply charging around willy nilly looking for exploits and bragging about them is only likely to increase government snooping, ie. reduce security, and lead to calls for heavier sentences.
Knocking pages together in Frontpage is an order of magnitude less complex than setting up a site consisting of proxies, web servers, app servers, middleware, database, transactions etc. I wouldn't be surprised if most FP2002 sites are "secure" because there is nothing behind them. It's like calling a billboard "secure" because if thieves bust through it there is nothing there to steal. All they can do is deface it.
You have managed to destroy any level of credibility you may have had with your amazing demonstration of a lack of understanding of what has really been going on - or, for that matter, the facts on the ground in your own claimed field of expertise. While it can be argued that some of these attacks may be have been morally or ethically justified, make no mistake as to just how serious we are talking about. Millions of people are potentially at risk for identity theft related crimes thanks to the recent campaign by multiple hacking/cracking groups. More recent breaches, for example, some of the AZ State Police leaks, have potentially left hundreds of officers and their families at greater risk for retaliation by violent criminals. Even the DDoS attacks (ultimately the least damaging of all, even if they managed the greatest media attention) not only hurt their targets, but most target's upstream providers - not to mention any computers used as part of a botnet to perform the attack.
As far as events "In Real Life" causing physical harm, so do actions taken on the Internet. At least, they do when those actions involve thousands, or hundreds of thousands of dollars in damages (easy enough when you both interrupt ecommerce and end up doing something like paying to provide credit monitoring for all your customers for the next year).
If they are disturbed children, they should be treated as such. However, even disturbed children get picked up by the police when they run around causing havoc and destruction. Alternatively, if you think that they are heroes (and there is a definite attraction there, especially when you read the details of the HBGary incident, etc.) feel free to say so - just don't expect any of us to be surprised when the plod come pick up any members they can find, even if they're still in diapers. ;)
-d
Stick to windows and chairs instead of bold sweeping definite statements on a technical nature "steve".
There are significant ways to hide your trail correctly provided you have the skill and knowledge, do you think china or russia are going to give up logs from proxies in their netblocks? do you think all proxies log, or maybe some are compromised machines specifically set up NOT do that. Have you ever even been involved in hunting people down via these routes to qualify your statement ???
Anyone using loic lacks both skill and knowledge and were fed to the wolves by the people who knew this. And the inner circles were also unlikely to be blowing their cover that costs time and money to establish to go pop a few poorly secured websites offline...
The great thing about anon and lulz is that theyre bringing the blackhat world to a wider audience than the researchers in the field and perhaps there is the awakening of the awareness of the mountain of work that needs to be done, and hopefully less clueless people like you posting rhetoric.
.
Except the more people who get banged up, the less likely people will be to get involved. The filling of their ranks will stop if the arrest keep happening.
My guess is that only a handful of participants are doing it because of any passionate beliefs. The majority will be script kiddies who are joining in 'for the lulz' and that will soon stop when they realise that they can and will be found.
Perhaps you are one of the people (or work for one of the people) Anonymous et. al. believe they are defending the rest of us from? They clearly feel that they are doing something. Personally, I'd rather see them running around using stupid script kiddie tools like the LOIC for the occasional protest and a really beautiful hack reserved for special cases (such as HBGary, where ethically and morally they did nothing but act in defense - even if they did flat out break the law, and practically crush a small security company in the process) than having the Anonymous elite trying to rip through society in general - which so far they don't seem inclined to do.
It's just a thought... but while the "rank and file" may be "in it for the lulz," it's pretty clear that there is some real dedication in these groups at various levels. Writing them off as nothing more than criminals leaves you quite likely to fail to understand what is going on and why. What's more, civil disobedience and protest rallies have been a long recognized road to change, and such an astoundingly STUPID attack as the LOIC could be compared to a bunch of people protesting outside a building causing enough of a crowd normal employees/customers/etc. can't get in.
I'm just suggesting it's not entirely black and white. They may well be criminals, but then, so were most revolutionaries, civil rights protesters, etc. at some point in time. I don't place Anonymous quite as high as most of those luminaries, but I think the same point stands - it is possible to be against the law and still be working for a morally sound cause.
-d
Are people suggesting we make a cargo cult of of Anonymous? Lord forbid.
"Oh great Anonymous, I am just a lowly web developer, with only an unpatched Apache server and an old version of Wordpress to my name. I am not worthy of thine hacking. But if you put thy effort to more worthy targets (glances at local copy of News of the World, with eldritch runes penned it with red texta) I will post bodacious sycophantic Tweets to thine name."
Coat please. Yes, with the voodoo doll in it. Looks like Rupert Murdoch, does it? Fancy that. Must be a coincidence.
Boy, you really do know nothing about the law, do you!
"....could be compared to a bunch of people protesting outside a building causing enough of a crowd normal employees/customers/etc. can't get in...."
There are strict laws about such protests. In the US, it is a crime for a protest to block access, which is why you see those news clips of protesters walking in circuits outside their target buildings, so the Police can't charge them. In the UK, picketting has very strict laws which were designed to stop union intimidation of non-union workers. If a protester or picket stops anyone physically crossing the picket line then they would be arrested and charged with assault. And you need to follow health and safety guidelines and apply for a licence to make a legal street-protest. I suggest you do a bit more research before mounting your next crusade to "free us all from the tyranny of whatever".
And then how do you propose that websites accommodate "pickets"? DDOS is a crime, fullstop. You can create a protest website if you like, but you had better make sure your "facts" presented there are proveable otherwise you'll be up for slander/libel/defamation charges. Oh, but the work of checking your facts, creating a proetst website and dealing with challenges is just too much like hard work, no? Much easier to just download some SQL injection toolz and fire away from your Mum's basement!
"you may be able to stop an individual, but you cannot stop us all. Afterall, we're all alike".
That could apply to muggers, burglars, rapists, child abusers, embezzlers, drunk drivers and every other class of criminality. Should the police just shrug their shoulders and declare "well they're all alike so no point arresting & punishing any of them"?
Of course not.
Anonymous might make for a great nebulous moniker but the reality is there are perpetrators in that group and doubtless many of them will have their day in court. I hope the lulz were worth it when they get banged up in prison or end up doing hundreds of hours of community service for their troubles.