back to article Second LulzSec member pleads guilty to Sony hack

A second suspect has admitted involvement in high profile attack last year against Sony Pictures website by notorious hacking crew LulzSec. Passwords and personal information leaked as a result of the breach in May 2011. The site was breached using an SQL injection attack, a common hacking technique, to extract personal …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    who's lulzing now?

    anonomous.

  2. Piro Silver badge
    FAIL

    So much .. "fail".

    He should have known you have to hide behind at least 7 proxies.

    1. Anonymous Coward
      Anonymous Coward

      Re: So much .. "fail".

      Maybe he should of watched the cinematic great that is hackers

      1. Anonymous Coward
        Joke

        @AC

        I think its more likely that's exactly what he did :-)

    2. Anonymous Coward
      Anonymous Coward

      Re: So much .. "fail".

      "He should have known you have to hide behind at least 7 proxies."

      He should have known not to use his own connection, whether behind proxies or not. Using HideMyAss is even more comical since they're UK based. Not that I condone such activities, but what a fool.

      1. solidsoup
        Coat

        Don't know whom to side with.

        On one hand you have unscrupulous people lacking in ethics and boundaries, who access computer systems without permission (through rootkits etc). And on the other you have formerly-Anonymous vandals.

        Mine's the one with a coin in the pocket.

      2. Thorne
        Paris Hilton

        Re: So much .. "fail".

        HideMyAss sold his ass right out

        (Paris cause she sells her ass right out too)

    3. dssf

      Re: So much .. "fail".

      But, doesn't that also require enhancement by using completely fresh and unrelated-to-the-user hardware?

      I have since at least since 1993 suspected that there would come the day that motherboards would have embedded components that would seed or somehow tage outbound content, much like preambles/headers, or watermarking that later came out.

      Eventually, we find that printer companies embedded not only codes in the hidden chips of printersand copiers, but that the fonts themselves are encoded differently for every printer. Anyone buying with traceable instruments and being taped on camera and then engeging in extortion, bribery, blackmail, wire fraud, murder threats, and so on -- especially those duplicating cash and certain cash instruments -- could be tracked down just by a magnifying glass or special decoding scanner, or prevented from copying certain currency. I at some point began to suspect that large copy shops were ideal for those onboard chips -- imagine if governments or conspiracy theory types of organizations wanted to KNOW what things people scanned or copied,. Those up to no good had better not use the rechargable cards or any scanner or copier hooked to a network or one with a hard drive in it. Even copmanies have seen their machines broken into for the hard drives.

      Making a computer act as its own beacon is nothing new anymore, so, even using disposable NICs even to just peruse naughty content sites or evade certain marketing would be almost pointless -- those who continue using the one-time-only hardware get complacent and keep using it. Trying to hide from stealthy observers via proxies really depends on the user even changing typing speeds, diction, thought or speech patterns... And, avoid using topics or explanations as anecdotes since we humans tend to be fond of our recollections....

  3. Jack Project

    Noob, should have used 7 proxies like me.

    1. Anonymous Coward
      Anonymous Coward

      7 proxies? Your connection would be at dial-up speeds by then wouldn't it?

  4. philbo
    Joke

    A name-change required?

    ExposeMyAss perhaps?

    1. Anonymous Coward
      Happy

      Re: A name-change required?

      Yup , and it'll be Big Bubba getting all the "lulz" out of our friend pretty soon.

    2. Platelet

      Re: A name-change required?

      GrassMyAss

  5. wowfood

    This is when

    We see the guy try to sue HideMyAss for breaching it's own terms, court order or not.

    Knowing the USA he'll win too.

    1. BillG
      Meh

      Re: This is when

      We see the guy try to sue HideMyAss for breaching it's own terms, court order or not.

      You can't have a TOS that violates the law. Regardless of how it's written, an individual or company must respond to subpoena.

      1. Old Handle

        Re: This is when

        But surly it's still illegal to sell a service you can't deliver.

        1. JohnG

          Re: This is when

          Ts & Cs from HideMyAss include the following:

          "You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful."

          and

          "By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately."

          Surely, it is obvious to everyone that companies offering goods and/or services will follow the laws of the countries in which they transact business?

          1. Anonymous Coward
            Anonymous Coward

            Re: This is when

            Wouldn't that only apply if he had attacked sony.co.uk?

        2. Anonymous Coward
          Anonymous Coward

          Re: This is when

          But surly it's still illegal to sell a service you can't deliver.

          Banks? Insurances? Cosmetic surgery? Wrinkle removal creme?

  6. Scott Pedigo
    Facepalm

    Anonymizing proxy == NSA / FBI honey pot

    How to avoid getting caught: put on Mission Impossible level disguise, travel to a different state, access sites from Internet cafe' not using any on-line resources you ever had any connection with, pay only cash for everything. Too much trouble? If you can't stand the time, don't do the crime.

    1. Anonymous Coward
      Anonymous Coward

      It's probably easier to buy a usb wireless card and jump on someones open wireless then junk the card :P Though, don't do it too close to home cos you know... Dentist, Builder, IT Professional next to a Granny with abused wireless might be slightly suspicious.

      PS. Don't do this, obviously.

      1. Anonymous Coward
        Joke

        also...

        Don't do it from McDonalds.

        1. Anonymous Coward
          Anonymous Coward

          Re: also...

          Yes, because the 'food' will kill you.

  7. Lee Dowling Silver badge

    Wonder how much custom hidemyass loses as a result?

    1. Anonymous Coward
      Anonymous Coward

      As asses are demonstrably not hidden, all of it, I would hope. Charging to provide a service that you know you can't provide is fraud.

      1. JohnG

        Asses are hidden right up to the point where some ass breaks the law and the ass hiders subsequently receive a valid court order. While this ought to be blindingly obvious, I think you will find some mention of this in their Ts and Cs - as will be the case for other similar businesses.

  8. DaeDaLuS_015
    FAIL

    If i was that much of an idiot, i think i'd plead guilty as well.

    I wouldn't have thought it'd hit hidemyass too hard since their competition is largely subject to the same rules i think?

    1. Turtle

      @DaeDaLuS_015

      "If i was that much of an idiot, i think i'd plead guilty as well."

      You know, sometimes it's the idiots that plead innocent. Especially if the prosecution has really strong evidence. A guilty plea is more likely, by quite a bit, to get a lenient sentence from the judge, than is a hopeless defense in the face of overwhelming proof of guilt. In the case of a guilty plea, it seems as if the defendant is showing remorse and taking responsibility for his actions, whereas mounting a hopeless defense looks like the defendant lacks all remorse and is refusing to take responsibility for his actions, and generally still "trying to get away with it"... and so is worthy of a harsher sentence.

      "I wouldn't have thought it'd hit hidemyass too hard since their competition is largely subject to the same rules i think?"

      Quite.

      People need to realize that "HideMyAss" is actually "HideMyAssFromMyParentsAndClassmates" and not "HideMyAssFromTheLaw".

  9. Interested Party
    Thumb Down

    Logs

    Is there actually a requirement for people hosting these proxies to keep logs of the traffic? Seems counter productive for them to do so because of examples exactly like this showing up your service to be a waste of time.

    Maybe all these 'chinese hackers' are actually just people from USA/Europe using proxies located in China to get beyond the reach of the FBI...

    1. Anonymous Coward
      Anonymous Coward

      Re: Logs

      It largely depends on the jurisdiction you are connecting to, in Sweden they don't have to relinquish records on anyone unless their act could carry a two year jail term. It depends on company to company though, there are plenty that don't log all traffic, or hold logs for a short amount of time.

      Though the primary advice would be: Don't be an idiot and hack something.

      1. Anonymous Coward
        Anonymous Coward

        Re: Logs

        the primary advice would be: Don't be an idiot and hack something.

        I've no problem with hacking per se, but hacking to get the personal info of some Sony competition winners? Give me a break, a list of people with so little cash or intelligence that they would give their details to Sony in order to win some piffling item?

        Hacking Sony to transfer 1 beeeelion dollars out to various Cayman Islands bank accounts? Crazy clever. Hacking Sony to steal addresses of layabouts? Crazy stupid.

  10. Irongut

    HideMyAss

    He'll be wishing he can when he ends up in Federal prison.

    lulz

    1. Piro Silver badge

      Re: HideMyAss

      Ah yes, a Federal pound-me-in-the-ass prison.

      1. Anonymous Coward
        Anonymous Coward

        Re: HideMyAss

        Yes, it's funny because he may be raped. I must have missed the anal rape is a joking matter if it happens to a man memo.

        FFS.

        1. Oninoshiko
          Facepalm

          Re: HideMyAss

          You're probably not old enough to have gotten it. It's been a joking matter for quite some time.

          Now if you wanted to open a discussion as to if that is a good thing, that's a completely different matter.

          1. Mr Common Sense
            Facepalm

            Re: HideMyAss

            It's not when feminists got a facebook page over the same sort of jokes but aimed at women, shutdown.

        2. chris lively

          Re: HideMyAss

          It's absolutely open for joking when the idiot use a proxy called hidemyass that is based in a country whose definition of privacy does not extend beyond government protection. It's further open when said idiot steals people's personal information and publishes it.

          Although I was impacted personally; I can only hope that any pounding this idiot receives is on an appropriate level to those he bent over in his quest for personal growth.

          1. Mr Common Sense
            FAIL

            Re: HideMyAss

            and what about the people Sony screwed over?

        3. Anonymous Coward
          Anonymous Coward

          Re: HideMyAss (AC@15:37)

          >Yes, it's funny because he may be raped. I must have missed the anal rape is a joking matter if it happens to >a man memo.

          >

          >FFS.

          That's the problem with comedy, there's always a butt at the receiving end.

        4. Anonymous Coward
          Anonymous Coward

          Re: HideMyAss

          I must have missed the anal rape is a joking matter if it happens to a man memo.

          You must be new here. Don't worry, we'll wear you down. Or out.

  11. Anonymous Coward
    Anonymous Coward

    Lesson learned

    We have all learned a lesson here. Never joke about serious issues. I guess that rules out satire and black comedy, but at least we'll still have My Family.

  12. Anonymous Coward
    Anonymous Coward

    A prison cell awaits

    Too bad they don't hang hackers by their thumbs for a couple months. I'll bet they wouldn't hack ever again.

    1. Anonymous Coward
      Anonymous Coward

      Re: A prison cell awaits

      Theydidthattome.Canyoutell?

  13. Anonymous Coward
    Anonymous Coward

    He'll learn in prison

    Prison should be quite an education for this LulzSec member.

  14. Great Bu

    Transfer of service

    Will he be transferring from HideMyAss to PickUpTheSoap ?

  15. mfritz0
    Happy

    This should seem obvious

    If I was in charge of a major criminal investigation outfit like the FBI, I'd establish companies like "HideMyAss" just to find out who is using it. You really just don't know who's in control sometimes. The moral of the story is obvious, just don't do the crime and then you don't have anything to worry about.

This topic is closed for new posts.