...I wonder if he is cute.
Th Met's e-Crime unit has arrested a 19-year old alleged hacker in Essex on suspicion of involvement with network attacks and denial of service attacks. The statement in full: Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation. The …
...I wonder if he is cute.
He's gonna be crying for his mum just about now.
when you or someone you care about is arrested, you will not object to the Trial by Media and automatic assumption of guilt that follows it, because with that post you just abrogated your right to a fair trial.
Did he fail to cover his tracks? If yes, I lol at his security.
...about a month ago, shortly before LulzSec appeared, there was a spat between "Anonymous" factions which was reported here and other places, with contact details for various people leaked by opposing factions. One of those whose details leaked was from Wickford which isn't exactly big.
At a guess, he's been being monitored for a few weeks now.
You mean this chap?
I didn't remember the name just the town which is on my route to work. Given the size of the place I think it's unlikely it's anyone else.
There's doing something 'for teh lulz' and there's being a deliberately abusive and criminal organisation. Lulzsec, despite the name, crossed the line.
*prepares for massive downvotes by the 'l33t15t5'*
You also have just forfeited your right to a fair trial for the same reason.
...that never happened.
It may be him, the twitter account is pretty quiet at the moment.
If I were a supposed mastermind hacker, even just doing it for the "lulz", I'd have a dead man's switch on my Twitter account which is timed to tweet some stuff mocking the authorities for their arrest of the wrong guy if I didn't make one of my scheduled check-ins.
Black helicopter because I'm sure it's all a complicated conspiracy, really ;-)
He could be assured a 2 year term for not being able to give up the passwords for that suspiciously large chunk of seemingly random data...
...if he's as savvy as his Twitter account claims, surely he's using Truecrypt or something similar with a hidden partition for plausible deniability.
If not, well, it's a little hypocritical.
Even using a hidden partition, other programs leave evidence that truecrypt is there, you have to be really careful and know exactly how every single program you use works.
I assumed the arrest was that guy Ryan Cleary who was associated with Anonymous rather than Lulzsec (though I suppose he could be both). Why is everyone automatically assuming it's someone from LulzSec? Am I missing something?
Lots of suggestions on twitter that the arrested guy was just running their IRC channel, and wasn't a member of the actual group.
"Well they would say that wouldn't they"
(c) M. Rice-Davis
I iz in ur bedrume arresting ur arse.
Sick of these twats. Hopefully the next story will be:
"19 year old hacker accidentally trips on way to police cells and dies from head injuries.".
Too much? Maybe, but I'm getting totally pissed off with the amount of times *I* am a victim of these hacks. How the fuck does stealing joe publics data 'stick it to the man'? It ain't the corporations that are hurting. And we all know that whatever sentence the UK hand down will won't be enough after we've wasted shedloads of money on a court case and his future board and lodgings.
Failing his unfortunate demise in custody, hopefully our 'special relationship' will see us extradite him to the US for some real justice. I reckon a day in jail for every person's data they've stolen should do for a start; if the census story is true, that's about 65,000,000 days in jail for starters.
Clearly he's not going to be any kind of mastermind behind the group; he'll just be an expendable fall guy they use to carry out attacks, but hopefully he's dumb enough to have left a trail back to the rest of the group. These fuckers need taking down.
I see you're a big fan of the RIAA/MPAA school of justice.
Seriously, you're wishing death on someone who might have exposed a list of email addresses and passwords? Someone who might have helped impair access to a few websites for a few hours? Get a grip.
Yup, because stealing an mp3 is exactly the same as permanently exposing millions of innocent people to the risk of ID theft.
I couldn't give a fuck about bringing websites down. I couldn't give a fuck how much money corporations lose as a result, if they're bringing it on themselves with shit security.
But that's not what they're doing. They're putting people like me and you at risk (ok, not you. I'll save you the job of having to come back and smugly regale us with how you're smart enough to never ever put your real data online (...yourself, anyway. Because your data is on all sorts of websites you don't have control over, of course)).
And it isn't a 'few email addresses and passwords'. Once you've got the names, addresses, telephone numbers, date of birth, assorted profile data and possibly credit card details from a few databases that you can cross reference to get a list of confirmable, real data on people, you have enough to apply for legitimate documentation in their name, that could in turn potentially let you open a bank account or do any number of other fun things with their ID.
And if the census thing turns out to be true, then they've got MUCH more personally sensitive data, which may now include details of your kids etc.
Sure, THEY may never use it for nefarious purposes themselves, but if they carry out their threat to release it, it's accessible by all sorts of people that would.
But, yaknow. Meh. It's for the lulz, right?
Don't be an apologist for these scum.
If the census hack has happened... and this guy was involved... both pretty big IFs right now - it's not anything as insignificant as a list of email addresses and passwords. And everybody in the UK who appeared on a census form is affected.
Causing damage 'because you can' isn't sticking it to the man, it is abstract anarchy. If you don't like your political masters then use the system against them - vote them out, stand against them, call them to account for their actions. Hacking systems and then just distributing sensitive personal data is a pointless waste of effort which costs others time and money to mop up after, with a net change of zero...
...and may you be remitted to a third world country with a poor human rights after being accused of terrorist offenses.
Now, get a sense of proportion, will you?
Why so mad?
I'd be far more annoyed at the people holding confidential data being so comically bad at looking after it.
Also give up on the "If you don't like your political masters then use the system against them - vote them out, stand against them, call them to account for their actions." It's bollocks, you have two realistic choices (with an outside third - a coalition of one of the two plus the third) , they're all controlled by the red tops and, with every passing year, ageing technically illiterate anti youth xenophobes become an ever larger part of the voters.
which I erased with a couple of passes of random data. If a cop asked for the "decryption key", does that mean they could just arrest a hell of a lot of legit techies and other people decommissioning IT equipment in a security-conscious manner- effectively for *not* possessing any terror manuals/CP/whatever (because if guilty, one could fess up and show them the stuff)?
Though it hasn't been abused widely yet. The likely hood of a conviction depends on your presumed guilt, the circumstances surrounding how you got to that stage and how belligerent you are and/or the investigating officers are.
A handful of people have already gone to gaol for not disclosing passwords, from what I remember the circumstances were pretty damning.
Either way, it is a worrying piece of legislation.
As the Feds were involved they will want him on their side of the pond where he can expect to spend the rest of his life in the care of the US Penal System.
Might be interesting to see how quickly guilty pleas can be made to the UK Authorities rather than risk fast-path extradition to the US, since there's no doubt such an extradition would be unopposed.
2 years in a UK open prison or life in a US Federal "facility", some choice!
is that he just ran the IRC channel, nothing more. Of course the word on the street could be wrong...
Lulzsec are tweeting again. None of them have been arrested. It seems it was indeed the IRC guy (who apparently did take part in DDoS attacks, but not with lulzsec).
The lulz this time are on all the media sites reporting that the 'mastermind' of lulzsec had been caught (not what the police had said at all, but lots of them had that headline!)
Doesn't mean the guy's not associated with Lulzsec, just that someone with access to the lulzsec Twitter account hasn't been arrested. And seriously, lulzsec is a criminal organisation. I'm really not going to take their Twitter feed announcements at face-value.
They'll only admit it was attacked when they find the culprit (and can prove who it was). Until then they will continue to deny all knowledge.
Meanwhile, the government will go ahead with its plans to enforce prompt disclosure when businesses lose data ... having taken some time to ensure that government arms are excluded from the rules.
Perhaps an early guilty plea to the UK Authorities might be advisable.
Two years in UK Open Prison might be better than an US-bound extradition, fast-pathed and decades in an FBI Correctional Facility - bit of a no brainer.
Take him down!
Since when has being accused of something, meant you are guilty? Yes the guy was arrested. Let him get convicted first before the celebrations. I hope the cops knock on one of your doors so I can join the witch hunt for your hanging.
> Since when has being accused of something, meant you are guilty?
Arrested and imprisoned, personal details leaked along with accusations to hungry press, Google search results poisoned permanently, and employers refuse to hire you even if the case is still pending. "Innocent until proven guilty" is a lie... welcome to America.
Come on, y'r honour, sentence for the lulz.
<Sits back and awaits extradition request>
"Lots of suggestions on twitter that the arrested guy was just running their IRC channel, and wasn't a member of the actual group."
Isn't that like saying someone wasnt one of the bank robbers, he just drove their getaway car?
Besides, obviously tey are not going to admit it on twatter if he reall is one of theirs. It's like signing a confession.
I for one am sick of these idiots. It's not a game and it's about time this was brought home to them.
It's more like he ran the bar they planned it in, and I hate to tell you, but it is a game. (That being a reference to game theory.) If people taking care of data had been better at protecting their data and have better policies when reacting and the law was serious about companies and governments losing personal data maybe the game would be weighted more in favour of the authorities.
Just imagine how much has been stolen by people who are doing it for real profit and nobody knows about it, maybe not even the companies that have been breached. These attacks by a bunch of disgruntled channers should act to focus your mind on the real threat.
What came first... Report on Census Hack.. .or... Arrest of Alleged Lulz?
It could have been a Baldric plan to make the account go Hot with pre determined strings being monitored... failing that, they could stick him with it any way.. and he'd have to prove he didn't do it by opening up his data... maybe.
"Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation."
The MET police and intelligence? Surely there is some mistake there
~~Hopefully the next story will be: "19 year old hacker accidentally trips on way to police cells and dies from head injuries.".~~
You are a knob.
That is all.
Yes, they are acting against the law and should be located and punished.
Yes, their releasing data may be putting people at risk of identify theft.
If LulzSec can gain access to such data, then there's nothing to suggest that other suitably savvy criminals would be unable to do likewise, and would then exploit such data themselves.
Additionally, the sources of the data may well be unaware of the breach, and even if they were, the would probably refuse to acknowledge it, unless forced to do so.
I'd therefore question whether LulzSec's actions were really creating a substantial increase in the amount of sensitive data in the hands of those wishing to exploit it, but were instead forcing institutions to take data security far more seriously. Surely this is something to be welcomed.
This was "Intelligence-led."
That bodes ill.
What is the greater concern, which almost seems to have been overlooked, is the vulnerability of the sites which have allegedly have been hacked.
Do you leave your doors unlocked and then complain that you have been burgled?
fscked by SHA-1 collision? Not so fast, says Linus Torvalds