I know it's Fox News, but... LulzSec brought down by own leader. (http://www.foxnews.com/scitech/2012/03/06/hacking-group-lulzsec-swept-up-by-law-enforcement/)
QuoteLaw enforcement agents on two continents swooped in on top members of the infamous computer hacking group LulzSec early this morning, and acting largely on evidence gathered by the organization's brazen leader -- who sources say has been secretly working for the government for months.
ET TU,
BRTUE SABU?
I seem to recall suggesting this months ago.
I can't remember exactly why now, but it was also known that HB Gary had people in Lulzsec too. No doubt there were some genuine people, but targeted arrests allow for native decapitation and takeover by hostile elements, who can then use their privileged positions to wrap up the whole organization - if that is indeed their aim.
I mean, I'm just saying, Lulzsec carried out a bunch of high profile hacks at a time when cyberwafare funding was being discussed in a serious way in the media and certain government agencies. Nothing like a group of sugar-rushed hackers attacking everything in sight to convince people of the need to employ people like, well, HB Gary and Palantir.
Wow. Hal Turner redux.
:argh!:
And once again, Cain sees through the story, and gets to the bigger picture -- it's not about the feds striking lulzsec from the inside, it's about making a big splash to maintain their status and cashflow.
Goddamn humans.
Lets recall, the FBI has been creating fake terrorism plots for years, only to sweep in once they have enough incriminating evidence to put everyone else away.
Almost always, in these cases, the ringleader, the instigator, is the FBI informant.
To be clear: the summer of lulz started before August 15th, when Sabu turned bitch on everyone. This was a catch and release so we can grab your buddies, not an organized plot from day one to ferret out subversive elements, or whatever.
Sure. But does it make any real functional difference? The Red Brigades were a real terrorist organization,, up until the Superclandestini coup within their ranks, and after that they became just another mechanism in the Italian "strategy of tension", a tool of the state to further centre-right, pro-American and corporate interests.
The government had the inside scoop on Lulzsecs activities for months, and yet they still let them round around hacking the shit out of everything. A good question to ask is: why?
Quote from: Cain on March 06, 2012, 05:31:25 PM
Sure. But does it make any real functional difference? The Red Brigades were a real terrorist organization,, up until the Superclandestini coup within their ranks, and after that they became just another mechanism in the Italian "strategy of tension", a tool of the state to further centre-right, pro-American and corporate interests.
The government had the inside scoop on Lulzsecs activities for months, and yet they still let them round around hacking the shit out of everything. A good question to ask is: why?
It makes a difference in how I view the FBI, and the other folks in lulzsec. As to the why, you can't bust everyone else unless they've actually done something you have proof of.
Wait a minute... "my buddies"? Just who do you think you're talking to here?
And never mind annoying little facts like the "A" team of hackers (including possibly HB Gary employees) that infiltrated Lulzsec from the start (December 2010, Gawker hack, "gn0sis" group), that they released detailed information on the members of Lulzsec in June 2011, publically, and sent additional information to various law enforcement authorities, but, apparently, the FBI have been letting them run around for 9 months after the fact, despite having that info to hand and Sabu passing them on information.
Oh, and I've worked with FBI contractors and consultants before, on similar issues. With the kind of information they have to hand, it does not take 9 months for them to start arresting people.
But never mind. Cain's paranoid. Clearly.
Quote from: Cain on March 06, 2012, 06:05:12 PM
But never mind. Cain's paranoid. Clearly.
Paranoia is no longer possible.
Based on that, and Cain's track record, I'm going with his scenario.
ETA: I don't think she meant YOUR buddies. I think she meant the alleged catch and release pigeon's buddies. But I'm of the mind that the entire thing was a setup from the beginning.
Yup. "Cui Bono", and all that.
Quote from: LMNO, PhD (life continues) on March 06, 2012, 06:12:14 PM
Yup. "Cui Bono", and all that.
Well, they can't seem to get anonymous, so why not set up and then "catch" a similar group?
Yup. Dovetails nicely with the whole "major board member of the 'Ground Zero Mosque' was accepting CIA money" thing too.
Manufacture of controversy.
"Your buddies" being directed at the person who was caught (in this case Sabu) and not the reader.
I thought Sabu just did some kind of exclusive interview and basically said Lulzsec was over and done... Achievements achieved. end of story.
hrm...
I also liked the bit in the article where they said one of the guys nabbed was part of "Anonymous". rofl. Had to tie that in there somehow. Lining up the next windmill to fight, I see. I wonder how much funding they got out of all that?
Quote from: Queen Gogira Pennyworth, BSW on March 06, 2012, 05:35:22 PM
Quote from: Cain on March 06, 2012, 05:31:25 PM
Sure. But does it make any real functional difference? The Red Brigades were a real terrorist organization,, up until the Superclandestini coup within their ranks, and after that they became just another mechanism in the Italian "strategy of tension", a tool of the state to further centre-right, pro-American and corporate interests.
The government had the inside scoop on Lulzsecs activities for months, and yet they still let them round around hacking the shit out of everything. A good question to ask is: why?
It makes a difference in how I view the FBI, and the other folks in lulzsec. As to the why, you can't bust everyone else unless they've actually done something you have proof of.
:lulz: :lulz: :lulz:
The problem is, even after Sabu declared "mission over" or whatever, Lulzsec did carry on hacking, most notably, the News of the World's email system, though they were also involved in several other major (and potentially politically sensitive) hacks.
The timeline appears to be this.
Late 2010, Lulzsec form from Anonymous' /i/surgency boards and IRC. It consists of an inner circle, including Sabu, Kayla, Topiary, Pwnsauce, and a rotating number of assosciates and working cells, such as gn0sis.
After the Gawker hack, in December 2010, a group of online hackers opposed to Lulzsec, including almost certainly members of HBGary and an ex-military type called th3j3st3r, infiltrated the group and gathered large amounts of information on them, which they released in June 2011. At the same time, Lulzsec started to feel heat for their FBI hack, and Sabu apparently turned sides.
Very shortly after this, a wave of arrests took place, and many members of Lulzsec were taken into custody. But the arrests died down by September, which is roughly when Lulzsec started hacking again, only this time more quietly.
That is what concerns me, that after an initial wave of arrests, which took out a significant number of people, the FBI stopped, and only left people from the inner circle who had certain privileged skills or resources, (such as Kayla's botnet) in play.
Why? The information leaked, in addition to the wave of arrests, should have almost certainly netted all the major players. The more people you arrest, the more evidence you have, and you can usually get people to offer up information in return for a lighter sentence.
Now, it's well known that various intelligence services will protect hackers in return for getting them information they want or need. Maybe the FBI themselves were not guilty of this, it is more the purview of the CIA, or NSA, to give protection for such things, given prosecutions and thus correct acquiring of evidence are not their top priority.
But it looks to me like the investigation stalled, and then Lulzsec were fortunately left free to carry out hacking attacks on News International servers. Rupert Murdoch. Wall Street Journal. Fox News. London Times. Sure, the phone-hacking news is taking place in the UK, but Corrupt Foreign Practices and all that. It'd sure be nice to have information to blackmail Rupert Murdoch and his organization with, wouldn't it? And that's just assuming News International was the target, not someone else, another hack that maybe we haven't even heard of. Lulzsec were part of the Stratfor hack, for example. Who says they didn't keep a few things back to give the boys at Langley something to chew on?
And maybe Lulzsec went along with it for a bit, but then their members started to question why these particular targets? Why not x? People start getting suspicious, then obstinate. Lulzsec isn't looking so useful anymore, the sudden barriers to investigation are lifted and the arrests start again.
Maybe there is an alternate explanation for why the investigation stalled. But that it did stall, when it should have picked up pace, and that Lulzsec did carry on hacking, despite many members bailing because of the FBI hacks, both strike me as....odd. Almost as odd as the corporate/ex-military infiltration of the group early on, at a time when there is big money to be made in protecting corporate and national security clients from cyber-attacks. It would not be unfair to say that if the 2000s saw a counter-terrorism spending boom, then the 2010s saw a counter-cyberwarfare spending one. At the very least there is the question of moral hazard in the actions of said infiltrators.
Another aspect that is not clear is when the infiltrators dropped dox and when Sabu turned sides. Which happened first? Exactly how much contact was there between the A-team and their friends in government? Were they aware of aspects of the investigation? Did they know Sabu had turned?
Questions like these are uncomfortable, but should be asked. Given the extremely unethical conduct of intelligence and policing agencies in creating false flag operations, fake terrorist plots, hiring criminal groups and similar over the past decade in particular, the anomalies present in the investigation and timeline of events for Lulzsec should be considered carefully.
I'm not the only one to think Lulzsec was, at least in part being manipulated by a government organization or two. I remember back in the day, I discussed the possibility with more than a few internet security experts, who concurred, though for different reasons than mine.
Incidentally, I wouldn't want to be Sabu right now. His name has been splashed on papers all over the world, and Anonymous have declared him a traitor
Sorry I couldn't explain my reasoning fully yesterday and had to post the Cliff Notes version, but I was kinda rushed off my feet. The above is an expanded version of the thought process that I was thinking about yesterday, and sometimes I have trouble in elaborating my thoughts quickly.
But now can you see why I might have suspicions?
Loose Lips Sink LULZsec
Whats with these young whippersnapper 'hackers' today? Back in my day, you didn't know shit about your buddy except for his handle... and you wanted to keep it that way! We used to hack from 14.4 modems and we were HAPPY to have them! We had to duct tape bulk erasers to our hard drives and wire a trip switch to fry them if the feds knocked on the door. These kids today....
*grumble grumble unappreciative little snots grumble grumble*
:lulz:
Much appreciated, Cain.
The funny thing is Anon is playing coy, eveyone was expecting out and out rage. But to maintain an image of an unbeatable faceless beast the official stance has to be "Sabu was our wayword son, and he never would have gotten caught if he hadn't made himself out to be a leader", and that the arrests mean nothing to them.
I believe they said something to the tune of "Lulzsec is an organisation, but Anonymous is a movement", too, which was a fairly subtle response. I concur that they dealt with it quite well, considering.
Chapter 30
If you're going to do some Covert Ops in the name of Discordia,
keep your head down, and Keep Your Fucking Mouth Shut.
A mowhawk is as good as a target during Police Action.
The wise spags toss a wrench into the Machine™,
and then walk away.
They strike against Authority, but don't put it on the Internet.
They subvert the paradigm, but don't stick around to watch.
They mindfuck the people, but don't pat themselves on the back.
If two people know a thing, it is not a secret.
Getting away with it means staying away from it.
Or it means being the police.
Cain,
recently been reading Art of the Coup d'Etat, which is a remarkable text on the workings of the modern state, incidentally.
Damn. There goes another book up on my "to do" list.
One word: Provocateurs. I honestly don't know why this concept is so far-fetched. Our government has already suspended the holiest of "A Free People" tenets and laws. Why should little things like "entrapment" and "conspiracy against its own people" make anyone cough?
Seems like a brilliant strategy to skim the boldest, brightest, cleverest and most outraged (and therefore, motivated) portion of your "problem" right off the top before the soup's even done cooking. Gather all ye battleships 'round the same port and then BLAMMO!
The only difference between this and Pearl Harbour is that the Japanese could only pull off a stunt like that once.
The FBI
were somehow involved in the Stratfor hack
http://www.guardian.co.uk/technology/2012/mar/06/lulzsec-sabu-working-for-us-fbi
QuoteIn a US court document, the FBI's informant – there described as CW – "acting under the direction of the FBI" helped facilitate the publication of what was thought to be an embarrassing leak of conference call between the FBI and the UK's Serious and Organised Crime Agency in February.
Officers from both sides of the Atlantic were heard discussing the progress of various hacking investigations in the call.
A second document shows that Monsegur – styled this time as CW-1 – provided an FBI-owned computer to facilitate the release of 5m emails taken from US security consultancy Stratfor and which are now being published by WikiLeaks. That suggests the FBI may have had an inside track on discussions between Julian Assange of WikiLeaks, and Anonymous, another hacking group, about the leaking of thousands of confidential emails and documents.
They want to
Use,
Destroy,
Learn from,
These groups? I can't pick the likely motivation.
They want to trap Julian Assange into knowingly accepting stolen material and/or helping to plan the theft.
Could be conspiracy... could just be that old Machine humming along as usual.
Quote from: Bebek Sincap Ratatosk on March 08, 2012, 02:07:34 PM
Could be conspiracy... could just be that old Machine humming along as usual.
Could be the intelligence agencies are coopting the idea of anonymous. I wonder who that would be aimed at?
Quote from: Queen Gogira Pennyworth, BSW on March 08, 2012, 01:42:57 PM
They want to trap Julian Assange into knowingly accepting stolen material and/or helping to plan the theft.
Why, trapping Assange is not an end goal either.
And Cain thanks for that elaborate explanation, very interesting! And I must admit I'm disappointed that LulzSec seems to have been infiltrated from so early on.
I didn't realize LulzSec was behind the Stratfor leaks, though. I thought it was just "anonymous".
Also what are your thoughts on th3j3st3r? I can't stand the guy, personally. He's still active, too, mainly taking down ("tango down") muslim extremist sites and stuff like that, but the way he relentlessly went after LulzSec and spoke out against Wikileaks, it's like he wants to paint himself as some weird type of "US patriot hacker" or something. But then why the whole charade. Why the l33tsp34k and the "jester" image, I can't quite put my finger on it, but there's a lot of conflicting signals coming from him. Or maybe it's just that I can't fathom how an activist hacker would speak against LulzSec and Wikileaks after they just exposed the corruption that they did. Though obviously he's not just an "activist hacker", but rather part of this whole operation, in some way, but it's still a very paradoxical character. A bit like how HB Gary was a business man on the one hand, but some of his behaviour was very childish. On the one hand th3j3st3r appears to be an activist hacker with an evil grinning joker image as an avatar, on the other hand he's an ex-military guy with a patriotic bend towards the part of the USA that is rotten to the core, meaning he MUST be paid because I can't see how you can have all this knowledge and talent (which he does--unless it's a team of people) and not at least somewhat realize how rigged the game is, how his "patriotism" is not benefitting 99% of his countrymen, at all. But people are willing to overlook that as long as you give them a fat paycheck.
Assange seems canny enough to know he can't get caught planning hacks and leaks, he can only receive them once he gets them. After that, his journalistic credentials protect him, and he's protecting a whistleblower.
Of course, the US does have a nasty habit of both underestimating and massively overestimating their enemies, ie; "Bin Laden is weak and cowardly...but also might blow up the world!" There's a propaganda element to this, but I've seen it occur enough in different domains to suspect its a general operating assumption of US intelligence and policing (and military) agencies.
I can't say I honestly know that much about th3j3st3r, except the speculation I've seen on the web. Strikes me as another basement dwelling war-tard, only with some actual skills in the field of hacking. I'd be surprised to find out he was actually ex-military, but he probably tried to get in, or works/worked in some other field with a uniform and a patina of authority, and hacks in his spare time. He might be a consultant of some kind, for some national security state operation or corporation or another...but the whole badass hacktivist uber-patriotic soldier web-ninja persona strikes me as, well, childish, even by the standards of HB Gary and so on, and so I would tend to class him as a loner with a grandiose view of himself.
Assange should be smart enough for that, but he also should have been smart enough to avoid giving any government any trivial scrap of misconduct to use against him legally, and we all know how that one worked out.
As for him being an "end goal," you have to remember that the government still looks at the world in terms of hierarchy and leadership, so people like Sabu and Assange get all kinds of status in their minds as "end bosses" that they really don't deserve. We've already seen that the US government is willing to blow a whole lot of resources on trying to get him, and the way they've dealt with Manning indicates that they care a lot more about the military leaks than they want anyone to think. So, yeah, I could see them sacrificing a corporate ally in an attempt to nail him for good, especially if it turns out Stratfor or someone on its board recently fell from grace within government circles for some reason.
Quote from: Queen Gogira Pennyworth, BSW on March 08, 2012, 10:29:23 PM
As for him being an "end goal," you have to remember that the government still looks at the world in terms of hierarchy and leadership, so people like Sabu and Assange get all kinds of status in their minds as "end bosses" that they really don't deserve. .
Yeah, The War Nerd did a good piece once on the fallacy of "Mr Big".
Quote from: Cain on March 08, 2012, 10:17:17 PMI can't say I honestly know that much about th3j3st3r, except the speculation I've seen on the web. Strikes me as another basement dwelling war-tard, only with some actual skills in the field of hacking. I'd be surprised to find out he was actually ex-military, but he probably tried to get in, or works/worked in some other field with a uniform and a patina of authority, and hacks in his spare time. He might be a consultant of some kind, for some national security state operation or corporation or another...but the whole badass hacktivist uber-patriotic soldier web-ninja persona strikes me as, well, childish, even by the standards of HB Gary and so on, and so I would tend to class him as a loner with a grandiose view of himself.
there's also the part that nobody has any dox on him, no info, except the bits he decided to release/leak himself (about being ex military, mainly). Of course it's perfectly possible to stay anonymous, especially if you're not up against the FBI but just a bunch of LulzSec hackers. But I find it strange, because just about any Anonymous fanboy with some seeking/social-engineering/stalking skills must have thought about trying to unmask th3j3st3r because he was TROLLING them badly, being arrogant, pompous, inflammatory, laughing in their faces. I'm certain that many, many people must have tried from all sorts of angles but really nothing came out.
While I know LulzSec has been stupid when it came to protecting their identity, yet if th3j3st3r is such a grandiose and arrogant warnerd basement dweller, he
never slipped up, never said a word too much, not boasting about his accomplishments in ways that would give himself up, even the reports with chatlogs etc about how he tracked certain LulzSec members, I got the impression from watching Twitter discussions he had related to those reports that even the seemingly careless remarks thrown in were
calculated either to send misinformation to LulzSec people trying to read between the lines, or to troll LulzSec into giving away even more.
Almost everything we said about LulzSec how they did not seem to know shit about OpSec--th3j3st3r seemed to
really know his shit in that department.
Maybe it's that bit that made me wonder sometimes if maybe it was just a team of people. Hired cyberdefense or whatever. Because a team of people is less likely to brag, if they're smart and keep themselves distanced and just focused on the task at hand, without having to worry about prestige (because they're getting paid) or being arrested (because they're working for the gov).
That's super interesting, Trip. Almost like a take from the surrealist collectives that produced art under one "pen name".
It's just a consideration, though. But I'd assume they could be doing just that. See if you're an IRL secret agent infiltrator you can't share the job with another person because, you know, people would be able to tell :) But if you're operating exclusively online, all you need to make sure is that your writing styles are similar enough (or just have one person in the team do the writing). And once you got that covered, I see only advantages to doing it as a team because you got more mindpower, manpower and can keep eachother in check.
This is just speculation though, a thought I had. Cain could be just as right in that it's simply a basement dwelling military wannabe wartard.
I've noticed a lot more vitrol from some in the data security community about anon recently. Particularly the ex-military data security people who are painting them as an Evil that wants to destroy America. I wouldn't be surprised if someone in that position started playing a th3j3st3r-like role. Those guys tend to be closely connected to the FBI etc via Infragard and know security and hacking as well as anyone. Since they're being payed by major corps as consultants or internal IT security, some of them might have a business reason for trying to topple such a group.
I've seen more than a few complimentary comments aimed at th3j3st3r... and giddy cheering at the Sabu and Lulzsec news.
Quote from: Cain on March 08, 2012, 10:17:17 PM
Of course, the US does have a nasty habit of both underestimating and massively overestimating their enemies, ie; "Bin Laden is weak and cowardly...but also might blow up the world!" There's a propaganda element to this, but I've seen it occur enough in different domains to suspect its a general operating assumption of US intelligence and policing (and military) agencies.
Cain, I love how you drop these little bits of gold almost offhandedly. I had noticed something like this, but I could never put my finger on it. Thanks!
I'm with triple zip on this one, but I'll go one further. I recall a teaser I read a few years back about how the military considers the internet a free-fire zone. I wouldn't be surprised if th3j3st3r turned out to be a PR front for such a group. From what I've seen of the intel crowd they probably have a good idea who those people really are and they're jealous that they don't have free-fire privileges as well. Hence all the doomspeech about anon.
I'm also reminded of the "terrorist" craze of the early to mid nineties back when all the feds on the counter-intel desks were scrambling to keep their jobs. Lots of smoke and mirrors and plenty of fuck ups. In the end it always turns out that the best "bad guys" were government puppets all along.
It is also plausible that they are a group of some kind, with some kind of funding or official sanction.
The fact is, we know basically nothing about th3j3st3r, except what he/she/they reveal about themselves. Which means, they could be anyone, from any kind of background.
It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.
Quote from: Doktor Howl on March 09, 2012, 06:17:29 PM
It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.
If anon can remain anonymous, I agree...
I was once a lackey (toady?) for the Legion of Doom. They got a little too loose lipped among themselves and when Fry Guy got caught, they all went down. Fortunately, no one cared about the wannabes :)
Quote from: Bebek Sincap Ratatosk on March 09, 2012, 06:28:36 PM
Quote from: Doktor Howl on March 09, 2012, 06:17:29 PM
It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.
If anon can remain anonymous, I agree...
I was once a lackey (toady?) for the Legion of Doom. They got a little too loose lipped among themselves and when Fry Guy got caught, they all went down. Fortunately, no one cared about the wannabes :)
AFAIK, the members of anonymous don't know who each other are.
Quote from: Doktor Howl on March 09, 2012, 06:29:36 PM
Quote from: Bebek Sincap Ratatosk on March 09, 2012, 06:28:36 PM
Quote from: Doktor Howl on March 09, 2012, 06:17:29 PM
It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.
If anon can remain anonymous, I agree...
I was once a lackey (toady?) for the Legion of Doom. They got a little too loose lipped among themselves and when Fry Guy got caught, they all went down. Fortunately, no one cared about the wannabes :)
AFAIK, the members of anonymous don't know who each other are.
I think that's the aim, the question is implementation and how strictly everyone follows that rule.
Quote from: Bebek Sincap Ratatosk on March 09, 2012, 06:36:07 PM
Quote from: Doktor Howl on March 09, 2012, 06:29:36 PM
Quote from: Bebek Sincap Ratatosk on March 09, 2012, 06:28:36 PM
Quote from: Doktor Howl on March 09, 2012, 06:17:29 PM
It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.
If anon can remain anonymous, I agree...
I was once a lackey (toady?) for the Legion of Doom. They got a little too loose lipped among themselves and when Fry Guy got caught, they all went down. Fortunately, no one cared about the wannabes :)
AFAIK, the members of anonymous don't know who each other are.
I think that's the aim, the question is implementation and how strictly everyone follows that rule.
Even if a few of them meet up, there's supposedly what, 20,000 of them? And all anyone's been able to snag is a couple of teenage wannabes in Europe? At worst, they lose a half dozen people.
They also have branches in places like Brazil, South Africa and Russia, where the computer laws are...somewhat different, and hacking is often overlooked, if it is embarrassing the American government at least.
Quote from: Doktor Howl on March 09, 2012, 06:37:30 PM
Quote from: Bebek Sincap Ratatosk on March 09, 2012, 06:36:07 PM
Quote from: Doktor Howl on March 09, 2012, 06:29:36 PM
Quote from: Bebek Sincap Ratatosk on March 09, 2012, 06:28:36 PM
Quote from: Doktor Howl on March 09, 2012, 06:17:29 PM
It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.
If anon can remain anonymous, I agree...
I was once a lackey (toady?) for the Legion of Doom. They got a little too loose lipped among themselves and when Fry Guy got caught, they all went down. Fortunately, no one cared about the wannabes :)
AFAIK, the members of anonymous don't know who each other are.
I think that's the aim, the question is implementation and how strictly everyone follows that rule.
Even if a few of them meet up, there's supposedly what, 20,000 of them? And all anyone's been able to snag is a couple of teenage wannabes in Europe? At worst, they lose a half dozen people.
Depends on what data you look at. Some of the infosec reports I've seen say that there are thousands of lackeys and a much lower number of actual skilled members. Those skilled members are the ones that really need to keep their lips zipped.
Quote from: Cain on March 09, 2012, 06:38:50 PM
They also have branches in places like Brazil, South Africa and Russia, where the computer laws are...somewhat different, and hacking is often overlooked, if it is embarrassing the American government at least.
Very true.
Quote from: Cain on March 09, 2012, 06:38:50 PM
They also have branches in places like Brazil, South Africa and Russia, where the computer laws are...somewhat different, and hacking is often overlooked, if it is embarrassing the American government at least.
Yeah, and the best thing is, nobody really knows how many of them there are. It's a seemingly perfect organization that would make old Niccolo happy in his pants.
Quote from: Bebek Sincap Ratatosk on March 09, 2012, 06:42:15 PM
Depends on what data you look at. Some of the infosec reports I've seen say that there are thousands of lackeys and a much lower number of actual skilled members. Those skilled members are the ones that really need to keep their lips zipped.
That's the beauty of it. I've seen numbers from 100 to 20,000...Which leads me to believe that nobody really has a fucking clue. That probably includes anon itself.
Yeah, its really the first 'Stand Alone Complex'. Yay for cyberpunk predictive powers! ;-)
Just got this from HackerNews:
http://www.scribd.com/doc/84156085/Lulzseclegalled
The title of the link was "LulzSec indictment published - they got him by his TOR usage (scribd.com)"
But I dunno what it refers to cause the paper is 71 pages.
Here's the discussion:
http://news.ycombinator.com/item?id=3685647
You People are hilarious.
Quote from: Doktor Howl on March 09, 2012, 06:43:52 PM
Quote from: Bebek Sincap Ratatosk on March 09, 2012, 06:42:15 PM
Depends on what data you look at. Some of the infosec reports I've seen say that there are thousands of lackeys and a much lower number of actual skilled members. Those skilled members are the ones that really need to keep their lips zipped.
That's the beauty of it. I've seen numbers from 100 to 20,000...Which leads me to believe that nobody really has a fucking clue. That probably includes anon itself.
With it coming up so frequently, I think everyone tries to quantify anon, totally forgetting that prety much every monkey with a computer is Anon.
It seems to work as a very simple label that disquiets many people on some level. Considering every person is Anon to practically everyone else in the world, it almost evokes a primate urge. Look ye mighty at my genes and desire them. Remember MY deeds and weep. How you declare victory against those you can't bomb?
Quote from: Triple Zero on March 09, 2012, 08:27:17 PM
Just got this from HackerNews:
http://www.scribd.com/doc/84156085/Lulzseclegalled
The title of the link was "LulzSec indictment published - they got him by his TOR usage (scribd.com)"
But I dunno what it refers to cause the paper is 71 pages.
Here's the discussion:
http://news.ycombinator.com/item?id=3685647
That's strange - I thought Lulzsec banned usage of Tor, both for communicating and for general online fuckery and hacking.
Admittedly, I think I've only seen the mention of a ban policy in one place, but it would be a fairly solid assumption...that analysing Tor nodes could lead to being identified has been known for a while now.
Still haven't had time to read more about the Tor thing, btw. AFAIK, didn't Anon only say that it's no use using the LOIC via Tor to DDoS? (because you'd be DDoSing the Tor network more than the target).
Anyway came across this article which seems to have some more info on the flipping of Sabu:
http://www.newstatesman.com/blogs/the-staggers/2012/03/sabu-fbi-hackers-informant
Quote from: Cain on March 08, 2012, 01:08:14 PM
The FBI were somehow involved in the Stratfor hack
http://www.guardian.co.uk/technology/2012/mar/06/lulzsec-sabu-working-for-us-fbi
QuoteIn a US court document, the FBI's informant – there described as CW – "acting under the direction of the FBI" helped facilitate the publication of what was thought to be an embarrassing leak of conference call between the FBI and the UK's Serious and Organised Crime Agency in February.
Officers from both sides of the Atlantic were heard discussing the progress of various hacking investigations in the call.
A second document shows that Monsegur – styled this time as CW-1 – provided an FBI-owned computer to facilitate the release of 5m emails taken from US security consultancy Stratfor and which are now being published by WikiLeaks. That suggests the FBI may have had an inside track on discussions between Julian Assange of WikiLeaks, and Anonymous, another hacking group, about the leaking of thousands of confidential emails and documents.
This comment, from the HN thread about the NewStatesman article linked above (http://news.ycombinator.com/item?id=3698114) seems quite interesting, relating to the FBI's involvement with the Stratfor hack. Though on the one hand I don't know what this guy's sources are (conversation logs with indictment) or what the "second document" TheGuardian mentions exactly states. Considering it's "logs with indictment" they might even be referring to the same document but drawing different conclusions? Anyway:
Quotehttp://news.ycombinator.com/item?id=3699156
(...)
Also, who has ever seen evidence that sabu - and by extension the FBI - has ever actually 'hacked' after being turned? To the contrary, the only logs I have ever seen (within indictment), indicate (as far as I can remember) that it was anarchos who did the actual hacking of StratFor. According to the conversatiom logs between sabu and anarchos I have read it seems as if anarchos kept other members of Anon/antisec mostly in the dark as to the details of the operation. On currently publicly available information, anarchos seeme to have done the actual 'hacking' on his own and only needed help (ftp'ing data sets for backup) afterwards. Also note that the FBI server was not the only server the data was transferred to. But providing a server to save evidence and to generally support (but not incite) a crime fits much better with the legal framework for agent provocateurs.
Also, one has to remember the general model of how anon operates - it, if by chance, resembles a need-to-know basis similar to military or intelligence operations. Do not assume their 'leader' knew exactly what any one 'member' (of what? Anon is by defintion not a specifiable group, even sub-groups are constantly changing) was specifically up to at any moment.
It's also not very insightful to blindly trust the FBI assertion that sabu was caught because he logged onto IRC just once (!) without a proxy. Given that he was always operating with proxies, bouncers and under TOR, and also given that he was publicly 'doxed' wrongly beforehand (but also correctly (!) before being visited by the FBI), why would a single unprotected login lead the FBI to actually following up on the IP and paying the 'IP address a visit', so to speak. It's possible, sure, but is it probable? For me, another possibility is more probable: sabu was a bit too forthcoming with personal, identifiable information when on IRC and chatting with people he assumed to know. Is it only a nice coincidence that laurelai, another member of anon, was visited by the FBI in the months before sabu was turned? Laurelai has admitted to the visit and even to talking to the FBI for hours, but has maintained to not habe snitched. Believable? I don't know - but it's at least more probable as to why they got to sabu. It's also standard operating procedure for the FBI to rely on several informants to get to the big guys. They very often go forthe - more reliable - human intel instead of 'internet logs'.
I wondered about the unprotected IP thing they used to catch him, as well. Some news articles make it almost sound like the FBI appeared on his doorstep within the hour, even. They must have at least
some other info to be certain enough about that bust. If Sabu was using proxies most of the time, some of these proxy's IPs could have easily been some hacked home computer in a US residential area owned by some poor schmuck that is not good with computer. And if he slipped once, how did the FBI know that, unlike all those other proxy IPs,
this one was real? Well, unless Sabu only used foreign proxies when not using Tor (and they knew when it was Tor).
Another insightful comment:
Quotehttp://news.ycombinator.com/item?id=3699209
One other thing: It can be read on several pastebins that once anon/antisec had secured access to the StratFor data, sabu unsuccessfully tried to get Wikileaks to pay for the data. Which didn't happen of course. The incident also made him seem highly suspect to other members of anon/antisec as that clearly violated their M.O. Which to me, all seems as if the FBI accidentally stumbled unto a chance to try to stick severe charges against Wikileaks (which they have been trying to prosecute for willfully cooperating with the enemy all along) and blowing it. Still, they will have gained interesting insights into how submissions to WL work now and perhaps, to everyone's surprise, they succeeded in getting to Assange somehow.
Well except maybe for that last sentence because I would assume the FBI most probably already had "insights into how submissions to WL work" :)
Anonymous' new timeline of FBI infiltration suggests Antisec may have been an FBI creation
http://www.deathandtaxesmag.com/180311/anonymous-new-timeline-of-fbi-infiltration-suggests-antisec-may-have-been-an-fbi-creation/
https://www.scribd.com/doc/85351496/Timeline-of-ANTISEC-as-Created-and-Operated-Under-FBI-Supervision
I suspected as much, but the timeline is useful additional info, certainly.