Archive

Posts Tagged ‘Anonymous’

The FBI’s war on Anonymous

May 1, 2014 2 comments

FBI logoThe FBI announced yesterday “additional attempted computer hacking charges and 18 counts of cyberstalking” for Fidel Salinas. That now brings the total charges to 44 – each of which carries a maximum of 10 years in prison. This alleged hacker is now facing 440 years in prison.

According to the allegations, between December 23-29, 2011, Salinas had the intent to harass and intimidate a female victim. Allegedly, he repeatedly e-mailed her, attempted to gain unauthorized access to her website, made submissions through a contact form on that site, and tried to open user accounts without her consent.
Alleged ‘Anonymous’ Computer Hacker Charged with 18 Counts of Cyberstalking

440 years? Really?

anonymous logoThe clue, perhaps, lies in the title of the announcement: “alleged ‘Anonymous’ hacker…”.

It is not illegal to be a member of Anonymous – so why describe him that way? Why not simply say, “Fidel Salinas Charged with 18 Counts of Cyberstalking”?

The FBI announcement goes on to say,

Salinas allegedly participated in an online chat room for the Operation Anti-Security faction of Anonymous and attempted to enter the IRC Operations server for Anonymous. According to the charges, after his alleged attempt to hack his way into the Hidalgo County web server, he posted a profanity-laced rant on his Facebook page that ended with a quote used by Anonymous members: “We do not forgive, we do not forget, divide by zero we fall, expect us.”

Again, I’m not sure what is illegal here, apart from the attempted (alleged) hack “into the Hidalgo County web server”. It is possible that he posted something illegal in the ‘profanity-laced rant’ (if, for example, it falls foul of ‘hate’ laws); but profanity itself and the freedom to say ‘We do not forgive, we do not forget, divide by zero we fall, expect us’ is, I believe, protected by the US constitution and therefore perfectly legal.

Well that's another few zeros on the budget...

Well that’s another few zeros on the budget…

So why bring it up?

There can be only one reason. The FBI is continuing with its nuclear option against hackers in general and Anonymous in particular. This is a terror campaign designed to terrify existing and potential hackers, and turn public opinion against Anonymous.

Now don’t get me wrong. I do not condone hacking in any way whatsoever – except of course when conducted by the FBI, NSA and/or GCHQ in pursuit of our national interests; in which case it is perfectly legal, laudable and a Good Thing. Obviously.

Categories: All, Politics, Security Issues

GCHQ, DDoS, Anonymous, the Law and Lying

February 5, 2014 Leave a comment

Either we believe that the Snowden leaks are the biggest con in the history of the universe, or we accept that they are true. I know of no-one who has suggested the former – so they should be taken at face value.

The latest leak, published by NBC, is a presentation that discusses GCHQ’s DDoS attack against the anonops IRC channel, and its infiltration of the Anonymous chat rooms by GCHQ agents.

Nobody who has ever spoken to anyone in Anonymous will be surprised by this. Firstly, the group automatically assumes that every second person in the chat rooms is a ‘Fed'; and secondly they have been faced with DDoS attacks (either directly or via government supporters such as Jester) for many years.

So the reality is: no surprise here.

For me, the most worrying element is the response from GCHQ. It said, according to the NBC report:

All of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.
War on Anonymous: British Spies Attacked Hackers, Snowden Docs Show

Think about this. Firstly, GCHQ is saying that its use of DDoS is legal. I doubt if many Brits understand that the law (probably the Terrorism Act and/or RIPA) allows the spy agency to engage in broadbrush DDoS attacks against innocent citizens (not everyone who uses IRC is a criminal!).

Secondly, GCHQ is saying that everything it does is subject to the oversight of the Secretary of State. That the Secretary of State did not stop this DDoS attack means that the Secretary of State sanctioned it.

So what we have is a government and legislation that specifically allows GCHQ to engage in practices against innocent people of unknown nationality with impunity, when members of Anonymous doing similar would be, and are, locked up. The only alternative is that GCHQ is lying – in which case Sir Iain Lobban should be locked up. Either way, it is an unacceptable situation.

Categories: All, Politics, Security Issues

Reckz0r’s at it again – another hack that hasn’t happened yet

December 2, 2013 1 comment

Like many bloggers I watch my logs, trying to work out what appeals to readers. One thing that has continually surprised me is the popularity of a little posting I did almost 18 months ago: Reckz0r hacks MasterCard and Visa. Anonymous says no.

Reckz0r had just claimed two major hacks. Wrongly. In fact an Anonymous contact told me at the time, “He [Reckz0r] is considered the village idiot in Anonymous circles. He pretended he hacked Sony for LulzSec; he pretended he hacked sites that UGNAZI hacked. He has just faked another hack like he always does. Pure Bieber Hacker.”

But for 18 months visitors have been landing on that page. Is Reckz0r popular? I doubt it. But what it does tell me is that he is probably much better than I am at self-publicity. And now he’s at it again. This time he claims to have hacked the PS4 — well, not personally, but he almost provides a tutorial on how to implement someone else’s hack.

“Voila! JAILBROKEN!” he concludes. “You now have the ability to run unassigned/assigned code and pirated games on your PS4.” Only, naturally, the link to the actual exploit doesn’t work.

But to support his assertion he also published a Twitter conversation between himself and Sony.

spacer

Sony chastises Reckz0r, right?

Sony chastises Reckz0r, right?

spacer

Doesn’t really sound like Sony, does it? And in the first one they have very cleverly got slightly more than 140 characters into the message.

So, once again we can say with a fair degree of certainty that this is a faking hoax. But, if you’ll pardon the vernacular, it is lame. It is lame beyond even Reckz0r’s traditional lameness. It is so lame, you even have to wonder if it’s a lame joke. But that would be cleverness beyond Reckz0r — so is it even Reckz0r?

Bugger. He’s just proved the point — he really is better at self-publicity than I am.

Categories: All, Security Issues

The truth is out there – it’s just not in the newspapers

November 10, 2013 Leave a comment

Blogs are different to newspapers. You can get away with greater subjectivity in a blog than you can in a newspaper. But newspapers cannot absolve themselves of their responsibility for pure objective fact by calling a particular section a blog.

So when Martha Gill wrote about Anonymous in the Telegraph blog, it was wrong. Her headline says it all: Anonymous have been exposed as hypocrites. Watch them try to wriggle out of it (6 November 2013). You can hear the glee in her voice – this is personal, not factual.

Anonymous responded with an open letter to the media in general. It accused Gill of being inaccurate in one of her two accusations (that their masks are produced in what she strongly implies is a sweatshop) and hypocritical in another (that Warner Bros benefits from every sale of a mask). On the latter, Anonymous suggests that royalties are a sad fact of life; and wonders how many Telegraph staff support Foxconn by using Apple or Dell, Sony or HP equipment. “Since 2010, at least 17 deaths occurred when employees committed suicide by jumping from the roof of the building. To use a phrase from Martha Gill’s article, these are certainly ‘unpleasant conditions.’”

But in reality, this incident is just a small local battle in a much larger war. Anonymous – and it’s not alone – believes that much of the media has been bought and usurped by government and big business; and supports the agenda of government and big business to the exclusion of truth. It is no coincidence that there is a nationwide (US) march against corporate media planned for next Saturday:

We are planning a march and rally in Washington DC to raise awareness of the privatization, corporatization, and monopolization of the mainstream media and the corruption of our fifth estate. The failure of the corporate networks to adequately cover critical social issues has allowed for the rampant corruption of our political and economic system to go unquestioned and unchallenged.
March against mainstream media

If you have already thought about this, it cannot be denied. A few (very few) newspapers have kicked back in recent months with the Snowden revelations (notably the Guardian, Washington Post and Der Spiegel); but it’s also noticeable that the Guardian is under threat of prosecution in the UK for doing so.

And if you want a specific current example of this media betrayal, consider an EFF blog from Thursday: How Can the New York Times Endorse an Agreement the Public Can’t Read?

The New York Times’ editorial board has made a disappointing endorsement of the Trans-Pacific Partnership (TPP), even as the actual text of the agreement remains secret. That raises two distressing possibilities: either in an act of extraordinary subservience, the Times has endorsed an agreement that neither the public nor its editors have the ability to read. Or, in an act of extraordinary cowardice, it has obtained a copy of the secret text and hasn’t yet fulfilled its duty to the public interest to publish it.

TPP is the successor to ACTA. ACTA was defeated by European activism. It is dead. TPP allows the same provisions to be established everywhere else without European involvement. Once this is achieved, the new discussions on an EU/US trade agreement will be dragged into the same agreements – it will be inevitable.

But where is the mainstream media’s concern over either? In defeating ACTA, the people made it very clear that they do not want ACTA – more specifically the internet-controlling, copyright-enforcing aspects of it. To understand the great Battle of ACTA, read Monica Horten’s new book, A Copyright Masquerade.

Rather than accept the will of the people, big business and government withdrew, regrouped, renamed and returned from a different direction, calling it TPP and being equally if not more secretive.

The problem is that the mainstream media is not on the side of its readers, but on the side of its owners.

spacer

media 6

spacer

Quite simply, the majority of US news outlets are owned by the same media companies that are lobbying in favour of trade agreements that will take over control of what appears on the internet, who can see what, and who goes where. Quite frankly, we can no longer believe what we read in the press any more than we can believe what government tells us.

Categories: All, Politics

Is Trend Micro correct in its #OpIsrael ‘Botnets Involved in Anonymous DDoS Attacks’

April 17, 2013 1 comment
OpIsrael DDoS spike: 7 April

OpIsrael DDoS spike: 7 April

Trend has done an analysis of #OpIsrael attacks on April 7. It notes that on that particular day, traffic to one particular website, normally around 90% Israeli, became 90% international due to the botnet DDoS attacks.

This increase in non-Israeli traffic was well distributed, with users from 27 countries (beside Israel itself) accessing the target site.

This is factual and we can take it at face value from a company like Trend. The next comments, however, start with fact but end in interpretation:

[fact] Examining the IP addresses that had accessed the target site, we noticed that some of these were known to be parts of various botnets under the control of cybercriminals. In addition, further investigation revealed that these IP addresses had been previously identified as victims of other attacks like FAKEAV, ransomware, and exploit kits.

[opinion] These findings highlight how major DDoS attacks are, at least in part, not just carried out by hacker groups like Anonymous but by cybercriminals as well. These attacks are not nearly as “harmless” as some would think.

The interpretation is that because a particular PC is known to be infected with a bot, participation in the DDoS attack against Israel was necessarily under the direction of the botherder criminal. But an alternative interpretation could be that the PC owner, entirely independently, decided to take part in the protest. (This is unlikely given the need to hide the source IP during such a protest.) Another possibility, however, could be that an activist protester, not otherwise a criminal, could have hired a botnet from a criminal, not otherwise an activist.

My point is that the final comment (“major DDoS attacks are, at least in part, not just carried out by hacker groups like Anonymous but by cybercriminals as well”) is a non-sequitur from the preceding argument. Trend may be right; but should not be making such a bald statement without further ‘proof’.

It highlights a danger we all face as we shift our news intake from traditional newspapers to blogs: the automatic acceptance of an opinion as fact. Blogs, for their part, should draw a distinction between fact and opinion – and the conclusion of this particular blog should be clearly labelled ‘opinion’.

Categories: All, Security News

israel-trade.org got hacked – israeltrade.org did not

April 7, 2013 Leave a comment

There’s a really nice hack of israel-trade.org – visually very, well, nice. And coming at the beginning of the ‘Anonymous’ war on Israel, I suppose it is only to be expected.

spacer

Nice hack design on israel-trade.org

Nice hack design on israel-trade.org

spacer

Thing is, I’m not sure whether saying ‘you’re hacked’ on your own website is genuine hacking…

There is a very similar sounding site called israeltrade.org – and that site is still (at least at the time of writing this) running fine.

spacer

israeltrade

israeltrade.org still running…

spacer

But israel-trade.org got got – and oh look – it only took the hacker a couple of hours from registration to hack…

spacer

israel-trade whois

spacer

A rather late April Fool joke on the media, I suspect.

Categories: All, Security Issues

If Izz ad-Din al-Qassam is the Iranian government, does that mean that Anonymous is the US government?

January 13, 2013 Leave a comment

Incapsula recently reported that it discovered one of its clients was being used to launch DDoS attacks against US banks. It doesn’t say, but it seems likely that the DDoS tool was the same ‘itsoknoproblembro’ that I reported on in Infosecurity Magazine here, currently in use by an Iranian hacking group calling itself the Izz ad-Din al-Qassam Cyber Fighters.

Most of the media that has picked up on the Incapsula story consciously or unconsciously links it to a separate concurrent story in the New York Times:

But there was something disturbingly different about the wave of online attacks on American banks in recent weeks. Security researchers say that instead of exploiting individual computers, the attackers engineered networks of computers in data centers, transforming the online equivalent of a few yapping Chihuahuas into a pack of fire-breathing Godzillas.
Bank Hacking Was the Work of Iranians, Officials Say

The whole article can be consigned to the category of sensationalist journalism, well beneath what we should expect from the New York Times. The purpose, however, is very simple: “There is no doubt within the U.S. government that Iran is behind these attacks,” said James A. Lewis, a former official in the State and Commerce Departments and a computer security expert at the Center for Strategic and International Studies in Washington.”

The purpose behind this and many similar articles – on both sides of the Atlantic – is to put cyberfear into the hearts of the people. This then justifies the introduction of more and more draconian legislation and more and more surveillance from the US and European governments on their own people. Just read the press and see how many threats are coming from Iran and China. Mostly, the implication rather than anything else is that these threats are government sponsored; that is, it is the Iranian government and the Chinese government that is behind them all.

That, frankly, is baloney. It is targeted fear-mongering by our own governments.

The reality is that the Iranian and Chinese governments are most likely aware, and possibly tolerate the existence and aims, of these hacking groups – but there is no evidence that they are behind them. The same goes on in the West. The hacktivist known as Jester shares the same views as the US government. He attacks muslim websites, and anyone he believes ‘disses’ US government policy (such as WikiLeaks and Cryptocomb). When he took down Cryptocomb, the site put up the notice: ‘Cryptocomb will be back after the state sponsored attack ends.” It beggars belief that neither the FBI nor DHS know the identity of Jester – but it doesn’t benefit their policies to arrest him; so they don’t and won’t. I have no doubt that the same goes on in Iran and China – but that doesn’t mean that governments are directing the attacks.

David Graham makes a valid point.

When Muslims claim the offensive “Innocence of Muslims” video is state-sponsored by the U.S. government, we know their conspiracy theory is silly.
State sponsored attack: a howto guide

But when Muslim activists retaliate, we immediately accuse the Iranian government. Strange.

But it’s not at all strange. The simple fact is that US and EU law enforcement agencies are using the attacks to justify increased ‘counter-terrorism’ budgets, and increased home surveillance and control. And articles like this from the New York Times will help them. Calling Izz ad-Din al-Qassam an arm of the Iranian government is similar to calling Anonymous a branch of western governments because it has supported the Syrian rebels against Bashar al-Assad.

Categories: All, Politics, Security Issues
Follow

Get every new post delivered to your Inbox.

Join 141 other followers