With Anonymous and LulzSec, is Anyone Believable?

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Is there a reason anyone is listening to anything these guys say? I'm not trying to be mean, I'm just being honest...why would anyone listen to anything they have to say after all the stunts they've pulled?

"Ryan Cleary is not part of LulzSec; we house one of our many legitimate chatrooms on his IRC server, but that's it," LulzSec tweeted. "Clearly the UK police are so desperate to catch us that they've gone and arrested someone who is, at best, mildly associated with us. Lame."
Click to expand...
 
I'm pretty pissed. They attacked Sega for godsake. I mean WTF. They're lucky my flying dragon which shoots lasers is at the mechanic.


I have no intention of listening to what they have to say now and neither does my seaman.
 
so they are trying to disavow that this person had anything to do with them... when in doubt for your own safety keep the wheels spinning it may throw them off the trail (not likely)
 
Whoever these guys are, they will eventually be caught. All it takes is an Interpol Reward or something, and someone WILL turn on them. Greed always wins.

And when they are caught, whoo boy. I doubt they get much mercy after everything they've done and all the mouth they have used.
 
most irc ops are involved with different hacking groups. I know because I figure out where a trojen bot goes in the past. It went to a irc server and some weird room.

Than when I typed something I got banned from the whole irc server. So most likely irc server ops know what is going on in their server and is involved.
 
While I do appreciate that they're making security a mainstream concern and issue for debate, they're not going about it in a smart way.

anonymity is a myth. It's only a matter of time before they end up behind bars. Everyone makes mistakes and as they continue to do more damage, they're only making themselves bigger targets. If I were them, I wouldn't be as concerned with law enforcment as much as I'd be the community itself. White hats and other ethical hackers don't need warrents to get evidence linking these people to their online ID's :)
 
I know I'm in the minority here but I actually don't hate these guys. The fact that they're somewhat open about their activities makes me feel better about them than the bevy of other hacker groups who you don't know what they're doing or what they've gotten into or even worse the ones associated with foreign governments.

While I don't condone what they're doing, I don't fault them either. Nothing is secure and everything gets hacked in one form or another sooner or later. If you put your info out there, there's a good chance sooner or later someone is going to get it. Would you rather a group of people who tell you they got it and they're releasing it "for the lulz" or a group who won't tell you they have it and sell it on the black market?
 
Tricky said:
...Would you rather a group of people who tell you they got it and they're releasing it "for the lulz" or a group who won't tell you they have it and sell it on the black market?
Click to expand...

What does it matter? If you are the one whose identity is compromised, do you really care? Your confidential information has been taken without your consent and is now compromised. Sure you are upset that it wasn’t held more securely, but are you okay with it being taken, sold or given freely to others to use to steal your identity?

Hey, these guys are obviously talented, but I wish they would apply their skills in a more constructive way...
 
Typical police tatic:
Squeeze enough pours and sooner or later you'll pop a zit.
 
dr.stevil said:
While I do appreciate that they're making security a mainstream concern and issue for debate, they're not going about it in a smart way.

anonymity is a myth. It's only a matter of time before they end up behind bars. Everyone makes mistakes and as they continue to do more damage, they're only making themselves bigger targets. If I were them, I wouldn't be as concerned with law enforcment as much as I'd be the community itself. White hats and other ethical hackers don't need warrents to get evidence linking these people to their online ID's :)
Click to expand...

I agree. You can "wipe" a zombie machine you used for a while to hide your tracks. But if they seize that machine, they can restore that data that has been wiped quite easily.

You can use a proxy, until that proxy is taken down. Pretty soon you are out of normal proxies.

You can use anonymizer services, but they already have profiles of the most likely suspects. Traffic pattern monitoring at the source (encrypted or not) can be a big clue as to what someone is up to.

You're only safe for a little while if you keep using your own computer to stage attacks from a single site.

All it takes is time.
 
Good on 'em. I want to see Lulzsec keep going.

As mentioned earlier, who do you trust more, the hacker that finds a vulnerability and posts public about it, or the hacker that keeps quiet and sells or exploits the vulnerability?

Lulzsec is doing something the security industry desperately needs: performing an audit. If you've watched or read much about stuxnet, you should be aware that there are legitimate companies that are discovering zero-day vulnerabilities in software and NOT reporting them to the software publisher/vendor/author. On the reverse side, you have "whitehat" hackers and security professionals that DO report vulnerabilities to the proper companies and authorities, only to be ignored or gagged. The current paradigm is to not publish the vuln's details without the vendor's consent or until a patch has already been implemented (and sometimes, not even then).
 
Whether they are right or wrong, I disagree with their brazen attitude. Have some humility. Be humble with your successes.
 
TechLarry said:
Whoever these guys are, they will eventually be caught. All it takes is an Interpol Reward or something, and someone WILL turn on them. Greed always wins.

And when they are caught, whoo boy. I doubt they get much mercy after everything they've done and all the mouth they have used.
Click to expand...

You imply that they all know enough about each other to compromise everyone. I don't forsee this. I'd wager that the majority only know each other by an IRC handle at best.
 
DarkZen said:
Whether they are right or wrong, I disagree with their brazen attitude. Have some humility. Be humble with your successes.
Click to expand...

the art of trolling is really that much of a mystery to all of [H]? everyone is giving them attention and getting all pissy, therefore; they win.

the more you write 'news' articles (wrongly) trying to explain why they do this and what "lulz" are, the more they win.

the more people who leave private data sitting unprotected on public facing servers, the more they win.

the more you want them to loose, the more they win.
 
As I've posted in other threads, I still think what them and their partner groups are doing is funny. Hell, maybe one day they will find something that will embarrass governments and allow citizens to speak up about it.
 
DigitalGriffin said:
I agree. You can "wipe" a zombie machine you used for a while to hide your tracks. But if they seize that machine, they can restore that data that has been wiped quite easily.

You can use a proxy, until that proxy is taken down. Pretty soon you are out of normal proxies.

You can use anonymizer services, but they already have profiles of the most likely suspects. Traffic pattern monitoring at the source (encrypted or not) can be a big clue as to what someone is up to.

You're only safe for a little while if you keep using your own computer to stage attacks from a single site.

All it takes is time.
Click to expand...

Yeah, based on the assumption that A. They're using their own hardware, and B. They're not utilizing some other persons wifi and using proxies and anonymizers etc..

Wifi can go quite a long way, and in a large city with a dense population....


Hell I can get 30-35 wifi hotspots from my livingroom, and I'm not even living downtown..
 
dr.stevil said:
While I do appreciate that they're making security a mainstream concern and issue for debate, they're not going about it in a smart way.

anonymity is a myth. It's only a matter of time before they end up behind bars. Everyone makes mistakes and as they continue to do more damage, they're only making themselves bigger targets. If I were them, I wouldn't be as concerned with law enforcment as much as I'd be the community itself. White hats and other ethical hackers don't need warrents to get evidence linking these people to their online ID's :)
Click to expand...

Agreed 100%. I like what they are doing, but you can tell they are kids by the way they are acting. Cocky, arrogant, and eventually behind bars.
 
Weenis said:
Yeah, based on the assumption that A. They're using their own hardware, and B. They're not utilizing some other persons wifi and using proxies and anonymizers etc..

Wifi can go quite a long way, and in a large city with a dense population....


Hell I can get 30-35 wifi hotspots from my livingroom, and I'm not even living downtown..
Click to expand...

Toss a cantenna into the mix and they can pick up hotspots from a very long distance.
 
Boomstick said:
Agreed 100%. I like what they are doing, but you can tell they are kids by the way they are acting. Cocky, arrogant, and eventually behind bars.
Click to expand...

Or they could be adult Apple owners!
 
On topic, hard to believe either the law enforcement and the crackers. The crackers would deny to avoid appearing weak, and the law enforcement would say they caught the bad guys just to calm the populace down and make it seem like they're doing their jobs.
 
snakeeyes said:
What does it matter? If you are the one whose identity is compromised, do you really care? Your confidential information has been taken without your consent and is now compromised. Sure you are upset that it wasn’t held more securely, but are you okay with it being taken, sold or given freely to others to use to steal your identity?

Hey, these guys are obviously talented, but I wish they would apply their skills in a more constructive way...
Click to expand...

You on the right thread, your describing facebook and a few other companies.;)
 
piscian18 said:
I'm pretty pissed. They attacked Sega for godsake. I mean WTF. They're lucky my flying dragon which shoots lasers is at the mechanic.


I have no intention of listening to what they have to say now and neither does my seaman.
Click to expand...

No they didn't. They told Sega to give them details because they were pissed Sega got attacked, they like the Dreamcast.
 
Just to support Troz with le evidence:
@Sega - contact us. We want to help you destroy the hackers that attacked you. We love the Dreamcast, these people are going down.
Click to expand...
 
Troz said:
No they didn't. They told Sega to give them details because they were pissed Sega got attacked, they like the Dreamcast.
Click to expand...

That's great to hear and all but their credibility is shit at this point.
 
Tricky said:
I know I'm in the minority here but I actually don't hate these guys. The fact that they're somewhat open about their activities makes me feel better about them than the bevy of other hacker groups who you don't know what they're doing or what they've gotten into or even worse the ones associated with foreign governments.

While I don't condone what they're doing, I don't fault them either. Nothing is secure and everything gets hacked in one form or another sooner or later. If you put your info out there, there's a good chance sooner or later someone is going to get it. Would you rather a group of people who tell you they got it and they're releasing it "for the lulz" or a group who won't tell you they have it and sell it on the black market?
Click to expand...


^^^

Honestly, maybe they are doing a lot of things in a lot of ways that I do not agree with, but at least they are actually trying to accomplish something.
 
Yeah it looks like one of the LulzSec members site got hacked.



If you cant read the pic it says
BREAKING NEWS: TEH LULZBOAT HAS OFFICALY SANK WITH 100S OF ANON MEMBERS ON BOARD!

No matter how many bots you gather, no matter how much people you lie to, no matter how much pre-made tools you use, you will _NEVER_ represent the real hacking scene, we warned you, we told you we do not make empty threats, we gave u 48hrs to secure your ircs yet u failed to do so, instead u posted hashes from public forums and then claimed you doxed us and laughed at the fact that i was 17years old. stop telling yourself that u are hackers, putting a ip into a irc is NOT hacking nor is using pre-made tools and scripts to grab databases… you do not represent the anti-sec movement, u are not allowed to greet underground groups like zf0, ab, h0n0, el8 like your member “AnonSabu” was doing, you will never be apart of the underground scene, if anyone thinks you are underground and can actually hack they have no idea about what happens in the underground scene. oh and TeaMp0isoN Issue 2 is coming out VERY soon exposing lulzsec members (pictures, addresses, passwords, ips, phone numbers etc). . . . not so anonymous anymore are you? lets hope that you can swim because the lulzboat just got titanic’d
Click to expand...
 
Boomstick said:
Agreed 100%. I like what they are doing, but you can tell they are kids by the way they are acting. Cocky, arrogant, and eventually behind bars.
Click to expand...

Unfortunately this sounds all too common for what certain segments of society would consider a "mature adult" as well. Plenty of 30+ olds acting precisely the same.
 
TheGrape said:
Yeah it looks like one of the LulzSec members site got hacked.



If you cant read the pic it says
Click to expand...

The way they change font size on their logo makes it easier to see the word "tampon" in there.
 
piscian18 said:
I'm pretty pissed. They attacked Sega for godsake. I mean WTF. They're lucky my flying dragon which shoots lasers is at the mechanic.


I have no intention of listening to what they have to say now and neither does my seaman.
Click to expand...

they didn't hack Sega, and since they didn't but somebody else did they are now going after that group
 
DigitalGriffin said:
I agree. You can "wipe" a zombie machine you used for a while to hide your tracks. But if they seize that machine, they can restore that data that has been wiped quite easily.

You can use a proxy, until that proxy is taken down. Pretty soon you are out of normal proxies.

You can use anonymizer services, but they already have profiles of the most likely suspects. Traffic pattern monitoring at the source (encrypted or not) can be a big clue as to what someone is up to.

You're only safe for a little while if you keep using your own computer to stage attacks from a single site.

All it takes is time.
Click to expand...

The key here are still the ISPs.

Our ISP just did a promotional ad saying that they optimize traffic by routing appropriate packets to specialized servers. Can't get past the marketing jargon but it sounds like they know who's downloading what.

One of our MMO companies got DDOSed, the ISP helped them out by filtering the packets and preventing them from reaching the servers.

Our company got a cease and desist letter from the ISP because someone was torrenting, and even listed the torrents (They ignore regular users, but are stricter with company accounts it seems)

You don't need a building full of supercomputers to monitor the internet, because the ISP's already have the hardware for it.

Weenis said:
Yeah, based on the assumption that A. They're using their own hardware, and B. They're not utilizing some other persons wifi and using proxies and anonymizers etc..

Wifi can go quite a long way, and in a large city with a dense population....


Hell I can get 30-35 wifi hotspots from my livingroom, and I'm not even living downtown..
Click to expand...

From anywhere in the world, down to a couple of city blocks. That's good enough for a team to focus on. The ISP's are capable of scanning whatever you send (It's what their servers are specifically designed to do), i'm pretty sure traffic from a hackers PC is distinct from a facebook user.


And if you spoof your return address. What's stopping the ISP from verifying that the return address really does match the account it came from?
 
TheGrape said:
Yeah it looks like one of the LulzSec members site got hacked.



If you cant read the pic it says
Click to expand...

This is going to be interesting. Battle of the hackers.

Time to grab some popcorn and watch the real lulz unfolds :p
 
You must log in or register to reply here.
Back
Top