Now Playing
Loading ...



 Listen Live!

Death Of Internet Activist Aaron Swartz Prompts Introduction Of “Aaron’s Law”

 Corsair's Chronicles, Cybercrime, Net Culture, Politics  No Responses »
Jan 192013
 
Internet Law

Editorial by Vagabond ‘Tony’ Carter

 

Internet LawWith the suicide of RSS creator, Reddit Co-founder, and internet freedom activist Aaron Swartz making headlines, Congresswoman Zoe Lofgren(D.) has introduced a draft bill to return contract law to its civil home. Her bill which would amend 18 USC § 1030 with what she calls “Aaron’s Law,” and would limit the scope of the Computer Fraud and Abuse Act and exclude terms of service violations, which are nothing more than a breach of contract.

Lofgren who is a dedicated user of the Reddit social media site, reached out to fellow users on January 15, 2013 to ask for public support of her bill. The proposed amendments however do not take away from the stiff criminal penalties for those who forcibly gain access and under false pretense, or who share/leak data for malicious purposes.

In the case of Aaron Swartz, he had full and legal access to JSTOR files, but used a program to rapidly download a large number of academic articles to his laptop. This may have been a violation of JSTORs EULA/TOS, but that’s all he did. Swartz who had been accused of hacking the JSTOR system by prosecutors, was alleged to have downloaded the files with intent to illegally distribute copyrighted material.

Although no files ever made it out to the public, nor was there proof he intended to do anything more than have a local backup for personal use. Yet under the Computer Fraud and Abuse Act, (originally written in 1984 and updated over the years)  Swartz was being tried in a criminal case on felony charges, which could have carried a lengthy prison term and massive financial penalties, if convicted.

The stress of this led to his eventual suicide on January 11, 2013.
Continue reading »

Valve Sued Over Breach Of Steam Servers

 Business, Community, Cybercrime, Games, Special Reports  2 Responses »
Dec 012011
 
Krypton Radio Special Report

Krypton Radio Special Report

Valve Software Hit with Federal Class-Action Lawsuit Over Breach of Steam Servers

By staff Editor PK

On November 30, 2011 – Lawyers for California resident Oliver Grigsby, filed suit on Wednesday, on behalf of all users of the online Steam gaming service, owned by Washington based company Valve Software.

As previously reported on November 10, 2011 – Valve Software, announced that their forums had been breached and defaced. Ultimately it was revealed that the intrusion into their systems had been much deeper than initially thought; coded passwords, credit card numbers and other sensitive personal information had been potentially exposed by hackers. Valve stated in its notice that it felt that this information had not been stolen by the hackers, even though they may or may not have had direct access to it, and that they were still investigating.

Customers of the Steam network were outraged to learn that Valve had waited to reveal that the breach had actually happened on November 6th, four days prior to the announcement. This anger along with what some feel is a rampant lack of digital security in the online gaming industry, has not unsurprisingly lead to a class action lawsuit against Valve. The charge being lead by an Oliver Grigsby, who has filed the suit on behalf of his fellow gamers in United States District Court – Central District California – Western Division.  Grigsby alleges that Valve committed six major violations of California law:

  1. Violation of the Consumers Legal Remedies Act (Cal. Civil Code §1759 et seq.);
  2. Violation of Unfair Competition Law (Cal. Business & Professions Code §§17299 et seq.);
  3. Violation of False Advertising Law (Cal. Business & Professions Code §§17500 et seq.)
  4. Breach of Express Contact;
  5. Breach of Implied Warranty (Song Beverly Consumer Warrant Act, Cal. Civ. Code §§ 1792 and 1791.1, et seq.); and
  6. Negligence.

Grigsby who has demanded a jury trial, names among his chief complaints in the suit;

“VALVE failed to take reasonable measures to secure its online distribution platform, “Steam”, and thereby failed to take reasonable measures to security the personal and/or financial information of VALVE customers who gave that information in order to sign up for the service provided by Steam.”

What does this mean for you the consumer? It’s not clear at this time, Grigsby has demanded in his suit against the gaming giant; “Actual and/or compensatory damages, restituionary and equitably relief, costs and expenses of litigation, attorneys’ fees and all other available relief for Plaintiff and Class Members.” Amongst many other demands including an attempt to upgrade Steam’s security features.

While many may be cheering on Grigsby to get some form of compensation on behalf of Steam users everywhere; you shouldn’t hold your breath for a check in the mail from Valve. Lawsuits take time, and there will be undoubtedly countless motions by Valve and Grigsby’s attorneys.  There also has been no word publicly, if any customers of the Steam service have actually suffered any credit card fraud or other damages, aside from a severe breach of consumer trust.

As the lawsuit has just been filed, it is also unclear how much money if any would be paid to all users of the Steam service. The main goal of this suit is to gain compensation for those who may have been directly harmed by the data breach, and force Valve to take responsibility for their alleged lack-luster security procedures.

Stay tuned to Krypton Radio for updates on this breaking story.

-30-

Links

Truth and Lies – the League Response

 Business, Community, Cybercrime, Editorials, Games, Hero Community, League of Heroes (LoH), Politics  12 Responses »
Aug 312011
 

How A Few Facts and a Lot of Lies Swayed An Unknowing Public

Krypton Radio Newswire

Anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that my ignorance is just as good as your knowledge.

- Isaac Asimov

There have been public debates recently over whether the Justice League Unlimited group operating in Second Life has been harvesting IP addresses and is currently holding private information about Second Life citizens.  The answer is a simple “no”.  The League has never harvested IP addresses, and currently holds no private information about Second Life users.

Many people on various forums and some in-world venues, are raging and calling for the removal of the Justice League from Second Life. And while everyone has their right to their own opinion, we do want to straighten out some misinformation which is being spread by various people and groups who were actually banned from SL, and are trying to get revenge on the League over our investigative reporting which have exposed their very real criminal actions.

Our greatest concern is that people in general are being lead to take the word of a website which claims to be exposing the “evils” of the League. However when you actually read through the website, you’ll see they’re actually exposing their own true nature.

The site in question is “TheListSL”, which claims to be targeting JLU members to expose them.  If one looks at this site’s history, though, the site has been exposing private information on Second Life users a long time before they decided to focus on the League, posting real world data on Second Life users, using obscene and abusive language to describe their hatred for the people whose Second Life and real life information they’ve linked and posted online for the world to see.

While Linden Lab has publicly declined to involve itself in this matter, we are going to be up front and answer some questions on the material being “leaked”.

Soft Linden's detective work pays off and proves the IP list is not only a forgery, but created by people already banned from Second Life themselves.

The Big Lie

The debacle started with what propagandists call “A Big Lie”.  People generally need to believe one another, yet also are on the lookout for falsehood. Most of regularly tell small lies and engage in minor deception, and so expect others to do likewise. When a big lie is told, this does not fit into our model of modest mendacity, and so we say ‘It must be true’.  In this case the Big Lie was that the League was somehow harvesting the IP addresses of users in Second Life and cross referencing them to discover and record people’s alternate accounts.  This Big Lie ran in various public forums unchecked for two weeks.  The debate was not begun by legitimately concerned residents of Second Life, but by people who, for the most part, had already been banned from Second Life and no longer had a stake in the outcome.

 

Coincidentally, the day Tux Winkler was banned from Second Life for creating an avatar tracking system and using it to stalk people in Second Life, he proclaimed that his new system (a much better one) was already operational and gathered much more data than his previous one did.

It doesn’t take much guesswork to figure out where the Red Zone style IP list had come from. The alt detection data being released on theListSL was, in effect, a forgery.  It was real data, but it was being used to perpetuate a massive lie – that the League had done it.  By this time two or three dozen people had joined the discussion and had become morally outraged over something that had never actually taken place, and we were off to the races.

Once Soft Linden had actually analyzed the IP list and had determined that it had been produced by “a member of a group that has been banned from Second Life and told not to return”, the second part of the master plan was executed – the publication of supposedly unmodified data from the BrainiacWiki itself.  This is the evidence stage of a propaganda attack, called “Card Stacking”.  Evidence, even falsified evidence, can be very persuasive.  The attackers mixed just enough truth with the falsified evidence to make it sound “truthy”, editing information heavily to make it appear as though things said well over a year ago were said just weeks ago in an effort to support the already failing proposition that the “leaked” IP list was genuine.

Continue reading »

Pottermore Launch Marred by Scammers and Hackers

 Books, Cybercrime  1 Response »
Aug 092011
  
article by L. Christopher Bird
Harry Potter series author author J.K. Rowling

Harry Potter series author author J.K. Rowling

Pottermore is an upcoming interactive website by Harry Potter author J.K. Rowling and sponsored by Sony.  The site promises a new reading experience centered around the seven Harry Potter novels with additional content written by Rowling fleshing out background information and settings as well as user-generated content expanding the story of Harry Potter.

There was much excitement when it was announced that Pottermore would be holding a contest for early registration at the free website. Over 7 days starting on July 31st, and ending August 7 a clue was posted on the Pottermore site which lead to a registration page for approximately 143,000 users per day for a total of one million registrations by the contest’s end. Registrations will be open to everyone starting October, 2011.

Enthusiasm for the site has been overwhelming and many people are anxious to see the site before the October open registration and a market for free Pottermore accounts have been selling on ebay and other sites for as much as $100.  Selling of the early registration accounts from the contest is against the terms of service, and Pottermore may cancel any accounts found to have been sold on secondary markets.

The enthusiasm for Pottermore has opened the floodgates for malicious schemes usually centered on the premise of granting early access to the site. Sites claiming to be selling or giving away Pottermore accounts are being used to gather personal information and deliver malware. There are Youtube videos which claim to be instructional on how to sign up for a Pottermore beta account which if followed will just lead you to one of these early-registration scams.

As of this date there are no legitimate ways to gain early access to the Pottermore site other than the million contest winners, and one should be wary of any claims to the contrary.  Pottermore will be open to everyone in October, and the site wll be free. You can submit your email address at the official site http://www.pottermore.com to be notified when registration is open. All other sites claiming to represent Pottermore should be treated as suspect.

- 30 -

Links

About the Author

L. Christopher Bird is a seasoned internet programmer and popular media aficionado.  Also an accomplished writer, his work most recently appears in Kizuna: Fiction for Japan (a charity anthology) , a collection of short stories available on Amazon.com.  Proceeds from the sales of the book benefit victims of the Tohoku earthquake in Japan that took place in March of 2011.

Alleged Top LulzSec Member Arrested by Scotland Yard

 Cybercrime, Special Reports  9 Responses »
Jul 312011
 

Krypton Radio Special Report

Krypton Radio Newswire
Topiary Captured? LulzBoat Scuttled by Scotland Yard

Topiary Captured? LulzBoat Scuttled by Scotland Yard

Scotland Yard took custody of a teenager in Shetland, U.K. last Wednesday in a swift operation in cooperation with the Shetland Metropolitan Police. The 18 year old man was arrested by police in the Shetland Islands, and flown to London for questioning in his purported role in the hacking spree by so-called internet “hacktivist” groups LulzSec and Anonymous. His home was also searched by Scotland Yard investigators, and substantial materials and computer hardware were taken into custody as evidence.

The 18-year-old man is alleged to be an online activist who calls himself Topiary and acted as a spokesman for the groups Anony­mous and LulzSec. They have b­een associated with cyber-attacks on major businesses and intelligence agencies, including Sony, PayPal, Rupert Murdoch’s News Inter­national and the United States’ Central Intelligence Agency. However, in this Techweb article, “Topiary” is identified by a rival hacktivist as being Sweden-based Daniel Ackerman Sandberg.  However, this is based on information derived from Pastebin, which anyone may edit.  The identity in Sweden may simply be a LulzSec effort at misdirection.

The team of specialist detectives flew in to Sumburgh Airport on a small chartered plane on Wednesday morning and left again after teatime with their suspect onboard.

The Shetland Metropolitan Police said the arrest was linked to an ongoing international investigation into the criminal activity of two so-called hacktivist groups.

A 17-year-old living in Lincolnshire, U.K. is also being inter­viewed and two other young men were arrested earlier during the ongoing inquiry.

On July 19, 14 suspected members of Anonymous were arrested in the United States during a nationwide sweep conducted by the FBI in coordination with local law enforcement. Five arrests were also made in Europe as part of ongoing investigations by the Metropolitan Police Service and the Dutch National Police Agency. The defendants arraigned in the U.S. are charged with various counts of conspiracy, carrying a maximum penalty of five years in prison and a $250,000 fine. They also face various counts of causing intentional damage to a protected computer, with each count carrying a maximum penalty of ten years in prison and a $250,000 fine.

“Topiary” is believed to be “second in command” in the LulzSec heirarchy. Whether the young man arrested in Shetland is Topiary or not, his computer(s) should contain important information leading to the apprehension of other LulzSec and/or Anonymous members.

One of the lesser members of LulzSec is (or was) Eekdacat. One of the founding members of the Patriotic Nigras in Second Life also went by the name “Eekdacat”, and actually operated as a furry on that multiplayer online environment. While all the while insisting that he was never a member of the Patriotic Nigras, he was none the less the creator of the infamous “Doomsday Gun” which was responsible for so many sim crashings in 2007 and early 2008. “Eekdacat” of LulzSec , unsurprisingly, also objects to being associated with LulzSec, but had not objected until after the members of LulzSec began to be apprehended by law enforcement agencies around the world.

LulzSec as a group claimed to have operated in the name of “hacktivism”, but apart from their attack on PayPal for blocking financial transactions in support of WikiLeaks, little of what they did appears to have been politically motivated.  Second Life’s so-called “hacktivist” Wrong Hands group shares this lack of focus, having been mass banned and losing their Red Square and Revolution regions as well as their last spokesperson, Tux Winkler in Linden Lab raids over the past two weeks.

The “Wrong Hands” group is just the latest in a string of griefer gangs in Second Life supported and actively endorsed by Mark P. McCahill, current editor of the Alphaville Herald and professor at Duke University, via a bizarre years-long campaign of disinformation and propaganda.  McCahill’s dislike of  peacekeeper groups operation in Second Life is well known, and for good reason: of the three griefer gangs he has publicly supported in the pages of the Herald, the Patriotic Nigras, Woodbury University and the Wrong Hangs, none have survived public scrutiny or the attention of these citizen-run peacekeeper groups.

Update – August 2, 2011

The teenage hacker arrested last week in the U.K. for his alleged involvement with Anonymous and LulzSec is reportedly an 18-year-old named Jake Davis.  Scotland Yard on Sunday revealed that the hacker known as “Topiary” is actually Davis, from the U.K.’s Shetland Islands, according to security firm Sophos and Daily Mail crime reporter Chris Greenwood.  Attempts by Anonymous to misdirect identification of Topiary as being a resident of Sweden have apparently failed.

Davis appeared in a London court on Monday morning, Greenwood tweeted.

Topiary will be tried under U.K. law on at least the following five charges:

  • Unauthorized access to a computer system, contrary to Section 3 of the Computer Misuse Act 1990.
  • Encouraging / assisting offences, contrary to S46 of the Serious Crime Act 2007.
  • Conspiracy with others to carry out a Distributed Denial of Service Attack on the Web site of the Serious and Organised Crime Agency contrary to S1 Criminal Law Act 1977.
  • Conspiracy to commit offences of section 3 Computer Misuse Act 1990, contrary to S1 Criminal Law Act 1977.
  • Conspiracy between the defendant and others to commit offences of section 3 Computer Misuse Act 1990 contrary to S1 Criminal Law Act 1977.

Scotland Yard is purportedly discovering a gold mine of information in Davis’ computers, and investigating other Anonymous activity in the U.K., with more arrests planned.

- 30 -

Update, September 23, 2011

Another suspected member of LulzSec has been arrested and indicted in Arizona, in the person of 23 year old Cody Kritzenger.  Kritzenger is suspected of conspiracy and the unauthorized impairment of a protected computer, according to a report filed by Reuters.

Links

Woodbury Banned a Third Time, SL-Bronies Take a Hit

 Community, Cybercrime, Games, Interviews, League of Heroes (LoH), Politics, Special Reports  15 Responses »
Jul 212011
 
Krypton Radio Special Report

Krypton Radio Special Report

 

Krypton Radio Newswire
This article has been updated with new information from Rembrandt Flux, unfortunate owner of the deleted regions of Bronyville, Derpy and GameTime.

 

The griefing organization known collectively as Woodbury University

has for the third and hopefully final time been kicked from Second Life.

Their current incarnation was headquartered in the regions of Red Square and Revolution, which were opened to the public on April 22, 2011. Openly brandishing a Soviet Russian theme and playing host to the The Wrong Hands (TWH), their continued existence was one of the worst kept secrets on the grid. Nearly all the original Woodbury members had returned using ban evasion alts; visitors to the Woodbury regions were forbidden to openly speak the phrase “Woodbury University” for fear of attracting the attention of the Second Life administrators. This was despite the fact that the group had even made a machinima style video to clearly state that they had returned to SL.

The situation was finally rectified when, in the early hours of July 18, 2011, it all came to an abrupt end. These two regions were removed from the grid along with their owner Atlas SaintLouis, the Woodbury / Wrong Hands ban evasion alts Twinkie Swizzle (Tizzers Foxchase) and Overbrain Unplugged (Intlibber Brautigan).

Also removed were the regions along with Bronyville, Derpy and GameTime, each owned by Rembrandt Flux, who, far from being some new griefer king, had apparently gotten caught in the crossfire between Linden Lab and the Woodbury refugees owing to the high number of Woodbury in the Bronies groups.  According to Flux, he had no efficient means of doing in-depth background checks, going instead on the quality of the example work submitted as to whether or not content creators would be hired.  The two facts that he was paying them, with thousands of dollars changing hands,  and that so many were Wrong Hands / Woodbury may have contributed to his ban.

Linden Lab acting on information submitted by the Peacekeeping community and other sources, reviewed the SL group The Wrong Hands for materials which could be used for disruption of Second Life services. This action was prompted by Tux Winkler, a known leader in The Wrong Hands, who had supplied images of the TWH groups to Justice League members in an attempt to prove that he had not sent a group notice (which was supposedly leaked to Peacekeeper groups) instructing his fellow TWH members on the availability of new a copybot client.  The authenticy of the leaked notice was never established.

The Wrong Hands, main group showing two notices sent by members. Twinkie Swizzle and Economic Engineer

 

The image as shown at right (provided by Tux Winkler), features a group notice sent by now banned TWH member Twinkie Swizzle. The notice contained an attachment which was felt could be an object or device to be used to grief with.

While we will never know if the object was actually a griefing device, it is also possible that Linden Lab removed Twinkie Swizzle for ban evasion, his original account Tizzers Foxchase was removed during the banishment of the second incarnation of Woodbury. The exact reason for the removal of Atlas Saintlouis the owner of Red Square and Revolution, is unknown but suspected to be related to the material used in The Wrong Hands group.

The Bronies Plight

The Bronies are an internet phenomenon, born of a fandom surrounding the My Little Ponies television show. Bronies is a My Little Pony for guys fandom, born of the 4Chan.com partly as a reaction to all the negativity of the /b/tard chan boards. Later invited to form their own chan board and leave 4Chan alone, which they did at http://ponychan.net

The Bronies group in Second Life was founded by Twinkie Swizzle, a known alt of the banned Tizzers Foxchase of Woodbury University / The Wrong Hands. And Overbrain Unplugged, a known alt of the banned IntLibber Brautigan of the same two groups.

(The reader should note that most of the accounts discussed in this article are of avatars now banned; discussion of banned alt accounts where both accounts are banned does not constitute Disclosure, and that this is a third party web site – the Linden Lab Terms of Service prohibiting Disclosure in Second Life do not apply here.)

Curly Fride, a supplier of Bronies avatars,  claims to have met the two in April of 2011, stating that he was invited by the pair to join them in a new Bronies-oriented venture.  Surprisingly, neither Fride nor a significant number of the Bronies who would later join the group realized exactly who Twinkie Swizzle and Overbrain Unplugged really were.  Twinkie and Overbrain supplied organization and funding, whereas it would be Curly Fride who supplied the My Little Pony avatars themselves, without which the community could not flourish.

The group enjoyed explosive growth between April and July of 2011.  As an open enrollment group and because of its saccharine, squeaky clean public face, it became popular amongst griefers to join. It’s important to note, that the Bronies group is NOT a griefing group by nature, it is simply a common practice for some griefers to find large open enrollment groups with certain themes or memes they enjoy, and join to try to corrupt the group for their own purposes. While the group was ironically founded by a known griefer it was policed very heavily by its management.

The group stayed peaceful and reasonably trouble free most times, and we should also note that out of the group of 3000+ good members, only a small handful (10-20 if that) were actually considered possible griefers.

The chain of events is a little difficult to follow, but piecing together what we’ve been told from various sources, here is what apparently happened:

The Woodbury / Wrong Hands Connection

Tizzers Foxchase (Twinkie Swizzle) had apparently gotten bored with the stagnant and politically unsuccessful  Wrong Hands and Woodbury University groups and decided to try something new.  He convinced Intlibber Brautigan (Overbrain Unplugged) to join him.  Seeing an opportunity, they invited Curly Fride to join them and created the new Bronyville estate in April, with a second sim called Derpy added two months later.

Curly Fride’s Second Life account login information was apparently either phished or socially engineered to acquire the password sometime prior to July 3rd. Fride’s in-world funds were spent buying troll gifts for various people, with the list of recipients conforming in general to a list of people not well liked in Woodbury University circles.

Rumors flew, one of them being that his account had been hacked by Foxchase, or somebody Foxchase knew, or somebody he had put up to the task.  Another rumor says that Fride tried to have his two co-owners removed from the Bronies and Bronies land administration groups via support ticket based on this suspicion.  The Bronyville management response was to ban Fride from the Bronyville estate.  Within a day, Fride was no longer listed as an owner of these groups, but by this time both Twinkie Swizzle and Overbrain Unplugged had lost their accounts, and the regions of Bronyville and Derpy were taken offline.

Far from being disconnected or detached from the two griefing groups Woodbury University and The Wrong Hands, Tizzers and IntLibber retained their ties to these groups.  It cannot be a coincidence, therefore that Atlas Saintlouis, the money figure enabling the existence of Red Square and Revolution, lost his account on the same day that Twinkie Swizzle and Overbrain Unplugged also vanished.

Continue reading »

Dumpster Knights – The True Face of Hacktivism

 Cybercrime, Editorials, Games, League of Heroes (LoH), Politics, Special Reports  3 Responses »
Jul 042011
  
Krypton Radio Newswire 
(See also: Woodbury Banned a Third Time, SL-Bronies Take a Hit)

'Borrowed Honor'

LulzSec’s Dumpster Knights

A Krypton Radio Editorial

They’re like a bunch of garbagemen, trash-pickers who found a couple of old suits of armor in a dumpster and now think they’re knights.   A disorganized gang of Kabuki dancers, running in and out of endless doorways, changing costumes, changing masks, making everyone think there’s more of them than there is.  Angry, nihilistic college students, professors, and would-be entrepreneurs, guilty over their desire for success in a world where success is supposed to be a sign that you’ve sold out to the Dark Side.

The hackers, so-called “hacktivists” that have been breaking into systems as diverse as Eve Online, Sony, the CIA, the US Senate, and the UK’s Serious Organized Crime Agency, are lauded on one side as virtual freedom fighters, but seen by authorities as criminals and terrorists.

These are the hackers who have been terrorizing the Net – and it may have started at least partially in the online service called Second Life, owned and operated by California based Linden Research, Inc.  A group calling themselves the Patriotic Nigras formed on 7Chan.org in December of 2006 and came to Second Life in an arrogant attempt to “own” it.  At least one of the members of the Patriotic Nigras went on to form a branch of the amorphous internet gang calling itself “LulzSec”.

LulzSec has set their sights higher than dropping boxes in sims and telling furries to “Yiff in Hell”, but their attitudes haven’t changed all that much.  When it was the Patriotic Nigras begging for attention in the sandboxes of Second Life, it was almost amusing, when Eekdacat Ondeneko’s “Doomsday Gun” would send clouds of “Choppa Man” cubes reproducing and screeching like mad all over a region until it crashed.  But recently, the US Government has been reclassifying hacking as a potential act of war, something decidedly unamusing.  This is no longer rape cubes and particle zombies, this is deadly serious.  Too bad the hackers still seem to think it’s funny, some kind of video game, as an Anonymous IRC log seems to imply:

Jun 03 15:05:41 storm    HACK US AND WE WILL BOMB YOU. – Obama
Jun 03 15:05:48 trollpoll    didnt see :P nice lulz ye
Jun 03 15:05:54 trollpoll    yes, this is not so lulz… :P
Jun 03 15:06:03 storm    lol
Jun 03 15:06:05 trollpoll    and the NATO doc too…
Jun 03 15:06:12 storm    i didnt see it
Jun 03 15:06:28 trollpoll    NATO document talking about anonymous
Jun 03 15:06:29 *    storm gives channel operator status to Topiary
Jun 03 15:06:35 storm    oh
Jun 03 15:06:36 trollpoll    that must be prosecuted
Jun 03 15:06:43 storm    yeah i saw that
Jun 03 15:06:58 trollpoll    one of these days we will have tanks on our homes…
Jun 03 15:07:19 storm    yeah no shit

The “first strike” of the LulzSec boat appears to have been the recent breach of the Sony Playstation Network first reported on April 27 of this year.   The interlopers broke into half a dozen web servers, stole and posted proprietary source code owned by Sony on BitTorrent sites and even left messages inside the system identifying themselves not only as Anonymous, but a specific splinter group within Anonymous calling themselves LulzSec.

LulzSec claimed that its attack on the Sony Playstation Network was an attempt to convince them to drop its charges against hacker George Hotz, who hacked his PS3 to “jailbreak” it.

George, however,  is giving mixed messages on why Sony took exception to his bypassing the  security on Playstation hardware.  In one interview, he says his basic error in “making Sony mad”.  (http://news.cnet.com/8301-13506_3-20028540-17.html) In another (http://www.pcworld.com/businesscenter/article/226603/playstation_hacker_sony_has_only_itself_to_blame_for_breach.html) he issued a statement: “The fault lies with the executives who declared a war on hackers, laughed at the idea of people penetrating the fortress that once was Sony, whined incessantly about piracy, and kept hiring more lawyers when they really needed to hire good security experts. Alienating the hacker community is not a good idea.”  But still other posts have him wanting to get on with life and put the lawsuit behind him, accepting a permanent injunction.  Even when unmasked, these people can’t stop shifting faces.

The “hacktivists”, however, wanted to avenge him anyway, and attacked Sony’s Playstation Network on April 19 to defend his questionable honor, sort of like burning down a bank that had a bankrobber arrested for robbing it.  George himself doesn’t appear to be very grateful for his compatriots’ act of vengeance in his name.  On the Kotaku news site, in an article reporting a rise in PS3 systems being hocked following the shutdown of the Playstation Network, George (or someone using his usual handle) made the following statement in a comment:

GeoHotz
May 15, 2011 at 8:17 AM

Anonymous Hackers Top number 1 site to blame
http://www.somethingawful.com reasoning blameing 4chan site knowing it just to secret get FBI agentz off their legal hacks on interwebs & IRC channels
http://www.woodburyuniversity.edu Mostly all Anon crowns who dose this & run 4chan go’s to this college :]
http://www.Lindenlabs.com probably their at getting back at Sony Homes riping off ScoundLife Like how Tizzers Foxchase soviet russia group goted their butt kick by furries & W-Hat hackers

Link: http://www.kotaku.com.au/2011/05/retailers-ps3-owners-are-ditching-the-platform-migrating-to-360/

Of particular interest are two names out of the entire post:  Woodbury University and Tizzers Foxchase.  Why on Earth would GeoHotz, the creator of the PS3 jailbreak hack, be mentioning Tizzers and Woodbury, much less Second Life, in a comment relating to the LulzSec phenomenon?  Tizzers is known to have provided support for the nascent Patriotic Nigras in the Woodbury group in 2007, and for other raiders in 2010, but why is a small time operator like Tizzers even worth a mention in this saga?

Simply, all these people keep showing up over and over.  The “hacktivist community” would have us believe that there are thousands and thousands of hackers all over the world, a “hacker army” hidden in plain sight.  The truth is, there just aren’t that many of them. They show up over and over, wearing different clothes.  This is why Tizzers and Woodbury are noteworthy.  They’re a model in microcosm of the larger whole – but the whole is so concentrated, even someone as small as Tizzers can be a significant element.

So we go back to Eekdacat Ondaneko, one of the founders of the Patriotic Nigras, whose first name is identical to that of a member of LulzSec.  A recent post on Pastebin.com, reported by several sources, has revealed EEKDACAT’s involvement in the sailing of the LulzSec boat.

The PN and Woodbury in SL use a tactic in common when engaging in griefing.  A single entity could force multiply their effectiveness by building a large backup supply of throwaway accounts, already equipped with griefing tools from a safe repository in-world or from text files of scripts. The mask would change as the action progressed, even as the player behind the mask stayed constant.

In this fashion, few can have the effectiveness of many, and can look like a small army.  If a machine can run more than one avatar at a time, this force multiplication by technology becomes even greater.  But more to the point, as Justice League investigators moved the focus of their attention from griefing group to griefing group, they found that it was the same players involved in each case.

Operating through different masks, the griefers attempt to increase their apparent size and perceived threat, and to create the impression that we as a virtual society are literally drowning in griefers, and that the /b/tards outnumbered the normal citizens by some huge number.  It makes it easy to begin to assert that anti-social or borderline criminal behavior should be accepted because it has become the norm. We’re told the griefing is unimportant, because it’s all just a game, or some kind of digital dream. We are meant to believe that fighting back is hopeless, because the battle is already lost.

Seeing the musical chairs approach for what it is dispels the smoke, and fogs the mirrors. The PN and Woodbury claimed to be legion, but knowing how they leveraged this illusion destroys it.  They were not legion at all.

The LulzSec operation is little different.  We’re seeing many of the same players from other hacking activities, and still others are outing them. We’re seeing some familiar names, some from our own neck of the woods, and is it surprising?  We’re finding that the global hacker army is more of a global hacker platoon, playing musical chairs and trying to convince us they’re bigger and more dangerous.

What makes them more dangerous is that they’re as much after each other as they are the businesses and institutions they’re trying to destroy, and they don’t care much about hurting people who get between them and their targets.  This includes the less clueful people they call “cannon fodder”.

One of the better known methods of attack wielded by Anonymous is a distributed denial of service attack that can be directed at any target by anyone downloading their LOIC software.  LOIC stands for “Low Orbit Ion Cannon”, and runs on user’s machines.  When invoked, everyone who has it installed contributes some of their bandwidth to an attack on a web server, and anyone can select a target.  There’s only one problem: the LOIC does not hide your IP address when you use it, and every person with it installed reports their IP address with every packet it sends out.  LOIC users are cannon fodder.  If you’re caught, it’s just chalked up to “collateral damage”.

This is nothing more than a turf war, waged on the Internet and on other people’s property – and it’s suddenly clear that this turf war is being played on a vastly smaller scale in terms of numbers than anybody had previously supposed, but with higher stakes than anyone had imagined.

LulzSec hacked both the C.I.A and the United States Senate, and gloated about it.  Since the participants come from countries around the world, it’s no longer just a matter for the United States’ Federal Bureau of Investigation – now they’ve inspired changes to military rules of engagement, and an international effort is underway to find and capture the members of LulzSec.  Naturally, the members are now all saying they aren’t members, or were never members, and backing away from LulzSec as fast as they can.  But should we believe them just because they say this?

Can they cause trouble?  Yes.  Should they be taken seriously?  Yes. Are they a world-class threat, a “nation” inside the Net, that should be warred against?

No.  They’re a small, relatively insular group of the same faces over and over.  They’ve already succumbed to attack from other hackers who appear to have unmasked them.  This is the true face of Anonymous – they’ll give each other away, or give up (possibly involuntarily).  You can only make a handkerchief look like a bedsheet by cutting it up and rearranging the pieces for so long.  Eventually, someone will notice the gaps.

 

- 30 -

Update – July 4, 2011

And now the music stops and the haxx04z take their seats…and a new group emerges…The Script Kiddies! New masks for the same bodies in a new arrangement!  A new group calling itself – and we kid you not – TH3 5CR1PT K1DD3S – managed to hack into Fox New’s Twitter feed and announce that President Obama had died.  They’re not LulzSec.  They’re not the AntiSec group either (which was just LulzSec in a new fright wig) – they’re affiliated with AntiSec.  Their statement to Fox News:

We are a new group called The Script Kiddies. As i have stated in past interviews we do have connections to anonymous, however this does not represent them in anyway. personally I have been part of many hacks leading back to HBgary and #operationPyaback with anonymous. we will not go into details about how we have acquired Fox news twitter account. We do have several email accounts belonging to fox news. As far as our security i obviously can’t go into details, but i have faith that the members of the script kiddies will remain hidden. We have no announced plans for future attacks, we have brainstormed several ideas. we will be contributing to #antisec in the future but we have found nothing of value within fox to add to the leaks.The updates about Obama are the result of boards script kiddies members after we found no information to leak to anonymous“.

 

They got some email addresses, and hacked a Twitter account. Bow down before the might of  – who were they again?

Links

The Griefer Mindset: Who They Are and Why They Do It

 Community, Cybercrime, Editorials, Games, League of Heroes (LoH), New Second Life Resident Education, Stark Reality  No Responses »
Jun 092011
 
 
Editorial by Vagabond ‘Tony’ Carter

We’ve all seen them… rezzing replicators, spamming regions with obscenities, flooding your screen with whimsical to pornographic images and sounds. Crashing sims and viewers for fun, and with countless other attacks they claim it’s ‘just a game‘ and “we do it for the lulz” – even using illegal computer programs to steal from legitimate real life (RL) businesses, and harass residents in-world.  Some going so far as to track down a resident’s real life information and make harassing or threatening phone calls, and in very rare cases a few have traveled miles to mock their victims at their doorstep with veiled or direct threats. Who are these people and what motivates them? While the term is used in nearly all multiplayer online games,  in Linden Lab’s Second Life and other MMO’s we call them Griefers.

Continue reading »

 Older Entries