2011-07-28 Lulz, Security, Justice and the FBI

The recent news of alleged LulzSec spokesperson Topiary's arrest took the media spotlight away from WikiLeaks supporters' demonstration against PayPal. But it also raises questions about how online laws are applied, and the credibility of those who enforce them.

While doubts remain over whether the police have arrested the right person, Topiary's twitter account has been reduced to a single tweet: "You cannot arrest an idea."

Topiary served as LulzSec's witty media front-man and his clever humour was tempered by a strong sense of justice.

"Laws are to be respected when they're fair, not obeyed without question," he said in a recent interview. "Revolution, to me, is bringing down the big guy while not forgetting to stand up for the little guy."

Topiary's arrest is just the latest in a string of arrests which are set to turn the spotlight back onto the US justice system. Many Anonymous supporters doubt the evidence being used against alleged juvenile hackers, while the WikiLeaks legal case against financial services like Visa, PayPal and Mastercard will generate even more public scrutiny.

2011-07-05 LocalLeaks and HackerLeaks Press Release

The following press release is dated July 4, 2011 and received via email.

ImageFirst we would like to thank the global media for being so attentive to the launch of our two new disclosure platforms. We would also like to thank the several dozen people who already trusted us with their sensitive leaks. It has been a remarkable week for those of us who staff these two important projects. None of us ever expected in our wildest dreams the enormity of the reaction to these two ideas.

However we have some sobering news to report. Today, Independence Day in the USA no less - our registrar has suspended our Top Level Domains and shut down both sites. Having failed to explain their reasoning we are left to assume that it was our content they didn't like, and so both HackerLeaks and LocalLeaks have been effectively silenced - censored - and shut down.

ImageThe company responsible is located at www.dot.tk and we encourage all free speech and free information advocates to contact this company and let them know exactly how you feel about censorship. We are seeking legal assistance to help us, and if you're a lawyer and can volunteer your time please contact us at PLF@cyber rights.net

2011-02-09 Security Contractor HBGary Tries to Protect US from Anonymous, WikiLeaks [UPDATE:1]

Image(update below)

HBGary Federal, provider of classified cybersecurity services to the Department of Defense, Intelligence Community and other US government agencies, has opted over the past months to go to war with the group of WikiLeaks supporters known as Anonymous. The Tech Herald reported today on HBGary Federal and two other data intelligence firms “strategic plan” for an attack against WikiLeaks.

The company is considered to be “a leading provider of best-in-class threat intelligence solutions for government agencies and Fortune 500 organizations.” It provides "enhanced threat intelligence" so "the federal government can better protect our national cyber infrastructure."

2011-01-12 Futures for the Internet

The explosion of Wikileaks related news, and the manifestation of the internet's political potential to those who had previously ignored it, or only superficially acknowledged it, has led to a debate of increased intensity about the nature of the net, its political dimension, and its uncertain future. WL Central compiles some valuable commentary on this issue:

Rop Gonggrip: Keynote at 27C3

Rop Gonggrip's fascinating keynote speech from 27C3 projects an uncertain future, online and off, and offers some visions of what the role of the internet, and the hacker community, will be in this future. His riveting pessimism is tempered by a reassuring pragmatism, and a veteran's insight into the subject matter.

2011-01-02 Update: Anonymous Attacks on Tunisian Government Sites

Update 1 :

Anonymous hacktivists have been busy today carrying out attacks on the Tunisian government site located here (IP address: The site is still down as of the publication of this update, and has been down for several hours.

According to IRC chats with various Anonymous members who appear to be well-informed regarding current events in Tunisia, the motivations for the attacks are numerous, ranging from Tunisia's general and long-standing affinity to Internet censorship, to recent riots in Sidi Bouzid and surrounding towns being covered by various media sources.

Another relatively recent act of censorship that seems to have served as the basis for the present call to arms is the Tunisian government's decision to censor online access to Wikileaks and other whistleblowing sites (like TuniLeaks) that make reference to Tunisia or contain certain keywords that might suggest reference to Tunisia.

The Anonymous group, while diverse, intractable and virtually indefinable in terms of a steady membership class, is nevertheless united in its ideals pertaining to freedom of expression and a collective distaste for censorship, inspiring this most recent declaration:

The Tunisian government wants to control the present with falsehoods and misinformation in order to impose the future by keeping the truth hidden from its citizens. We will not remain silent while this happens. - Anonymous

There have been rumors of possible imminent attacks on 3 further Tunisian sites but they do not appear to be in progress at this time.

Read more here and here. For those who are unable to access media sources due to censorship in their own area, this screenshot may be accessible as an alternative (c/o @AnonymousIRC via Twitter).

Update 2 :

The following sites have also been taken down: www.marchespublics.gov.tn and www.pm.gov.tn. As of 9:05 Eastern Standard Time, the former site displayed this message. This is the welcome page for Mohamed Ghannouchi, the Tunisian Prime Minister. A cached version of the page can be viewed here.

Go to the third update, containing a more exhaustive list of sites taken down.

2010-12-30 From Ion Cannon to BotTorrent: Potential new paradigm in hacktivism

The Low Orbit Ion Cannon, or LOIC, is a popular tool for taking down websites these days. It was used on Visa, Master Card, Paypal and other institutions by "Anonymous" hacktivists.

LOIC is easy to download and requires minimal technological savvy for its use. One runs the program, enters a targeted IP address, confirms, and watches as the program floods a site's host with TCP packets, UDP packets, or HTTP requests. Eventually, the ability to handle further requests is lost and the site goes down, becoming unresponsive. This is termed denial of service and the attack is a distributed denial of service (DDoS) attack on the basis that the attacks are distributed across various sources.

The resulting downtime of the site is temporary, of course, but the attack's perceived consequences can range from slight inconvenience to severe paralysis. As is widely known, the stability of a web site is a strong determinant of its popularity. Yet the goal of such attacks, as articulated by some of the Anonymous group members, is not terminal destruction but to raise awareness.

A new weapon of mass awareness is in the horizon, however, that may very well step up the severity and efficiency of these attacks. If effective, it will set into motion attacks originating from thousands of computers worldwide. The difference? End-users will not necessarily know they are participating in the attacks. Here's how it would work.

A home user navigates to a torrent search engine to download a popular file (a film or TV show, for instance). As this image illustrates, the file may have several thousands of leechers or seeders; these numbers may increase to the hundreds of thousands in some cases, depending on the popularity of the file. For simplicity, think of each leecher as one computer attempting to download the file.

As a presenter at the most recent Chaos Communications Congress articulated, by manipulating the data being communicated through BitTorrent clients, one can create the appearance of availability for a given file and cause leechers to attempt a download. The leecher would not actually be downloading the intended file, but attacking a target IP without their knowledge. This would result in the flooding of the target host and, in many cases, eventual take-down of the target site.

This new technology, termed BotTorrent by TorrentFreak's editor-in-chief, would have revolutionary significance not merely in virtue of its creative underpinnings,* but in terms of legal responsibility. Clearly, it is unlikely that end-users would prosecuted for carrying out an attack of which they had no knowledge. Furthermore, given the number of unknowing users carrying out the attacks, the magnitude of the attacks would expand massively. Word on the tweets is the technology is capturing the imagination of developers.

* Addendum: This new derivative technology may clearly be used for a variety of other purposes that do not involve hacktivism. (Many thanks to Kris Kotarski for highlighting the importance of this fact.)

Turning the Cables on Fate

Turning the Cables on Fate

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer