These kids need to get out more.
Maybe they should of spoofed their mums address,
Grammar Nazi alert.
It's ‘should have’ not ‘should of’.
‘Should of’ is mistakenly used in place of the spoken contraction should've.
Herp de Derp de do
I'll should OF you in a minute.
@ Norfolk 'n' Goode
Interesting that you failed to notice the bigger sin of saying "mums" and not "mum's".
> "mums" and not "mum's".
Plural -- so should have been " mums' ".
The sentence should OF ended with a period, not a comma.
Not so anonymous
Clearly anyone that thinks the Internet can be anonymous, regardless of how many bots or tunnels you use is an idiot...
I'm waiting for anyone that used LOIC to get arrested next, as clearly ISP server logs will show them up straight away,
Anyone who is stupid enough..
to use LOIC are probably too dumb to be worth arresting.
are you honestly that naive?
do you have wireless?
do you think i'd be able to get onto the internet through your connection (i'm not even close to being a hacker)?
why do you think i wont be able to get in?
why do you think an actual hacker wouldn't be able to get in?
and how about on the train? with a spoofed MAC address?
come on, if i can come up with simple stuff like this, don't you think someone who's paranoid by nature (a given trait of hackers), wont be able to do MUCH better?
anonymity is not that hard to maintain on the net.
How can you be so selfish. These are clearly kids with psychological problems. To my mind the authorities are overreacting to this.
As a parent my heart goes out to the mothers. To have a son is hard enough but to have them arrested for simply messing about on the Internet is just dreadful. I can't imagine what it must be like to have a disturbed child, and then worse have to cope with them being arrested.
It's only the idiots that get v&, anyhow. The low hanging fruit, as it were. Wardriving is one way. If you're more cunning you physically plug in to the hard-wired network. Or just use your botnet to do it.
"Some of them act badly because they've had a hard life, or have been mistreated...but, like people, some of them are just jerks."
- The Simpsons, [1F15] Bart Gets An Elephant
Time will tell the wiser.
"them arrested for simply messing about on the Internet "
you claim to be a web specialist. Interesting, so if a group of kids "messing about" tear down your website, deny you acess, hack you customer databases and expose their data, slander you name, kock your business ofline for weeks at a time...costing you thousands of pounds in lost business and worse, lost reputation.
Would your sympathies still be there?
What about bored kids that decide to go along slashing car tyres and throwing brick through windows?
How about kids from poor background, is it ok for them to go mugging people or breaking into property.
"I can't imagine what it must be like to have a disturbed child", where does it say that? Where?
You of all people (if indeed are web specialist) should know the damage that can be caused by s DDoS attack, website defacements or damaged reputation by compromises accounts.
I program Microsoft FrontPage 2002. I have never seen the problems you mention, maybe this is more secure than what you use for your web sites?
The other things you mention cause physical harm, I have seen stories on here about companies with very poor security surely they are equally to blame for losing data?
"I program Microsoft FrontPage 2002"
Stop right there. Go straight to web quarantine, do not pass go and do not install any more software until you can spell CSS.
A bit of "knock and run" might be okay but some of the attacks have been sustained DDoS that will take down websites and even data centres without professional, round the clock support. You soon stop laughing if that ever happens to your sites.
As for highlighting security weaknesses the generally accepted procedure is to inform the owner directly and agree a time limit for fixing any problems. Not in the interests of hiding the problem but in an utilitarian to minimise any damage. Simply charging around willy nilly looking for exploits and bragging about them is only likely to increase government snooping, ie. reduce security, and lead to calls for heavier sentences.
"I program Microsoft FrontPage 2002. I have never seen the problems you mention, maybe this is more secure than what you use for your web sites?"
LOL, ROFL, hehehe, hahaha, harharhar!!1!
Thanks for the chuckles.
@Clare (the "web specialist")
You have managed to destroy any level of credibility you may have had with your amazing demonstration of a lack of understanding of what has really been going on - or, for that matter, the facts on the ground in your own claimed field of expertise. While it can be argued that some of these attacks may be have been morally or ethically justified, make no mistake as to just how serious we are talking about. Millions of people are potentially at risk for identity theft related crimes thanks to the recent campaign by multiple hacking/cracking groups. More recent breaches, for example, some of the AZ State Police leaks, have potentially left hundreds of officers and their families at greater risk for retaliation by violent criminals. Even the DDoS attacks (ultimately the least damaging of all, even if they managed the greatest media attention) not only hurt their targets, but most target's upstream providers - not to mention any computers used as part of a botnet to perform the attack.
As far as events "In Real Life" causing physical harm, so do actions taken on the Internet. At least, they do when those actions involve thousands, or hundreds of thousands of dollars in damages (easy enough when you both interrupt ecommerce and end up doing something like paying to provide credit monitoring for all your customers for the next year).
If they are disturbed children, they should be treated as such. However, even disturbed children get picked up by the police when they run around causing havoc and destruction. Alternatively, if you think that they are heroes (and there is a definite attraction there, especially when you read the details of the HBGary incident, etc.) feel free to say so - just don't expect any of us to be surprised when the plod come pick up any members they can find, even if they're still in diapers. ;)
The classic call of anyone trying to defer responsibility for their actions.
They did it because they were bored (first and foremost) then an array of additional reasons, they thought it was cool, they believed in some "cause", they did it for the lulz, etc.
Knocking pages together in Frontpage is an order of magnitude less complex than setting up a site consisting of proxies, web servers, app servers, middleware, database, transactions etc. I wouldn't be surprised if most FP2002 sites are "secure" because there is nothing behind them. It's like calling a billboard "secure" because if thieves bust through it there is nothing there to steal. All they can do is deface it.
Me thinks Clare was taking the piss and either everyone is going along with it, tongue in cheek, or you've all been suckered.
RE: Clare (web specialist)
Don't feed the trolls.
Ill add a title anyway because its easier than getting the automated naughty stick
Stick to windows and chairs instead of bold sweeping definite statements on a technical nature "steve".
There are significant ways to hide your trail correctly provided you have the skill and knowledge, do you think china or russia are going to give up logs from proxies in their netblocks? do you think all proxies log, or maybe some are compromised machines specifically set up NOT do that. Have you ever even been involved in hunting people down via these routes to qualify your statement ???
Anyone using loic lacks both skill and knowledge and were fed to the wolves by the people who knew this. And the inner circles were also unlikely to be blowing their cover that costs time and money to establish to go pop a few poorly secured websites offline...
The great thing about anon and lulz is that theyre bringing the blackhat world to a wider audience than the researchers in the field and perhaps there is the awakening of the awareness of the mountain of work that needs to be done, and hopefully less clueless people like you posting rhetoric.
First they came for Anonymous and I lol'd.
lulz @ script kiddies
a quote from the hacker manifesto seems to be in place here.
"you may be able to stop an individual, but you cannot stop us all. Afterall, we're all alike".
this cat and mouse game could go on for eons, but for every one person they catch, two new ones stand up to take their place.
Every one person they catch, another ten or so panic, and pretend they didn't have anything to do with them.
Good idea in theory.
but when a few of them are locked up for an unessesarilly large time period, say a decade or so, I suspect two people may go and hide in their place.
I'm not saying thats a good thing, its just the way things are.
Except the more people who get banged up, the less likely people will be to get involved. The filling of their ranks will stop if the arrest keep happening.
My guess is that only a handful of participants are doing it because of any passionate beliefs. The majority will be script kiddies who are joining in 'for the lulz' and that will soon stop when they realise that they can and will be found.
Anonymous are God's until they break into *your* server
Who asked them to stand up for our rights? What right to they have to speak, act and break the law on our behalf?
Time to recognise these people for who they are. Criminals.
Re: Anonymous are God's until they break into *your* server
Perhaps you are one of the people (or work for one of the people) Anonymous et. al. believe they are defending the rest of us from? They clearly feel that they are doing something. Personally, I'd rather see them running around using stupid script kiddie tools like the LOIC for the occasional protest and a really beautiful hack reserved for special cases (such as HBGary, where ethically and morally they did nothing but act in defense - even if they did flat out break the law, and practically crush a small security company in the process) than having the Anonymous elite trying to rip through society in general - which so far they don't seem inclined to do.
It's just a thought... but while the "rank and file" may be "in it for the lulz," it's pretty clear that there is some real dedication in these groups at various levels. Writing them off as nothing more than criminals leaves you quite likely to fail to understand what is going on and why. What's more, civil disobedience and protest rallies have been a long recognized road to change, and such an astoundingly STUPID attack as the LOIC could be compared to a bunch of people protesting outside a building causing enough of a crowd normal employees/customers/etc. can't get in.
I'm just suggesting it's not entirely black and white. They may well be criminals, but then, so were most revolutionaries, civil rights protesters, etc. at some point in time. I don't place Anonymous quite as high as most of those luminaries, but I think the same point stands - it is possible to be against the law and still be working for a morally sound cause.
Gods or devils - this is getting too theological for my taste.
Are people suggesting we make a cargo cult of of Anonymous? Lord forbid.
"Oh great Anonymous, I am just a lowly web developer, with only an unpatched Apache server and an old version of Wordpress to my name. I am not worthy of thine hacking. But if you put thy effort to more worthy targets (glances at local copy of News of the World, with eldritch runes penned it with red texta) I will post bodacious sycophantic Tweets to thine name."
Coat please. Yes, with the voodoo doll in it. Looks like Rupert Murdoch, does it? Fancy that. Must be a coincidence.
What kind of manifesto is that?
"you may be able to stop an individual, but you cannot stop us all. Afterall, we're all alike".
That could apply to muggers, burglars, rapists, child abusers, embezzlers, drunk drivers and every other class of criminality. Should the police just shrug their shoulders and declare "well they're all alike so no point arresting & punishing any of them"?
Of course not.
Anonymous might make for a great nebulous moniker but the reality is there are perpetrators in that group and doubtless many of them will have their day in court. I hope the lulz were worth it when they get banged up in prison or end up doing hundreds of hours of community service for their troubles.
RE: Re: Anonymous are God's until they break into *your* server
Boy, you really do know nothing about the law, do you!
"....could be compared to a bunch of people protesting outside a building causing enough of a crowd normal employees/customers/etc. can't get in...."
There are strict laws about such protests. In the US, it is a crime for a protest to block access, which is why you see those news clips of protesters walking in circuits outside their target buildings, so the Police can't charge them. In the UK, picketting has very strict laws which were designed to stop union intimidation of non-union workers. If a protester or picket stops anyone physically crossing the picket line then they would be arrested and charged with assault. And you need to follow health and safety guidelines and apply for a licence to make a legal street-protest. I suggest you do a bit more research before mounting your next crusade to "free us all from the tyranny of whatever".
And then how do you propose that websites accommodate "pickets"? DDOS is a crime, fullstop. You can create a protest website if you like, but you had better make sure your "facts" presented there are proveable otherwise you'll be up for slander/libel/defamation charges. Oh, but the work of checking your facts, creating a proetst website and dealing with challenges is just too much like hard work, no? Much easier to just download some SQL injection toolz and fire away from your Mum's basement!
Sure, that'll work.
What's with the catch and release?
The fish will keep phishing until someone actually gets filleted.
Paris: She'll de-bone your phish.
vanned or v&
Like a parent trying to be down with the kids, you're doing it wrong :)
These kids will probably get off....
...I hear that the Swiss case is full of holes.
"Five of the suspects are juveniles..."
Crikey! Actual script kiddies rather than the more stereotypical script-30something-year-old-fatboys-living-in-their-moms'-basements.
RE: ddos = picketin
OK, we have laws for peaceful and legal protesting, rather than the current conforntational approach we could maybe look at having the Internet equivalent. The problem is that those wanting to "picket" a website currently have an "all-or-nothing" option - block the site with DDOS or deface it. In the physical World, we have the option of protesting outside the target entity's buildings, but on the Web there is no "pavement" as such to stand on in front of the target website, so maybe what we need to do is create a "pavement" where legitimate protest can be made, visible to users of the website, but one that does not restrict access to visitors that just want to ignore the protest and go on to the website.
Such a "pavement" might be a banner link (required by a new digital law) on the landing page that announces a protest site - the visitor can then choose to click on the banner and go to the digital pavement to see what the protesters of the day have to say. The pavement can be run by an independent third party as a sort of forum, with rules to restrict improper posting behaviour, and protest groups can then apply to mount a "protest" on the digital pavement via the third-party independent "pavement" moderatrix. Anonymous posting or protesting would be allowed but only as long as the content follows the guidelines. You could even make a business out of offering the third-party independent moderation service to ISPs and businesses (cr*p, maybe I should have patented that idea before posting!). Businesses get to continue in operation but can't stifle legitimate protest, and protesters don't have to worry about being traced and getting a criminal record. Skidiots can still DDOS or deface the main site if they wish, but run the risk of explaining in court why they turned down the opportunity for legal protest.
Discuss, in a grown up manner.
Re: RE: ddos = picketin
Finally, someone who has some sense!
Not sure about the technical implementation, but I like the idea in general.
Safe, legal protest raising awareness of issues without damaging the target or innocent people.
RE: Re: RE: ddos = picketin
Ah. I've just spotted the flaw in my plan - where's the "lulz" in mounting a proper protest?