Archives For anonymous

bad idea

Recently, computers at two power plants were found to have been infected by three viruses that came from compromised USBs, all three easily detectable by up to date anti-virus software, and both infections were easily preventable if the plant operators followed the simplest cybersecurity procedures. If our infrastructure was ever to be the victim of a powerful cyberattack, the exploits’ success wouldn’t be so much a testament to the skills of the hackers as much as they would be indictments of the shoddy practices by those who simply don’t understand how to secure critical systems and don’t care to learn. Very few attacks we see out in the wild are truly brand new and very sophisticated like Stuxnet, Duqu, Flame, Gauss, and Red October. Most target unpatched, poorly secured systems with easily exploitable administrator accounts or out of date servers and database engines, attacks on which have been all but automated by simple PHP scripts. If you’re wondering how Anonymous can topple site after site during an op, now you know.

For example, take the pillaging of Stratfor. How did Anons get into their system? By using easily crackable default passwords and reading databses that were never encrypted. What about the huge data leak from Sony in which hundreds of thousands of accounts were compromised? An unpatched server provided a back door. Periodic leaks of credit card numbers from point of sale systems you find at local bars and restaurants? Out of date operating systems exposing admin accounts to external systems as is a typical industry practice. The ability to get into AT&T users’ account just by typing the right URL? Total absence of security checks on the company’s sites, checks that should’ve been tested before the sites ever went live. I think you get the point. Keep up with the virus definitions, patches, updates, test your software, don’t let external systems run as administrators on your network, and don’t stick random USBs into mission critical computers. If you don’t follow these elementary practices, you, quite frankly, are begging to be infected and hacked, and considering that we basically live on the web today, that’s just reckless.

anons in the wild

Ars has a longform story on an unlikely cyber warrior, Christopher Doyon, aka Commander X. If you see him out in the wild and think that he’s merely a lanky 50-something panhandler smoking like a chimney in coffee shops while surfing the web, you could certainly be forgiven for making that mistake. Little does anyone know that he’s leading the worldwide fight against fascism and tyranny in Egypt and Syria after having battled persecution and injustice in the U.S. Now, this highly ranked general of the Anonymous armies is a fugitive from the long arm of the law trying to punish him for a DDoS attack against a local government office when it tried to tell people not to randomly sleep in local parks. Except when you read through Doyon’s story and the caveats carefully noted by writer Nate Anderson, you’ll discover that only the last part of all this is really true while the rest is basically a giant ego trip from a homeless conspiracy theorist with a laptop and a cause. Though exactly what that cause is gets very quickly lost in the histrionics…

Basically, the fight being fought by Doyon is against tyranny and oppression although what he’d call tyranny and oppression shows that he’s not familiar with a real authoritarian government and these verbs are usually used to say "’The Man’ isn’t letting me do whatever I want." Were he one of the many victims of authoritarianism, odds are that he would’ve been long sent to do a stretch of very hard time in a prison camp and the arrest he would’ve endured wouldn’t have been very gentle, proper, or brought to a court that released him on moderate bail while they reviewed his case. Even the reason why he fled was egotistic. After he coordinated a DDoS attack on Santa Cruz county, the judge didn’t want him to use social media to organize another one and while the case was being heard, ordered him to stay off Facebook and IRC. Imagining that this was a ploy to prevent the transformative work he was doing around the world over IM, he set off for Canada to seek political asylum. Because apparently, he thinks he’s important enough for that.

For more detail, I certainly recommend checking out the story itself, it’s well worth your time, but what really resonated in it with me was the textbook image of a conspiracy theorist looking for a conspiracy to fight. Doyon the 50+ year old drifter living off $15 a day used on coffee, smokes, and a fast food sandwich, perfectly matches with society’s definition of a bum. While many of his peers were studying, working, and trying to build families and careers, he was dropping acid and hanging out with anarchists who saw everyone who didn’t see eye to eye with them as enemies, sinister sleeper agents of the state, sort of like the Agents in The Matrix. He has nothing to show for his half century on this planet. But Commander X, his alter online ego, is the liberator of the oppressed, the digital Gandhi, King, and Eisenhower, all rolled into one. He commands legions and legions of followers and fierce digital artillery in the form of "ethical botnets" that can muscle giant companies like PayPal off the web. Commander X’s facade of a vagabond is a cover, much like that of a secret agent. Now, doesn’t that seem a lot better and more grandiose?

Too bad that this too is pretty much bullshit. Well known Anons have a real distaste for him as a so-called "leaderfag" who thinks he’s in charge of things he’s not, and whose chest-thumping is effectively worthless. So he talks to a small group of his fans and imagines that he’s fanning the flames of revolution against puppet governments of the New World Order. Like many conspiracy theorists on the far left, he’s ready to jump down anyone’s throat should he hear disagreement, rushing screaming at top speed at various strawmen about supporting The Plutocracy or busy stuffing words into critiques of his absolutist worldview, accusing his detractors of simply taking fascist oppression lying down or being blind to the government’s misdeeds. Whatever legitimate gripe he has, has long been obscured by hyperbole and reflexive categorization of anything an authority figure with which he disagrees does as either a war crime or enslavement of the 99%. I can understand why. He’s lived in cozy far left echo chambers in which being radical was simply not radical enough so nuance and debate are simply not part of his world anymore.

Finally, I can understand that there are plenty of people out there not happy with the way things are and wishing their lives had turned out differently. A lot of people feel the same way, like we got stuck on a treadmill and are going exactly nowhere. I know I’ve written plenty of posts which decry the fact that so much potentially transformative science and education is constantly being given the short end of the stick by visionless, bloviating empty suits we elect to govern us. A lot of these potential programs could make the 9 to 5 cubicle grind unnecessary in the long term as well as give us more options for what to do with our lives. So I get it, we’re not in our utopias yet and I’m sure my version of a perfect would would be someone’s mechanical nightmare. But the way to change the world isn’t to pretend to command hordes of cyber anarchists. It’s a tedious, long process that may involve waiting until the visionless retire or fall out of power. It takes time and sorting through competing ideas. DDoS-ing the shit out of stuff produces a speed bump on the way to something new and to pretend that it makes a real difference leads nowhere.

By now, I think my views on how WikiLeaks is ran, who is running it, and its double standards on transparency are not exactly a secret. While it was churning out seemingly damning evidence of malfeasance by big government and military alliances — even when the sources for all of this evidence were less than trustworthy — it recieved a steady stream of support and Assange was embraced as a soon-to-be martyr even as he hosted a TV show for the Kremlin’s benefit. But in his ongoing quest for power and fame, Assange finally went too far and upset his most stalwart and committed ally, the hordes of Anonymous, with what looked like a flimsy paywall. Upset that WikiLeaks "has become the Julian Assange Show," the collective’s IRC channel expressed just how displeased the anons were by telling organization to "go die in a fire." Ouch. Though can we all be really bluntly honest for a moment? Since when has WikiLeaks been anything other than a series of episodes of the Julian Assange vs. The World Show in which our self-created hero has been trying to do good things for questionable reasons and let his ego get the best of him?

In the world of popular conspiracy theories, the leak of Stratfor e-mails by Wikileaks and Anonymous is meant to provide us with a look under the dark veneer of intelligence agents for hire and see what they really do on a daily basis to make sure the Military Industrial Complex keeps perpetuating itself. But there is a little problem with that scenario. Startfor actually has a reputation for being The National Enquirer of the intelligence world and their intelligence packets are said to be little more than displays of military pseudo-expertise. Anonymous basically hacked the Keystone Kops, in no small part because these supposed leaders in global intelligence wouldn’t spring for $40,000 worth of encryption tools and their databases didn’t even use a salted hash for password storage. Even worse, Stratfor’s employees didn’t understand rudimentary cryptography enough not to use the company name as their passwords. We can’t even call what Stratfor had a security setup. Doing so is an insult to any real attempt at security, just as waiving their e-mails around as firsthand evidence of an evil scheme by the MIC’s New World Order is only a step above quoting a few choice posts from Prison Planet.

Were these guys really the CIA’s most trusted people, I’d be very scared. Fortunately, they’re anything but, and while they talk a big game about providing strategic global intelligence, they’re actually more or less glorified, self-promoting location scouts for companies looking to invest in regions where a serious security risk could rear its ugly head. Real firms providing serious strategic intelligence are a lot more low key because instead of running around and advertising themselves as powerful, connected secret agents, they’re actually working, usually in a little nondescript office in the middle of some bleak corporate park, with a very generic name over an opaque door you’ll pass without a second look. Now, if somehow, Wikileaks got their internal e-mails, that would be a massive coup and could reveal volumes about some of the intelligence world’s black projects, but that’s not what they’ve done at all. They’ve accomplished the equivalent of getting into @PrimorisEra’s Twitter account because the password was "password" and citing her blog post about the Bulava missile, which for all intents and purposes could’ve been written after an hour or two on Wikipedia, as evidence that she really is a world expert in missiles and has exceptional knowledge of aerospace engineering. If I had a disposition for conspiracy theories, I’d go on ATS and label the easy hack of Stratfor a government honey pot for Anons.

So why did Anons decide that Starfor was a great target and why would Wikileaks jump on the hack? Did they fall for the company’s hype? Is there nothing more exciting in Wikileaks’ quivers while Assange prepares for his talk show on a channel sponsored by the Kremlin? Supposedly, the site operated a Tor node, giving it a chance to intercept secretive communications between international agencies and embassies. Did these pipelines dry up or was the whole notion of Wikileaks tapping into the Dark Net to spy on thousands of foreign embassies and NGOs more creative fiction than fact? Not knowing exactly what goes on at Wikileaks and the thought process of Anons who hacked Starfor makes it very difficult to answer any of these questions with any degree of certainty. But the most likely scenario is that Wikileaks was once again looking for a big story to stay in the headlines and more conspiracy-minded Anons decided that Stratfor really was a big player and decided to find out what it’s up to, certain that the e-mails they read were actually giving them a glimpse into the minds of CIA and NSA analysts. Assange, who’s been known to cry conspiracy on a constant basis, could’ve fallen in for the firm’s posturing as well and made the mistake of assuming that secrecy equals truth, releasing those e-mails with the full Wikileaks treatment while Anons warned that "there will be repercussions for when you choose to betray the people and side with the rich ruling classes," referring to Stratfor’s clientele.

Then again, while we’re reading tea leaves and reading way too much into things here, we might as well just go ahead and decide that this post is a very elaborate attempt to discredit Startfor to undermine the work of all the Anonymous members dedicated to exposing the corporate-military-industrial-imperial conspiracy through hacktivism, and create negative publicity for Wikileaks at the request of The Man. After all, that’s how criticism of conspiracy theories is usually met, isn’t it? Why would anyone tell these brave souls that instead of peering into the long sought paper trail of espionage and subterfuge, they actually got a lot of hot air with no credibility and wildly exaggerated claims, if not to cover up their tracks? They worked so hard to find proof and now, after finally getting something that looks like it wouldn’t only a government plant tell them that all their efforts were a long way off the mark? So what if these sinister super-agents can’t be bothered to encrypt their data or pick an effective password, or hell, any password at all instead of the IT department set default? So what if they billed the military for just a few hundred grand while charging an average of $50,000 for location scouting for some companies with international ambitions? They just have to be the long sought NWO agents, don’t they?