Why the world is scared of hacktivists
September 25, 2011 10:58 AM   Subscribe

They’re watching. And they can bring you down: Why the world is scared of hacktivists. [Via]
posted by homunculus (94 comments total) 16 users marked this as a favorite

 
Feel safer around anonymous than I do around the NYPD these days...
posted by gracchus at 11:03 AM on September 25, 2011 [19 favorites]


FBI Arrests 23-Year-Old For LulzSec’s Sony Hack, Homeless Man For ‘Anonymous’ Attack
posted by homunculus at 11:10 AM on September 25, 2011 [1 favorite]


s idealists swelled the ranks, though, its unusually open and officially leaderless structure allowed it to be penetrated by cyber criminals and career hackers, who launched direct attacks on law enforcement. This was a long way from the chatter on teen-oriented message boards inside the 4chan website

I wish that, just once, the people writing these articles for major news outlets knew, really knew, what they were talking about.

I mean, they even quote Karim Hijazi, the guy who was personally humiliated and discredited by Lulzsec as if he is someone who would be a reliable authority on Anonymous. No conflict of interest, or simple lack of knowledge, there.
posted by litleozy at 11:14 AM on September 25, 2011 [8 favorites]


It is not groups like Anonymous that are the threat. It is the countries that have large scale organized groups of programmerssystematically attacking Government and network business sites in the US and other nations.

If anything, the ultimately less ominous Anonymous attacks are good for showing weaknesses in our security.
posted by eye of newt at 11:17 AM on September 25, 2011 [8 favorites]


“LOL,” Gonlag typed in the chat channel, for “laughing out loud”.

lol wtf ft omg bttf
posted by Sys Rq at 11:21 AM on September 25, 2011 [7 favorites]


Why the world is scared of hacktivists.

Well, it certainly isn't the term "hacktivist".
posted by Horace Rumpole at 11:21 AM on September 25, 2011 [3 favorites]



Find more pleasure in intelligent dissent that in passive agreement, for, if you value intelligence as you should, the former implies a deeper agreement than the latter.

-Bertrand Russell
posted by Increase at 11:22 AM on September 25, 2011 [14 favorites]


lol
posted by clavdivs at 11:28 AM on September 25, 2011


Perhaps when the hacktivists actually form a cohesive front. Until then, I'll suffer a ten hour (or minute) DDOS and return to business.
posted by Slackermagee at 11:28 AM on September 25, 2011


"The last temptation is the greatest treason: to do the right deed for the wrong reason."
-T. S. Eliot
posted by clavdivs at 11:31 AM on September 25, 2011 [8 favorites]


I love dos's. Shutting them down gives me something interesting to do at work. (I work for a big corporate ISP).
posted by empath at 11:40 AM on September 25, 2011


Bruce Schneier: Three Emerging Cyber Threats
posted by homunculus at 11:41 AM on September 25, 2011 [3 favorites]


If anything, the ultimately less ominous Anonymous attacks are good for showing weaknesses in our security.

Why we secretly love LulzSec
posted by homunculus at 11:45 AM on September 25, 2011 [1 favorite]


This was a long way from the chatter on teen-oriented message boards for people with the mental maturity of 12 year old boys inside the 4chan website
That better?
posted by delmoi at 11:49 AM on September 25, 2011 [4 favorites]


I mean, they even quote Karim Hijazi, the guy who was personally humiliated and discredited by Lulzsec as if he is someone who would be a reliable authority on Anonymous. No conflict of interest, or simple lack of knowledge, there.
he also quotes Aaron Barr:
Speaking to me outside the convention, Barr agreed that Anonymous has brought internet activism to a level that will be maintained or exceeded regardless of whether the group itself survives.

Less clear is whether the anarchic hacking carried out against security companies like his own former employer will continue. Although he says it may depend on who is arrested and convicted, Barr guesses that it will go on regardless. “I think it’s reached a critical mass.”
posted by delmoi at 11:52 AM on September 25, 2011 [1 favorite]


They fail to explain Nyan Cat.
posted by memebake at 11:55 AM on September 25, 2011 [4 favorites]


Feel safer around anonymous than I do around the NYPD these days...

No kidding. America jails more people than China and has allowed 20+% of our population to go without work or hope while 2% roll around in obscene profits, yet we're supposed to believe that threats to the state are threats to us? Ha.

I especially enjoyed the implicit threat in the article ("Even some supporters worry that if the group continues on its current path, it could trigger a legislative backlash that would bring heightened monitoring at the expense of the privacy that Anonymous prizes.") Sure, because if the government moves to destroy my privacy -- just like they've been doing for the past twenty years or more -- it'll be all Anonymous' fault.

Stop hitting yourself, says the bully. Stop hitting yourself!
posted by vorfeed at 12:03 PM on September 25, 2011 [59 favorites]


An entire article about the origin of Anonymous w/o any mention of Habbo Hotel? Habbo 2006 was the Ur-Raid, the original "usual suspect" internment camp and template for all the DDoSes chanolojihads that followed.
posted by meehawl at 12:05 PM on September 25, 2011 [2 favorites]


I don't know. PayPal, Visa and Mastercard are still chugging along. At the risk of incurring their wrath, I don't see how "hacktivists" are having much more of an effect than getting themselves arrested, one by one.
posted by Blazecock Pileon at 12:06 PM on September 25, 2011 [3 favorites]


A more accurate title would be: "They're watching (though they have short attention spans). And they can temporarily annoy you."
posted by happyroach at 12:06 PM on September 25, 2011 [8 favorites]


Right before the Creature from the Black Lagoon appears, there is an unambiguous warning of extreme ominousness in the form of three ascending chords in glittering and increasingly shrill brass. I swear they appear at the back of my mind, every time I see the words 'marble cake, the game'.
posted by stonepharisee at 12:06 PM on September 25, 2011


I decided to become a "sacktivist" where I would use the shock value of my openly displayed testicles to further my chosen political causes.

But no-one would take me seriously. They dismissed me as nuts.
posted by MuffinMan at 12:09 PM on September 25, 2011 [13 favorites]


First of all:

Denial of service attacks aren't hacking.

Second of all:

Denial of service attacks are bullshit.

I'm incredibly sympathetic to real hackers who release information that exposes fraud and hypocrisy by governments and corporations. But it seems like the height of hypocrisy for a bunch of folks that make a lot of hay about free speech and having the voices of the people heard to use their meager technical means as a way to silence their ideological opponents.
posted by to sir with millipedes at 12:09 PM on September 25, 2011 [3 favorites]


It isn't highlighted in this post, but, as can be worked out from the article, a bunch of Lulzsec have been arrested during the past couple of months.
posted by Anything at 12:09 PM on September 25, 2011


The interesting part of all of this is the anonymity aspect. Used to be hackers went to great lengths to get credit, text files has all sorts of shout outs and greetz and bbs numbers.Hacked websites were plastered with group names and handles. What was the point in being the best if nobody knows right?

I'm sure insiders know who some of these guys are, and the guys that run #anaonops but they don't plaster their handles all over their pastebin dumps.

I don't think these guys are k-rad but they interesting.
posted by Ad hominem at 12:10 PM on September 25, 2011 [1 favorite]


^ sorry, that was a mess, but you know what I mean.
posted by Ad hominem at 12:11 PM on September 25, 2011


As for the Financial Times and Aaron Barr: He's always used them as a megaphone to spout his personal security beliefs. It was an article in FT that Barr first claimed he had info on the hierarchical structure of Anonymous, and that's when they went about making him look like a complete idiot.

It isn't highlighted in this post, but, as can be worked out from the article, a bunch of Lulzsec have been arrested during the past couple of months.

By my understanding, the only member of Lulzsec that remains unaccounted for is Sabu. According to his twitter feed, he's currently occupying wall st.
posted by to sir with millipedes at 12:13 PM on September 25, 2011


I decided to become a "sacktivist" where I would use the shock value of my openly displayed testicles to further my chosen political causes.

But no-one would take me seriously. They dismissed me as nuts.


You probably chose the wrong audience. You'd be a hit with the teabaggers.
posted by homunculus at 12:15 PM on September 25, 2011 [16 favorites]


These stories are mostly hype designed to make you afraid. A few script kiddies ddosing and cracking public brochure ware websites are not something that keeps me up at night when assessing computer security threats.
posted by humanfont at 12:16 PM on September 25, 2011 [2 favorites]


They fail to explain Nyan Cat.
Unfortunately, no one can be told what the Nyan Cat is. You have to see it for yourself.
posted by juv3nal at 12:25 PM on September 25, 2011 [4 favorites]


These stories are mostly hype designed to make you afraid. A few script kiddies ddosing and cracking public brochure ware websites are not something that keeps me up at night when assessing computer security threats.
They knocked Sony's online services down for a month, costing them (supposedly, IIRC) $170m
posted by delmoi at 12:25 PM on September 25, 2011 [2 favorites]


And if I remember correctly, both Lulzsec and Anonymous denied the biggest of the Sony breaches. Also, they didn't take Sony's services down for a month, Sony took them offline voluntarily to patch the security hole. Lulzsec did take responsibility for several subsequent Sony hacks.
posted by to sir with millipedes at 12:29 PM on September 25, 2011 [1 favorite]


If I may quote Douglas Rushkoff: "Program or be programmed".

The world is more and more running on computers. If you want to run something, you have to know how to do more than use those computers as a consumer.
posted by DU at 12:59 PM on September 25, 2011 [2 favorites]


Pfffft. I ain't afraid of no
posted by Splunge at 1:25 PM on September 25, 2011 [1 favorite]


...they can temporarily annoy you.

Isn't that what "they can bring you down" means?

Stop harshing my mellow, dudes.
posted by spacewrench at 1:26 PM on September 25, 2011


They knocked Sony's online services down for a month, costing them (supposedly, IIRC) $170m

This is a stupid idea about economics that I would like to eradicate. Let's assume that Sony projected they would make $170M during a month, and due to a service outage for whatever reason, they earned $0 during that month. That does not mean that outage "cost" $170M. It merely means they failed to earn any money. Nobody guaranteed them an income.
posted by charlie don't surf at 1:29 PM on September 25, 2011 [14 favorites]


I had an idea for a sci-fi world where anyone with any 'hacking' ability had to be registered and have their movements controlled by governments -- who would use them as weapons against each other. (Kind of like Mutants in the Marvel universe, or psychics on Babylon 5)
Let's assume that Sony projected they would make $170M during a month, and due to a service outage for whatever reason, they earned $0 during that month. That does not mean that outage "cost" $170M. It merely means they failed to earn any money.
I think if your employer just decided to skip your paycheck for a month you would consider that a loss. Sony most-likely has expenses and investments that they expected to cover with the money they would make from Sony's online services. This is accounting 101 really.

If you owned a rental property, and were using rent to cover your mortgage payments, if your tenants skipped a month you'd have to spend your own money to pay the rent. Ultimately you'd have $1700 (or whatever) less then you would otherwise have.
posted by delmoi at 1:36 PM on September 25, 2011 [4 favorites]


empath wrote: I love dos's. Shutting them down gives me something interesting to do at work. (I work for a big corporate ISP)

And to think, there was a time not all that long ago that a concerted effort could DoS all but the largest backbone networks. These days, not so much.
posted by wierdo at 1:46 PM on September 25, 2011


> The world is more and more running on computers. If you want to run something, you have to know how to do more than use those computers as a consumer.

Which has very little to do with being inconvenienced if some hacker collective decides to take down the banking website you use.
posted by Horselover Phattie at 2:02 PM on September 25, 2011 [1 favorite]


I'll just whip up my own banking website in rails. HTML 5 makes it easy!
posted by Ad hominem at 2:12 PM on September 25, 2011 [3 favorites]


Unfortunately, no one can be told what the Nyan Cat is.

I could tell you, but then I would have to kill you hurl you through space with rainbows flying behind you and a poptart for a body while annoyingly catchy music plays.
posted by GenjiandProust at 2:19 PM on September 25, 2011 [1 favorite]


you don't get it, delmoi. Rental properties go vacant all the time. Nobody guaranteed you a renter. In fact, most real estate advisors recommend you don't buy a rental property unless you can cover the costs even with vacancies, e.g. an apartment with 30% vacancies should still be able to cover your mortgage and property taxes.

But since people still don't get this, let's play Lemonade Stand!

You set up a lemonade stand in your front yard. You bought a cheap card table, a pitcher, and some glasses for $2 at a garage sale. Every morning you go to the store, buy $1 of lemons and $1 of sugar and make lemonade. On a nice hot day you make $3 income from selling lemonade. Total profit $1. It takes 2 days to pay back your initial investment in the table and glasses. We are at breakeven at the end of day 2.

Okay, Day 3. It's rainy so the lemonade stand is closed. No trip to the store to buy lemons and sugar. No $2 expenses, no $3 income, no resultant $1 profit. Net loss today: ZERO. By the fallacy you are using, they "lost" $1. No, they did not. By other descriptions, the bad weather "cost" them $1. No it did not. Nobody guaranteed you good weather. You merely failed to make $1.

Okay, Day 4. We go to the store, spend our $2 on supplies, and make lemonade. It's a sunny day, looks good for sales. Then before any customers come along, the neighborhood bully comes and smashes our table, glasses, and pours the lemonade on the ground. Total loss today $4. By your reasoning, today's losses were $5 because we didn't make the $1 profit we expected.

Day 5. We are out of business. No lemonade today. By your reasoning, we lost $1 today. And we lost another $1 on every subsequent day. NO.

In actuality, Sony probably had real costs of a few tens of thousands during the month, to keep servers operating until they could be brought back into service, and associated labor costs for programmers updating the service. Total losses somewhere around $30k I figure. They failed to realize an opportunity that could have earned them $170M. That is NOT a "loss" of $170M.
posted by charlie don't surf at 2:22 PM on September 25, 2011 [5 favorites]


Waitaminute, people actually think that Sony's piss poor security is the fault of anyone but Sony?
posted by wierdo at 2:26 PM on September 25, 2011 [3 favorites]


But it seems like the height of hypocrisy for a bunch of folks that make a lot of hay about free speech and having the voices of the people heard to use their meager technical means as a way to silence their ideological opponents.

Of course the reality is that their ideological opponents control the means of communication and messaging. Free speech is an illusion in that case. You may be able to say whatever you want to, but if no one is listening it may as well not even have been said.
posted by IvoShandor at 2:26 PM on September 25, 2011 [3 favorites]


Of course the reality is that their ideological opponents control the means of communication and messaging. Free speech is an illusion in that case. You may be able to say whatever you want to, but if no one is listening it may as well not even have been said.

That's simply not true. Look no further than the Egypt and Tunisia to find millions of people rallying behind a message that was not sponsored by any corporation or government, in a way that did not occlude the ability of the governments involved to hang themselves with their own words. Oh wait, that is until Anonymous decided to DDOS state sponsored websites. A symbolic gesture that means effectively nothing.
posted by to sir with millipedes at 2:33 PM on September 25, 2011 [1 favorite]


Look no further than the Egypt and Tunisia to find millions of people rallying behind a message that was not sponsored by any corporation or government, in a way that did not occlude the ability of the governments involved to hang themselves with their own words.

The equivalent of that in the U.S. is what? I didn't say that effective free speech couldn't exist, just that it currently doesn't in the United States.
posted by IvoShandor at 2:36 PM on September 25, 2011


or rather, in the world of the global corporation
posted by IvoShandor at 2:37 PM on September 25, 2011


Waitaminute, people actually think that Sony's piss poor security is the fault of anyone but Sony?

Your house has piss-poor security from the perspective of a professional burglar. Whose fault is it if you get robbed?
posted by rodgerd at 2:57 PM on September 25, 2011 [1 favorite]


Day 5. We are out of business. No lemonade today. By your reasoning, we lost $1 today. And we lost another $1 on every subsequent day. NO.
Except in this example you bought lemons and produced lemonade for the day, and some hackers came by and nocked down your stand and spilled all the lemonade. You would certainly feel as thought you lost $1 that you otherwise would have.

It's not "my reasoning" it's basic accounting. Since sony didn't take into account being nocked offline for a month their books at the end of the year are going to be $170m less then they would be had they not been nocked offline. A landlord with a planned vacancy has already taken those vacancies into account.

There is a difference between something that happens due to market forces or nature and things other people do to you.

And by the way, the point I'm making is not that Sony is some poor victim, but rather that "Anonymous" was effective in causing damage in this instance (regardless of who actually did it, they claimed to be 'anonymous', iirc)
Waitaminute, people actually think that Sony's piss poor security is the fault of anyone but Sony?
We don't know how bad their security was, anyone can get hacked. Look at RSA. The point is that Sony suffered huge losses (on their ballance sheets) because they were targeted by Anonymous (In part because of their lawsuit against GeoHot, don't forget that)
The equivalent of that in the U.S. is what? I didn't say that effective free speech couldn't exist, just that it currently doesn't in the United States.
The same tools used in Egypt exist here. The problem is that corporations have mastered PR -- they are better at speaking then you are. In places like Egypt, Libya and even China they need to censor speech because they are not used to responding to rhetorical attacks. In the U.S we have freedom of speech, and that means authorities who can't articulate themselves and win support are eliminated in a semi-Darwinian way. The ones that are left are the ones who can trick everyone. Part of that, of course, is having access to the biggest microphone.
posted by delmoi at 3:00 PM on September 25, 2011 [2 favorites]


rodgerd: Your house has piss-poor security from the perspective of a professional burglar. Whose fault is it if you get robbed?

A better analogy is that a bunch of teenagers broke into your bank's vault and spray-painted their names inside. Yes, vandalism is bad, but the fact that any idiot can break into your bank vault is a much more pressing concern.
posted by Mitrovarr at 3:03 PM on September 25, 2011


The did rather more than that to Sony.
posted by empath at 3:07 PM on September 25, 2011


Your house has piss-poor security from the perspective of a professional burglar. Whose fault is it if you get robbed?

Obama's?
posted by It's Raining Florence Henderson at 3:09 PM on September 25, 2011


One in four US hackers 'is an FBI informer'
posted by homunculus at 3:14 PM on September 25, 2011 [2 favorites]


Locking up FBI informers would cut US hacking by a quarter.
posted by It's Raining Florence Henderson at 3:16 PM on September 25, 2011 [8 favorites]


charlie don't surf: The difference between 'rain vs lemonade stand' and 'lulzsec vs sony' is that in the former case the loss (yes, loss) can't be blamed on anything that could pay you damages, whereas in the latter it can, and in both cases there are willing customer's who would pay you if only it were possible.

I presume you're confusing this situation with film and record companies trying to get damages for full retail price of pirated content in situations where no one would've bought those albums for that money in the first place. That can be reasonably argued against, but you can't apply that argument on the previous examples.
posted by Anything at 3:17 PM on September 25, 2011


Eric Corley was somewhat misrepresented in that "One in four US hackers 'is an FBI informer'" story. What he meant was that faced with the option of going to jail for forever, or flipping on their hacker pals, one in four is going to flip.
posted by to sir with millipedes at 3:18 PM on September 25, 2011 [1 favorite]


willing customer's

Jesus.

posted by Anything at 3:20 PM on September 25, 2011


One in four of everyone would flip

Whatever, the SS and FBI used to photograph and follow people at 2600 meetings, they have even been known to place "friendly" calls to people, you know , they would hate to see you go to jail, just help out a bit.
posted by Ad hominem at 3:25 PM on September 25, 2011


Except your argument is invalid since you can spell. Knocked, duh. Well there are other reasons, but spelling will be enough for now.
posted by Eekacat at 3:27 PM on September 25, 2011


It's not "my reasoning" it's basic accounting. Since sony didn't take into account being nocked offline for a month their books at the end of the year are going to be $170m less then they would be had they not been nocked offline. A landlord with a planned vacancy has already taken those vacancies into account.

You see, this is why I battle economics ignorance using this example. Customers aren't an annuity. If Sony's game was a flop, they wouldn't have booked $170M, they might have booked zero. If some other company's game was a smash hit, their customers might migrate to another service and they would not have booked the $170M. Nobody guaranteed you would earn the $170M.

You "reasoning" is basic Hollywood accounting: fiction. The dollar we didn't earn because it was raining was the same as the dollar we didn't earn after our lemonade stand was destroyed: they are both equally imaginary. They are both numbers on a business plan, a projection, a hope but not a fact. Your crushed hopes for $1 daily profit are worthless. Sentiment has no cash value.
posted by charlie don't surf at 3:40 PM on September 25, 2011 [3 favorites]


But centiment does.
posted by It's Raining Florence Henderson at 3:45 PM on September 25, 2011 [1 favorite]


delmoi wrote: We don't know how bad their security was, anyone can get hacked. Look at RSA. The point is that Sony suffered huge losses (on their ballance sheets) because they were targeted by Anonymous (In part because of their lawsuit against GeoHot, don't forget that)

Actually, we do know that they were not following security best practices. Or much of any security practices at all. We know that the platform security on the Playstation 3 had several fatal flaws. We know that the dev/test network had trusted access to the production network. We know that credit card information was stored on servers which could be accessed from PSN with almost zero security.

The best analogy I can come up with is that they didn't bother to install a door and instead thought the sign next to the entry saying "please don't come in without permission" would be good enough. That's to be expected on Joe Blow's personal website. That is not to be expected of a multibillion dollar corporation that handles sensitive personal information.

rodgerd wrote: Your house has piss-poor security from the perspective of a professional burglar. Whose fault is it if you get robbed?

My house is not a big juicy target from which millions of people's stuff can be stolen. Saying Sony's security was somewhere between weak and nonexistent does not absolve anyone of the responsibility for attacking Sony. Being attacked does not absolve Sony of their failures, either. I'm not quite sure why people insist on this being an either-or thing.

IMO, Sony made a clear decision to attempt to save money by not worrying about security and it resulted in them losing some sales. LulzSec didn't cost Sony hundreds of millions of dollars any more than I cost an ISP more than $10,000 in damages for breaking into their NNTP server back in 1995. Don't get me wrong, some of that damage is rightfully attributable to the attackers (the direct cost of determining how they got in, for example). However, the damage done would have been greatly reduced had security best practices been implemented from the start.

Sony turning off PSN for over a month is a pretty big clue that their systems were in such disarray to begin with and so poorly secured that the need to be offline for that long was mostly their own doing. Given a secure network, a couple of days would have been all that was necessary.
posted by wierdo at 3:48 PM on September 25, 2011


@ad hominem do you have actual evidence they've done that because that is some sleazy-ass cartoon mafioso shit
posted by This, of course, alludes to you at 4:20 PM on September 25, 2011


"Speaking to me outside the convention, Barr agreed that Anonymous has brought internet activism to a level that will be maintained or exceeded regardless of whether the group itself survives.

Less clear is whether the anarchic hacking carried out against security companies like his own former employer will continue."


What is clear is that no one in the press or the security industry learned anything from that entire episode. It's like a twisted Muppet show where the Muppets believe they're in charge.
posted by sneebler at 4:26 PM on September 25, 2011


@ad hominem do you have actual evidence they've done that because that is some sleazy-ass cartoon mafioso shit

Well it is pretty widely knownthe New York meeting was under surveillance and the washington meeting was "raided" in 92. I got such a call myself,although it could have been someone fucking with me, I had equipment seized by the SS weeks later so the timing was kinda suspicious.Years later I recovered the equipment, with SS evidence stickers on it.
posted by Ad hominem at 4:44 PM on September 25, 2011


You see, this is why I battle economics ignorance using this example. Customers aren't an annuity.

No, but they represent income. Had the hack not happened, Sony's balance sheets would have $170m more on them. That's how money works. And it's not like a boycott or something where people chose to leave, they wanted to use the service and came back when it came back up.
posted by delmoi at 5:53 PM on September 25, 2011 [1 favorite]


Yeah this whole "hacker" thing is totally overrated, it's not like they can do anything particularly interesting or creative or hard. Call me when they >>>>>>>>>>>*****ATTENTION ATTENTION DISREGARD THIS COMMENT I SUCK COCKS****
posted by Potomac Avenue at 6:03 PM on September 25, 2011 [4 favorites]


delmoi wrote: No, but they represent income. Had the hack not happened, Sony's balance sheets would have $170m more on them. That's how money works. And it's not like a boycott or something where people chose to leave, they wanted to use the service and came back when it came back up.

But for Sony's negligence, Sony's balance sheet would have had something approximating $170m on it.
posted by wierdo at 6:10 PM on September 25, 2011


I am very wound up about people defacing government websites with pictures of cats! I fear for our national security! What is Congress going to do about this?!
posted by indubitable at 6:16 PM on September 25, 2011 [1 favorite]


Put a bird on it?
posted by Potomac Avenue at 6:18 PM on September 25, 2011 [1 favorite]


delmoi: No, but they represent income.

No, they represent potential income. Potential income is considered an "accounting fiction." It does not exist until it is realized.

weirdo: But for Sony's negligence, Sony's balance sheet would have had something approximating $170m on it.

But for Sony's negligence, an earthquake that took out their servers, a competitor taking their customers, or any number of unforeseeable actions, they might have booked $170M. And if wishes were horses, beggars would ride. These aren't prepaid contracts or options. Potential income always contains an element of risk. If it didn't, everyone would always make a profit, and everyone would hit their projections, and you could get insurance on income you projected you would make. But you can't. Maybe it could be considered "consequential damages" which any insurer will laugh at.
posted by charlie don't surf at 6:21 PM on September 25, 2011 [1 favorite]


Are Sony's accounting practices really the most interesting thing to argue about in this thread? I'm sorely tempted to flag all those comments as derail.

There should be an important story in the fact that bored teenagers doing stuff for the lulz gain major media attention, while most activists get roundly ignored. I donno what it is however.
posted by jeffburdges at 6:24 PM on September 25, 2011


Yeah, I think the tivist part is simply a way of justifying the hack part. These kids would be doing this no matter what, the "fight the power" angle just makes them feel noble.

Hackers got a lot of attention in the late 80s early 90s too. Hell they made an awesome move with Angelina Jolie in it loosely featuring recognizable NYC hackers. Even Poulsen recently tweeted that he thinks the recent attention is just cyclical, and it feels like a rehash of 1990.
posted by Ad hominem at 6:36 PM on September 25, 2011


I'm afraid you missed the fact that I didn't criticize teenagers for wanting to 'fight the power' or simply party. I'm curious why real activists haven't learned much from the hackers.
posted by jeffburdges at 6:50 PM on September 25, 2011 [1 favorite]


Jeff, I'm scoffing at the "massive" damages claimed by these script kiddies, seems on target to me, or I wouldn't be arguing it. Okay, so some /b/tards prevented some people from playing video games online. Seems more equivalent to somebody jamming chewing gum in a vending machine's coin slot, than a multimillion dollar hack.
posted by charlie don't surf at 7:12 PM on September 25, 2011


I'm not criticizing them either.
posted by Ad hominem at 7:14 PM on September 25, 2011


> Potential income is considered an "accounting fiction."

Yes, all money is just a convenient fiction, therefore all monetary damages are illusory. Since anonymous didn't physically punch easy Sony executive in the face, they didn't really do anything.
posted by delmoi at 7:49 PM on September 25, 2011


easy every.
posted by delmoi at 7:49 PM on September 25, 2011


There is very little evidence that hactivists were behind the original Sony PSN attack. It was probably more like the TJMax incident.
posted by humanfont at 7:58 PM on September 25, 2011


I AM SOMEONE ON THE INTERNET
posted by slogger at 8:42 PM on September 25, 2011 [1 favorite]


Tort judgements generally recognize lost income as damages, even though standard accounting practices don't count such expectations of income as an asset. In other words: lost income is "accounting fiction" but it is also legal reality. Is the loaded term "fiction" an attempt to imply that such civil law doesn't exist, or just that it shouldn't?

Either alternative seems hard to support. The former would defy reality, the latter morality. If I unlawfully harm you in a way that costs you medical expenses as well as your job, would you really be made whole if my restitution paid for the former but gave you nothing for the latter?

Of course, there's a dirty taste in my mouth right now: Sony's lax incompetence is partly responsible (although not at all to blame) for others' hacks against them, and Sony's criminality is partly responsible and primarily to blame for their past hacks against others. But just because they're not an innocent target doesn't mean their targeters are innocent either.
posted by roystgnr at 8:57 PM on September 25, 2011


Actually money is a fiction. Unfortunately it's a given in the present consensus hallucination. While that hurts people, it only hurts them because they share the consensus. I'd love for every bank and company to have to show their cash value in a bunch of piles in front of their corporate headquarters.

Could you imagine the scrambling that would ensue, as every single imaginary entity (corporations) tried to get cash (paper place holders) enough to satisfy the people that trusted them?

Does anyone think that there is enough of that magickal paper in the entire world?

And then the people that have invested in all those corporations and indeed governments would, maybe, stand there and look at those piles of special paper.

Just maybe someone would say, "Fucking paper? What the fuck? What the fuck was I so excited about? It's fucking PAPER."
posted by Splunge at 10:16 PM on September 25, 2011


i'm not scared of hacktivists

here's a big post full of ridicule and my very best efforts to sound dismissive plus 'hacktivists' is a dumb word: this is how not scared of hacktivists i am. i am fucking not scared as shit.
posted by This, of course, alludes to you at 10:19 PM on September 25, 2011


I have a more deserving target for the hacktivists: Mexico: Woman decapitated for posting about narcos on social networking site

She's the third in about a week. Though I doubt that the cartels have much of an internet presence to disrupt anyway.
posted by Harald74 at 11:36 PM on September 25, 2011


The places I deal with are more concerned about state-sponsored hacker shops and APT - Advanced Persistent Threats - than they are of skript-kiddies, unsecured servers and DDOS.

This is stuff like subtle browser hacks where you aren't even aware you've been compromised to gather passwords and contacts - lists of persons of interest are kept, and the people they may come in contact with, and the people they may come in contact with. These names are ferreted out and targeted with custom-crafted hacks just to get a step closer to the main target.

There is some exotic stuff, like counterfeit networking hardware designed to allow a third party to easily tap in, but most of it is mundane, but highly targeted - compromised web servers with nasty javascript surprises, infected PDFs from seemingly secure sources and compromised SSL certs.

Compromised SSL certs are big on the radar after a "lone-wolf" Iranian did something noisy and bold rather than clever and quiet - This may have been tit-for-tat for Stuxnet, or it may have been an indication the technique's usefulness is at an end due to security advances. Iranians aren't really big on the Long Game like the other major players, and the Iranians are major players, and they may have decided to burn some bridges and go for the propaganda win. Or it may have been an actual patriotic lone wolf - but the smart money isn't on it.

Lulzsec and Anonymous are mostly noise and show.

Mostly.
posted by Slap*Happy at 4:57 AM on September 26, 2011


No kidding. America jails more people than China and has allowed 20+% of our population to go without work or hope while 2% roll around in obscene profits, yet we're supposed to believe that threats to the state are threats to us?

First of all, the U6 unemployment rate is 20%, which includes the underemployed. The U3 is 9.1%, which is a big difference. We don't have Spain levels of unemployment.

Second, I have no idea why you compared China and the US. It just seems you arbitrarily picked a country with a large population and that's been in the news lately and went from there. To try to explain further, this sort of comparison makes the problem sound more Lou-Dobbsian than it should. I understand that the United States has a lot of people in prison. I have an idea that this occurs because of a public that constantly demands tougher crime laws, judges that respond to this, politicians that use it to burnish themselves for election, and then who fund a prison-industrial complex who are happy to profit from it. In addition there's factors of race, poverty, and onerous drug laws that also add to the problem.

So what does any of this have to do with China's prison system? If anything, Chinese citizens would probably say the prison rate is too low. There's plenty of crime done that goes unpunished in China because of weak laws, corrupt police/politicians, and bribery.
posted by FJT at 6:56 AM on September 26, 2011


Alleged 'Commander X' Anonymous hacker pleads not guilty
posted by homunculus at 11:31 AM on September 26, 2011 [1 favorite]


Feel safer around anonymous than I do around the NYPD these days... yt

NYPD officer who maced female protesters at Occupy Wall Stret identified, and d0xed by Anonymous
posted by homunculus at 11:33 AM on September 26, 2011 [1 favorite]


Stret? I guess bb needs an edit window too.
posted by homunculus at 11:37 AM on September 26, 2011


You know Harald74, we already spend vast sums of tax money trying to fight the cartels, or maybe it's sell them guns, or maybe it's ensure their monopoly, I forget. Activists should focus their efforts on what inspires them, not what inspires you. It appears our current hackivists are often inspire partially by anything really really easy to do, but maybe that's a good thing actually.
posted by jeffburdges at 12:49 PM on September 26, 2011


I'm not scared of hacktivists. I'm scared of people who use such actions as a cover, or as a smoke screen, for international and corporate espionage activity. The RSA break-in that stole information about SecurID? Really odd that Lockheed Martin was immediately hit following the intrusion. In other words, someone who wanted information from a large national defense (read: weapons) contractor broke into a security company to get the keys to the backdoor. The RSA break-in was implied in some media to have been a hacktivist-like action, but... I really doubt it.

I've seen some pretty good data mining work done against my company's website, presumably by a competitor. Not even a security break, but a hammering of public services to grab a large quantity of data on retailers and products across areas. How easily would this be hidden in a DDoS attack if the data miner was a little more clever?
posted by mikeh at 1:56 PM on September 26, 2011 [2 favorites]


Security Expert: U.S. 'Leading Force' Behind Stuxnet
posted by homunculus at 4:16 PM on September 26, 2011 [1 favorite]


Hackers take over Syria government websites

Apparent pro-Syria group hacks Harvard website
posted by homunculus at 7:46 PM on September 26, 2011 [1 favorite]


A reply to the main link: Is it a Crime? The Transgressive Politics of Hacking in Anonymous
posted by homunculus at 3:41 PM on September 29, 2011 [1 favorite]


« Older Great news: Broken Picture Telephone lives, it's c...  |  Researchers have apparently fo... Newer »


This thread has been archived and is closed to new comments