A little less than a month ago a temporary alliance under the banner of Anonymous successfully broke into the servers of security firm HBGary and acquired information about a security firm menage-a-trois busying themselves with pleasing the American Chamber of Commerce in their struggles against undesirable leftist groupings and labour unions.
On the Kaspersky Lab newsblog Threatpost Paul Roberts has compiled the following complementary list of malpractises: take over information from Facebook to intimidate customers, zero-day merchandising(!), custom malware production(!!) and an additional menage-a-deux with investment bank HSBC to bring down the Wikileaks servers by means of denial of service. Quoth Kaspersky's Paul Roberts: "It's up to the FBI to solve crimes, not to banks, or their attorneys."
At Ars Technica I further find, or perhaps equivalently, that the FBI undoubtedly are planning to hunt down the HBGary hackers, especially considering the previous (disproportional) responses against Operation: Payback and the ddos protests for Wikileaks. Quoth Ars additionally: FBI reminded Anonymous that "facilitating or conducting a DDoS [Distributed denial of service] attack is illegal, punishable by up to 10 years in prison, as well as exposing participants to significant civil liability".
Ironically, my first association is to a Swedish cultural essay on the Russian author Solzjenitsyn and his literary works on Gulag. Another quote (my translation): The story concerns one day out of the life of a prisoner, one out of 3653 days of a ten year long prison sentence, a common punishment for most real or imaginary crimes in Soviet both prior and shortly after the Second World War.
I've written some posts about Anonymous in the past. After the Gawker hack I think it's relatively obvious that Anonymous, despite their quite prominent political results and representativity, even if it's not always their goal (which I actually doubt that it ain't), isn't solely a group of internet-minded citizens with a passion for openness and transparency engaging in unqualified and harmless ddos-protests. Anonymous in this case becomes the difference between forcefully liberated, emancipated, publicized or leaked information. I would love to heard the opinions on this by Simon Rosenqvist, a party comrade who decided to take a leave from party work earlier this year, and especially in relation to his ideas about a public database of trade secrets (coolest idea ever!).
On Anonymous: Hunnism (2011-02-08) , Globalt (2011-01-18) , Perspectives (2010-12-13)
My boyfriend once told me that he can access my facebook and my mail super-easily. And boy if he can. Remember boys and girls that from a security perspective it is very unhealthy practise to permit password saving in a browser or forget to log out if you're not on your own computer. Especially if you're not on your own computer. The computer owner being a trusted steed is not an excuse for your enormous dispassionate laziness and comfort with the situation. I have two emails from my boyfriend sent to me from my own email account with several sentences of rebuke and reproachment.
First of all, let me say it's great to see a new layout here at Stenskott. And that it feels comforting that you continue your reports and updates on the events in the world of infopolitics.
As for the hacking of the security firm: I cannot help but wonder if both issues on corruption, as well as inefficiency and different malpractices (such as the ones in question here), in private companies would be solved if we through legislation forced companies (together with the public administration) to release all information processed for public review.
Similar regulation of Swedish administration bodies have probably at least partly contributed to the low degree of corruption in our country. We expect to hold our
tax-financed officials responsible for their doings - why not do the same with private firms? After all, they handle a lot of our resources, finances and time - and they generally make up the backbone of the societal structure in most western countries. If
Would there be costs? Sure, but those would probably be offset by increased efficiency, and with modern technology and high speed communications, those cost could probably be lowered substantially. Would it hurt these companies if the data got out? Sure, but on the other hand, as we have seen in this case, data is bound to eventually leak anyway. Regulating the release of data would level the playing field, and in cases of very sensitive information there could be exemptions to handle them. Overall, I'm having a difficulty understanding what exactly should cause us to leave the companies' processing of information alone. When the rest of the society are moving to a more open informational structure, the companies should follow. Whether they want to or not.
Add new comment