LulzSec hack... (Insert most recent target here)

[Velotix von Skruviktorrius]

Oh and for the record since people are inevitably going to try and squeeze this out of me: I don't approve of what they do or the fact they feel they have to do it for whatever reason be it professional obligation or for the lulz, but the simple fact is I find what they do hilarious.

Yes, I am a total bastard, but I'm upfront about it. I'm a sucker for schadenfreude.

[Nepenthe]

If you don't approve of what they do, why are you even trying to argue with anyone here? If no one approves of the hackers, and if no one here is outright saying that they're okay with these companies' crap security, (although the security has been fine in many cases anyways), what is there to even discuss?

[Light]

That they shouldn't have been breached in the first place? I don't know. I feel like the main problem people have here is that this group is so public about their activities. Typical hackers are usually discreet.

Edited June 14, 2011 by Light

[Velotix von Skruviktorrius]

This again - didn't we have this come up the other week? Like I said, the world's not binary. I'm going to be blunt about it this time.

Presenting the other side of an argument is not an implicit approval of that argument.

If an argument is one-sided when there's a decent counter-argument (even if it offends people's sensibilities), I feel it right to present it, and I've done it several times on this site. My primary ideal is to fully understand a scenario before forming an opinion on it, and this I do. Most of the SSMB members are not IT professionals, and properly understanding this topic requires a certain degree of background on computer security in general. It also requires the ability to distinguish between specific groups, but that's not an issue here.

Lots of people in this thread seem to believe that even acknowledging there is another side of this argument regardless of how one actually feels about that side is a dirty thing to do, and that especially grates on my balls.

And to be clear, the key assumptions being made by many here (that are false) are:

1) Modern computer security in general is adequately protecting your data - it does not. If a hacker wants it, as has been demonstrated, it's only a matter of time. There are exceptions, but they're disturbingly rare and crucially this is what this is all about deep down. If data was secure, no amount of tricks would break it open. This situation probably has something to do with... let's say "unofficial government access" to data.

2) Company executives actually know how to secure data and give a shit about doing it properly. Generally, they do not until they're about to get fired if they don't start caring. Again, there are exceptions.

3) Company executives listen to their hired security professionals and give them an appropriate budget to do their job correctly. They do not.

[Nepenthe]

That they shouldn't have been breached in the first place? I don't know. I feel like the main problem people have here is that this group is so public about their activities. Typical hackers are usually discreet.

I don't think it would've mattered if they LulzSec were discreet or not. Assuming they were, which would've opened the possibility that there were actually multiple groups at play, it wouldn't have changed the end result which is that customers and web-goers are now being inconvenienced and potentially put at the risk of having their finances and identities ruined to the point where they don't care anymore about whatever these guys have to say for themselves. They just want the problem to go away, and the quickest way to do that would be to arrest them. Remember, they've attacked companies with good security before, (Square Enix and Epic come to mind), and they've attacked companies that have nothing to do with the overall issue at hand, (PBS), so it's obvious that everyone beefing up security isn't guaranteed to make this problem go away completely until these guys are either bored with the whole debacle or arrested. And speaking as someone who still can't get the fuck on The Escapist right now, I don't want them to have the satisfaction of getting away with it and moving on after the fun's all said and done.

This again - didn't we have this come up the other week? Like I said, the world's not binary. I'm going to be blunt about it this time.

Presenting the other side of an argument is not an implicit approval of that argument.

Why do you keep saying this? People here have been approving of the other side of the argument which is, as I understand it: companies should go to the greatest lengths possible to protect their customers' sensitive information within an online network, and if they don't, then they share a bit of blame for the crime along with the perpetrators through negligence if that information gets easily stolen. You don't need an IT background to understand the basics of this issue.

However, no one here who's mad at them said bringing this up is some inconceivable act. We're merely taking a stand, saying that LulzSec's execution of all of these hacks is so misguided, muddled, and damaging to innocents that the point they were apparently trying to get across has been completely lost in the aftermath, that they're just doing it because they can at this point and not because they're on some anarchistic assault to protect us from company negligence.

Edited June 14, 2011 by Nepenthe

[CtW]

Apparently they're at war with /b/ now. This should be good.

[TheGerkuman]

Escapist's been back for ages. I just watched the new ep of The Big Picture.

[Scar]

However, no one here who's mad at them said bringing this up is some inconceivable act. We're merely taking a stand, saying that LulzSec's execution of all of these hacks is so misguided, muddled, and damaging to innocents that the point they were apparently trying to get across has been completely lost in the aftermath, that they're just doing it because they can at this point and not because they're on some anarchistic assault to protect us from company negligence.

This.

Lulzsec's actions have supersceded their original intentions. Their initial intentions was to point out glaring faults in a companies security infrastructure. That's well-intentioned if a little misguided attempt at bettering the situation. Now, however, they're starting to fuck with peoples' personal information.

This is NOT funny any more.

I'm going to be explicit here. If you DO think its funny, then you are fucking retarded. Empathy is required in this situation, not smugness. If you think its funny now, then chances are it hasn't affected you, but if it does affect you, then chances are, you'll stop finding it funny.

Again, they are now fucking with peoples' personal details. Yeah, they may not post it anywhere, but the fact that they hold it, is enough. A group of real, malicous cyber-criminals, may then attack Lulzsec themselves to take the information from them, rather than from the companies directly. This would be realtively easy for them to do, whilst Lulzsec are too busy worrying about corparate and legal action (or are too naive to realise the implications and are simply laughing about it), and the governments and corparations are busy hunting Lulzsec down, these criminals can sneak in amongst the Chaos and nab the info.

This information, regardless of its source, can ruin peoples' lives. It is no Joke, and it really shows how immature and naive Lulzsec are for thinking this is acceptable and funny.

I want these fuckers jailed, so they can quiety contemplay the serious implications their actions can have.

Its like Velo said; nothing is unhackable, and Lulzsec or any similar group is no exception. If they can hack a company and steal information, then criminals can hack them and steal the information too, or at least determine how the information was obtained and implement the same or a similar technique. Opening a wound in this volatile environment is just asking for an infection.

[Patticus]

Apparently they're at war with /b/ now. This should be good.

This will be the final battle of the Internet.

Never again will online shenanigans be so interesting.

[turbojet]

I'm saying that these corporations are incompetent as fuck when it comes to protecting sensitive information.

We are a fucking generation that has cell phones glued to our ears 20% of the time and can figure out how to work a new electronic device by just dicking around with it. Of course, these hackers are ahead of the curve and of course these corporations are behind. It doesn't make them incompetent nor does it make the criminals justified. I am still very pissed off about the PSN store being down during my time off. I used to support Anonymous when they were trying to expose illicit government and corporate activities, but now they(LulzSec) not just jumped off the slippery slope, but they took a rocket and fucking flew past the moon. Fuck these guys.

[Mr. Awesomest]

EDIT2: I find this thread's lack of quotes, yet not a lack in multiple debates quite mind boggling, so instead of an argument I was going to form, I'm just going to reply to Patticus.

This will be the final battle of the Internet.

Never again will online shenanigans be so interesting.

Are the seats to watch this event at /b/? I hope so.

Edited June 15, 2011 by Mr.Awesomest

[Swiss]

Well, looks like the Minecraft downtime was a total of about...10 minutes.

Congrats Lulzsec, give yourselves a pat on the back.

[Velotix von Skruviktorrius]

This has been covered nicely now except for a couple of details, which border on pedantry.

This was meant to be a quick and short post. ;_;

People here have been approving of the other side of the argument which is, as I understand it: companies should go to the greatest lengths possible to protect their customers' sensitive information within an online network, and if they don't, then they share a bit of blame for the crime along with the perpetrators through negligence if that information gets easily stolen.

[Phos]

If he's really doing it for the lulz, better him than someone doing it for profit.

And this of course assumes that this results in better security all around.

[Patticus]

And they're now taking requests via phone - http://www.bbc.co.uk/news/technology-13777129

Anybody have any sites they'd like to see brought down for the lulz? Sites you may find annoying or generally dis-likable?

[Carbo]

I'm just going to bud in here and have my say.

Hacking as a crime is wrong. Yes they should go punished.

But if it were literally that easy to just say that "people should not hack" and imagine everything to be accustomed to that, then we wouldn't even need security to begin with. A lot of companies get hacked and there's really nothing to do to stop it. But the question is how the companies will go by to make amends to the situation, what they will have to do to improve everything, and how we can entrust them and keep up a solid consumer-company relationship.

I don't think this is the first time I've sided more with Velotix on the matter. There's always another side to a story here, and not everything is black and white. It's not the first time he's sparked a debate simply because he didn't conform with a one sided opinion and it certainly isn't one that implies that they're in the right and are wholly excusable from the law. I'm sort of glad there's a debate on this, otherwise this topic would have been loitered with "fuck LulzSec" posts and hey guys that's just fucking boring.

I really do hope someone stops them soon though. I don't stand for what they're doing at all, and it only abuses internet functionality.

Edited June 15, 2011 by Carbo

[Swiss]

The servers were down for maintenace. For real. Relax.

(Apparently they went in and did some tweaking to make it a little harder to DDOS the login server. And there was much rejoicing.)

Apparently Notch says it wasn't his doing...

This all could be good or bad. On the good side, hopefully companies will be revising their security measures if they aren't up to scratch (which, in all honesty, they should be). On the bad side, it's just stopping people from using said services and potentially having their information stolen.

I'd rather they just stop, honestly. They've already potentially cost me and everyone else in Europe getting the OoT soundtrack from Club Nintendo. >

[Carbo]

I'd rather they just stop, honestly. They've already potentially cost me and everyone else in Europe getting the OoT soundtrack from Club Nintendo. >

I think the Club Nintendo staff would know when a hack or the like gets in the way of a big promotional feature, and if they really care pushing it, they'll make amends that will make the deal fair for all EU consumers who miss out on the offer because of this.

[Yong]

If he's really doing it for the lulz, better him than someone doing it for profit.

And this of course assumes that this results in better security all around.

That's assuming these supposedly "eviler hackers" don't bring down the companies first, seeing as how lulz is highlighting all the ones with "weak security."

[Velotix von Skruviktorrius]

Apparently Notch says it wasn't his doing

It went down twice. EDIT: And apparently according to the Twitter linked below several times today as well for further updates.

The first time was during the evening when LulzSec DDOSed the crap out of the server, which dies to excessive legitimate traffic anyway so it was a simple matter of divebombing the server with an illegitimate volume of (il)legitimate requests. A DDOS attack is just deliberately slamming the server with more traffic than it can cope with. It doesn't breach anything, it just gets rid of a site you really don't like temporarily.

Then later on in the day the server had to be brought down for maintenance to make the server more DDOS-resilient because they can't maintain it and keep it running at the same time.

And if you don't believe me: the Mojang server guy's Twitter.

So yeah. Relax.

[Carbo]

They just got Heroes of Newerth down a while ago.

That sound you're hearing is the sound of a billion DotA and LoL fanboys forgiving everything.

They're targeting EVE Online later on.

I have to say that for all the shit these guys do that I don't condone, it's pretty entertaining to follow their Twitter page.

[Velotix von Skruviktorrius]

They're currently redirecting their phone line to various people. FBI Detroit, WoW customer support, magnets.com...

Regardless of what you think of them, their Twitter is unquestionably hilarious. Here you go.

Also this is priceless.

Like I said: I love me some schadenfreude.

EDIT: Oh and finally: this entire thread has been for naught.

LulzSec specifically linked this claiming it as "the best article ever written by man", i.e. completely dismissing the idea that they have any interest in improving people's security.

These guys are purely in this to screw around, so let's ditch the security BS from this topic.

"I FIND HACKING FOR LULZ FUNNY"

"I DO NOT"

"PROBLEM?"

"YOU'RE A TERRIBLE PERSON"

And so on.

Edited June 15, 2011 by Velotix Lexovetikan

[Patticus]

O hacker! My hacker!

LulzSecThe Lulz Boat

Our number literally has anywhere between 5-20 people ringing it every single second. We can forward it anywhere in the world. Suggestions?

[Carbo]

Eve Online login servers are completely obliterated, looks like their website got knocked off via overkill: eveonline.com #EVEning

Eve website may or may not work off and on; we're not actually hitting it, their stuff is so crappy that it goes down with the logins.

[Yong]

*groan*

http://social.bioware.com/forum/1/topic/6/index/7653193

This is it. This is how the world will end. By the end of 2011 all video game companies will be deemed "unsecure" causing the death of online gaming. All gaming fans will then go into withdrawal from no longer being able to play their CoDs and their WoWs, etc., and will then go into mass riot, causing the destruction of the world in 2012.