Jump to content
LOTROCommunity

Recommended Posts

For the hackers, from their own admission, it's all for "the lulz". In many (but not all) of the occurrences, the attacks are made simply to see if they can be done. It's unfortunate.

That's how it used to be. And there's still hacks for lulz. But there's also real business in it nowadays, and I think that's the majority or shall be soon. One can make quite a coin with a hundred million accounts that include credit card info. :(

I think I liked the kids better...

On an up-note... there's a German site called iShareGossip. A site for spreading rumours, completely anonymous. It was used for bad mobbing, especially within school groups. After one fellow, who tried mediating in RL in defense of his lass, ended up in hospital it was put on "the index" (forbidden). But officials couldn't take it down and couldn't find the ones responsible.

Well... it seems the site got hacked. It's now displaying a nice poem and advising the owners, admins and mods to contact police within a week. Otherwise their personal data will be made public and folks can "thank them personally". "Hacks and kisses". Self justice ain't a good thing. But this case did make me giggle and think that some hacks may be rather welcome. ;)

Link to post
Share on other sites
  • Replies 88
  • Created
  • Last Reply

Top Posters In This Topic

One might welcome them, but the problem is that the attacks aren't just limited to those things that we dislike (much less those things we dislike in common). Hacking is hacking, no matter who is on the receiving end. It's criminal and malicious, and eventually the hackers will be caught (or, if they hack the wrong people, "removed").

Link to post
Share on other sites

As a Eve player I was watching Lulzsec twitter feed last night.

They called it "TitanicTakeoverTuesday"

They attacked Eve, Minecraft, Escapist Magazine and League of Legends.

They did not "hack" these site, it was DDoS attack.. (yes it is different :))

Minecraft was only down for a short amount of time.

The CCP decided to completely take down all their servers as soon as it was aware of the attack. Everything was back online at approx 3am.

Whilst many people are against what Lulzsec is doing, they are proving a very important point in so far as the security that many companies are employing is very very poor.

The attack on Sony showed that they were storing user details in unencrypted plain text files.

They recently performed an attack on the NHS and the same thing again, however they did not release any of the information and instead gave advice to the NHS on how to beef up their security.

The have hacked a couple os sites but not released any info and advise them how they did it.

Personally I am not bothered about the actions of lulzsec, but how easy they have found it to hack into these sites/servers and obtain unencrypted data. That is what people should be worried about.

Link to post
Share on other sites

We've suffered DDoS attacks before, it shouldn't be enough to take down the service tbh.

I'm curious what kind of damage someone can do if they know your email address and country tbh, whilst it is a serious issue, I just can't think of someone gaining that information about me is going to hurt me in any way (you can't crack the passwords).

Link to post
Share on other sites

I just got an e-mail claiming to be from Codemasters in German (codem@codemasters.com) - I'm not German. All I could make out in it was something about CodeM. I've never had a CodeM account. I have deleted it. Smelt very odd to me.

Also what Lulzsec have done today by releasing 65,000 e-mail addresses and passwords does not speak of any good intentions.

Link to post
Share on other sites

The issue with DDoS attack is that they are mainly used as a diversion to a real hack as Sony found out to their cost.

It can be days after the actual DDoS attack that people find they have been indeed hacked.

On a another note LulzSec have just release a text file containing 62,000 username and passwords they have obtained via their hacks over the last few weeks.

I will admit that I download the text file as I have used some of the site they have hacked and was happy to see that my details are not listed on there although judging by the many tweets many peoples details are there.

Link to post
Share on other sites

Well Anon spring mostly from 4chan as I understand it. Now this Jester chap is also involved (I'm not writing it in Leet). Seems like war is already well underway. Lulzsec openly declared war on /b/ and claimed to have got their user data too I think - and to be using them as part of a botnet for their DDoS attacks.

Edit:

http://www.unveillance.com/latest-news/unveillance-official-statement/

According to this Lulzsec are dabbling in some very dangerous waters

Link to post
Share on other sites

Now if only Anon also gets involved.. War on teh internetz

Maybe they'll do us all a favour & wipe each other out? Or their net connections, at least. I should be so lucky... :N

Link to post
Share on other sites

Anon and Lulzsec are different in so much as Anon goes after political targets and lulzsec.. well there in it just for lols.

Lulzsec have just released their manifesto.

Such accounts are impossible to verify, but LulzSec has apparently been stung by the response to its antics. Its new manifesto admits to having "a mass of enemies, albeit mainly gamers." As for the release of unencrypted usernames and passwords, hey, it's funny:

Yes, yes, there's always the argument that releasing everything in full is just as evil, what with accounts being stolen and abused, but welcome to 2011. This is the lulz lizard era, where we do things just because we find it entertaining. Watching someone's Facebook picture turn into a penis and seeing their sister's shocked response is priceless. Receiving angry emails from the man you just sent 10 dildos to because he can't secure his Amazon password is priceless. You find it funny to watch havoc unfold, and we find it funny to cause it. We release personal data so that equally evil people can entertain us with what they do with it.

Most of you reading this love the idea of wrecking someone else's online experience anonymously. It's appealing and unique, there are no two account hijackings that are the same, no two suddenly enraged girlfriends with the same expression when you admit to killing prostitutes from her boyfriend's recently stolen MSN account, and there's certainly no limit to the lulz lizardry that we all partake in on some level.

But LulzSec says that those upset at the data releases have missed the point. LulzSec is bringing attention to real security issues; other hackers are doing the same things to the same sites, but they're keeping the information private, and probably preparing it for more nefarious uses.

Do you think every hacker announces everything they've hacked? We certainly haven't, and we're damn sure others are playing the silent game. Do you feel safe with your Facebook accounts, your Google Mail accounts, your Skype accounts? What makes you think a hacker isn't silently sitting inside all of these right now, sniping out individual people, or perhaps selling them off? You are a peon to these people. A toy. A string of characters with a value.

This is what you should be fearful of, not us releasing things publicly, but the fact that someone hasn't released something publicly. We're sitting on 200,000 Brink users right now that we never gave out. It might make you feel safe knowing we told you, so that Brink users may change their passwords. What if we hadn't told you? No one would be aware of this theft, and we'd have a fresh 200,000 peons to abuse, completely unaware of a breach.

Or perhaps LulzSec is engaged in a philosophical game, holding up a mirror to Internet culture and its love of memes, scandal, and trivia. Do we not, as Internet users, demand to be entertained? And is not LulzSec providing that entertainment?

We've been entertaining you 1,000 times with 140 characters or less, and we'll continue creating things that are exciting and new until we're brought to justice, which we might well be. But you know, we just don't give a living fuck at this point - you'll forget about us in 3 months' time when there's a new scandal to gawk at, or a new shiny thing to click on via your 2D light-filled rectangle…

This is the Internet, where we screw each other over for a jolt of satisfaction. There are peons and lulz lizards; trolls and victims.

If you want to blame someone, blame human nature—not the individual humans actually doing the hacks, leaking the data, and then logging into other people's accounts.

"Nobody is truly causing the Internet to slip one way or the other," says the statement, "it's an inevitable outcome for us humans."

The sad thing in most part they are right.

If anything hopefully people learn that it is not wise to use 1 password for all of their accounts and to exercise more caution.

What I do find sad is that the media in general as well as many people have aimed there total anger at Lulzsec and seemed to have forgotten that these Multi Million Dollar Companies that we in trust to hold our personal details in a secure environment and to employ safe guards against these attack are not quite clearly not doing so.

A group of script kiddies should not be hacking these companies with such ease and our personal details being held on unencrypted files.

So by all mean aim your anger at groups like lulzsec but please do not forgot to also aim your anger at the these companies as well.

Link to post
Share on other sites

Preface: If this rebuttal to Lulzsec's statement is not permitted by the letter and spirit of the rules of this board, I apologize in advance to MueR and the rest of the Community and accept responsibility for admin/moderation decisions that result.

Yes' date=' yes, there's always the argument that releasing everything in full is just as evil, what with accounts being stolen and abused, but welcome to 2011. This is the lulz lizard era, where we do things just because we find it entertaining. Watching someone's Facebook picture turn into a penis and seeing their sister's shocked response is priceless. Receiving angry emails from the man you just sent 10 dildos to because he can't secure his Amazon password is priceless. You find it funny to watch havoc unfold, and we find it funny to cause it. We release personal data so that equally evil people can entertain us with what they do with it[/i'].

I would expect it to be funny ... to an adolescent whose parents didn't apply proper discipline to early and often, not to a mature individual (When I say "mature", I use the traditional meaning of "grown-up, responsible and observant of the Golden Rule."). Now, before you start to say that "it's 2011" and "everyone" likes this, you're dead wrong. Doing right is something that is ageless, regardless of what era or cultural timeline you vainly profess to emulate.

Most of you reading this love the idea of wrecking someone else's online experience anonymously. It's appealing and unique' date=' there are no two account hijackings that are the same, no two suddenly enraged girlfriends with the same expression when you admit to killing prostitutes from her boyfriend's recently stolen MSN account, and there's certainly no limit to the lulz lizardry that we all partake in on some level.[/i']

There are more of us that don't appreciate this sort of useless pranking than you think. You say that it's "appealing and unique," when it only shows how blind you are. It's unwarranted, unwanted and, unfortunately, quite old. I say "old," because it's the same inconsiderate and childish antic, with the only difference being the tools involved. You think your methods are fresh and new and exciting? I say with greater evidence that it's just a re-packaging of the bag of flaming excrement left on the front porch. It's been done to death, and most people grow out of it (or are beaten out of it, but I digress).

Do you think every hacker announces everything they've hacked? We certainly haven't' date=' and we're damn sure others are playing the silent game. Do you feel safe with your Facebook accounts, your Google Mail accounts, your Skype accounts? What makes you think a hacker isn't silently sitting inside all of these right now, sniping out individual people, or perhaps selling them off? You are a peon to these people. A toy. A string of characters with a value.[/i']

You expect me to believe that a immature criminal like yourself is going to use this information with any sense of moral restraint? If that is the case, you are less intelligent than you accuse many others of being. We know full well that you - and other criminals like you - have no compunctions about using what you steal. And, by the way, I use the terms "criminal" and "steal", because I don't sugar coat the truth.

This is what you should be fearful of' date=' not us releasing things publicly, but the fact that someone hasn't released something publicly. We're sitting on 200,000 Brink users right now that we never gave out. It might make you feel safe knowing we told you, so that Brink users may change their passwords. What if we hadn't told you? No one would be aware of this theft, and we'd have a fresh 200,000 peons to abuse, completely unaware of a breach.[/i']

While fear is often a powerful motivator, you have nothing to threaten me with. Those of us who exist in reality know that not even a sliver of our being is dependent on the internet for its validity. If you capture electronic data I use or place there, guess what: I still live independent of it. If you tamper with and alter the data to try to defame me, guess what: it doesn't change who I am. As for you, whose entire effort revolves around gaining validity of self through the internet, you are not an object of fear...you are an object lesson for the rest of humanity in how not to pursue one's life.

Or perhaps LulzSec is engaged in a philosophical game' date=' holding up a mirror to Internet culture and its love of memes, scandal, and trivia. Do we not, as Internet users, demand to be entertained? And is not LulzSec providing that entertainment?[/i']

You don't know us as well as you think you do, the majority of us who live our lives untethered to useless fads and trends. Sure, you have your fan base, but it is a small and inconsequencial number of people, compared to those who don't need you to make better use of the internet (or even *gasp* do without it). You believe you're entertaining? You are the pimple on the rear end of humanity, and all pimples pop eventually ... with very messy results.

We've been entertaining you 1' date='000 times with 140 characters or less, and we'll continue creating things that are exciting and new until we're brought to justice, which we might well be. But you know, we just don't give a living [censored'] at this point - you'll forget about us in 3 months' time when there's a new scandal to gawk at, or a new shiny thing to click on via your 2D light-filled rectangle…

You don't care? Oh, but you will. When you are, as you put it, "brought to justice," you will realize exactly what the term "general prison population" means. I hope you have some marketable skills to use in prison; otherwise, you'll have to fall back on your more physical assets.

This is the Internet, where we screw each other over for a jolt of satisfaction. There are peons and lulz lizards; trolls and victims.

If you want to blame someone, blame human nature—not the individual humans actually doing the hacks, leaking the data, and then logging into other people's accounts.

"Nobody is truly causing the Internet to slip one way or the other," says the statement, "it's an inevitable outcome for us humans."

You may want to shift blame to this person or that group or this company, but the undeniable fact (if you are honest with yourself) remains that you made a choice to do what you did, and the sad part is that you can't take it back now and there will be consequences, sooner or later. In the best case, you'll have a chance to make recompense for what you did and learn something. In the worst case ... well, you seem to have a sufficiently active imagination, so I'll let you determine what that is.

Link to post
Share on other sites

Have to agree with Dalthalion here, this behaviour is immature in the extreme.

Saying that people "only have themselves to blame" for poor security and laying themselves open to hacking is like saying it is OK to walk in to somebody's house and steal their belongings because the door was left unlocked.

It is not, and never will be, acceptable to do that.

Yes the person should have locked their door, but that doesn't make robbing them acceptable.

End of...

it is immature, in the "real" sense of the word, to use this type of excuse for inexcusable behaviour. :(

Link to post
Share on other sites

What a load of twaddle. If they were serious about getting companies using the internet to tighten security, all they'd have to do is find the holes, then go to that company and tell them. Posting private details of ordinary users all over the internet is just childish vindictive playground behaviour that most of us grow out of quite early on. There's no excuse for what they are doing.

Link to post
Share on other sites

What a load of twaddle. If they were serious about getting companies using the internet to tighten security, all they'd have to do is find the holes, then go to that company and tell them. Posting private details of ordinary users all over the internet is just childish vindictive playground behaviour that most of us grow out of quite early on. There's no excuse for what they are doing.

Sorry but I entirely disagree.

The only thing that will get these companies to spend money to take the required steps to tighten security is a highly publicised security breach.

Lets use Sony as an example.

They were storing customer details on unencrypted files. Are you honestly saying that they needed to be told that this was very dangerous?

I do not agree with hacking and publishing users details, never have and never will, but all the blame can not be targeted at just these hacking groups.

If history tell us anything is that these companies will only ever change the way they operate if it affects there profit, nothing else.

Sony paid a very heavy price for their lax security and there unwillingness to change. The attack on Sony should of been a warning to every other company to tighten their security yet we see breach after breach.

Personal Details stored on unencrypted files in easy to target servers, well known glaring security holes on websites belonging to multi million dollar organisations that can be hacked by anybody with a basic understanding of how to use google.

I am more angry at these companies then at the hackers because these hacks that are being used are not complicated sophisticated hacks being employed by intelligent, professional, very knowledgeable software engineers but by a bunch of sad lonely script kiddies.

Link to post
Share on other sites

There is no justification for what these hackers are doing. The claim that they are trying to show up the lack of security at these companies is just plain stupid, they are criminals and I hope they get what is coming to them

Link to post
Share on other sites

There is no justification for what these hackers are doing. The claim that they are trying to show up the lack of security at these companies is just plain stupid, they are criminals and I hope they get what is coming to them

What about the companies who appear not to care about security and leave your personal data open to attack. Do they not also share your scorn?

Sega have admitted that their servers were compromised and that personal details were taken but that the passwords were encrypted.

So is it okay that the passwords were encrypted but the rest of your user information such as your full name, address, username were not?

My own opinion is that ALL Customer personal details should be encrypted not just passwords, but hey, it only seems to be a minority of people who think this way and the majority that think companies can do what they want and its the hackers who are to be blamed for everything.

Link to post
Share on other sites

Hackers are to blame. No matter how much security a company has in place in is not safe from hackers. Also if there were no hackers all data could be held in plain text without any worry as no one would be trying to get a hold of it

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...