
Poll: Do you find LulzSec's activities amusing? - zgorgonola
http://nakedsecurity.sophos.com/2011/06/15/poll-do-you-find-lulzsecs-activities-amusing/
======
rauljara
LulzSec's activities are about as entertaining to me as watching third graders
write "poop" on the black board when the teacher isn't watching.

That said, I wish there were a "No" response other than "Hacking into
companies and launching DDoS attacks is no laughing matter." The writers of
the article seem to be going out of their way to match the stereotype of
stodgy old corporate types shaking their fists at the young ones.

~~~
po
Polls are never very good for capturing nuance. I was looking for the _"Some
of what they do is amusing, and they highlight the vulnerable nature of the
systems we take for granted but they are certainly breaking the law and often
overstepping what I would consider appropriate"_ option.

~~~
ramchip
This one isn't especially well designed. For the "yes", it presents two fairly
specific answers, ignoring the general case. A lot of biased Internet polls
are made like this.

------
itgoon
I don't think it is amusing.

I think it is a shame that it came to this. If these attacks required
significant sophistication, that would be one thing. If these sites were mom-
and-pop shops with low expectations for security, that would be another. (no
offense to those moms and pops who have it together ;) )

How many years have we been blowing the trumpet for some rigor in security
practices? I've lost track of how many times I've been overridden in the name
of expediency and "no one would do that".

It isn't funny that thousands of innocent people are put at risk just to get
past the false claims and denials put out by people who supposedly should know
better.

------
Shenglong
With the exception of DDoS attacks, I think what they're doing is a good
thing. Malicious hackers don't just take down sites - they go in, and try to
get out undetected. If there is a major vulnerability (especially if it's easy
to figure out), they're really doing these sites a favor in pointing it out.
Obviously, rendering a free service, it's hard to worry about your client's PR
issues... especially if bringing it up in a friendly way would probably take
multiple phone calls and countless hours. They may not be doing the companies
a favor, but they're definitely doing their clients a favor (Citi for
example).

------
saulrh
Vaguely. Their press releases are funnier, though, and everybody's reactions
are hilarious. "Our security flaws wouldn't matter if you didn't go around
pointing them out!"

------
Goronmon
I don't find their DDoS activities against targets like Minecraft and EVE
Online amusing at all.

~~~
po
Was it actually just a DDoS attack? I don't consider that a security
vulnerability in the slightest. It's a vulnerability, sure. An availability
vulnerability I guess.

~~~
Goronmon
Well, I know in EVE's case, CCP noticed the DDoS and took down their servers
to make sure nothing was being accessed. So, it seems like yeah, they were
basically just pointing their botnet at random companies.

------
snorkel
Defacing is sometimes humorous especially when it's a braggart security firm.
It'd be a useful public service if they'd reveal which specific vulnerability
was exploited in each intrusion.

DDoS is lame and stealing or destroying server data is not cool.

------
wccrawford
Amusing? Sort of.

Scary? Absolutely.

I knew security was weak out there, but they are hitting WAY too many sites of
major companies. I can't believe they were all this vulnerable.

In the end, I think they are using the media to teach the entire world a
lesson about security. I'd like to think that's their goal, but I'm pretty
sure it really is for the Lulz.

~~~
iwwr
Of course, not being hacked is better than being hacked, but being lax about
security is inviting trouble. Trouble coming your way can be more devastating
than a potential public humiliation at the hands of LS.

------
Zakuzaa
Being honest here - I enjoy what they do. I do feel for the people who are
being affected by this, but.... umm... I enjoy.

------
gilesc
While they were still choosing targets that either "deserved" it for some
moderately reasonable ideological reason (Sony) or should have top-notch
security (FBI), yes. Now that they're choosing targets at random, no.

Especially since this is all so likely to end in an acceleration of government
crackdown on web freedoms.

------
scythe
Mildly. It would be more amusing if it wasn't the same "joke" we've all been
hearing for the last ten years. Remember g00ns? zf0? o&e? myg0t? r3m? ~el8? At
least this one isn't in l33tspeak.

I guess the funny part is that it still works...

------
jrockway
If anything, widespread random hacking underscores the need for correct
software, so this should be good for those in the business of doing more than
clicking shit in Eclipse.

------
robryan
Isn't to bad, keeps security front of mind. If there weren't any groups going
around and doing this kind of thing big companies would be even more
complacent than they are.

------
crag
I "was" funny the first or second time. Now it's just old news.

------
colinplamondon
These people are criminals.

I'd love to see some 20 year jail sentences out of this. The idea that because
hacking a site is easy it's 'amusing' and justified is ludicrous.

------
mijnpc
I don't find it amusing :)

------
shareme
I find it amusing that the main press somehow highlights this in the form of
DDOS attacks, and SQL injection rather than the more scary security vulns..
for example what happens when you give almost a million security card carrying
clearance people access to all US state department cables..

The scariest security vulns are not technical they are human and institution
based.

------
citricsquid
> Yes, they're funny. And they're making a serious point about security. More
> power to them!

Anybody who votes this should be slapped. Seriously. They have repeatedly
stated their intent is to create "lulz" for themselves.

