

Anonymous Pledges to Take Down Facebook - noahc
http://news.cnet.com/8301-17852_3-20090328-71/anonymous-facebooks-going-down-november-5/

======
palish
Am I the only one who thinks this sounds completely out of character for
LulzSec / Anonymous?

They aren't stupid. They surely know that waging war against Facebook would be
silly.

I'd bet this is someone completely different, looking to pose as Anonymous.
Try looking at the sources --- you won't be able to trace it back to an
announcement by Anonymous. So who are these guys?

~~~
Ideka
No, you aren't. In fact if I'm not mistaken, this notice was first released
yesterday, in spanish. I'm not 100% sure though.

~~~
gasull
Can you link the original one in Spanish?

~~~
Ideka
Not sure if it is the first one but:
<http://www.youtube.com/watch?v=Rp-V47iFoDo> It's seems it's even older than I
thought.

EDIT: Rough translation:

\----

Greetings, world. We are anonymous.

In this short time lapse, we've heard and saw the panic of Facebook
progrmmers. It seems that now they are offering US$ 500 to find errors on
their webpage. It is clear that nothing of this is real. They only do this to
make the world believe that they have the power, and nothing can be done
against them. As we have said before, we are tired of Facebook stealing
people's information and selling it to powerful people like pieces of paper.
This regime has come to an end.

Facebook will cease to exist.

In November 5th the Facebook Operation will take place succesfully, and
nothing will be able to stop it.

We are anonymous, we are legion. We don't forget, we don't forgive. Expect us.

\----

Now that I listen to it carefully, the way they put it sounds pretty weird, to
say the least.

------
gareim
From #AnonOps: "TO PRESS: MEDIAS OF THE WORLD... STOP LYING! #OpFacebook is
just ANOTHER FAKE! WE DONT "KILL" THE MESSENGER. THAT'S NOT OUR STYLE
#Anonymous"

That's not to say that Facebook won't be attacked, but most likely not by the
people that form that Anonymous that WE think of when we think Anonymous.
Although I suppose that any one or group could be Anonymous because of how
they define themselves.

~~~
gasull
Link to the tweet: <https://twitter.com/#!/anonops/status/101152229087657984>

------
brianleb
I really don't buy this as a... 'full force,' if you will, attack by
Anonymous. I would want to see this confirmed by sources like
<https://twitter.com/#!/anonymousirc> before I believed it to really be an
'Anonymous' 'movement.'

Of course, their strength is also their weakness. Without any names, what is
and is not 'Anonymous' can forever be questioned. Like others, I want to say
"they are too smart for this," but then they ('they') also attacked Amazon a
few months back and that certainly did not go as well as the Visa attacks...

~~~
gasull
AnonOps said it's a fake:
<https://twitter.com/#!/anonops/status/101152229087657984>

~~~
AzAngel
Except for a later tweet saying some are involved but not all:

"#OpFacebook is being organised by some Anons. This does not necessarily mean
that all of #Anonymous agrees with it."

~~~
gasull
Link to the tweet: <https://twitter.com/#!/anonops/status/101194056008351744>

------
runn1ng
I was yesterday at their IRC, prepared to laugh at them, but it was quite
interesting.

First, they try to look united on twitter and to media, but they quite aren't.
Second, they are INCREDIBLY naive. Third, they are OBSESSED with attention of
the media.

They were actually planning the attack on #OpFacebook channel (so no, it was
not fake - and the channel still exists, but they probably realized it is a
joke so they turned it into a joke). After they realized they quite can't
attack their servers, they thought it would be better to get people passwords
by "botnet keylogger" (and I am not making it up), steal about 1 million
accounts and then DEACTIVATE THEM ALL, which would I guess do something
terribly evil to Facebook.

Someone brought the question if this doesn't give media and police the right
to label them as terrorist, and someone else replied that "police and media
are the real terrorists". After that sentence, I laughed too loud and had to
leave the IRC.

edit: and apparently, it is still going on - <http://pastebin.com/nzaNLWfF> .
Or maybe not, who knows

edit2: ....and they closed the channel for speaking now. Oh well, it was fun
while it lasted.

~~~
cpeterso
> _they thought it would be better to get people passwords by "botnet
> keylogger" (and I am not making it up), steal about 1 million accounts and
> then DEACTIVATE THEM ALL, which would I guess do something terribly evil to
> Facebook._

That is not a bad approach. If you assume Facebook's network infrastructure is
rock solid, then attack Facebook's _human infrastructure_ by flooding them
customer services calls.

I don't think you need a botnet keylogger to grab Facebook passwords because
their users are easily confused or duped. For example, ReadWriteWeb wrote
about Facebook's plans for login federation and many Facebook users, googling
for "facebook login", found this blog and tried to login there!

[https://www.readwriteweb.com/archives/facebook_wants_to_be_y...](https://www.readwriteweb.com/archives/facebook_wants_to_be_your_one_true_loginpage2.php)

------
Zagafa
This group calls itself anonymous as well, and uses the same 'branding', but
it is useful to note that the people behind this may have no affiliation with
the previous anonymous operations.

The 'original anonymous press release' was Uploaded to youtube by FacebookOp
on Jul 16, 2011, and picked up by media only recently.

None of the usual anonymous twitter accounts
(<http://twitter.com/anonymousirc> <http://twitter.com/youranonnews>
<http://twitter.com/anonops> <http://twitter.com/#!/AnonymousPress> etc) or
the irc channel (irc.anonops.li) have any mention of the operation.

It is of course not impossible to create a new youtube user and a new twitter
account called 'facebookop' and post a video proclaiming to attack facebook in
the name of anonymous. Anyone can do it.

~~~
gasull
Have any of the "official" (whatever it means) Twitter accounts said anything
against FacebookOp?

I'm wondering if this is an spinoff from Anonymous, a false flag, or even both
things at the same time (possible).

~~~
srl
_Have any of the "official" (whatever it means) Twitter accounts said anything
against FacebookOp?_

No. FacebookOp has gone entirely unmentioned by #AnonOps. Not because #AnonOps
is unable to post - both Twitter and the blogspot account have posted multiple
times about the London mess today.

------
potatolicious
Hahahahahaha. Hahahahahahahahahahahahaha. [breathe in] Haha. Hah. Hahahahaha.

Best of luck, Anon!

I'm not sure if Anon fully understands the level of infrastructure and the
level of preparation Facebook has... They'll need to come up with something a
_lot_ more compelling than a bunch of guys at home with LOIC.

~~~
srl
This attack is scheduled to come soon after anon switches from LOIC to a "new
cannon" dubbed #RefRef ([http://anonops.blogspot.com/2011/08/new-hacking-
tools-by-ano...](http://anonops.blogspot.com/2011/08/new-hacking-tools-by-
anonymous-new.html)). They're probably way overconfident in their abilities
(#RefRef's description is thoroughly unconvincing), but at least they don't
think they're going to DDoS one of the best-prepared sites in the world, AFTER
telling them exactly what day the attack will occur on.

~~~
Cushman
So if we assume these people have any idea what they're talking about, it's
some kind of SQLi attack... presumably mySQL? I wonder at what point it'll
occur to them that Facebook mostly serves data from memcached.

Uh... did I get something wrong here? A correction or something would be nice.

~~~
jmtame
"RefRef is a revolutionary DoS java site. Basically, by using an SQL and .js
vulnerability, you can send a page request packet from your home computer with
embedded .js file, because of the vulnerability in the SQL/Javascript engine
on MOST websites, the site actually TEMPs the .js file on its own server. So
now the .js is in place on the host of the site. Next since you still have the
request, it picks up the .js file, and all of the requesting for packets power
happens on the server, not the requestee. I send two packets from my iphone,
and everything else happens on the server. Basically eats itself apart,
because since both are on the server, its all a local connection."

"The tool is very effective, a 17-seconds attack from a single machine
resulting in a 42-minute outage on Pastebin yesterday. As expected, the
Pastebin admins weren't very happy with their platform being used for such
tests and tweeted 'Please do not test your software on us again.'"

"The effectiveness of RefRef is due to the fact that it exploits a
vulnerability in a widespread SQL service. The flaw is apparently known but
not widely patched yet. The tool's creators don't expect their attacks to work
on a high-profile target more than a couple of times before being blocked, but
they don't believe organizations will rush to patch this flaw en masse before
being hit."

[http://www.thehackernews.com/2011/07/refref-denial-of-
servic...](http://www.thehackernews.com/2011/07/refref-denial-of-service-ddos-
tool.html)

~~~
atomicdog
I'm disinclined to trust any source that doesn't know the difference between
Java and Javascript

------
yid
Hi anonymous, I work at facebook. If you manage to hack us and grab our data,
perhaps you'd like to apply for a job? It's not trivial getting the data even
with full access, so you could really help our team! Plus the free lunches are
pretty good.

~~~
gasull
Apparently it's a fake:
<https://twitter.com/#!/anonops/status/101152229087657984>

~~~
asomiv
I thought Anonymous is an unstructured "organization" and that anybody can do
anything under their flag without authorization from a central body. How is it
that there is apparently a central Twitter account?

~~~
gasull
Maybe it's a bit of a meritocracy? It seems some Twitter accounts are somewhat
"official" in the sense that they are followed by most of the people involved
in the Anonymous movement.

------
gasull
The Village Voice has more information than CNet:

[http://blogs.villagevoice.com/runninscared/2011/08/anonymous...](http://blogs.villagevoice.com/runninscared/2011/08/anonymous_wants.php)

tl;dr: The action is motivated because of the poor privacy policy of Facebook.

As said in other comments, it isn't clear if this is Anonymous because their
twitter accounts didn't echo the manifesto. It could be a spinoff, a false
flag op, or anything in between.

------
rdl
So somehow cutting people off from playing Farmville, talking to friends and
family, and generally wasting time is going to endear a small group of
"hacktivists" to those users?

Perhaps as effective as cutting those users off from playing PS3 games they'd
already purchased.

~~~
megablast
You don't really understand protests do you? You could say the same about
street protestors, endearing themselves to motorists trying to get home, or
bus driver protestors causing chaos to those who use their services.

------
gasull
Fake according to AnonOps:

<https://twitter.com/#!/anonops/status/101152229087657984>

------
srl
Anonymous posted to twitter concerning OpFacebook. The three posts that (I
think) are relevant:

 _#OpFacebook is being organised by some Anons. This does not necessarily mean
that all of #Anonymous agrees with it._

 _We prefer to face the real power and not to face to the same medias that we
use as tools. #OpFacebook #Anonymous_

 _REMEMBER THIS ARTICLE: "Are Hacker Attacks Government Operation To Push
Internet Censorship Laws?"_

The last one doesn't specifically mention FB, but it does seem that that sort
of event - where the MSM attributes X to anon when anon isn't behind X - is
beginning to worry them.

------
mahmud
Now that anon denied it, I have a suspicion whoever released this announcement
also sent a security resume/bid to Facebook. Looks like someone creating a
need for himself.

------
almost_usual
The only way I could see this going down is if they have insiders already at
Facebook

~~~
olefoo
Perhaps even at the very top? I mean this could just be a viral marketing
campaign __for__ Facebook. Something to help them regain the street cred they
are losing, something to prevent the inevitable myspacing of their business.
Or maybe just a cover for planned downtime.

------
jarofgreen
You all assume its going to be a traditional DDOS or SQL Injection or whatever
attack.

Look at [http://news.yahoo.com/anonymous-targets-norway-killers-
manif...](http://news.yahoo.com/anonymous-targets-norway-killers-
manifesto-114923977.html) That's an attack on something, but not by technical
means.

Maybe they are planning something they need lots of people to help with and so
want the publicity in advance?

Not a clue what that could be tho.

(Yes, I have seen the tweet saying its fake but as others point out there are
many anonymous, and in fact the whole anonymous thing is that everyone is
anonymous, so who knows?)

------
driverdan
I'm guessing this is partially a response to a talk given at DEFCON by 2
people trying to unmask anonymous and lulzsec members. They highlighted how
they use social media to track people down, especially FB.

------
JDulin
I would hope the real Anon understands the magnitude the challenge they just
set before themselves.

"Facebook has been selling information to government agencies and giving
clandestine access to information security firms so that they can spy on
people from all around the world. Some of these so-called whitehat infosec
firms are working for authoritarian governments, such as those of Egypt and
Syria."

^ Besides, if Anonymous wanted to disgrace facebook, I think a better way to
do that would be to show evidence backing up this claim.

~~~
ayanb
Totally agree. This would be quite a coup causing self-destruction.

------
Jun8
Unstoppable force meets immovable object!

As much as I admire anon's technical prowess, I seriously doubt that they can
take down significant portions of FB which seems very well prepared (unless,
of course, some former employee reveals a trapdoor or something to them). Up
to now, their targets have been clueless corporations (i.e. Sony) or
government agencies mostly.

------
TeMPOraL
Having seen their previous releases, for me this doesn't sound like Anonymous.
I might be wrong, but it smells like faked for me.

~~~
jemeshsu
Conspiracy theory in play: discredit Annon being all mighty if they fail in
this Facebook attempt. Anyone can claim to be Annon, it is also a way to spot
the real Annon.

------
artursapek
I just hope these nerds stay on their computers and don't attack any actual
people.

------
cl8ton
While reading my fav blogs in the AM, anytime someone mentions Lulz/Anom the
f’n comments stop abruptly!

So there is much FUD involved here.

After seeing what they did over the summer,if I were FB...I would take a very
guarded position over this latest claim.

------
sage_joch
What would be really awkward is if they released logs of profile/picture
views. I'd be willing to bet I'm far less of a stalker than most FB users, but
I'd still be pretty uncomfortable with that data out in the open.

~~~
srl
Highly unlikely, except perhaps in Jake Davis's wet dreams.

Remember that an actual hack requires a both a great deal of skill and great
deal of luck, especially when reasonably secure installations (FB obviously
qualifying as "reasonably secure") are the target. If this group had the skill
required, they would know enough not to be counting on getting lucky. Thus,
either they already have knowledge of some vulnerability, or they're not going
to find one. The former is highly unlikely - if they had that knowledge, it
would require a great deal of stupidity to count on FB not discovering it for
nearly three months.

------
pr0filer_
_CRAZY THOUGHT_ : If this <http://seclists.org/fulldisclosure/2011/Aug/76> ,
then they might have network access to Facebook?

------
krashidov
Going after Facebook goes against a lot of Anon's principles. Sure they do
have a pretty bad rep in the privacy department but Facebook was an invaluable
tool for young people during the Arab Spring

~~~
innes
_Anon's principles_

Very droll sir. Very droll.

------
mrleinad
First rule of war: Don't give notice to your enemy of when or where you're
going to attack.

This is something they do to be on the news.. that's all. They're not going to
be able to shut it down.

~~~
lallysingh
Well, there's a few ways they'd do this, right?

(1) availability - DNS or route hijacking. With https they may not be able to
fake their own copy, but redirecting to a 'AnOnYmOus ownz yoo' page may be
possible.

(2) privacy - a pretty big profile dump, maybe of key facebook employees?

(3) quality - have the news feed, groups, walls, etc flooded with (even more?)
crap. A few cracked apps could flood a lot of users.

Sorry, the terms I'm using are pretty bad.

------
fecaldog
Remember when the mydoom worm took down google for a bit due to widespread and
distributed searches for itself/targets? I wonder if database resources are
infinite?

------
drgath
Looks like Nov 5th is the target date. So in ~85 days, they are going to
concoct a plan to destroy a $100 billion (allegedly) company? This should be
interesting.

------
olalonde
Those guys really need some PR adviser... Taking Facebook down (assuming they
can do it) certainly won't make them popular.

------
edwardy20
Will a DDOS attack affect a website that gets billions of pageviews per month
anyways?

~~~
rorrr
It really depends how they attack. They might have found some URLs that
require a lot more resources (CPU or I/O) than your normal user behavior.

------
ristretto
I am beginning to think Anonymous is a fictitious entity made up by the
mainstream media to divert attention. They sound too hippy-dippy to be of
serious intent.

------
neelo
I don't think this is true. We'll see, but I think it's a joke.

------
gary4gar
Facebook is too big & has resources to fight off _any_ kind of DDOS attack. I
think, Annon's plan won't work. Those kids are going to get disappointed

~~~
gasull
So did VISA and MasterCard ...

~~~
Permit
The traffic Facebook pulls is orders of magnitude greater than Visa and
Mastercard's websites have ever had to deal with.

Hell, according to Alexa, Hypem gets more traffic than Visa.
<http://www.alexa.com/siteinfo/visa.com>
<http://www.alexa.com/siteinfo/hypem.com>

~~~
rorrr
Alexa doesn't count the internal traffic, like financial transactions. Their
website is a tiny tiny share of that traffic. Just think of all the credit
card transactions happening all over the world.

~~~
prostoalex
And yet it's the web site, not the transactional infrastructure, that was
selected for the attack [http://www.infoworld.com/d/security-
central/anonymous-takes-...](http://www.infoworld.com/d/security-
central/anonymous-takes-down-visacom-in-wikileaks-protest-925)

