

LulzSec's 'Topiary' arrested  - SubZero
http://nakedsecurity.sophos.com/2011/07/27/suspected-hacker-arrested-in-shetland-islands/

======
_delirium
Excellent. This means the problem is solved and we don't have to secure any of
our systems, because he was a one-in-a-billion case that nobody could
replicate. (Surely nobody is _currently_ doing the same things with less
fanfare.)

~~~
commandar
So we shouldn't arrest people when they commit a crime because others are
committing the same crime? Or because they're doing it in a high-profile
manner?

I'm not sure what your point is here.

~~~
electromagnetic
> It is dangerous to be right in matters on which the established authorities
> are wrong. ~Voltaire

Our governments have no comprehension or understanding of the prospects or
implications that the internet has on modern civilization. When an individual
can take down an organizations method of operation (mastercard/visa/paypal),
it isn't the individuals fault (regardless of their actions) it is the
organizations fault.

You don't blame someone for stealing from a bank when they pile gold bullion
in the entrance without a guard in sight. You blame the bank because _that's
fucking stupid_.

Being able to dDOS mastercard isn't the individuals fault, it's mastercards.
I've never heard of someone dDOSing Google, why? Because Google only makes
money when people access it and their system can support insane amounts of
instantaneous traffic. It's a simple fact that sooner or later mastercard/visa
would have been taken down by a normal traffic spike.

Is it the users fault when mastercard gets dDOS'd by a few million people
placing midnight orders on Black Friday?

Seriously, look at the world rationally. If I can spend $5 on a padlock, it's
my fault when someone steals my $500 BBQ from my back yard. Someone committed
a crime, yes, but I'm going to be buying a padlock like I should have in the
first place.

Why didn't mastercard/visa/paypal/sony/sony/sony/(sony x 27 fucking times)
front the goddamn cash so they wouldn't lose hundreds of thousands.

~~~
billmcneale
> When an individual can take down an organizations method of operation
> (mastercard/visa/paypal), it isn't the individuals fault (regardless of
> their actions) it is the organizations fault.

Who cares whose fault it is? It's illegal, they get arrested, it's simple
really.

> You don't blame someone for stealing from a bank when they pile gold bullion
> in the entrance without a guard in sight. You blame the bank because that's
> fucking stupid.

Sure, you can do that. That, and arrest the person too because, you know, they
broke the law.

~~~
Cufflinks
>Sure, you can do that. That, and arrest the person too because, you know,
they broke the law.

I think it's more relevant that what they did was willfully malicious. I
probably regularly violate laws that I'm not even aware of, but the fact that
I'm not intentionally doing harm to anyone establishes some kind of innocence.

~~~
baha_man
<http://en.wikipedia.org/wiki/Ignorantia_juris_non_excusat>

"The rationale of the doctrine is that if ignorance were an excuse, a person
charged with criminal offenses or a subject of a civil lawsuit would merely
claim that he or she is unaware of the law in question to avoid liability,
even though the person really does know what the law in question is. Thus, the
law imputes knowledge of all laws to all persons within the jurisdiction no
matter how transiently."

------
jgrahamc
The other day his Twitter feed was cleaned up and a single tweet remained:
<http://twitter.com/#!/atopiary/status/94225773896015872> reading "You cannot
arrest an idea". I guess he saw this coming.

~~~
cowboyhero
Almost positive that's a direct quote toward the end of Alan Moore's _V for
Vendetta_.

Which kinda makes me grin and roll my eyes at the same time.

~~~
civilian
I've been listening to the teaching company's audio lectures on the history of
freedom, and I think the idea that "you can't kill an idea" is also
represented in Socrates & Jesus-- both of their influences did not waver after
death. /historynerd

------
dmbass
So the A-Team dox were a bunch of rubbish? (or perhaps that was already
confirmed and I missed it).

<http://pastebin.com/iVujX4TR>

~~~
pyre
If this report is right, then those d0x were BS:

    
    
      ###########################################################################
      ###########################################################################
      ooooooooooooo                       o8o                                
      8'   888   `8                       `"'                                
           888       .ooooo.  oo.ooooo.  oooo   .oooo.   oooo d8b oooo    ooo
           888      d88' `88b  888' `88b `888  `P  )88b  `888""8P  `88.  .8'  
           888      888   888  888   888  888   .oP"888   888       `88..8'  
           888      888   888  888   888  888  d8(  888   888        `888'    
          o888o     `Y8bod8P'  888bod8P' o888o `Y888""8o d888b        .8'    
                               888                                .o..P'      
                              o888o                               `Y8P'      
     
      ###########################################################################
      ###########################################################################
    
        Now we have Topiary.  Probably the lamest one of the bunch.  He doesn't
        actually do anything except give interviews.  There are plenty of logs of
        him all over the internet being a complete idiot.  His "d0x" are all over
        the internet also.  He tries to deny it but there are logs of him bitching
        about being d0x'ed int he #hq logs that Laurelai leaked.
     
        Name: Daniel Ackerman Sandberg
        Location: Sweden

~~~
mdisraeli
It's not unreasonable to suspect that a user in the Shetlands Isles might have
had a POP in Sweden, or use of a connection in Sweden to host a remote box
with a better connection than available to them normally.

~~~
atomicdog
Well he can probably see Sweden from his house!

------
alanfalcon
Every time I read a story like this, I picture the opening sequence from
"Hackers". I wonder if that isn't one of the most realistic portrayals (of
anything) in that movie?

~~~
Hominem
I was busted in much the same way in the early 90s in NYC.

Yes, it was the only realistic part of the movie. It is a bit frightening to
be woken up by a man pointing a shotgun in your face when you are 13.

IIRC, there was a well known NYC hacker who was getting ready for school, and
was in the shower, when the SS burst in and the scene was loosely based on
him.

~~~
alexgartrell
Any way we could get you to share more of your story?

~~~
Hominem
Not much to say. It was part of operation sundevil. I was never arrested or
indicted and eventually got all my equipment back.

I'm not sure if it is SOP, or the Secret Service thought they were dealing
with violent criminals. But they knocked down the front door with one of those
rams you see on TV , ran room to room "securing" everything. Once they
realized they were dealing with a scared 13 year old they seemed more
embarassed than anything.

In addition to the local cops, and the Secret Service, there was a postal
inspector involved, that guy was kind of a dick, he kept sneering and telling
me stuff like "you are going down buddy", even at that young age I figured he
didn't get out of the office much. The Secret Service spent post of their time
bullshitting and telling me stories of various trips abroad with the
president. Some of the nerds bagging up all my equipment would sometimes come
in and peer at me, asking me minor questions like "Why do you have so many
batteries" until they were reminded that I was a minor and they did not have
parental permission to ask me questions.

I waited for years for the other shoe to drop, and be indicted, but I never
was.

I still have all the equipment, still tagged, and even have some disks they
put in the drives labeled "SS transport disk"

~~~
meatsock
"I'm not sure if it is SOP, or the Secret Service thought they were dealing
with violent criminals"

seems possible the bulk of them had first learned about hackers at the same
time they learned about the raid -- perhaps from someone who exaggerated the
average size of a hacker's fangs. in any event it doesn't seem likely that in
preparation for sundevil they'd have consulted with anyone that would have
urged a relaxed and moderated view of what was at that time an unexplored
frontier of law enforcement.

~~~
Hominem
Right, from the sheer scope of the raids I'm sure they thought they were
dealing with some sort of syndicate, probably professional criminals branching
out. They were absolutely dumbfounded, they didn't know whether to slap the
cuffs on me or give me milk and cookies.

~~~
electromagnetic
> they didn't know whether to slap the cuffs on me or give me milk and
> cookies.

Sounds like good cop, bad cop to the extreme. I think I'd deal in 5 seconds if
a cop offered me milk and cookies over handcuffs.

------
yalue
I find it hard to believe that European kids care that much about the CIA or
Arizona's immigration laws. Yet many of these alleged LulzSec arrests seem to
be in Europe.

~~~
schrototo
I think every wannabe-hacker wants to "hack" the CIA and Arizona's racist laws
have been covered extensively on comedy programs like The Daily Show which I'd
imagine are popular with anti-authoritarian internet-savvy youths worldwide.

~~~
ellyagg
Of course, if it were really about their problems with "racist" immigration
laws, many countries in Europe have stronger and more strictly enforced
immigration policies.

------
chippy
I am very curious as to the methods of how they caught him. Anyone care to
guess, or know?

~~~
dlss
Well, since no one else is wading in here's what look like the usual suspects
to me:

\- obvious digital connection (forgot to use tor / ipredator / hacked vpn)

\- timing attacks (keeping normal waking hours for his home country, using a
vpn instead of tor)

\- word frequency attacks (since he wrote a lot of press releases, his word
choices may have been cross correlated with a personal blog)

\- bragging to a friend

\- getting flagged after showing up at a political/high-suspicion meet up
(which might be enough to allow for a timing attack)

\- voice analysis from interviews he did w/o a voice transformer being matched
to other audio

\- opsec blunders (loose lips when talking to press / on IRC / wherever anon
talks)

Anyone else have any guesses?

~~~
nikcub
if I were tasked with catching these guys, I would:

* setup numerous honeypot open proxies and tor gateways

* work with journalists to have all emails and communications forwarded

* isolate ddos clients and reverse-engineer command and control. surprisingly many of these trojans are poorly written and have security holes themselves

* setup numerous fake twitter profiles and provoking them into responses - things like posting images, replying, etc.

* setup fake hacker groups. stage defacements etc. in order to get in touch with them

* I would write a system that tracks and stores every bit of communication they make and plot out their social communication graphs and when they are talking, who to, etc.

* ask ISP's or proxy providers to grep for traffic patterns.

* get user-agent info from twitter, or provoke them into visiting a link, and possibly load malware. no browser is really safe in a targetted attack

* word/speech tracing. this is why 1337 5p34k was invented, so you can not be traced via your vocab/grammar/spelling/phrases etc. it doesn't take a large sample to start narrowing it down

probably more - haven't really thought about it, but when i did see that they
started using twitter I gave them 3-4 months, tops.

~~~
chippy
"1337 5p34k was invented so you can not be traced via your
vocab/grammar/spelling/phrases etc"

What about txt msg spk?

~~~
spicycat
It was invented so you can not be understood via your
vocab/grammar/spelling/phrases etc.

------
koenigdavidmj
Article does not say why they think that he is Topiary.

~~~
nikcub
the newspaper hacked his phone

------
sausagefeet
For computer crime do they have to be able to draw a direct line from the act
to the person's computer? Also, does a persons computer legally mean they
committed the crime? What I'm getting at is, could a group like LulzSec
guarantee lighter sentences for themselves if a line could be drawn from the
crime to the group but you couldn't determine who actually hit the keyboard?

~~~
starwed
In the US, they could be charged with "Conspiracy to commit <crime>".

> _One important feature of a conspiracy charge is that it relieves
> prosecutors of the need to prove the particular roles of conspirators. If
> two persons plot to kill another (and this can be proven), and the victim is
> indeed killed as a result of the actions of either conspirator, it is not
> necessary to prove with specificity which of the conspirators actually
> pulled the trigger._ [1]

I'd assume English law has something equivalent -- it's a really old problem,
and involving computers won't change the principles involved.

[1]
[http://en.wikipedia.org/wiki/Conspiracy_%28crime%29#Conspira...](http://en.wikipedia.org/wiki/Conspiracy_%28crime%29#Conspiracy_in_the_United_States)

~~~
_delirium
Given the close proximity of this case to the News Corp phone-hacking case,
any bets on whether similar conspiracy-to-hack charges will be brought against
all the people who were involved in that one? Not putting large odds on it;
I'd bet that if anybody goes to jail for it, it'll only be a person or two who
can be shown to have actually personally done the break-in.

------
driverdan
I'm curious what led to all the arrests. It's not _that_ hard to hide your
identity if you truly want to be anonymous.

~~~
knieveltech
Hiding your identity from casual observers: trivial. Hiding your identity from
scrutiny by local law enforcement: straightforward. Hiding your identity from
scrutiny by federal agents: Tricky. Hiding your identity from scrutiny by an
international investigation after having pissed off several high octane
intelligence agencies: impossible.

~~~
3pt14159
Not impossible. Very burdensome and lonely, but not impossible.

~~~
27182818284
Not impossible in the strictest since, but highly improbable. Even Bin Laden
went down and he had a lot more on his side than all of the members of lulz
and anon combined.

------
ipsin
According to:

[http://www.guardian.co.uk/technology/2011/jul/27/lulzsec-
hac...](http://www.guardian.co.uk/technology/2011/jul/27/lulzsec-hacking-
suspect-topiary-arrested)

The source is the Metropolitan Police Service of London, a.k.a. Scotland Yard.

------
JacobIrwin
The top minds behind Lulzsec are worth more to federal authorities ALIVE -
when (or if) they are caught. By alive, I mean: not in a prison cell.

Frank Abagnale Jr. comes to mind.

~~~
tmp43522
No they're not that good, if the arrests are correct then they're actually
pretty bad. For the little value that they are worth, they're worth far more
as an example to be made for others.

~~~
Tsagadai
Actually, arresting them is next to worthless. Does the oodles of cash spent
each year pursuing, prosecuting, jailing, fining, policing and enforcing
vandalism cases result in decreased vandalism? Boredom is a social problem, no
amount of enforcement will reduce bored kids desire to break stuff. If
anything, drawing attention to Anonymous only attracts more people to it.

------
r0s
It always grates on my nerves when someone that young, seventeen, is referred
to as a "man".

I suppose teenagers enjoy more freedom in Europe, maybe it's more appropriate
there.

~~~
adw
Scots law: age of consent (and age you can enlist) is 16, drivers license is
17, drinking and voting is 18. And this is Scotland, so the age of criminal
responsibility is 12. (Until recently, it was eight:
<http://news.bbc.co.uk/1/hi/scotland/7916561.stm>).

------
cwiese95
I found it interesting how he deleted all of his twitter updates with the
exception of "You cannot arrest an idea"

~~~
chuchurocka
I think that at least a few other people have access to the account. To bad
there isn't an api to see when the tweets were deleted.

------
grahammather
I'm on the edge of my seat following all this AntiSec/AntiAntiSec drama: The
original AntiAntiSec crusader: <http://th3j35t3r.wordpress.com> has picked up
some helpers: <http://lulzsecexposed.blogspot.com/>

------
jared314
They always shoot the messenger.

------
mckoss
<http://www.quip-art.com/3RP>

------
Volscio
I was surprised there was someone in the Shetland Islands?

------
zgorgonola
Interesting that this arrest follows just a week after a series of other
arrests in USA/UK/NL regarding LulzSec and Anonymous:

[http://nakedsecurity.sophos.com/2011/07/20/arrests-
lulzsec-a...](http://nakedsecurity.sophos.com/2011/07/20/arrests-lulzsec-
anonymous-hacker-suspects/)

Not a good time to be a hacktivist

~~~
colinplamondon
Hacktivists? These guys are breaking into private companies and stealing
property. They're _criminals_.

~~~
pavpanchekha
Hold on, hold on, let me try to clear some things up.

A _criminal_ is a rigidly-defined adjective meaning an entity which breaks or
broke laws.

An _activist_ is a rigidly-defined term meaning an entity which acts to
further some idea and bring it to public perception.

A hacktivist isn't well-defined, but we'll assume here that it's a form of
activist.

Now based on this, the Anonymous and Lulzsec hackers _were_ hacktivists, at
least according to their own statements of their intent. They also _were_
criminals, at least according to my reading of the laws of the US. Now, what
you may be looking for is whether they were _ethically good_ \--- but don't
conflate lawfulness with morality, that's worked out poorly in both
directions.

But of course, you acknowledge that this is a horribly simplistic view of
things. Even DnD got this, after all (clearly Anon is Chaotic, and whether
it's Neutral or Good depends on whom you talk to).

So perhaps you might say "I don't believe Anon's actions were for the good",
or even "weren't well-intentioned", but please recognize that passing
judgement beyond noting the factual statement that they are criminals, is a
personal judgement. Not that personal opinions shouldn't be argued, defended,
and spread --- just that they should not be conflated with fact.

~~~
gdcbyers
I agree to the defined terms, and further purpose hacktivist is an activist
who's chosen/preferred method is "technology", be it illegally accessing
private systems, or building nifty robots out of servos and shit.

But, what cause or idea have they furthered? Computer security? Social
injustices? Tax evasion by corporate amarica? I can't find one other then
their own personal enjoyment.

I can not point to a single action they have taken and describe it as
"constructive." The issues they do occasionally allude to could be furthered
much more successfully, legally and in a morally responsible fashion
(respecting individuals privacy) by other means.

As for their harm, it is fairly self explanatory, but to make it clear,
releasing innocent individual's personal information and encouraging others to
use it to commit further crimes is most decidedly not neutral.

I don't believe LulzSec's actions helped anyone. If you think they did some
good, please enlighten me, point it out. I can't see it.

~~~
Jacobra
I would argue that their actions, at the very least, are getting people
thinking about the privacy and security issues we face. Their methods are
blunt and can be damaging, but you can't deny that people have been talking
about these issues much more, and I think that's a good thing.

~~~
gdcbyers
Raising awareness for privacy and security issues is a good thing. Doing so by
creating more privacy and security issues is decidedly counterproductive.

