

Anonymous intercepts confidential conference call between FBI and Scotland Yard - tmrhmdv
http://online.wsj.com/article/SB10001424052970203711104577200872061278502.html
YouTube link: www.youtube.com/watch?v=pl3spwzUZfQ&#38;feature=youtu.be
======
jgrahamc
The most likely explanation is that they didn't 'intercept' the call but
simply dialed into the conference call system and recorded the call.

The question then becomes how did they get the conference call dial in
information? Perhaps they managed to get into the email of one of the
participants. That would seem to be even more worrying than the interception
of this single call.

Also, on many conference systems I've used standing meetings use the same dial
in information from week to week. If this is a regular meeting it's possible
that Anonymous has been listening in every week.

~~~
samstave
>" _If this is a regular meeting it's possible that Anonymous has been
listening in every week_."

I find this to be one of the more beautifully hilarious things I have read in
quite a while!

The idea that Anon has been slurping info from a regular conf call between two
intelligence/LEO orgs is just downright amazing.

Imagine though if Anon had forgot to put themselves on mute at one point and
were being addressed by others on the call:

"Whomever is working from home with the dog in the background, please mute.
Thanks. Anyway - as I was saying, these Occupy Protesters need to go down...."

It would also be great if, at the end of these calls, when everyone is saying
"thanks" and "bye" is Anon also said "thanks" and "bye" as they hung up :)

~~~
InclinedPlane
The only reason anonymous's security operations aren't more frightening is due
to their culture and goals. They just want quick wins and publicity (for
themselves and for the material they unearth). However, their capabilities are
top notch (limited mostly by their hesitance to do anything that requires
physical presence). If they were, say, employed by a hostile government or
were motivated by greed or specific political goals they would be scary.

Anonymous's MO is to spew their exploits to the world and move on. This
minimizes the damage of their intrusions. If they kept quiet and spent time
soaking up information or leveraging breaches to gain more and more access the
things they could do would be jaw dropping.

~~~
samstave
Isn't the term we use for such actions "Grey hat"

~~~
InclinedPlane
That's probably closest, but I'm not sure any color of hat fits on anonymous'
head.

------
stfu
_Anonymous is an amorphous collection of Internet enthusiasts, pranksters and
activists whose targets have included the Church of Scientology, the music
industry, and financial companies such as Visa and MasterCard._

First time I see a news outlet describing Anonymous in a somewhat suitable
fashion.

~~~
Historiopode
I agree on the quality of the description, but only to a certain point. I
think that neglecting to state that their actions are largely _retaliatory_
could have been used to not-too-subtly tinge them as "pranksters" rather than
"activists".

As far as I know most of them could well be within the former cateogory, but
their most visible attacks were not enacted "just for the lulz"; rather, they
were guerrilla tactics employed in response to perceived threats to their
Internet homeland, as stated in above comments.

------
tmrhmdv
Emails: <http://pastebin.com/8G4jLha8>

Call: <http://youtu.be/pl3spwzUZfQ>

------
jgrahamc
The BBC has an odd comment on this:

    
    
      It was unclear how Anonymous had managed to obtain the 
      recording but a lawyer for one of the suspects discussed 
      told the BBC it appeared to have been taken as an audiofile 
      from an intercepted email, rather than having been  
      eavesdropped on.
    

So how did he interpret that from the video plus the email? Odd.

<http://www.bbc.co.uk/news/world-us-canada-16875921>

------
johrn
Interesting, all of the 'subscribe' and 'login' buttons in the article area
are served by the doubleclick network. So anyone with adblock enabled just
sees a partial article with no indication that there is a way to access the
rest.

~~~
ajays
Here's what I do:

1\. Copy/paste the title into Google and hit search [1]

2\. Click on the link from the SERP.

3\. Profit?

[1]
[http://www.google.com/search?client=ubuntu&channel=fs...](http://www.google.com/search?client=ubuntu&channel=fs&q=Hackers+Intercept+FBI%2C+U.K.+Police+Call&ie=utf-8&oe=utf-8)

------
cwp
The article doesn't seem to address the obvious question: If Anonymous can spy
on the people investigating them, why the heck are they making that fact
public? Ok, taunting the FBI is probably worth something, but surely
continuing to spy on them is worth more.

~~~
srl
Anonymous's strategy for "defeating" the FBI etc. is to publicly humiliate
them and expose them to be harmful and largely worthless[1] - that goal is
better served by showing off the FBI's incompetence than by guarding their own
rear ends.

[1] That's not to be interpreted as a claim on my part that they are. This
sentence, however, may freely be interpreted as such.

(Firefox's spellcheck isn't working for me atm (nightly, so no surprise) -
please accept my apologies for any embarrassing typos above.)

~~~
toyg
That will be their eventual downfall, unfortunately. Life is not a comic book;
FBI and friends can withstand humiliation after humiliation, they'll still
have their guns, dogs and PATRIOT acts to come after you.

Strategically speaking, it would have been much better to just keep listening.
Now involved parties will do their best to lock down, and it will be harder
for Anons to eavesdrop... but hey, we got some LULz, right?

~~~
srl
I disagree.

The FBI, DHS, TSA and so on /can/ be defeated through humiliation - you just
have to keep at it until enough voters get the message for a few politicians
to use "regulate XYZ" and "abolish the ABC" as mechanisms for political gain.

~~~
zipdog
I wouldn't expect so much. There is ample evidence for the ineffectualness of,
say, the CIA. As a simple example, at the time of the fall of the USSR (pretty
much their major goal) they had admitted they had no effective agents in
Russia

------
tomelders
There are easier ways to stop Anonymous. You could try addressing their
concerns for a start, and "not being total arses" couldn't hurt either.

~~~
jerf
Historically speaking, groups that are given everything they demand don't
dissolve; they ask for more stuff. This is regardless of the "goodness" or
"badness" of the demands.

~~~
_delirium
Sometimes more than others. The civil rights movement largely dissolved after
achieving most of its demands, for example. Many of the individual
participants continued to campaign for additional causes, but the movement
didn't continue with anything near its prior strength once the Civil Rights
Act and Voting Rights Act were passed, because they couldn't hold together the
broad coalition around a new series of demands.

~~~
wh-uws
I have to take issue with this statement. It didn't just "dissolve" bad things
happened (what happened the Martin King and Malcolm X is well known but also
look into the fate of the Black Panthers) to all of the leaders and the
movement floundered without its stronger figure heads.

That's what is so vitally important about the amorphous collective form of
Anonymous and even later Occupy Wall Street. Without a clear head to cut off
or discredit the movement can continue with its goals even if it loses a few
people.

~~~
_delirium
I think that's part of it, but I do think satisfying some of the major demands
dissolved the broad coalition; moderate liberals, especially white liberals,
were largely satisfied by the civil-rights legislation, and dropped out of the
movement, leaving a much smaller activist core. The SNCC took a huge nosedive
in membership after 1965, for example, and even MLK found it harder to muster
the same levels of support for his post-'65 causes (like desegregating
Chicago, and ending poverty).

------
7952
A few years ago this (phone hacking) would have been considered journalism by
the British press.

~~~
MaysonL
And specifically that portion of the British press owned by the same company
which own the WSJ.

------
timjahn
Don't forget to google the article first and then click through there so you
can see the full text on the WSJ site.

~~~
srl
An interesting feature for HN to have: when there's a paywall of this sort,
link to the google redirect instead.

------
ubershmekel
Found the audio recording on youtube if anyone's interested
<http://www.youtube.com/watch?v=Ryq1v-cLHrk>

------
charlieok
It's odd to me that conferences between the FBI and Scotland Yard apparently
happen on the same public telephone network used by the commercial and
residential world, rather than on a completely separate system.

------
United857
What a lapse. One would expect that the FBI and their international
counterparts would be doing any conference call over a secure, classified
network... not POTS.

Is this really par for the course?

~~~
jrockway
Probably. As a taxpayer, do you want to pay for a brand new phone network and
conference call service, or would you prefer that the government just contract
that out?

------
ck2
This is going to make a great movie someday, but I fear in reality it's going
to end up with another Bradley Manning (remember him rotting away?)

~~~
xp84
Well, didn't he commit a crime? Correct me if I'm wrong.

~~~
nilved
As far as I'm aware, he's been in solitary confinement for quite some time now
without trial. He hasn't been convicted.

------
Jach
The real security gaffe here seems to be sending passwords in non-PGP
encrypted email...

~~~
Kadin
They'd be much more likely to use S/MIME than PGP, if they were going to use
anything. The infrastructure for S/MIME is already deployed in much of the
Federal IT space, while PGP is only used for some small niche applications as
far as I'm aware.[1]

But that wouldn't have been a guarantee -- the message wasn't intercepted in
transit, it was apparently intercepted by compromising the receiver's account.
It's not clear how this was accomplished, but if it was by a trojan it could
easily have end-run the message encryption, had it been in use.

Honestly, the security at most large organizations is so bad, they're not even
at the level where their lack of email encryption presents the weakest link.

[1] Actually the only place I've ever seen a PGP key used in connection with a
Federal agency, was by the NSA for reporting SELinux bugs / vulns. And that
was a long time ago.

------
jakejake
Kinda interesting they beeped out some names when the officers would say them.

~~~
drcube
They bleeped out names of alleged Anonymous members. Sort of protecting their
own. Did they also bleep out FBI agents' names?

------
jebblue
Anonymous is a group of people who uses technology. Technology has tentacles.
Tentacles can be located, observed and followed to the root. My guess is the
FBI was monitoring them.

------
shareme
FBI's problem is that they assume that their 'victims' have worse tools than
them..most of us HN readers probably have better mail encryption software than
any FBI field agent. Not to mention software to encrypt a hard-drive.

Using encryption and Ciphers is not a crime FBI..just ask Phil Zimmermann

------
maeon3
The FBI is using a 40 year old technology that can be hacked by whistling 2600
hz into a phone and get all bent out of shape when someone records it?

sounds like an agenda to setup the stage to get censorship back on the table.
The FBI wants these breaches, then they can point to it and say "we need
censorship to take down these videos because we cant be bothered with any
security precautions".

~~~
Karunamon
>The FBI is using a 40 year old technology that can be hacked by whistling
2600 hz into a phone and get all bent out of shape when someone records it?

Systems haven't been susceptible to that attack for years, and it doesn't
matter anyways! They could have been using a fucking private satellite
protected with three layers of the best ciphers known to man, it still would
have been broken by them getting the conference number and password, like they
did here.

~~~
mjwalshe
The question is why did the call participants not use something your have in
addition to username and password to access the call - you know like the RSA
token thingy I use to log into my work network from home?

~~~
Karunamon
I'm not sure a conferencing system like that even exists. It's definitely a
good idea, but I've never heard of enterprise gear with that kind of feature.

~~~
dade_
They absolutely exist and for a sensitive conference call such as this, each
user should have had an individual pin and a role call should have been played
(playback of each recorded name). Double logins would cause suspicion as well
as non-recorded names. Also, all modern systems have a web interface that
allows you to see the participants on you call. In some cases you can even
bring up the phone number of each participant on your phone display. When it
comes to telephony, it is nearly impossible to get important security measures
enabled because people want everything to work the way it did for the last 15
years. Also, users absolutely refuse to educate themselves, it is just a
phone, what is there to know. Yet look at all of the outrage over people
logging into voicemail or performing theft of service due to trivial
passwords, CLID spoofing and now simply dialing into a conference bridge.

There should be laws against people entitled to sensitive information sharing
via indefensibly incompetent methods. That might make agents thing twice
before doing something this stupid.

------
SkyMarshal
Why are these two guys using a conference calling system for a 1-to-1 phone
call? Why not just a direct call?

~~~
aes256
Because it was a conference call, not a 1-to-1 call!

------
donald_draper
This Anonymous story is interesting as well [Anonymous Hacks Neo-Nazis, Finds
Ron Paul]: [http://www.care2.com/causes/anonymous-hacks-neo-nazis-
finds-...](http://www.care2.com/causes/anonymous-hacks-neo-nazis-finds-ron-
paul.html)

