

Self-proclaimed LulzSec leader arrested - akandiah
http://www.abc.net.au/news/2013-04-24/lulz-security-hacking-leader-arrested-in-nsw/4648134

======
tuxidomasx
Why would anybody self-proclaim to be associated with any group that could
even be remotely linked to illegal activity or political dissension?
Especially a group colloquially known as a script kiddie haven.

Every time I hear about people getting caught up in stuff like this, I'm
reminded of the book "True Names" by Vernor Vinge. As long as nobody knows
your real (government) name, you have a degree of safety in cyberspace. But
once your identity is known, you become a much bigger target.

~~~
orangethirty
For something referred to as _cred_. This is a mix of social status, proof of
skills, and attitude. Gangs use cred as a way to measure the value of their
members. A person who brags about doing illegal things is only doing so to
elevate his cred. Having street cred is more valuable than money in many
circles. Due to how it allows a person to operate within a limited set of
rules inside a community. A gang member with a lot of cred can simply do
things other members cannot. Such as having first pick at food, housing,
vehicles, and money.

~~~
Oxxide
to my dismay, internet cred does not share a 1:1 ratio with street cred.

~~~
dobbsbob
Internet cred applies to pen cred surprisingly. If you go down for hacking and
do not become an informant, you will find job offers inside the pen for
teaching other criminals comsec so they can run their outside drug operations.
If they can read about you then it applies to your standings in the pen
hierarchy.

That's why prison is never rehab for hackers. They just network with the
street criminals and come out super criminals with full cred like Max Vision
or the software developer kid here where I live that did a bid for bank fraud,
met some gangsters in prison, paroled as a ranking member in their violent
dial a dope crew and police have been unable to break up the gang since he
joined and took over the comsec and allegedly money laundering for them. They
accused him of being able to leak the whereabouts of rivals to his own gang
too by social engineering the media and police, plus hacking their
blackberries. Strong security knowledge + violent criminal pact with bikers =
not good

~~~
MartinMond
How do you know stuff like this? Can you recommend a good book that covers
recent history?

~~~
dontstealmyname
You might find this book interesting. [http://www.amazon.com/Kingpin-Hacker-
Billion-Dollar-Cybercri...](http://www.amazon.com/Kingpin-Hacker-Billion-
Dollar-Cybercrime-Underground/dp/0307588696)

I've read it and can confirm its a good read. I think this guy was arrested in
2005 or 2007 but that's going on memory from over a year ago.

~~~
SageRaven
Good, entertaining read. I get the impression it was sanitized a great deal,
because I was sorely disappointed with the lack of technical meat-n-potatoes.

For instance, the author totally glossed over how they recovered the data from
his encrypted storage at the end. Was the PC left on and the screen not
locked? Cold boot attack? Brute force? Hell, they didn't even specify exactly
which crypto software was used.

~~~
dobbsbob
He fell asleep while he left his servers on. So they simply siphoned the keys
from memory. He used some proprietary Israeli made encryption software and
FreeBSD, but it didn't matter because everything including Truecrypt keeps
your keys in memory when mounted.

Even if his server was off, they could have broken into his safehouse and
sabotaged the unencrypted bootloader. Only defense against this is use OpenBSD
5.3 which allows booting from fully encrypted drives, or keep your unencrypted
boot partition on a usb stick you carry around.

------
DigitalSea
LulzSec was nothing more than a few script-kiddies trying to act tough by
causing mayhem for no reason other than for the "lulz" if they found the
leader, great work. Anyone with access to Government information who abuses
that power without a noble cause deserves to be jailed.

~~~
infrec
Just because you disagree with their actions it doesn't mean that they were
just random script-kiddies. I am not a hacker but it certainly seemed like
they had at least a modicum of true skill.

For some reason it seems that most people can't differentiate between the
skill and morality of an action.

~~~
nvmc
They did not have a modicum of skill. I'm neutral on their endeavours, however
LOIC and SQL injection is skiddy stuff.

~~~
pyre

      | SQL injection is skiddy stuff
    

Why would a hacker use something overly complex when the site in question was
vulnerable to SQL injection? Do _true_ hackers with 'mad skillz' spend months
to find truly unique hacks to express their artistry as well as their skills?

~~~
bdowney
Why do you call those people hackers? Hackers build things, don't piss on
other people's work.

~~~
pyre
Sorry. I thought that "black hat" was implicit.

------
dobbsbob
wait.. what? Lulzsec died when Sabu turned snitch years ago. Who is this
Australian and why is the article confusing the real "Lulzsec" with this
random Australian guys antics.

~~~
eksith
Unless you were part of Lulzsec, there's no way to know how far reaching they
were. The Internet isn't specific to one or two countries after all.

And I'm not really sure if Lulzsec "died" either. There are plenty more able
and willing people on IRC. Besides, I doubt any one person is at the helm of
this boat to begin with.

~~~
dobbsbob
There was only a small core group of people inside Lulzsec. They were all
arrested except Virus. He's not stupid enough to get caught either in fact he
called Sabu being a CI the day he came back online after being busted and
started offering people money to break into federal honeypots. This is why
Virus is still free and not sitting in the pen

~~~
eksith
Interesting. So this is basically a collection of cheerleaders with a loud and
closely tied handful of "actors". The fact that Virus is free and most others
are not leads me to believe, for all their loud talking, most were hopelessly
naïve.

~~~
trotsky
intrusion teams that are willing to talk up their hijinks to the press are
almost always going down. 30 years worth of busts have left an undeniable
pattern - if you mock the investigators, get in the papers more than once, and
you're in a cooperative country you're not long for the business.

Skip most of those aspects, and don't steal millions, and you'll probably
never have the resources dedicated to you. lulzsec conducted themselves
defensively enough for anyone doing data theft and PII to be unlikely to get
caught if they weren't making it public. If there is one thing feds do it's
form grudges.

------
muyuu
[https://en.wikipedia.org/wiki/Histrionic_personality_disorde...](https://en.wikipedia.org/wiki/Histrionic_personality_disorder)

------
rumcajz
Senior IT professional at 24? The seniority standard must be pretty low
nowadays.

~~~
will_work4tears
If they went to college and graduated young they could have 6 years
experience. That's considered senior base on job postings.

------
ZeroCoin
I thought "self-proclaimed LulzSec leader" was an oxymoron?

------
trotsky
they should charge him with impersonating a federal officer

------
contingencies
It's worth considering that there is some kind of political element to what
this group has been doing. Perhaps if there were some viable avenues for young
people across the world to meaningfully influence the political process and/or
resist massive global corporations treating them as captured consumers they
would be more willing and able to adopt alternative means of expression (or
entertainment).

~~~
rayiner
There is, but young people are lazy and preoccupied with playing video games.
They like to pretend it's because "corporations are in bed with the
government, etc, etc" but only because it's easier to rationalize it that way
than to admit that the country's policy looks pretty much exactly how you'd
expect it to look when all the voters are old people.

The one thing politicians are more about than campaign contributions are
votes, and there are no votes in being in favor of open internet, etc. The
people in that demographic are too busy considering themselves too good to
participate in the system to be a source of votes.

~~~
contingencies
There's some value in what you are saying.

However, it still sounds like a circular argument to me - ie. Youth: "No form
of participation you are giving us amounts to representation." Old people:
"You are not participating in this system the way the existing power base
determines acceptable, therefore you deserve what you get".

Objectively, with regards to votes, it's well acknowledged that democracy only
functions well with an educated populace. The reality is that the US promotes
a two-tiered (have and have-not) education system and an extremely
centralized, near-on centralized corporate stranglehold on the mass media.

While it is still possible for an individual citizen to make an informed vote,
the effort (to say nothing of social isolation) required to properly research
and voice an opinion on any given issue against the mass media line can be
extreme, whilst accountability for political promises at campaign time versus
actual behaviour of those in office is essentially zero. Now honestly, that's
not very democratic, is it?

Of course, to be apathetic and disenchanted is easy: proposing an alternative
and effecting a transition is the not insignificant challenge. Thus, I am
quite interested to see what kinds of transparency policies the Wikileaks
Party proposes in Australia, and how this is echoed in Europe through the
Pirate Party.

We live in interesting times!

