Hacker News new | past | comments | ask | show | jobs | submit login
Anonymous posts over 4000 U.S. bank executive credentials (zdnet.com)
111 points by nirvana on Feb 4, 2013 | hide | past | web | favorite | 46 comments



I don't get it, they're demanding computer crime law reform by doing something that obviously is and should be illegal?

EDIT: Now it's unclear to me whether Anonymous placed the spreadsheet on the .gov server, or they simply found it and exposed it. If it's the latter then it makes more sense, but I suspect it's the former.


>Now it's unclear to me whether Anonymous placed the spreadsheet on the .gov server, or they simply found it and exposed it.

Consider the ".gov" URL that this was hosted at. If Anonymous had just found and exposed this, we'd have to accept a high likelihood that the Alabama Criminal Justice Information Center (a state government agency that appears to have nothing to do with banking) not only has information from bank executives across the US, but that they hosted it on their website under the filename "oops-we-did-it-again.html."


Should it be illegal? They shared a public link to a spreadsheet exposed on a .gov address. If anything, it's the owner of that .gov address that needs to get in trouble for placing sensitive documents in a publicly accessible location.


You think the government would have put the document under the URL "oops-we-did-it-again.html?"

C'mon, at least RTFA before falling over yourself to support the anti-government position.


I think I read that differently. I read it that they gathered the data, put together the spreadsheet and hosted on a .gov address. Is there an article that is more clear about that?


The owner of the .gov address wasn't hosting the file until Anonymous put it there.


Pointing out that the emperor is naked is often frowned on by the government.


If they're just exposing an existing document, then you're right, but the way I interpreted it was Anonymous uploaded the document to the .gov site.


When all you have is a hammer, everything looks like a nail.


It seems they are just being petulant.


> doing something that obviously is and should be illegal?

I guess it depends on the intent of making something illegal. If the intent is to improve on the security of the internet, then making these kinds of acts illegal will not have any change on the actual security of the internet.

My feeling is that holding people responsible for an insecure system would be a better motivator for improving computer security: the opposite of what is happening now.


Just because a door is unlocked doesn't mean you have the right to enter someone's home.

Perhaps there's some middle ground where if someone responsibly discloses the vulnerability to the owner, doesn't acquire any more data than necessary, destroys any data they do acquire, and doesn't attempt to profit from it (aside from collecting a legitimate bounty etc) they would be immune from prosecution.

I'm not sure what that law would look like or if it's even feasible.


> Just because a door is unlocked doesn't mean you have the right to enter someone's home.

I didn't mention rights. I am simply pointing out that if you want to remove the risk of someone entering your home because the door was unlocked, then it might be better to make someone responsible to lock the door in your house than going through some legal process to remove the person from your house.

In fact, if the act of the person accidentally walking into your house, though an unlocked door, resulted in extreme embarrassment to yourself, then you may also be inclined to use/extend/take advantage of the legal system to hide that embarrassment.


They are going to get exactly what they do not want by continuing this kind of reckless behavior.


We've already got what they do not want.

I'm not arguing that this is an effective strategy, but the standard argument against radical action simply doesn't hold water. Even terrorism (or what was labelled as such) has more often then not had the long term effect of putting reforms on the agenda.


Yes, sounds like protesting gun control laws by shooting people.


I was just discussing this with a lawyer friend who is concerned that it is only a matter of time before anonymous gets classified as a domestic terrorist group. The PATRIOT act defines domestic terrorism as:

> activities that (A) involve acts dangerous to human life that are a violation of the criminal laws of the U.S. or of any state, that (B) appear to be intended (i) to intimidate or coerce a civilian population, (ii) to influence the policy of a government by intimidation or coercion, or (iii) to affect the conduct of a government by mass destruction, assassination, or kidnapping, and (C) occur primarily within the territorial jurisdiction of the U.S.

Condition C is met, condition B(ii) is pretty much declared. How much of a stretch would it be for a federal prosecutor to argue that condition A is satisfied because exposing personal information of powerful people is dangerous to their lives?


I'd say they've got B.i and B.ii down pretty thoroughly and C wouldn't be difficult since the end result of the act occurred in the US.

A is the problem. If Congress expands that to economic crimes, then it's instant terrorist.


> A is the problem. If Congress expands that to economic crimes, then it's instant terrorist.

On the other hand, so is lobbying.


Not really, assuming that it doesn't (otherwise) break the law.


The moment I saw this news I thought false flag!

And I may have been right:

http://www.reddit.com/r/technology/comments/17v9zy/anonymous...

The feds have been investigating the bankers, and I'm sure they had access to all that information. The feds are having their own terrorist plots (that then they "uncover" themselves). Is it really that far fetched for this to have happened, too?


It's much more likely that you're witnessing the confluence of confirmation bias and the inherent ambiguity created by many different sets of people operating under the same name. We have, in fact, been through this before with "Anonymous", because anybody can claim to be "Anonymous". (The post on reddit is hilariously out of touch with this fundamental reality.)

You, personally, have been making claims of false flag attacks for years with a similar lack of evidence. (e.g. http://news.ycombinator.com/item?id=2659640) You might just be seeing what you want to see, instead of drawing the most accurate conclusions you can make based on the available evidence.


Yes, except, the feds can join Anonymous if they wish. That's half of the point of Anonymous - it's not a distinct group of people. It's just a banner.


/facepalm

Anonymous is really embarrassing themselves. Trying to connect the dots from doxxing "management at community banks" back to Aaron Swartz is so cringe worthy I can only shrug and assume they're doing it for the lulz.

row row fight the powah, I guess.


I'll take the secret police over secret vigilantes, if for no other reason that the policy of maintaining a secret police force can be debated as a matter of public policy, whereas vigilantes answer to no one.

Edit: though I'd rather have neither.


Hm. That's a weird trade-off, but whatever.

The thing is though: these guys aren't secret vigilantes. 25 years ago they'd be war-dialing every number in their city prefix ('cause Mom and Dad would get pissed if there were long distance charges on the bill) or moping around 2600 meet-ups trying to show off their homemade redbox.

Now a days they're running LOIC, or WordPress-backdoor-du-jour, or (if they're l33t) `wget --mirror` on some herp derp county website looking for dox. Lists like this are bound to get stumbled upon. When they do, they become currency on irc, redeemable for a modicum of street cred.

Eventually, it falls into the hands of whoever managed to register today's Anonymous twitter account and it gets shoehorned into the political agenda of some teenager who stole "Essential Bakunin" from the library, but hasn't gotten around to reading it.


Secret police are used to stifle dissent; they aren't subject to it. The whole point of a "secret police force" is that they are an incredibly powerful tool not subject to public oversight, public debate, or even public approval.


Right? If the public knew about it and debated it, it's not a "secret".


The "secret" part of "secret police" refers to the hidden identity of the members of the secret police, not that the mere existence of the secret police is a secret.


If the public didn't know it existed at all, it would be both less effective as a means to limit fringe behavior (police states control through fear of not knowing who is working/informing for them), and would endanger the members when they tried to exercise police functions.


Really odd contrast, but even taking it as a given...

Vigilantes answer to the State. Secret police are the State, and the State answers to no one. (Except, maybe, vigilantes, who when successful always seem to become the State.)


Another false-flag operation by the US Government, same as the ussc.gov fiasco. Escalating seems to be very effective at discrediting Anonymous based on the comments here and on reddit.


That's sort of the whole point, isn't it? Anonymous, by definition, is anyone (including employees of the US Government) acting on any motivation (including discrediting itself or other groups within itself), so long as they don't sign their name at the end.

It would be interesting to see how many factions exist within the cloud of self important people that capitalize the letter 'A' when they withhold their name.


I think you give the US government too much credit.


I think you don't give it enough credit. Israel has a history of disinformation and misinformation campaigns and I think the Obama administration will take a page from their book.

This strategy may be at the forefront of Obama's domestic policy strategy for this term -- just look at how they're discrediting the pro-Republican anti-Democrat media and they're very successful so far.


Chrome gives a malware warning when you visit this site - watch out!


It is apparently due to sites embedding Netseer ads: https://twitter.com/search/realtime?q=netseer


I started getting warnings from Crome on weeatherunderground today.


Another story about the Anon criminals.


Another thread of broken-record HN comments!


What's a "record"?


Well who is stupid enough to upvote these stories. Apparently there are a lot of confused people on this site.


I upvote them, because I find the entire Anonymous drama to be incredibly fascinating and highly topical to the HN demographic. What I do tire of is the 'damn buncha hoodlums' comment cacophony that offers no contribution to the discussion.


Well the drama maybe fascinating but it is not productive or helpful to any cause other than giving hackers a bad name, a fact I think many miss.


I don't know about that. These acts highlight that the inarguably-real criminals can humiliate the government and not be stopped while public information activists get thrown away. One can say that they're Bad and/or criminals, and might be right, but to assume that the actions of Anonymous are in a vacuum apart from Aaron or Manning is short-sighted. Are their actions and reckless? Probably. So? The means-ends relationship is complicated, but Anonymous acts within their virtues and their intents are from the right place. And come on, this shit's hilarious!

And, this whole 'giving hackers a bad name' thing. Give me a break. Yes, 'hacker' is a dirty word to some. Most likely those that don't understand, nor matter to the greater interests of either types of who self-identify with the word. It will continue to be, regardless of however many Facebook/Google/Instragram/whatevers there are.


Anonymous is worse than useless.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: