venturebeat.com— National Security Agency director General Keith Alexander believes Anonymous could have the power to take town the United States' electrical grid this year.
Feb 21, 2012View in Crawl 4
Agreed having them on the internet is asking for trouble and there are far more serious risks then Anonymous such as terrorist groups and enemy states.
I feel the biggest hacking threat to worry about is the Chinese government which has a history of hacking attacks.
I'd rather security holes be found by Anonymous, used for political purposes, and then corrected, then be found by the Chinese and used secretly, or kept for military uses.
I agree they would only expose said holes while the other entities would use them to cause as much harm as possible.
But really these systems should not even be accessible on the public internet.
How would you know if it was them or not? The power goes out and an anonymous entity claims responsibility, using the trademark grandiose language of Anonymous. It could neither be confirmed nor effectively denied for obvious reasons. They will eventually be provoked, leading them to expose themselves, and eventually caught for better or worse.
Unless they have a disconnected cell-like structure, where multiple organizations act completely independently, I don't see them as having any reservations against turning the others in, in exchange for a deal from the feds. ( like no Gitmo, or c**k-meat sandwiches ) Even mafioso are known to turn each other in, while knowing full well that they will be ordered killed.
hasn't happened yet, and if you're not anon why would you put yourself out there as such if you could be charged with their past 'crimes' I just haven't seen anything like this done by them.
Yeah, but having worked with government systems in one form or another for several years now I can safely say the opposite.
It's important to never forget that all these systems were thought up and implemented not by technicians or information safety officers, but by old men with not a single goddamned clue how the technology actually works, and more importantly, no idea about the capabilities of said systems.
was caused by "overgrown trees" that didn't even fall on transmission lines, but just came into contact with them. The power grid would not take much encouragement to fail utterly. Unless you believe, for some reason, that there has been massive spending on infrastructure improvements over the past 9 years. There has not.
Well, it is my experience that things need to go seriously wrong before anything changes.
As far as why?
Look at the geriatric Congress that we have. The same people who are in charge of policy that could safeguard these systems that are at risk, are the same people who need their grandchildren to remind them of how the email machine works!
Things have gone and continue to go seriously wrong.
Facebook did not require any capital expenditure. It was an idea. It would be nice if an idea could save the power grid but I don't see it happening. ( of course, you never see things like that coming until it's already happened ) Maybe someone will actually come up with a successful plan for decentralized power generation. I hope so because we no longer have the collective will to spend the several trillion dollars that would be needed to modernize our nation's infrastructure.
Even HTTPS's trustworthiness is conditional and predicated upon things that have been shown to have had their efficacy collapse both in the past half year and a decade ago, and all points in between.
The systems we planned to run on were not the ones we did run on.
The status quo of computing is shaky as the legs of a newborn colt and ... not as new.
In the absence of someone intending to do harm it's not so bad most of the time but sometimes it is, and when someone wants to do wrong there's almost as big a business supporting that as doing right.
Most security assumes it will be buttressed and sheathed reliably by other components. Things have gotten unsheathed and the buttresses have been more compromised than anticipated.
It's sort of a psychological pratfall, not just a straightforward intellectual failure.
Can you completely trust an HTTPS server or the protocol implementation itself? Can you completely trust the software in a firewall?
If you haven't looked at and understood, tested and read it yourself, then faith in it is blind or presumed. If you aren't there in the future to oversea the integrity of the system's environment not to mention upgrades/reconfigurations then again, your faith is blind.
The flip side though is look at what happened to that sysadmin in San Francisco who didn't trust anybody at all.
In any case, history has shown that HTTPS has recently been very unreliable in some major situations and firewall code has been shown to be just as disappointing as other code.
I think the DigiNotar and other CA scandals in the past year have shown everyone just how vulnerable the CA/trusted third party system really is.
What you're saying is correct to a certain degree about blind trust in software, but my main point was that a lot of these systems appear to be thrown online without so much a hint of a security audit or someone saying "Is this a good idea?" If you've a *nix box, how hard is it to create and inspect some IPTables rules?
The idea wasn't incredibly flawed but the world around it became incredibly, and unforeseeably flawed.
I think at the time, designers assumed rightly that consumers would put their foot down and software makers would behave responsibly.
But when you have a company like Microsoft who despite knowing it's not true, says the main reason it gets hacked is because it is "popular" (like saying the cold sore on your lip came from people liking you) then their incredibly reasonable expectations were not meant.
If I can make another analogy besides linking Microsoft's security posture to an inclination to get herpes, take an ordinary sugar packet.
It comes in a thin paper package because, though sugar granules melt when wet, people know enough to not spill water in them, drop them in puddles, or carry them in their armpits on a hot day.
Now, with computers, people and some companies were way less smart than a little kid would be with a sugar packet.
The PKI stuff is like the sugar inside a reasonable packet, but it's being handled and policy is being set -- by retards.
That's the biggest failing. Everything else is wrong, PKI was the one thing protecting some things --- but because of everything else, it is coming down.
And it was the last bastion holding up so many crappy things. Look at Microsoft's brain dead "Authenticode protected" native ActiveX controls which lacked a sandbox.
You're not looking so protected now, ActiveX/COM!
There was also some flawed crypto in SSL and that feeds back and forth between the silly, over-trusted signed code.
Most measures and counter measures only work if everything else is working like it is supposed to.
The game for crooks [and god knows what you call the other kinds of miscreants] these days is to find the first violation to make, that enables the second violation ... and pretty soon, they have tipped the bricks of a castle wall like dominos.
There is a lot of flawed psychology and invalid logic/premises at work too.
Lets say I design a protective protocol. I might assume physical/electrical integrity/privacy of the cabling. The guy responsible for the for the cabling on the other hand turns around and assumes that the protocol guy will handle "everything if anything goes wrong".
Unfortunately, nobody is handling everything and there is a lot going wrong.
Computer hackers are becoming like rats, fleas, lice, STDs, etc. We know what causes, allows, and encourages them -- but we don't really truly change our behavior or really -- the big problem: our underlying precepts which are just boldly and stupidly wrong.
We don't need more security people, we need fewer people writing bad code and excusing it with corporate puffery like self-proclaimed "popularity".
It's practically asking for herpes and certainly spreading it to boot.
Your point about inspecting the IP tables is good but clearly these PCI inspections/certifications were missing a lot of stuff, which tells me the inspections were ritualized and the people doing them were collecting money but lazy or not smart enough. That breeds a false since of security which compounds problems instead of fixing them.
They Sony stealth rootkit that Sony commissioned hackers to write that hacked into Windows kernel and hid itself from computer owners half a dozen years ago is a great example of that.
How many inspections were done in the five quarters (1-1/4 years) that Sony was shipping it, infecting millions of Windows PCs?
Yet none of them found anything wrong. They went through a checklist but the checklist was like the king who had now clothes.
It didn't detect the intrusion into the kernel, the malware's act of hiding itself, its illegal communication back to its "home base" at Sony of private information, or the "back door" that was opened up by Sony's malware.
So, if inspections didn't find these things when security teams did 'em, and all of these were major violations that these teams were paid to find, and it went on for well over a year then it seems like those inspections blew, doesn't it? The malware detection/protection tools too.
The software firewall was not the problem in these cases. It was flaws in the Windows OS itself, the management of Sony, the entire security industry, and all existent antivirus software.
It only got discovered because a security researcher bumbled on it while toying with a new way to detect stealth viruses he presumed didn't exist yet, but discovered to varying levels of horror/surprise had already infected his own computer.
The lesson is that security-quality has to be in every level of every system/organization and a spot check will not get it. Things really bad in one area will not be offset effectively by things being really good in another area. It's not a straight up addition/subtraction thing.
Security audits were no good at catching this problem and it involved about every kind of threat you could have.
Checklists can be a religious ceremony for those who have faith that the underlying tech is "all good". An empty ritual, and catching some mistakes reinforces that feeling and justifies the exercise.
It's obviously not all good but instead far from it.
So such faith is misplaced. There is too much delegation of responsibility and not enough integration of efforts/comprehension for effects to be real.
A lot of computer security in one market sector is largely to keep a "lid" on the problems rather than to make sure the problems are found, fixed, removed if they can't be fixed or replaced (ouch but yes), and inherently guarded against in the future.
Instead, they revised the meaning of standard security problems to make them sound like a virtue or somebody else's problem.
I think Moore's law about speed & size of computers is working backwards on security, or rather "as advertised" on *insecurity*.
Meanwhile, our faith that is not taking place is mounting obscenely. Rituals won't help that and has not stopped The Really Big -- widespread or serious -- hacks from taking place. Catch some, let others go buy -- not really solving a problem. Instead, it's growing geometrically.
Cops want to start identifying software responsible for allowing hackers to steal sometimes, and I've been convinced they should for almost a decade now.
Instead of fiddling with market systems on hollow rituals and artifacts, we should turn it loose on the real implements.
Yeah, someone could configure something 'wrong' with too broad IP table settings, and made/had a couple other technical faults but in the end that's part a user problem -- and if commonplace, a problem with the software itself. Things should push the trend to prevent operator errors; and also to observe, report, push for resolution.
Sure but lots of people don't update operating systems especially after they have had them a few years, and virtually no Windows operating systems shipped with reasonable precautions like not autoexecuting code on USB memory sticks, CD-ROM drives, etc. Microsoft kept that feature around, even though professional hackers, Sony, and others exploited it to the hilt. Patching it was a recent retrofit; one many probably have not applied.
Not having retarded programming in a SCADA system is a good goal.
Caveat emptor.
It’s not easy to disrupt the power grid in the United States. Most systems use proprietary operating systems and applications that are “not readily available for study by your average hacker,” writes Michael Tanj. Power grid or drinking-water systems and networks are not connected to the public internet.
In other words, it would take more than the efforts of an internet meme scattered across imageboards and forums to disrupt this complex system. It would take the concerted resources of a nation-state like China or Russia – or more likely the NSA itself.
“Even in places like the United States, where there isn’t much you cannot find online, you’re not going to be able to get the depth and detail you need to turn off the lights with a simple network connection. You’re going to have to deploy national-level resources,” writes Tanj.
The NSA knows this. It is exploiting the minimal threat poised by Anonymous as part of a propaganda campaign designed to extend the reach of its “Perfect Citizen” program.
It's not easy to keep the power grid of the United States' region(s) from falling down on their own, you mean!
You haven't noticed any of the regional electrical failures in the past half decade or any of the regional phone system failures in the past decade and a half??
Anon is FOR the people, NOT against them. This is nothing but NSA propaganda and a lie at that to get public support for NSA taking the watchdog stance on the internet. They are not here to cause ww3, they are not here to cause violence among the ppl, they are here to end corruption, its that simple. The NSA has decided to play hardball and release false statements like this to fool or weak minded society. People need to listen to what Im saying, its the truth.
They take down assh**e organizations and people like the NSA that get out of line. Anonymous is billed as a "terrorist" organization and the media calls them as such, though what they really are is an organized group that is our own Internet army fighting back against the many draconian bills and other shenanigans being introduced.
Though if push came to shove, Anonymous can most certainly shove hard when it wants to.
I thought traditionally anyway most municipal services are fairly unconnected to the Internet, at least nothing important can be reached as they utilize closed computer systems for the critical stuff.
The problem with what they are doing is they are giving ammunition to these government agencies. I could see some ass hat deciding to do something like this and then have the blame put on Anonymous to get the various government agencies broader powers to do what they want to do.
"Anonymous" is not an "army". It has no organization, no chain of command, and doesn't have a government to take orders from. They're not "fighting back" anymore than painting graffiti on City hall is "fighting back" against the policies of the Mayor.
You want to "fight back", you do it properly by lawful means. Oh, look, that's what's happeing with ACTA. Where again? In Europe.
While the stupid usians stay home waiting for some clueless script kiddie to "fight" for them. Meanwhile I imagine you're all masturbating to fantasies of yourselves shooting the "jackbooted thugs" with the guns you leave in your drawers. ;)
/snicker.Comment is buried, click here to see the rest.
"While the stupid usians stay home waiting for some clueless script kiddie to "fight" for them. Meanwhile I imagine you're all masturbating to fantasies of yourselves shooting the "jackbooted thugs" with the guns you leave in your drawers. ;)
/snicker."
No, actually I live in constant fear because of the war being waged against workers and the 99% in this country that the day will come when I have to get out the guns I put away some time ago, dredge up my old combat training and fight to protect my family against people who were my neighbors the day before.
Nobody but an idiot is "masturbating" to the thought of having to murder their friends and neighbors, and nobody but an idiot will sit here and make light of it.
LOL. You will do no such thing, you will cower and whimper, and stay home where you feel safe. Meanwhile we Europeans take to the streets and actually get things done.
us = fail. Europe rules the world. A nous la victoire!Comment is buried, click here to see the rest.
"I thought traditionally anyway most municipal services are fairly unconnected to the Internet, at least nothing important can be reached as they utilize closed computer systems for the critical stuff."
That's what I would think too. I have education and training in critical software design, and isolating critical systems from an open network would be a very basic concept.
Yeah, well I work at a large "software company" and I work with a lot of bright people that understand network security very well, and in some cases have "written the book" on the subject. They all agree with me that security, even at our computing-centric company, is a complete joke, mainly because of the potential actions of employees. The networks are fairly secure from the outside in, but it would not take much effort to get someone to compromise it all from the inside, willingly or not.
Unfortunately, some people are willing to do anything for money ( or politics ) and I think they might be easier to find at public utility companies. Technology is nearly useless against social engineering.
Be careful what you wish you. If Anon manages to do some real damage that affects people's lives, like shutting off the power, then support will galvanize against them and the US govt will use that support to clamp down on Internet privacy. No Wikipedia blackout is going to stop it then.
Anonymous is being used as an excuse by the government as it rolls out increasingly draconian surveillance programs under the aegis of “cyber security” and terror prevention.
Anonymous’ “electronic civil disobedience” – primarily consisting of denial service attacks on government and corporate websites – and sensationalistic media coverage feed into the plan to not only lockdown and eventually modify the free-wheeling character of the internet, but turn the medium into the most pervasive and effective surveillance apparatus on the planet.
It is becoming increasingly obvious that Anonymous itself is either an NSA op or functioning as a useful idiot.
“The power of this group is unprecedented,” Rob Johnson wrote on January 24. “On the day that the feds shut down MegaUpload.com, Anonymous responded by bringing down the websites of the US Department of Justice and the FBI, as well as the sites of the Motion Picture Association of America (MPAA), Warner Music Group, Universal Music and the Recording Industry Association of America (RIAA) in the largest-ever cyber attack. Anonymous went on another spree Monday morning, assuming control of Senator Chuck Grassley’s Twitter account and shutting down the websites of CBS and Universal Music.
Who could do all of this more effectively than the cyber special ops already in place within the government? It’s called United States Cyber Command (USCYBERCOM), led by General Keith B. Alexander.”
It's harder than you make it sound to fully describe a group in one or two simple terms. Not every group or role performs as specified before or after the fact.
In fact, the microprocessor in the computer you are reading this on now has a number of things it does that are at odds with what the data sheet used for marketing and engineering purposes says it does.
o.0
If some guy who says he is part of Anonymous, despite there being no clear membership predicate for the group, steals your account and PIN number from your bank, publishes it, and your bank account gets robbed and your bank will not cover your loss -- is that guy still part of "your" army?
How about if it's not you but your cousin that is victimized?
How about your first grade teacher whom you haven't seen in years and is retired, living on her savings is the victim?
US gov't should be concerned with blackouts, period. It's far too easy to take out the electric grid as it is today. It needs to be fortified and decentralized with an emphasis on renewable generation.
Actually, the US electrical grid isn't that reliable at all. It's a tangled mess that is hard to predict or control. Hitting one part of the grid may not take that grid out but could, however, take out any or all grids around it. Our power plant engineers WISH the grid was that reliable...
Ah, the NSA's little propaganda campaign spits out another "story". Isn't this the third story in the last few months about how ""Someone" (NSA) has to do something about our infrastructure IT security" And the other two have already been proven to be massive overreactions and outright lies (one sewer plant's pump burnt out from old age not a cyberattack and a train ticketing system was breached, not the track control systems)
The only blackouts coming will be caused by the inefficiency and out-dated equipment that makes up "the grid". I don't doubt there will be attempts to blame anonymous but then that's the way the game is played.
Create a fear. When something happens, relate it to the fear and blame it on the chosen evil people. Use it to create more diversion while enacting laws, procedures and protocols to remove more freedom and get the people to buy it in order to "protect" them.
The most common agenda, if you can find one, is probably "for the lulz" not "save the Internet". Idealists and hackers are separate sets with an undefined overlap.
It does seem that classifying anonymous is starting to change they way they classify themselves though.
I think the Anonymous movement is less of a network overall and more of a wave effect. Think about it. There's no direct communication overall. Things happen and then other things happen in reaction. It's like an inductive field. Inductive logic too. Total trigger-effect, in effect.
Supercritical reaction. Like tossing ping pong balls into a room where the floor is covered with mouse traps. Ever seen that one? Very unforgettable experiment to show how a chain reaction of the nuclear type occurs.
Unfortunately, our computer systems are unstable, numerous, and in close proximity to each other. What does THAT sound like to YOU?
Feynman would have spread them out more, and did the math to show why and how much to do it by. Unfortunately, with computer systems every trend in the past 15 years has been to do just the opposite and not worry about the growing instability problem. We can blame it on someone else and/or charge MONEY for it!
Brilliant. Enjoy the meltdown. This takes the cake for stupidity by people who should know better.
If they did not so many flaws especially the same ones over and over would not be going into their software, and they would ditch the puffy white sleeve collared shirts -- physical or otherwise -- and do the grungy work of pulling bad code out -- or bite the bullet and delete the parts that cannot be cleaned up given reasonable time and cost.
Sometimes you gotta get rid of the mistakes before they get rid of you.
I'm not very sympathetic to Anonymous's actions but I'm not very sympathetic to those whose technical faults Anonymous exploits over, and over, and over again either.
I'm not rooting for either side. I'm rooting for the integrity of the game to be restored and taken back from two teams that are cheating, putting everyone in danger and ripping them off.
It is a sad day when the people squeezed into the stands cannot see the game that is afoot.
The Anons I interviewed said it took 5 minutes to gain entry into Alabama.gov's site. 40,000 residents' sensitive information was there for the taking; including social security numbers, etc. They deleted it. They could have sold it. But they didn't.
Sure, there's always a few in every crowd but what makes them bind together is a common cause.
It's all good Steve and Walrus. I and my friends certainly don't have any issues with it. Otherwise, I'll consider the money well spent. I hope it was a waste of time in the long run, but it's always nice to have an Ace in the hole if you know what I'm talking about.
Depends on all the individuals and if they were omniscient or not.
-_-
Look how many bankers and other industry executives took down their own company, wrecked their own stockholders' value, betrayed their own employees who they saw every week for years.
If you frame things across a broad enough cross section of random humanity, then you might as well ask yourself "would a human being doing this?"
Seems like to that question the answer to just about anything physically possible is "yes". But that still doesn't mean it does apply to the individuals or group in question, just that it could.
Plus, in reality at the same time something is considered a battlefield by some people it's considered anything but by other people. Places and spaces can be more than one thing at one time, particularly when there is more than one person involved.
That is far outside the envelope of what Anonymous has done so far.
Everyone knows the FBI accused a DoD worker at a United States biowarfare lab in a military fortress as being the person behind making the Anthrax spores released by somebody in the wake of the 9/11 jetliner-to-building attacks.
So far, the most destructive thing Anonymous has done is take and publish information/credentials and distributed denial of service attacks.
For years, the latter has been attributed to script kiddies.
The former is what News Corp is accused of doing. But in News Corp's case it was combined with putting political pressure on the very people its workers were caught illegally procuring.
News Corp's leverage was stolen information. News Corp's finances were buffed with stolen information.
News Corp employees in the US was also accused of hacking into computers in order to get information from a competitor.
So why hasn't NSA gone after News Corp hard and for that matter sooner than now. It hasn't expressed public displeasure about News Corp.
It seems like they dislike the criminal, not the crime.
[By the way, I don't think either should be breaking the same laws -- but they are breaking the same laws. With the exception that for News Corp, it is an integral component of their business; crass commercial purposes.]
It is just good thing , that there is more big bad scarey monster that might being hiding in the future . I was worried about tomorrow might be a better time . Please please government save us by spying on anyone that can not be trusted . You know people that did not agree with what your believes are .
"So it works like this: First of all, you create the problem, but you get someone else to be blamed for it. You then report that problem through the media in the way you want it reported – because the media is owned by the same people who own the banks, etc. You get the public to react to your problem by saying, “Something must be done; this can’t go on; what are THEY going to do about it?” And at that point, THEY, who have covertly created the problem, and blamed someone else, who gleaned that reaction of Do Something, then offer the solution to the problems they have created."
This “Problem-Reaction-Solution” technique is not just used to create and control wars, it can be applied to any situation where you want to produce a particular outcome. For example, this technique is currently being used to centralize power in the financial world. It can also be used to introduce new laws that restrict our civil liberties.
So, whenever you see some big news story – whether it be an alleged terrorist attack, a run on a currency, an accidental loss of people’s personal data, an assertion that everyday people are causing “global warming”, or an allegation that some poor country has developed nuclear weapons – the first question you need to ask yourself is this:
This is one of the most patriotic actions ever. Forget about the annoyance factor....this is about how relatively easy it is to take down the US infrastructure. Just be DAMN glad that Anonymous is a benign actor instead of a hostile.
Wait, didn't our Legislature just try to write an Internet "kill switch" -- an 'uber blackout' switch -- into our laws a mere year or two back?
Now, they are afraid anonymous might cause a blackout is tiny in comparison than the one they planned to design into the US Internet themselves?
I'm not an expert on politics but to me this smacks out outright hypocrisy.
I wonder if Jon Stewart will be mulling this over in his show in the near future. 'Kill-Switch-Congress vs. Annoying-Interference-Anonymous' ?
What are we supposed to think is "bad" when the government insists it needs to do something shocking, and then worries that a group of misanthropes might to something similar on a really tiny scale?
For that matter, what is a misanthrope? Can somebody please look it up?
Here is more discussion where the bill's author defends the kill switch legislation as not being kill switch legislation. I didn't totally get what he was saying. It also describes how middle eastern dictators got kill switches for their Internet and abused it and then their populations.
We've had real life blackouts that affected multiple states and even more than one country in the past half dozen years.
Fearing a single group and not speaking directly to the fact you mistrust your own equipment/systems is not very forthright. If all it takes is a rabble of teenagers to tip our infrastructure into the drink, then we have the wrong infrastructure or the wrong teenagers.
We can't get rid of teenagers but we can start attacking the problem of defective equipment and systems today.
I agree with a number of commenters. I'll add my own $0.02 worth to tie it together.
So far Anonymous hasn't done anything which could considered more than electronic vandalism. It's what I refer to as kid stuff. This is pretty restrained compared to what could have been done. The motives behind their actions are not to inconvenience people or mess up peoples lives (in general). Blackouts would be outside their pattern of behaviour. As it is there have always been points to why they do what they did. What would be the point of causing blackouts?
Regardless of their skill level I'm pretty sure we can all agree the American government is getting paranoid and finding enemies behind every bush and stone.
Stupid scaremongering. Probably budget time again and various agencies trying to get a bigger budget next year. The internet is open so if you connect something to it you simply have to take measures. Not taking measures is an open invitation.
Weird to see that in the US it always is presented as a threat to national security. What's wrong with you guys to immediately start searching for monsters under the bed?
Who's "you guys"? You mean Americans? Believe me, the majority of us with an IQ over 70 desperately want to see Homeland Security abolished, along with TSA and other brand new, ineffective and expensive programs. Most of us value our liberty over this ignorant attempt to enhance our "security".
If the 10 largest American cities were vaporized, we would still be America. The recent suspension of Habeas Corpus and increasing rate of imprisonment of peaceful and productive citizens threaten to end our great experiment far more than any "threat to national security" could ever hope to. This is because we are a nation based on ideals, not on fear. This goes for the USA more than any other nation on the face of the Earth.
These clowns need to be careful, they could actually hurt someone. Interrupting a portion of the grid would have actual consequences; that is a lot of energy to play with. Doing so on purpose is an excellent way to end up in prison for a very long time.
SCADA systems are not being attacked by Anonymous.
The only credible sounding guesses so far about who was behind the latest great bit of SCADA attacking malware; could have, and perhaps did do it is your own department of Defense.
Don't blame Anonymous or anyone else for what someone else did. You just encourage those who did it before to do it again.
The fact is there is too much low hanging, dogmatically delicious, idealistically appealing, tasty, low hanging fruit right in their reach.
Also, a bunch of these guys seem to have been trained or *were in the process of getting trained!* in computer [in]security by the very people who now maybe are accusing them of lusting after SCADA.
You spend fifty-billion dollars on something, you should get more out of it than egg-based face decorations.
I'm not blaming anyone yet. I'm just pointing out that disrupting the power grid is not the same thing as screwing around with a web site; people could die, there would be consequences. I hope this is nothing more than paranoia/exaggeration on the part of the government.
This is propaganda put out by the govt to make the people who know nothing about whats really happening think that Anon is after them, the people. Anon wants to help the ppl, not shut them down. Pure US PROPAGANDA. Thats all this is.
Isn't this the concern that anonymous tried to spur a few months back (I don't recall the exact timeframe)? Discussions and actions regarding power grid security are long overdue.
The NSA? I don't think so
Anonymous? They are linked only to each other.
They hold no government sacrosanct nor do they tolerate the hubris of government officials.
Israel's current regime is guilty of hubris to the extreme.
Even the Israeli people have issue with their government.
Before blaming Anonymous for anything, take a look at your own bias and remove the blinders.
richidFeb 22, 2012Staff
Hopefully this will make utility operators realize that leaving their SCADA systems on the open internet IS NOT A GOOD IDEA.
nitoriFeb 22, 2012
Agreed having them on the internet is asking for trouble and there are far more serious risks then Anonymous such as terrorist groups and enemy states.
I feel the biggest hacking threat to worry about is the Chinese government which has a history of hacking attacks.
jivatmanxFeb 22, 2012
I'd rather security holes be found by Anonymous, used for political purposes, and then corrected, then be found by the Chinese and used secretly, or kept for military uses.
nitoriFeb 22, 2012
I agree they would only expose said holes while the other entities would use them to cause as much harm as possible.
But really these systems should not even be accessible on the public internet.
satori3000Feb 23, 2012
Yeah, I'm having trouble with the idea that Anon would take down power grids and endager lives. They've done nothing to make me think they'd do this.
juliochavezFeb 23, 2012
How would you know if it was them or not? The power goes out and an anonymous entity claims responsibility, using the trademark grandiose language of Anonymous. It could neither be confirmed nor effectively denied for obvious reasons. They will eventually be provoked, leading them to expose themselves, and eventually caught for better or worse.
Unless they have a disconnected cell-like structure, where multiple organizations act completely independently, I don't see them as having any reservations against turning the others in, in exchange for a deal from the feds. ( like no Gitmo, or c**k-meat sandwiches ) Even mafioso are known to turn each other in, while knowing full well that they will be ordered killed.
satori3000Feb 23, 2012
hasn't happened yet, and if you're not anon why would you put yourself out there as such if you could be charged with their past 'crimes' I just haven't seen anything like this done by them.
pabloz1Feb 23, 2012
Yeah, vs the USA which has a history of bombing people......all in the name of freedom of course.
njdoo7Feb 22, 2012
Common sense should have told them that when they built the systems.
I would highly doubt many are vulnerable to such a threat, but I have limited knowledge of these systems.
This concept would fall under critical systems 101.
dauntless1Feb 22, 2012
Yeah, but having worked with government systems in one form or another for several years now I can safely say the opposite.
It's important to never forget that all these systems were thought up and implemented not by technicians or information safety officers, but by old men with not a single goddamned clue how the technology actually works, and more importantly, no idea about the capabilities of said systems.
njdoo7Feb 22, 2012
I highly doubt the design and improvement of these systems stopped with the old guy who knew nothing about technology.
If that were the case, those systems would have already been outdated and inefficient.
ajh16Feb 22, 2012
Njdoo, I have friends that work with the power system. The systems ARE outdated and inefficient. They also are highly insecure. Welcome to industry.
juliochavezFeb 23, 2012
http://en.wikipedia.org/wiki/Northeast_blackout_of_2003
was caused by "overgrown trees" that didn't even fall on transmission lines, but just came into contact with them. The power grid would not take much encouragement to fail utterly. Unless you believe, for some reason, that there has been massive spending on infrastructure improvements over the past 9 years. There has not.
danthepiercerFeb 22, 2012
Here is a really good documentary (all of Frontline's work is, IMO) about this.
It's a few years dated, but still relevant.
http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/
njdoo7Feb 22, 2012
Most of that information is from 2002-2003.
Facebook was founded after that, and look how much it has changed in just that short time.
The question is, in the past 10 years, how much has the situation changed?
If the problem hasn't been fixed, why?
danthepiercerFeb 22, 2012
Well, it is my experience that things need to go seriously wrong before anything changes.
As far as why?
Look at the geriatric Congress that we have. The same people who are in charge of policy that could safeguard these systems that are at risk, are the same people who need their grandchildren to remind them of how the email machine works!
johnnysoftwareFeb 23, 2012
Young can make as many mistakes as old.
Shocking numbers of crucial decisions are made from a position of relatively ignorance about details and crucial facts/principles of the subject.
juliochavezFeb 23, 2012
Things have gone and continue to go seriously wrong.
Facebook did not require any capital expenditure. It was an idea. It would be nice if an idea could save the power grid but I don't see it happening. ( of course, you never see things like that coming until it's already happened ) Maybe someone will actually come up with a successful plan for decentralized power generation. I hope so because we no longer have the collective will to spend the several trillion dollars that would be needed to modernize our nation's infrastructure.
richidFeb 22, 2012Staff
I wouldn't count on it. Many of these systems have minimal, if any, firewall rules and are available over HTTP (as opposed to HTTPS).
johnnysoftwareFeb 23, 2012
Even HTTPS's trustworthiness is conditional and predicated upon things that have been shown to have had their efficacy collapse both in the past half year and a decade ago, and all points in between.
The systems we planned to run on were not the ones we did run on.
The status quo of computing is shaky as the legs of a newborn colt and ... not as new.
In the absence of someone intending to do harm it's not so bad most of the time but sometimes it is, and when someone wants to do wrong there's almost as big a business supporting that as doing right.
Most security assumes it will be buttressed and sheathed reliably by other components. Things have gotten unsheathed and the buttresses have been more compromised than anticipated.
It's sort of a psychological pratfall, not just a straightforward intellectual failure.
Can you completely trust an HTTPS server or the protocol implementation itself? Can you completely trust the software in a firewall?
If you haven't looked at and understood, tested and read it yourself, then faith in it is blind or presumed. If you aren't there in the future to oversea the integrity of the system's environment not to mention upgrades/reconfigurations then again, your faith is blind.
The flip side though is look at what happened to that sysadmin in San Francisco who didn't trust anybody at all.
In any case, history has shown that HTTPS has recently been very unreliable in some major situations and firewall code has been shown to be just as disappointing as other code.
richidFeb 23, 2012Staff
I think the DigiNotar and other CA scandals in the past year have shown everyone just how vulnerable the CA/trusted third party system really is.
What you're saying is correct to a certain degree about blind trust in software, but my main point was that a lot of these systems appear to be thrown online without so much a hint of a security audit or someone saying "Is this a good idea?" If you've a *nix box, how hard is it to create and inspect some IPTables rules?
johnnysoftwareFeb 24, 2012
The idea wasn't incredibly flawed but the world around it became incredibly, and unforeseeably flawed.
I think at the time, designers assumed rightly that consumers would put their foot down and software makers would behave responsibly.
But when you have a company like Microsoft who despite knowing it's not true, says the main reason it gets hacked is because it is "popular" (like saying the cold sore on your lip came from people liking you) then their incredibly reasonable expectations were not meant.
If I can make another analogy besides linking Microsoft's security posture to an inclination to get herpes, take an ordinary sugar packet.
It comes in a thin paper package because, though sugar granules melt when wet, people know enough to not spill water in them, drop them in puddles, or carry them in their armpits on a hot day.
Now, with computers, people and some companies were way less smart than a little kid would be with a sugar packet.
The PKI stuff is like the sugar inside a reasonable packet, but it's being handled and policy is being set -- by retards.
That's the biggest failing. Everything else is wrong, PKI was the one thing protecting some things --- but because of everything else, it is coming down.
And it was the last bastion holding up so many crappy things. Look at Microsoft's brain dead "Authenticode protected" native ActiveX controls which lacked a sandbox.
You're not looking so protected now, ActiveX/COM!
There was also some flawed crypto in SSL and that feeds back and forth between the silly, over-trusted signed code.
Most measures and counter measures only work if everything else is working like it is supposed to.
The game for crooks [and god knows what you call the other kinds of miscreants] these days is to find the first violation to make, that enables the second violation ... and pretty soon, they have tipped the bricks of a castle wall like dominos.
There is a lot of flawed psychology and invalid logic/premises at work too.
Lets say I design a protective protocol. I might assume physical/electrical integrity/privacy of the cabling. The guy responsible for the for the cabling on the other hand turns around and assumes that the protocol guy will handle "everything if anything goes wrong".
Unfortunately, nobody is handling everything and there is a lot going wrong.
Computer hackers are becoming like rats, fleas, lice, STDs, etc. We know what causes, allows, and encourages them -- but we don't really truly change our behavior or really -- the big problem: our underlying precepts which are just boldly and stupidly wrong.
We don't need more security people, we need fewer people writing bad code and excusing it with corporate puffery like self-proclaimed "popularity".
It's practically asking for herpes and certainly spreading it to boot.
johnnysoftwareFeb 25, 2012
Your point about inspecting the IP tables is good but clearly these PCI inspections/certifications were missing a lot of stuff, which tells me the inspections were ritualized and the people doing them were collecting money but lazy or not smart enough. That breeds a false since of security which compounds problems instead of fixing them.
They Sony stealth rootkit that Sony commissioned hackers to write that hacked into Windows kernel and hid itself from computer owners half a dozen years ago is a great example of that.
How many inspections were done in the five quarters (1-1/4 years) that Sony was shipping it, infecting millions of Windows PCs?
Yet none of them found anything wrong. They went through a checklist but the checklist was like the king who had now clothes.
It didn't detect the intrusion into the kernel, the malware's act of hiding itself, its illegal communication back to its "home base" at Sony of private information, or the "back door" that was opened up by Sony's malware.
So, if inspections didn't find these things when security teams did 'em, and all of these were major violations that these teams were paid to find, and it went on for well over a year then it seems like those inspections blew, doesn't it? The malware detection/protection tools too.
The software firewall was not the problem in these cases. It was flaws in the Windows OS itself, the management of Sony, the entire security industry, and all existent antivirus software.
It only got discovered because a security researcher bumbled on it while toying with a new way to detect stealth viruses he presumed didn't exist yet, but discovered to varying levels of horror/surprise had already infected his own computer.
The lesson is that security-quality has to be in every level of every system/organization and a spot check will not get it. Things really bad in one area will not be offset effectively by things being really good in another area. It's not a straight up addition/subtraction thing.
Security audits were no good at catching this problem and it involved about every kind of threat you could have.
Checklists can be a religious ceremony for those who have faith that the underlying tech is "all good". An empty ritual, and catching some mistakes reinforces that feeling and justifies the exercise.
It's obviously not all good but instead far from it.
So such faith is misplaced. There is too much delegation of responsibility and not enough integration of efforts/comprehension for effects to be real.
A lot of computer security in one market sector is largely to keep a "lid" on the problems rather than to make sure the problems are found, fixed, removed if they can't be fixed or replaced (ouch but yes), and inherently guarded against in the future.
Instead, they revised the meaning of standard security problems to make them sound like a virtue or somebody else's problem.
I think Moore's law about speed & size of computers is working backwards on security, or rather "as advertised" on *insecurity*.
Meanwhile, our faith that is not taking place is mounting obscenely. Rituals won't help that and has not stopped The Really Big -- widespread or serious -- hacks from taking place. Catch some, let others go buy -- not really solving a problem. Instead, it's growing geometrically.
Cops want to start identifying software responsible for allowing hackers to steal sometimes, and I've been convinced they should for almost a decade now.
Instead of fiddling with market systems on hollow rituals and artifacts, we should turn it loose on the real implements.
Yeah, someone could configure something 'wrong' with too broad IP table settings, and made/had a couple other technical faults but in the end that's part a user problem -- and if commonplace, a problem with the software itself. Things should push the trend to prevent operator errors; and also to observe, report, push for resolution.
Horizons_DRCFeb 22, 2012
I agree! It is really not a good idea.
johnnysoftwareFeb 23, 2012
Sure but lots of people don't update operating systems especially after they have had them a few years, and virtually no Windows operating systems shipped with reasonable precautions like not autoexecuting code on USB memory sticks, CD-ROM drives, etc. Microsoft kept that feature around, even though professional hackers, Sony, and others exploited it to the hilt. Patching it was a recent retrofit; one many probably have not applied.
Not having retarded programming in a SCADA system is a good goal.
Caveat emptor.
ascadianFeb 23, 2012
Full article @ http://www.infowars.com/scary-nsa-propaganda-anonymous-cyberattack-will-take-down-power-grid/
It’s not easy to disrupt the power grid in the United States. Most systems use proprietary operating systems and applications that are “not readily available for study by your average hacker,” writes Michael Tanj. Power grid or drinking-water systems and networks are not connected to the public internet.
In other words, it would take more than the efforts of an internet meme scattered across imageboards and forums to disrupt this complex system. It would take the concerted resources of a nation-state like China or Russia – or more likely the NSA itself.
“Even in places like the United States, where there isn’t much you cannot find online, you’re not going to be able to get the depth and detail you need to turn off the lights with a simple network connection. You’re going to have to deploy national-level resources,” writes Tanj.
The NSA knows this. It is exploiting the minimal threat poised by Anonymous as part of a propaganda campaign designed to extend the reach of its “Perfect Citizen” program.
johnnysoftwareFeb 24, 2012
It's not easy to keep the power grid of the United States' region(s) from falling down on their own, you mean!
You haven't noticed any of the regional electrical failures in the past half decade or any of the regional phone system failures in the past decade and a half??
ascadianFeb 25, 2012
The text I posted was just from the article, sorry bout that Johnny. Didn't mean to confuse, I just thought it was a very interesting point of view.
Those regional failures... did you mean blackouts?
malicexcxFeb 23, 2012
Anon is FOR the people, NOT against them. This is nothing but NSA propaganda and a lie at that to get public support for NSA taking the watchdog stance on the internet. They are not here to cause ww3, they are not here to cause violence among the ppl, they are here to end corruption, its that simple. The NSA has decided to play hardball and release false statements like this to fool or weak minded society. People need to listen to what Im saying, its the truth.
muxmasterFeb 21, 2012
It's not likely, just propaganda.
Closed AccountFeb 21, 2012
They take down assh**e organizations and people like the NSA that get out of line. Anonymous is billed as a "terrorist" organization and the media calls them as such, though what they really are is an organized group that is our own Internet army fighting back against the many draconian bills and other shenanigans being introduced.
Though if push came to shove, Anonymous can most certainly shove hard when it wants to.
I thought traditionally anyway most municipal services are fairly unconnected to the Internet, at least nothing important can be reached as they utilize closed computer systems for the critical stuff.
adml_shakeFeb 22, 2012
The problem with what they are doing is they are giving ammunition to these government agencies. I could see some ass hat deciding to do something like this and then have the blame put on Anonymous to get the various government agencies broader powers to do what they want to do.
frakkinbastardFeb 22, 2012
"Anonymous" is not an "army". It has no organization, no chain of command, and doesn't have a government to take orders from. They're not "fighting back" anymore than painting graffiti on City hall is "fighting back" against the policies of the Mayor.
You want to "fight back", you do it properly by lawful means. Oh, look, that's what's happeing with ACTA. Where again? In Europe.
While the stupid usians stay home waiting for some clueless script kiddie to "fight" for them. Meanwhile I imagine you're all masturbating to fantasies of yourselves shooting the "jackbooted thugs" with the guns you leave in your drawers. ;)
/snicker.Comment is buried, click here to see the rest.
dauntless1Feb 22, 2012
"While the stupid usians stay home waiting for some clueless script kiddie to "fight" for them. Meanwhile I imagine you're all masturbating to fantasies of yourselves shooting the "jackbooted thugs" with the guns you leave in your drawers. ;)
/snicker."
No, actually I live in constant fear because of the war being waged against workers and the 99% in this country that the day will come when I have to get out the guns I put away some time ago, dredge up my old combat training and fight to protect my family against people who were my neighbors the day before.
Nobody but an idiot is "masturbating" to the thought of having to murder their friends and neighbors, and nobody but an idiot will sit here and make light of it.
Good day sir.
frakkinbastardFeb 22, 2012
LOL. You will do no such thing, you will cower and whimper, and stay home where you feel safe. Meanwhile we Europeans take to the streets and actually get things done.
us = fail. Europe rules the world. A nous la victoire!Comment is buried, click here to see the rest.
jivatmanxFeb 22, 2012
Eastern Europeans are the only ones really protesting, because their memory of communism.
Germany only backed down because they are averse to controversy.
Also Europe doesn't have an equivalent to Hollywood pushing this.
njdoo7Feb 22, 2012
"I thought traditionally anyway most municipal services are fairly unconnected to the Internet, at least nothing important can be reached as they utilize closed computer systems for the critical stuff."
That's what I would think too. I have education and training in critical software design, and isolating critical systems from an open network would be a very basic concept.
scienceguy1977Feb 22, 2012
Cylons would agree!!
juliochavezFeb 23, 2012
Yeah, well I work at a large "software company" and I work with a lot of bright people that understand network security very well, and in some cases have "written the book" on the subject. They all agree with me that security, even at our computing-centric company, is a complete joke, mainly because of the potential actions of employees. The networks are fairly secure from the outside in, but it would not take much effort to get someone to compromise it all from the inside, willingly or not.
Unfortunately, some people are willing to do anything for money ( or politics ) and I think they might be easier to find at public utility companies. Technology is nearly useless against social engineering.
ieatskunkFeb 22, 2012
Be careful what you wish you. If Anon manages to do some real damage that affects people's lives, like shutting off the power, then support will galvanize against them and the US govt will use that support to clamp down on Internet privacy. No Wikipedia blackout is going to stop it then.
ascadianFeb 23, 2012
I found your point very fascinating ieat. I hadn't really thought of the "possibility" that maybe Anon is an NSA op.
Full article @ http://www.infowars.com/scary-nsa-propaganda-anonymous-cyberattack-will-take-down-power-grid/
Anonymous is being used as an excuse by the government as it rolls out increasingly draconian surveillance programs under the aegis of “cyber security” and terror prevention.
Anonymous’ “electronic civil disobedience” – primarily consisting of denial service attacks on government and corporate websites – and sensationalistic media coverage feed into the plan to not only lockdown and eventually modify the free-wheeling character of the internet, but turn the medium into the most pervasive and effective surveillance apparatus on the planet.
It is becoming increasingly obvious that Anonymous itself is either an NSA op or functioning as a useful idiot.
“The power of this group is unprecedented,” Rob Johnson wrote on January 24. “On the day that the feds shut down MegaUpload.com, Anonymous responded by bringing down the websites of the US Department of Justice and the FBI, as well as the sites of the Motion Picture Association of America (MPAA), Warner Music Group, Universal Music and the Recording Industry Association of America (RIAA) in the largest-ever cyber attack. Anonymous went on another spree Monday morning, assuming control of Senator Chuck Grassley’s Twitter account and shutting down the websites of CBS and Universal Music.
Who could do all of this more effectively than the cyber special ops already in place within the government? It’s called United States Cyber Command (USCYBERCOM), led by General Keith B. Alexander.”
johnnysoftwareFeb 23, 2012
It's harder than you make it sound to fully describe a group in one or two simple terms. Not every group or role performs as specified before or after the fact.
In fact, the microprocessor in the computer you are reading this on now has a number of things it does that are at odds with what the data sheet used for marketing and engineering purposes says it does.
o.0
If some guy who says he is part of Anonymous, despite there being no clear membership predicate for the group, steals your account and PIN number from your bank, publishes it, and your bank account gets robbed and your bank will not cover your loss -- is that guy still part of "your" army?
How about if it's not you but your cousin that is victimized?
How about your first grade teacher whom you haven't seen in years and is retired, living on her savings is the victim?
You sure you know who is what?
nygenxerFeb 22, 2012
US gov't should be concerned with blackouts, period. It's far too easy to take out the electric grid as it is today. It needs to be fortified and decentralized with an emphasis on renewable generation.
captaincumshotFeb 22, 2012
Actually, the US electrical grid isn't that reliable at all. It's a tangled mess that is hard to predict or control. Hitting one part of the grid may not take that grid out but could, however, take out any or all grids around it. Our power plant engineers WISH the grid was that reliable...
Think of our power grids as a series of tubes...
ano233Feb 22, 2012
Ah, the NSA's little propaganda campaign spits out another "story". Isn't this the third story in the last few months about how ""Someone" (NSA) has to do something about our infrastructure IT security" And the other two have already been proven to be massive overreactions and outright lies (one sewer plant's pump burnt out from old age not a cyberattack and a train ticketing system was breached, not the track control systems)
philomonFeb 22, 2012
The only blackouts coming will be caused by the inefficiency and out-dated equipment that makes up "the grid". I don't doubt there will be attempts to blame anonymous but then that's the way the game is played.
Create a fear. When something happens, relate it to the fear and blame it on the chosen evil people. Use it to create more diversion while enacting laws, procedures and protocols to remove more freedom and get the people to buy it in order to "protect" them.
anomaly100Feb 21, 2012
I love the NSA drama. Anonymous is not going to take down the Internet. That would be counterproductive since they are trying to save it.
Donuts4UFeb 22, 2012
The most common agenda, if you can find one, is probably "for the lulz" not "save the Internet". Idealists and hackers are separate sets with an undefined overlap.
It does seem that classifying anonymous is starting to change they way they classify themselves though.
anomaly100Feb 22, 2012
That would depend on which faction or cell you're referring to -- as far as the lulz factor is concerned that is.
johnnysoftwareFeb 23, 2012
They're a whoops in random clothing.
johnnysoftwareFeb 24, 2012
I think the Anonymous movement is less of a network overall and more of a wave effect. Think about it. There's no direct communication overall. Things happen and then other things happen in reaction. It's like an inductive field. Inductive logic too. Total trigger-effect, in effect.
Supercritical reaction. Like tossing ping pong balls into a room where the floor is covered with mouse traps. Ever seen that one? Very unforgettable experiment to show how a chain reaction of the nuclear type occurs.
Unfortunately, our computer systems are unstable, numerous, and in close proximity to each other. What does THAT sound like to YOU?
Feynman would have spread them out more, and did the math to show why and how much to do it by. Unfortunately, with computer systems every trend in the past 15 years has been to do just the opposite and not worry about the growing instability problem. We can blame it on someone else and/or charge MONEY for it!
Brilliant. Enjoy the meltdown. This takes the cake for stupidity by people who should know better.
If they did not so many flaws especially the same ones over and over would not be going into their software, and they would ditch the puffy white sleeve collared shirts -- physical or otherwise -- and do the grungy work of pulling bad code out -- or bite the bullet and delete the parts that cannot be cleaned up given reasonable time and cost.
Sometimes you gotta get rid of the mistakes before they get rid of you.
I'm not very sympathetic to Anonymous's actions but I'm not very sympathetic to those whose technical faults Anonymous exploits over, and over, and over again either.
I'm not rooting for either side. I'm rooting for the integrity of the game to be restored and taken back from two teams that are cheating, putting everyone in danger and ripping them off.
It is a sad day when the people squeezed into the stands cannot see the game that is afoot.
anomaly100Feb 25, 2012
The Anons I interviewed said it took 5 minutes to gain entry into Alabama.gov's site. 40,000 residents' sensitive information was there for the taking; including social security numbers, etc. They deleted it. They could have sold it. But they didn't.
Sure, there's always a few in every crowd but what makes them bind together is a common cause.
/end of Anomaly's 2 cents
phoenixtxFeb 25, 2012
LMAO! I got numbers too.
stevanoskiFeb 25, 2012
Doubt she'll care.
phoenixtxFeb 26, 2012
It's all good Steve and Walrus. I and my friends certainly don't have any issues with it. Otherwise, I'll consider the money well spent. I hope it was a waste of time in the long run, but it's always nice to have an Ace in the hole if you know what I'm talking about.
stevanoskiFeb 28, 2012
Sure do
phoenixtxFeb 26, 2012
Hook me up doll! Speak up.
njdoo7Feb 22, 2012
Not to mention that they use the internet as their battlefield, and that the internet is their primary advantage in this asymmetric warfare.
It begs the question...
Why would they take down their home battlefield, specifically the one that provides them an inherent advantage?
anomaly100Feb 22, 2012
Yeah, it would be akin to a soldier throwing his weapons in the nearest river before going into battle.
johnnysoftwareFeb 23, 2012
Depends on all the individuals and if they were omniscient or not.
-_-
Look how many bankers and other industry executives took down their own company, wrecked their own stockholders' value, betrayed their own employees who they saw every week for years.
If you frame things across a broad enough cross section of random humanity, then you might as well ask yourself "would a human being doing this?"
Seems like to that question the answer to just about anything physically possible is "yes". But that still doesn't mean it does apply to the individuals or group in question, just that it could.
Plus, in reality at the same time something is considered a battlefield by some people it's considered anything but by other people. Places and spaces can be more than one thing at one time, particularly when there is more than one person involved.
jacobdisFeb 23, 2012
How do you justify taking down UFC's website over a disagreement on Twitter as "saving the Internet"?
njdoo7Feb 23, 2012
I wouldn't justify it, but point out that Anonymous is not a central organization.
Does anyone here even know it's structure and internal relationships?
or which sub-groups work on which operations?
or if there are groups without any connection to other groups?
or if people carry out operations claiming to be anonymous but aren't?
I don't see how it detracts from what the majority of actions under the banner "Anonymous" stand for.
johnnysoftwareFeb 21, 2012
That is far outside the envelope of what Anonymous has done so far.
Everyone knows the FBI accused a DoD worker at a United States biowarfare lab in a military fortress as being the person behind making the Anthrax spores released by somebody in the wake of the 9/11 jetliner-to-building attacks.
So far, the most destructive thing Anonymous has done is take and publish information/credentials and distributed denial of service attacks.
For years, the latter has been attributed to script kiddies.
The former is what News Corp is accused of doing. But in News Corp's case it was combined with putting political pressure on the very people its workers were caught illegally procuring.
News Corp's leverage was stolen information. News Corp's finances were buffed with stolen information.
News Corp employees in the US was also accused of hacking into computers in order to get information from a competitor.
So why hasn't NSA gone after News Corp hard and for that matter sooner than now. It hasn't expressed public displeasure about News Corp.
It seems like they dislike the criminal, not the crime.
[By the way, I don't think either should be breaking the same laws -- but they are breaking the same laws. With the exception that for News Corp, it is an integral component of their business; crass commercial purposes.]
jivatmanxFeb 22, 2012
News Corp also bribed the police, and possibly the military and other parts of government.
jivatmanxFeb 22, 2012
News Corp also bribed the police, and possibly the military and other parts of government.
Mark_LincolnFeb 21, 2012
Budget cuts are coming! Quick, the threats only we can cure!
The NSA is panicked over Anonymous?
I would suggest that the solution is more security for power plants and the grid.
As is no one is going to take them down with a Low Orbit Ion Cannon.
victorsniderFeb 22, 2012
It is just good thing , that there is more big bad scarey monster that might being hiding in the future . I was worried about tomorrow might be a better time . Please please government save us by spying on anyone that can not be trusted . You know people that did not agree with what your believes are .
ascadianFeb 23, 2012
Problem > Reaction > Solution
"So it works like this: First of all, you create the problem, but you get someone else to be blamed for it. You then report that problem through the media in the way you want it reported – because the media is owned by the same people who own the banks, etc. You get the public to react to your problem by saying, “Something must be done; this can’t go on; what are THEY going to do about it?” And at that point, THEY, who have covertly created the problem, and blamed someone else, who gleaned that reaction of Do Something, then offer the solution to the problems they have created."
This “Problem-Reaction-Solution” technique is not just used to create and control wars, it can be applied to any situation where you want to produce a particular outcome. For example, this technique is currently being used to centralize power in the financial world. It can also be used to introduce new laws that restrict our civil liberties.
So, whenever you see some big news story – whether it be an alleged terrorist attack, a run on a currency, an accidental loss of people’s personal data, an assertion that everyday people are causing “global warming”, or an allegation that some poor country has developed nuclear weapons – the first question you need to ask yourself is this:
“Who benefits from me believing this story?”
Full explanation and video @ http://www.esoterictube.com/david-icke-problem-reaction-solution.html
People are crazy over our internet and won't go down with a fight. Makes sense the NSA would fear monger to get a death grip on our internet.
corinthosFeb 22, 2012
He probably just got done watching Live Free or Die hard then came into work for a briefing about Anonymous.
clitniblr036Feb 22, 2012
Oh, please... Anons do NOT have the level of skill or talent at their disposal to mount that kind of attack. The NSA director is over reacting.
Let's not act like that TSA agent who got into a kerfuffle by patting down a little girl who was thought to be concealing contraband.
brucealmightyFeb 22, 2012
This is one of the most patriotic actions ever. Forget about the annoyance factor....this is about how relatively easy it is to take down the US infrastructure. Just be DAMN glad that Anonymous is a benign actor instead of a hostile.
dachipzFeb 22, 2012
(*Yawns*)... More fear mongering from those whose cushy, overpaid jobs depend on 'keeping us safe'.
laurahoustonFeb 21, 2012
Well no electric thats one way to kill your own computer and solve the concern.
johnnysoftwareFeb 23, 2012
Wait, didn't our Legislature just try to write an Internet "kill switch" -- an 'uber blackout' switch -- into our laws a mere year or two back?
Now, they are afraid anonymous might cause a blackout is tiny in comparison than the one they planned to design into the US Internet themselves?
I'm not an expert on politics but to me this smacks out outright hypocrisy.
I wonder if Jon Stewart will be mulling this over in his show in the near future. 'Kill-Switch-Congress vs. Annoying-Interference-Anonymous' ?
What are we supposed to think is "bad" when the government insists it needs to do something shocking, and then worries that a group of misanthropes might to something similar on a really tiny scale?
For that matter, what is a misanthrope? Can somebody please look it up?
johnnysoftwareFeb 23, 2012
I tracked down a couple articles related to what I said above.
Here is one that gives some particulars about who in the legislature here in the US was begging for a Kill Switch to be installed in the US Internet.
http://digg.com/newsbar/topnews/in_search_of_the_internet_kill_switch
Here is more discussion where the bill's author defends the kill switch legislation as not being kill switch legislation. I didn't totally get what he was saying. It also describes how middle eastern dictators got kill switches for their Internet and abused it and then their populations.
http://www.govtech.com/security/Is-Internet-Kill-Switch-Good-Idea-020711.html
johnnysoftwareFeb 23, 2012
We've had real life blackouts that affected multiple states and even more than one country in the past half dozen years.
Fearing a single group and not speaking directly to the fact you mistrust your own equipment/systems is not very forthright. If all it takes is a rabble of teenagers to tip our infrastructure into the drink, then we have the wrong infrastructure or the wrong teenagers.
We can't get rid of teenagers but we can start attacking the problem of defective equipment and systems today.
johnnysoftwareFeb 23, 2012
When I said "attacking the problem" I meant it in the constructive sense, not like literally attacking it in a destructive way. **
PanjeeFeb 23, 2012
Yeah, and Y2K is gonna cause The End Of The World..
If it's not the role of (folks who work in the name of) the NSA to promote fear... I don't know who else has that task?
deomo899Feb 23, 2012
Maybe this will show the government to not put their complete trust in computers. I could have told them that one.
mrcanardFeb 22, 2012
Please let me submit this link for balance.
http://www.techdirt.com/articles/20120221/23433317835/nsa-anonymous-might-one-day-hack-power-grids-anonymous-huh.shtml
blankmikeFeb 22, 2012
I agree with a number of commenters. I'll add my own $0.02 worth to tie it together.
So far Anonymous hasn't done anything which could considered more than electronic vandalism. It's what I refer to as kid stuff. This is pretty restrained compared to what could have been done. The motives behind their actions are not to inconvenience people or mess up peoples lives (in general). Blackouts would be outside their pattern of behaviour. As it is there have always been points to why they do what they did. What would be the point of causing blackouts?
Regardless of their skill level I'm pretty sure we can all agree the American government is getting paranoid and finding enemies behind every bush and stone.
laurahoustonFeb 22, 2012
Wish America would get one of those good IT guys in those "cyber war" positions instead of one of Bushes military buddies.
http://en.wikipedia.org/wiki/Keith_B._Alexander
jphrFeb 22, 2012
Stupid scaremongering. Probably budget time again and various agencies trying to get a bigger budget next year. The internet is open so if you connect something to it you simply have to take measures. Not taking measures is an open invitation.
Weird to see that in the US it always is presented as a threat to national security. What's wrong with you guys to immediately start searching for monsters under the bed?
juliochavezFeb 23, 2012
Who's "you guys"? You mean Americans? Believe me, the majority of us with an IQ over 70 desperately want to see Homeland Security abolished, along with TSA and other brand new, ineffective and expensive programs. Most of us value our liberty over this ignorant attempt to enhance our "security".
If the 10 largest American cities were vaporized, we would still be America. The recent suspension of Habeas Corpus and increasing rate of imprisonment of peaceful and productive citizens threaten to end our great experiment far more than any "threat to national security" could ever hope to. This is because we are a nation based on ideals, not on fear. This goes for the USA more than any other nation on the face of the Earth.
johnnysoftwareFeb 26, 2012
Well, we wouldn't be if we were in a vaporized city. We'd be vapor.
johnnysoftwareFeb 24, 2012
If I heard about this I would tell my daughter "no more late night drinking with those guys".
Seriously, you won't know the next day anything is wrong.
Those silver tongued devils.
bluenose2Feb 24, 2012
I take it by "silver tongued devils" you mean liars.
profetasrgportFeb 22, 2012
scs
MalindraNovanFeb 22, 2012
I believe....
craig1958Feb 22, 2012
These clowns need to be careful, they could actually hurt someone. Interrupting a portion of the grid would have actual consequences; that is a lot of energy to play with. Doing so on purpose is an excellent way to end up in prison for a very long time.
johnnysoftwareFeb 25, 2012
SCADA systems are not being attacked by Anonymous.
The only credible sounding guesses so far about who was behind the latest great bit of SCADA attacking malware; could have, and perhaps did do it is your own department of Defense.
Don't blame Anonymous or anyone else for what someone else did. You just encourage those who did it before to do it again.
The fact is there is too much low hanging, dogmatically delicious, idealistically appealing, tasty, low hanging fruit right in their reach.
Also, a bunch of these guys seem to have been trained or *were in the process of getting trained!* in computer [in]security by the very people who now maybe are accusing them of lusting after SCADA.
You spend fifty-billion dollars on something, you should get more out of it than egg-based face decorations.
craig1958Feb 25, 2012
I'm not blaming anyone yet. I'm just pointing out that disrupting the power grid is not the same thing as screwing around with a web site; people could die, there would be consequences. I hope this is nothing more than paranoia/exaggeration on the part of the government.
PanjeeFeb 23, 2012
Yeah, and Y2K is gonna cause The End Of The World..
If it's not the role of (folks who work in the name of) the NSA to promote fear... I don't know who else has that task?
PanjeeFeb 23, 2012
Arrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrg... sorry for the fecking double post!
malicexcxFeb 22, 2012
This is propaganda put out by the govt to make the people who know nothing about whats really happening think that Anon is after them, the people. Anon wants to help the ppl, not shut them down. Pure US PROPAGANDA. Thats all this is.
xeromusFeb 22, 2012
Isn't this the concern that anonymous tried to spur a few months back (I don't recall the exact timeframe)? Discussions and actions regarding power grid security are long overdue.
Ouzel7Feb 21, 2012
That would be a bridge too far.
prepublicaFeb 22, 2012
They are linked to the racist-Saudi-Arab-hackers who called for cyber jihad against Israeli sites...
prepublicaFeb 22, 2012
They are linked to the racist-Saudi-Arab-hackers who called for cyber jihad against Israeli sites...
philomonFeb 22, 2012
The NSA? I don't think so
Anonymous? They are linked only to each other.
They hold no government sacrosanct nor do they tolerate the hubris of government officials.
Israel's current regime is guilty of hubris to the extreme.
Even the Israeli people have issue with their government.
Before blaming Anonymous for anything, take a look at your own bias and remove the blinders.
johnnysoftwareFeb 25, 2012
Generalizing but generally true-sounding.
didzis05Feb 22, 2012
I got 2000 Fb Credit from the page bellow.. it really works like a charm.. Try now because tomorrow may be too late... http://bit.ly/wdK3pn
Closed AccountFeb 22, 2012
পানিতে পরিপূর্ন সুপার পৃথিবীর সন্ধান পেয়েছেন বিজ্ঞানীরাhttp://www.statenewsbd.com/?p=2123Comment is buried, click here to see the rest.
climatebeatsFeb 22, 2012
http://soundcloud.com/climate-1 listen to this
asif331Feb 22, 2012
good.. www.cartoon3a2m.webs.com
madonajoeFeb 22, 2012
big problem for net users.
http://socialyup.com