The document also claimed that more than $500,000 had
been charged to credit cards and given to "charities
and revolutionary organizations."
Usernames and e-mail addresses were also released;
people were exhorted to "use and abuse these password
lists and credit card information to wreak unholy
havoc upon the systems and personal e-mail accounts
of these rich and powerful oppressors."
First, a lot of those credit cards belonged to ordinary people, not the "rich and powerful oppressors".
Second, when the credit card owners see the charges, they will dispute them. The credit card companies then will take the money back from the "charities and revolutionary organizations", and hit them with a $15-$30 chargeback fee per card.
To say that this guy was an idiot is an understatement.
He's better known to me and my online pals as "tylerknowsthis", a reference to Tyler Durden and his philosophy of destroying the capitalist system to "free the people." Say what you will about his ideals, his methods and actions are beyond retarded.
Here he is at Defcon in 2004 talking about how they need more "footsoldiers" to "fuck shit up in the streets" - to the point that Priest has to come on stage and denounce violent acts or acts that hurt people. http://video.google.com/videoplay?docid=1269112265902193941 In general he defends the use of violence as the last act of a person who is desperate to defend freedoms for people who didn't ask to be helped. His website HackThisSite is a sort of propaganda and training tool used to entice young black hats to join his cause.
You can find a list of his previous run-ins with the law on his wikiepdia page: http://en.wikipedia.org/wiki/Jeremy_Hammond (My favorite is where he attacked a 70-year-old holocaust denier that was having dinner at a restaurant.... what productive direct action!)
He claims he steals his power, water and internet access and at times squats abandoned buildings and eats "freegan" so he isn't helping the capitalist system flourish. At the same time he kept a part-time computer programming job to make spare cash. So he can keep fighting the good fight against capitalism.
I think he may have still been on probation during the events of the Stratfor hack, so he may be royally fucked by the prosecution unless he too snitches - something he has repeatedly said is the worst thing any good hacktivist can do.
He's one of the longest-running jokes my online friends and I have. His rants against "the system" and hypocritical actions which seem to have little purpose serve to foster flame wars and is frequently banned when people get tired of his shit. He then comes back and threatens to "curbstomp" or "shiv" anyone who disliked or banned him. Basically, nobody but the LulzSec freaks like this guy.
Yet again the same people who try to get away with petty online crime get caught due to negligence, bragging and misplaced trust in other criminals. If only they'd learn that trusting a criminal is probably not a good idea they might not be arrested right now.
edit: In case anyone wants to verify this account (in a WikiLeaks-style full transparency way), here is a brief dump of a public chatroom on a public irc server of his comments. I don't have the entire log, just his comments. http://pastebin.mozilla.org/?dl=1506078http://tinypaste.com/a104418f (it's around 1.8MB)
On March 1, the agents obtained a court order allowing them to use a "pen register/trap and trace" device that could reveal only "addressing information" and not content. In other words, if it worked, agents could see what IP addresses Hammond was visiting, but they would see nothing else.
The FBI describes its device as a "wireless router monitoring device” that captures addressing and signaling information and transmits it wirelessly through the air to FBI agents watching the home. It was installed the same day and was soon showing agents what Hammond was up to online.
I'm curious about this device; it would have to be able to fully decrypt 802.11 frames just to be able to see the layer 3 IP information, so in theory it is able to see all of the traffic but the agents aren't allowed to look at (or use) anything beyond the IPs because that would be considered wiretapping. I have to imagine the guy arrested was technically competent enough to use WPA2 with a fairly strong non-dictionary-word key, yet this device was able to crack that key in a short enough amount of time for this sting operation.
It wasn't clear to me that it was a device that was wireless. They said it was installed.. they called it a wireless router monitoring device, which suggests wireless, but it seems more plausible that they would have installed something physical to listen in on the cable connection (or something else north of the router)... the 'wireless' bit being the transmission of data back to them?
While sup_g may indeed have been a "credible threat," he was in the end no match for the overwhelming federal resources of the FBI agents hunting him down. Over the last month, federal agents staked out his home in Chicago constantly, dug up old police surveillance records, tapped his Internet connection, used directional wireless finders to locate and identify his wireless router, and relied on Sabu back in his New York City apartment to let them know when sup_g went on or offline.
...anything beyond the IPs because that would be considered wiretapping.
But that is exactly what it appears they had the authority to do no?
They wouldn't need to decrypt any packets at all, they could simply look at ARP requests. ARP packets are typically left alone and sent un-encrypted,. otherwise it would be far too difficult to find that router and the client when connecting or re-negotiating encryption keys. Even then, it was indicated that he was using tor, so even if they did decrypt the 802.11 packets, only the header would be in clear-text.
Doing this does not count as wiretapping, as it was ruled to be akin to a dump of phone records, rather than listening on the conversation itself. Yes, they are splitting hairs, but that is how justice has to work.
Huh -- it certainly appears that the FBI had some advanced notice of the Stratfor hack.
I'd be a little irritated if my credit card number was released while the FBI sat back and watched it happen. I'd be a lot more than irritated if I owned Stratfor, and the FBI sat back and watched some people hack my business. (Yes, Stratfor's security was awful. But it's still a crime.)
I'm not a lawyer, but I'm curious -- why isn't the FBI liable for this sort of thing? Surely there has to be some precedent here one way or the other.
Remember this is all situational. I imagine the FBI gets hundreds of tips daily but can't act on all of them without enough mounted evidence to take it seriously. They may have had tips earlier of the attack but they couldn't verify in time.
It always looks worse when you view it in hindsight. If the FBI had enough evidence to work with then they would have done something. Acting early without the evidence they need would have done more damage and not necessarily stopped anything from happening.
"why isn't the FBI liable for this sort of thing? Surely there has to be some precedent here one way or the other."
They have no legally enforceable duty to protect...
". a government and its agents are under no general duty to
provide public services, such as police protection, to any
particular individual citizen...
-- Warren v. District of Columbia, 444 A.2d 1 (D.C. App.181)"
The parties who have something to lose are credit card processors and merchants who could have payments refuted. I'm going to guess processors are pretty happy that its the federal budget paying their security bills and not them.
Given that Sabu is widely regarded as the de facto leader of lulzsec I'm very curious about how the Stratfor attack was planned and undertaken. If, as seems likely, the FBI knew about it before it happened that seems pretty serious. More so, if Sabu originated the idea for the attack and evangelized it to the group that raises the issue of entrapment.
One interesting thing from this was that the FBI couldn't trace him via the Tor network until they had his physical location. Good for Tor, glad to see they are still anonymous.
If I had been him, I'd have put Tor on top of a couple of vpses in some select countries around the world.
That being said, he was reckless and too ideological without considering he wouldn't be furthering his ideals. Its one thing to dump company secrets, its another to dump personal CCs.
Now if I was the FBI, I'd be trying to combine the successful methods of having undercover agents pose as terrorists with a hacker bent. Its the same sort of system, albeit purely digital.
"...the FBI couldn't trace him via the Tor network..."
I honestly think they already knew who he was from his comments - by reviewing Sabu's chat logs they found he had slipped up and identified himself.
I guess what I'm trying to say is, we have no data either way. Tor may be secure, or it may not.
Take-aways seem to be:
1. IRC logs do not contain identifying info - unless you reveal youself
2. IRC active / away status leaks information about your schedule
3. Using multiple identities online works pretty well
4. Trusting criminals = fail
5. Committing federal crimes = fail
The FBI had a pretty solid case against him. By the time they were doing the IP sniffing and identifying Tor nodes, they already had the guy under 24/7 surveillance. It sounds like they were solidifying their case.
If this were hollywood, I bet he would have sensed the surveillance somehow - and tried to make a run for it. But it didn't sound like he had many friends who would have hidden him.
If they _could_ track via tor, I highly doubt they'd tip their hand in such an obvious way. They'd use their tor-tracking abilities to get a suspect, then use this prior knowledge to assist with ordinary evidence-gathering. Or even not use it at all unless the intelligence gained was valuable enough to risk losing that source of information.
Perhaps the official FBI press release on the arrests provides a supplement to the Ars Technica story, showing what is based on independent reporting and what comes straight from the release:
Wait, how secure is IRC anyway? The article states that he trusted Sabu, but didn't he also trust the people who ran the IRC servers plus anybody able to sniff their traffic?
He connected to IRC via Tor overlay. I don’t know what IRC network is Anonymous using, but even Freenode offers native Onion gateway to their network[1].
Everyone of these guys should have been seriously alarmed after that leaked document on Lulzsec/anonymous on pastebin in Jul 2011.
Apparently some of the names published were real (including Sabu's - even though under different nickname).. and he was arrested just month later. If someone in the group would recognize any known real name references, they should have immediately ceased their activities and went undercover, as they should have expected raids!
FBi loves turning caught people to informants to catch the others. It's been that way 10 years ago, when one caught member worked half a year helping to betray the whole warez group, and it seems to be all the same.. FBI is still too lame to advance without informants.
What always confuses me about stories like these is that the guy is always doing it from his basement apartment. Surprise, you got caught. And if you're an exit node for tor, you're going to be under the microscope for something somebody else did.
And if you're hanging out on IRC a little too much, your linguistic fingerprint is probably strong enough to match up to something somewhere else on the Internet with your name on it.
If he really wanted to fight 'the man', he could have gotten a nice cushy job and donated what he made to EFF.
So it would seem that the best defense is to tunnel all traffic from ones home to an IP in another country, if they are tapping a line and checking which IPs you're talking to.
[+] [-] tzs|14 years ago|reply
Second, when the credit card owners see the charges, they will dispute them. The credit card companies then will take the money back from the "charities and revolutionary organizations", and hit them with a $15-$30 chargeback fee per card.
[+] [-] peterwwillis|14 years ago|reply
He's better known to me and my online pals as "tylerknowsthis", a reference to Tyler Durden and his philosophy of destroying the capitalist system to "free the people." Say what you will about his ideals, his methods and actions are beyond retarded.
Here he is at Defcon in 2004 talking about how they need more "footsoldiers" to "fuck shit up in the streets" - to the point that Priest has to come on stage and denounce violent acts or acts that hurt people. http://video.google.com/videoplay?docid=1269112265902193941 In general he defends the use of violence as the last act of a person who is desperate to defend freedoms for people who didn't ask to be helped. His website HackThisSite is a sort of propaganda and training tool used to entice young black hats to join his cause.
You can find a list of his previous run-ins with the law on his wikiepdia page: http://en.wikipedia.org/wiki/Jeremy_Hammond (My favorite is where he attacked a 70-year-old holocaust denier that was having dinner at a restaurant.... what productive direct action!)
He claims he steals his power, water and internet access and at times squats abandoned buildings and eats "freegan" so he isn't helping the capitalist system flourish. At the same time he kept a part-time computer programming job to make spare cash. So he can keep fighting the good fight against capitalism.
I think he may have still been on probation during the events of the Stratfor hack, so he may be royally fucked by the prosecution unless he too snitches - something he has repeatedly said is the worst thing any good hacktivist can do.
He's one of the longest-running jokes my online friends and I have. His rants against "the system" and hypocritical actions which seem to have little purpose serve to foster flame wars and is frequently banned when people get tired of his shit. He then comes back and threatens to "curbstomp" or "shiv" anyone who disliked or banned him. Basically, nobody but the LulzSec freaks like this guy.
Yet again the same people who try to get away with petty online crime get caught due to negligence, bragging and misplaced trust in other criminals. If only they'd learn that trusting a criminal is probably not a good idea they might not be arrested right now.
edit: In case anyone wants to verify this account (in a WikiLeaks-style full transparency way), here is a brief dump of a public chatroom on a public irc server of his comments. I don't have the entire log, just his comments. http://pastebin.mozilla.org/?dl=1506078 http://tinypaste.com/a104418f (it's around 1.8MB)
[+] [-] there|14 years ago|reply
The FBI describes its device as a "wireless router monitoring device” that captures addressing and signaling information and transmits it wirelessly through the air to FBI agents watching the home. It was installed the same day and was soon showing agents what Hammond was up to online.
I'm curious about this device; it would have to be able to fully decrypt 802.11 frames just to be able to see the layer 3 IP information, so in theory it is able to see all of the traffic but the agents aren't allowed to look at (or use) anything beyond the IPs because that would be considered wiretapping. I have to imagine the guy arrested was technically competent enough to use WPA2 with a fairly strong non-dictionary-word key, yet this device was able to crack that key in a short enough amount of time for this sting operation.
[+] [-] famousactress|14 years ago|reply
[+] [-] 3lit3H4ck3r|14 years ago|reply
...anything beyond the IPs because that would be considered wiretapping.
But that is exactly what it appears they had the authority to do no?
[+] [-] cahrens|14 years ago|reply
Doing this does not count as wiretapping, as it was ruled to be akin to a dump of phone records, rather than listening on the conversation itself. Yes, they are splitting hairs, but that is how justice has to work.
[+] [-] gyardley|14 years ago|reply
I'd be a little irritated if my credit card number was released while the FBI sat back and watched it happen. I'd be a lot more than irritated if I owned Stratfor, and the FBI sat back and watched some people hack my business. (Yes, Stratfor's security was awful. But it's still a crime.)
I'm not a lawyer, but I'm curious -- why isn't the FBI liable for this sort of thing? Surely there has to be some precedent here one way or the other.
[+] [-] sneak|14 years ago|reply
The police have no duty to uphold the law or to protect you.
http://www.expeditersonline.com/forum/soapbox/48007-fbi-wrec...
http://en.wikipedia.org/wiki/Sovereign_immunity
The FBI doesn't get to be sued for a bunch of stuff because they claim sovereign immunity.
It's all fucked up.
[+] [-] TheCapn|14 years ago|reply
It always looks worse when you view it in hindsight. If the FBI had enough evidence to work with then they would have done something. Acting early without the evidence they need would have done more damage and not necessarily stopped anything from happening.
[+] [-] clavalle|14 years ago|reply
They have no legally enforceable duty to protect...
provide public services, such as police protection, to any particular individual citizen... -- Warren v. District of Columbia, 444 A.2d 1 (D.C. App.181)"[+] [-] AJ007|14 years ago|reply
[+] [-] xtracto|14 years ago|reply
It seems it is an American custom nowadays.
[+] [-] InclinedPlane|14 years ago|reply
[+] [-] atlasom|14 years ago|reply
If I had been him, I'd have put Tor on top of a couple of vpses in some select countries around the world.
That being said, he was reckless and too ideological without considering he wouldn't be furthering his ideals. Its one thing to dump company secrets, its another to dump personal CCs.
Now if I was the FBI, I'd be trying to combine the successful methods of having undercover agents pose as terrorists with a hacker bent. Its the same sort of system, albeit purely digital.
[+] [-] sounds|14 years ago|reply
I honestly think they already knew who he was from his comments - by reviewing Sabu's chat logs they found he had slipped up and identified himself.
I guess what I'm trying to say is, we have no data either way. Tor may be secure, or it may not.
Take-aways seem to be:
1. IRC logs do not contain identifying info - unless you reveal youself
2. IRC active / away status leaks information about your schedule
3. Using multiple identities online works pretty well
4. Trusting criminals = fail
5. Committing federal crimes = fail
The FBI had a pretty solid case against him. By the time they were doing the IP sniffing and identifying Tor nodes, they already had the guy under 24/7 surveillance. It sounds like they were solidifying their case.
If this were hollywood, I bet he would have sensed the surveillance somehow - and tried to make a run for it. But it didn't sound like he had many friends who would have hidden him.
[+] [-] bdonlan|14 years ago|reply
[+] [-] runn1ng|14 years ago|reply
[+] [-] tokenadult|14 years ago|reply
http://www.fbi.gov/newyork/press-releases/2012/six-hackers-i...
[+] [-] praptak|14 years ago|reply
[+] [-] deno|14 years ago|reply
[1] http://freenode.net/irc_servers.shtml
[+] [-] vizzah|14 years ago|reply
Apparently some of the names published were real (including Sabu's - even though under different nickname).. and he was arrested just month later. If someone in the group would recognize any known real name references, they should have immediately ceased their activities and went undercover, as they should have expected raids!
FBi loves turning caught people to informants to catch the others. It's been that way 10 years ago, when one caught member worked half a year helping to betray the whole warez group, and it seems to be all the same.. FBI is still too lame to advance without informants.
[+] [-] orbitingpluto|14 years ago|reply
And if you're hanging out on IRC a little too much, your linguistic fingerprint is probably strong enough to match up to something somewhere else on the Internet with your name on it.
If he really wanted to fight 'the man', he could have gotten a nice cushy job and donated what he made to EFF.
[+] [-] samstave|14 years ago|reply
[+] [-] icebraining|14 years ago|reply
[+] [-] unknown|14 years ago|reply
[deleted]
[+] [-] kostko|14 years ago|reply