Hmm...
...I wonder if he is cute.
Th Met's e-Crime unit has arrested a 19-year old alleged hacker in Essex on suspicion of involvement with network attacks and denial of service attacks. The statement in full: Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation. The …
...about a month ago, shortly before LulzSec appeared, there was a spat between "Anonymous" factions which was reported here and other places, with contact details for various people leaked by opposing factions. One of those whose details leaked was from Wickford which isn't exactly big.
At a guess, he's been being monitored for a few weeks now.
It may be him, the twitter account is pretty quiet at the moment.
If I were a supposed mastermind hacker, even just doing it for the "lulz", I'd have a dead man's switch on my Twitter account which is timed to tweet some stuff mocking the authorities for their arrest of the wrong guy if I didn't make one of my scheduled check-ins.
Black helicopter because I'm sure it's all a complicated conspiracy, really ;-)
Sick of these twats. Hopefully the next story will be:
"19 year old hacker accidentally trips on way to police cells and dies from head injuries.".
Too much? Maybe, but I'm getting totally pissed off with the amount of times *I* am a victim of these hacks. How the fuck does stealing joe publics data 'stick it to the man'? It ain't the corporations that are hurting. And we all know that whatever sentence the UK hand down will won't be enough after we've wasted shedloads of money on a court case and his future board and lodgings.
Failing his unfortunate demise in custody, hopefully our 'special relationship' will see us extradite him to the US for some real justice. I reckon a day in jail for every person's data they've stolen should do for a start; if the census story is true, that's about 65,000,000 days in jail for starters.
Clearly he's not going to be any kind of mastermind behind the group; he'll just be an expendable fall guy they use to carry out attacks, but hopefully he's dumb enough to have left a trail back to the rest of the group. These fuckers need taking down.
Yup, because stealing an mp3 is exactly the same as permanently exposing millions of innocent people to the risk of ID theft.
I couldn't give a fuck about bringing websites down. I couldn't give a fuck how much money corporations lose as a result, if they're bringing it on themselves with shit security.
But that's not what they're doing. They're putting people like me and you at risk (ok, not you. I'll save you the job of having to come back and smugly regale us with how you're smart enough to never ever put your real data online (...yourself, anyway. Because your data is on all sorts of websites you don't have control over, of course)).
And it isn't a 'few email addresses and passwords'. Once you've got the names, addresses, telephone numbers, date of birth, assorted profile data and possibly credit card details from a few databases that you can cross reference to get a list of confirmable, real data on people, you have enough to apply for legitimate documentation in their name, that could in turn potentially let you open a bank account or do any number of other fun things with their ID.
And if the census thing turns out to be true, then they've got MUCH more personally sensitive data, which may now include details of your kids etc.
Sure, THEY may never use it for nefarious purposes themselves, but if they carry out their threat to release it, it's accessible by all sorts of people that would.
But, yaknow. Meh. It's for the lulz, right?
Don't be an apologist for these scum.
If the census hack has happened... and this guy was involved... both pretty big IFs right now - it's not anything as insignificant as a list of email addresses and passwords. And everybody in the UK who appeared on a census form is affected.
Causing damage 'because you can' isn't sticking it to the man, it is abstract anarchy. If you don't like your political masters then use the system against them - vote them out, stand against them, call them to account for their actions. Hacking systems and then just distributing sensitive personal data is a pointless waste of effort which costs others time and money to mop up after, with a net change of zero...
Why so mad?
I'd be far more annoyed at the people holding confidential data being so comically bad at looking after it.
Also give up on the "If you don't like your political masters then use the system against them - vote them out, stand against them, call them to account for their actions." It's bollocks, you have two realistic choices (with an outside third - a coalition of one of the two plus the third) , they're all controlled by the red tops and, with every passing year, ageing technically illiterate anti youth xenophobes become an ever larger part of the voters.
which I erased with a couple of passes of random data. If a cop asked for the "decryption key", does that mean they could just arrest a hell of a lot of legit techies and other people decommissioning IT equipment in a security-conscious manner- effectively for *not* possessing any terror manuals/CP/whatever (because if guilty, one could fess up and show them the stuff)?
Though it hasn't been abused widely yet. The likely hood of a conviction depends on your presumed guilt, the circumstances surrounding how you got to that stage and how belligerent you are and/or the investigating officers are.
A handful of people have already gone to gaol for not disclosing passwords, from what I remember the circumstances were pretty damning.
Either way, it is a worrying piece of legislation.
Lulzsec are tweeting again. None of them have been arrested. It seems it was indeed the IRC guy (who apparently did take part in DDoS attacks, but not with lulzsec).
The lulz this time are on all the media sites reporting that the 'mastermind' of lulzsec had been caught (not what the police had said at all, but lots of them had that headline!)
They'll only admit it was attacked when they find the culprit (and can prove who it was). Until then they will continue to deny all knowledge.
Meanwhile, the government will go ahead with its plans to enforce prompt disclosure when businesses lose data ... having taken some time to ensure that government arms are excluded from the rules.
> Since when has being accused of something, meant you are guilty?
Arrested and imprisoned, personal details leaked along with accusations to hungry press, Google search results poisoned permanently, and employers refuse to hire you even if the case is still pending. "Innocent until proven guilty" is a lie... welcome to America.
"Lots of suggestions on twitter that the arrested guy was just running their IRC channel, and wasn't a member of the actual group."
Isn't that like saying someone wasnt one of the bank robbers, he just drove their getaway car?
Besides, obviously tey are not going to admit it on twatter if he reall is one of theirs. It's like signing a confession.
I for one am sick of these idiots. It's not a game and it's about time this was brought home to them.
It's more like he ran the bar they planned it in, and I hate to tell you, but it is a game. (That being a reference to game theory.) If people taking care of data had been better at protecting their data and have better policies when reacting and the law was serious about companies and governments losing personal data maybe the game would be weighted more in favour of the authorities.
Just imagine how much has been stolen by people who are doing it for real profit and nobody knows about it, maybe not even the companies that have been breached. These attacks by a bunch of disgruntled channers should act to focus your mind on the real threat.
What came first... Report on Census Hack.. .or... Arrest of Alleged Lulz?
It could have been a Baldric plan to make the account go Hot with pre determined strings being monitored... failing that, they could stick him with it any way.. and he'd have to prove he didn't do it by opening up his data... maybe.
Yes, they are acting against the law and should be located and punished.
Yes, their releasing data may be putting people at risk of identify theft.
But:
If LulzSec can gain access to such data, then there's nothing to suggest that other suitably savvy criminals would be unable to do likewise, and would then exploit such data themselves.
Additionally, the sources of the data may well be unaware of the breach, and even if they were, the would probably refuse to acknowledge it, unless forced to do so.
I'd therefore question whether LulzSec's actions were really creating a substantial increase in the amount of sensitive data in the hands of those wishing to exploit it, but were instead forcing institutions to take data security far more seriously. Surely this is something to be welcomed.