Pay IT staff ~20K
get monkeys and end up with security holes big enough to sail the titanic through.
Anonymous hackers leak Scotland Yard-FBI conference call
Members of Anonymous have released an intercept of a conference call between investigators at the FBI and Scotland Yard during which operations against hacktivist group were discussed. During the 17-minute call – which was released as an MP3 file and distributed on YouTube and elsewhere – investigators can be heard discussing …
-
-
-
Monday 6th February 2012 13:35 GMT Anonymous Coward
rollcall fail
Not the only method to obtain the call recording.. Any one of the attendees could have been on a system with call recorder that could be insecure/exposed, or even the host service might have been recording the call so that attendees could d/l later. So at least n+1 systems that could be responsible...
-
-
Friday 3rd February 2012 17:46 GMT Anonymous Coward
I read somewhere
that the FBI didn't even have email until about a decade after every criminal was using it. I forget where I read that, probably some conspiracy site full of lies.
In times like this I like to reflect on an episode of the animated Dilbert series:
Dilbert: What are you doing?
Dogbert: I'm putting false information on the internet.
Dilbert: Why?
Dogbert: It's fun.
-
This post has been deleted by its author
-
-
-
Friday 3rd February 2012 23:31 GMT Matt Bryant
RE: I LOVE IT....
This is a massive security breach, correct. But it also shows how stupid the Lultwitz and Anonyputzes are - you should NEVER give away the news that you have an inside source or access! What complete idiots! Professionals would keep schtum and mine the source for as long as possible, but the FBI and Met will now review security, check for leaks and plug any security holes, removing any advantage the tw@ivists might have had. So all this bragging does is reinforce the idea that these are just skiddiots playing at being big, bad haxors.
-
Saturday 4th February 2012 18:13 GMT Anonymous Coward
@Matt
"[they] will now review security, check for leaks and plug any security holes, removing any advantage the tw@ivists might have had."
That's what sensible organisations would do (better late than never, a mistake is an improvement opportunity, etc).
We're talking about the FBI and the Met here.
What are the odds?
-
Saturday 4th February 2012 18:32 GMT DF118
Or...
....they never had unfettered access in the first place, and all they ever had was a leaked email with the conference call sign-in details, presumably given to them by some sympathetic peon who happened to have them pass through his/her hands as part of their administrivia-based employment for either the Met, the FBI, or either of their comms providers.
-
Sunday 5th February 2012 11:32 GMT Anonymous Coward
FBI and Met vs two factor authentication.
If anyone who really cared about security was setting up a con-call between two self-important over-rated security agencies of questionable competence, wouldn't they perhaps want some kind of two-factor security? Something the participant knows (the email details) and something the participant has (a challenge/response mechanism of some kind)?
Maybe someone will invent something like that one day.
-
-
-
-
Monday 6th February 2012 14:35 GMT PatientOne
@Matt Bryant
Or this is smoke and mirrors.
They may never have had access, but claim to have had to distract the FBI from where this recording actually came from. For all we know, this could have been discovered on some retired bit of equipment they skip-dived. They might have been given it by someone inside one of the groups involved in the call. They might have ghosted the call and recorded it due to lax security.
Still, wonder how long it'll be before the FBI/Met go kicking some doors down and make some arrests.
-
-
Friday 3rd February 2012 18:04 GMT pPPPP
Most people seem to have this idea that emails are secure, and only the sender and recipient can read them.
It's made worse by the "encrypt" button in email clients like Lotus Notes. People assume that only the recipient, in another company can magically decrypt it.
Too many people are ignorant, and think that owning lots of consumer electronics makes them technically competent.
-
Sunday 5th February 2012 22:45 GMT CHRoNoSS
tip for you
encrypt your message with two types a encryption before you use the email program and just attack it and hten encrypt again....
might help stuff like the carnivore and echelon and hte new program they use and those hundreds a pcs they have decrypting your messages get painfully slow when we all do it
SO after a decade of hackers is the net actually a bit safer? Have you learned to be safer and keep your data safer ? HAVE YOU?
-
-
-
-
-
Sunday 5th February 2012 02:32 GMT Anonymous Coward
Errrm..
Only the one by Castle Market was shut (KFC, Greggs & No 1 Chinese buffet offered cheaper food)
The one in the train station is thriving alongside M&S, Upper Crust and other high-end establishments..
Anon coz i stil have to live there for a year and everyone would be on my case 8 while 5!
-
-
-
-
Friday 3rd February 2012 19:35 GMT Anonymous Coward
I can just imagine the call
1. Read email detailing time and dial-in number, along with passcode.
2. Use Skype to dial in.
3. beep "??? has joined the conference" (read this part in the sexy robo-operator lady voice)
4. Yeah, er random-law-enforcement-agency guy here"
5. Profit???
Conferencing hardware / software is so shabby and delicate. People are constantly getting disconnected. Law enforcement types not being the most technically adept bunch. I can easily imagine how one might just just slip right in.
-
Sunday 5th February 2012 17:46 GMT Anonymous Coward
In my experience, just join first
You don't seem to get any kind of rundown of who's already connected when you join, hence the annoying start of every phone conference of "Who are we waiting for?", "Is everybody here?".
Thus if somebody connected say 20 min. before the meeting (or possibly only 2min given that these are Government) and kept their mic muted, I doubt anyone could know.
Though even if they did join late, it is rather unlikely they'd notice or remember.
On top of that, there's no way to eject people if you realise they shouldn't be there!
The thing that people tend to forget is that pretty much all these dial-in conference systems are just as secure as saying "We'll meet blindfolded in this cafe to discuss the secret things".
The pin is the name of the particular cafe, and there's a chime on the door so you can hear when people enter and leave, but you've no idea who is there already.
There are very few companies that would accept doing that.
-
-
-
-
-
Thursday 9th February 2012 13:28 GMT Is it me?
Or
The conferance host always uses the same chairman and participant codes and publishes both in the eMail invite.
Which means anyone else he's used it with knows it, which leads to fun, I've been on calls where a participant dials in as the chairman forcing the chairman to dial in as a particpant, he never commented on it.
Other gems are that when someone leaves, they just transfer the numbers to someone else. When a senior sales person leaves, they don't change all the codes in the sales team so it is not unknown for sales people to dial into their old companies to see what's going on.
And usualy no one challenges blanck call identifiers.
-
-
-
-
Friday 3rd February 2012 23:49 GMT Anonymous Coward
For those asking about the access code, it was 6513211#
The point is if you send an email with the time and date of such a call, along with the access code to around 40 different people around the world (which is what was done) and the email server of one of the recipients in compromised, then it does not matter how complicated the PIN is. Grep'ing certain names or keywords makes finding such emails easy.
-
-
Sunday 5th February 2012 22:45 GMT CHRoNoSS
THE TRUTH
I can verify that this is not gov't types pretending to be hackers, i can verify that there own networks and communications are compromised....and ya can't chang that system cause to do so will cost huge bucks, BUCKS the usa don't have.....nor does britain...
remember remember the 5th of november.....
http://www.uha1.com/15-mug.jpg <----- a little reminder from ten years or so back
-
-
Saturday 4th February 2012 09:16 GMT Anonymous Coward
It feels appropriate and opportune to haul this out for another airing
Davos, Switzerland. February 8, 1996.
Full text at wherever your google search delivers you.
"Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather.
...
You have no moral right to rule us nor do you possess any methods of enforcement we have true reason to fear.
...
You do not know our culture, our ethics, or the unwritten codes that already provide our society more order than could be obtained by any of your impositions.
"You claim there are problems among us that you need to solve. You use this claim as an excuse to invade our precincts.
...
"Your legal concepts of property, expression, identity, movement, and context do not apply to us. They are all based on matter, and there is no matter here.
...
"You are terrified of your own children, since they are natives in a world where you will always be immigrants. Because you fear them, you entrust your bureaucracies with the parental responsibilities you are too cowardly to confront yourselves.
...
"These increasingly hostile and colonial measures place us in the same position as those previous lovers of freedom and self-determination who had to reject the authorities of distant, uninformed powers. We must declare our virtual selves immune to your sovereignty, even as we continue to consent to your rule over our bodies. We will spread ourselves across the Planet so that no one can arrest our thoughts.
"We will create a civilization of the Mind in Cyberspace. May it be more humane and fair than the world your governments have made before."
-
Saturday 4th February 2012 11:37 GMT Sean Timarco Baggaley
Yeah, an "Irresponsibility Manifesto". That'll work.
Let's see how long that idiotic "cyberspace" concept lasts when nobody's paying for the internet's infrastructure. Or do you think the internet runs on sunshine and rainbows too?
Someone's paying for the electricity—you know, the stuff that most countries have to create by burning fossil fuels or some other equally nasty source of energy. The same stuff that has been the cause of wars throughout the planet. The internet has done fuck all to reduce the developed world's appetite for energy—quite the opposite, in fact—so feel free to explain how you're going to run your Neverland on windmills and sunlight when there's no wind and it's the middle of the night.
Someone is paying for the physical connections, the routers, the servers, and all their maintenance too. In most cases, that "someone" is capitalism. People want email and access to the world-wide web for a reason, not just because it's there. Modern businesses cannot function without internet access now.
Where do you think most of your internet tools—the World Wide Web, FTP, email, etc.—were invented? In someone's spare bedroom? No: they were invented in government-funded research labs. You don't get to have it both ways: these are tools created by governments, so if you want to turn around and bite off the hand that fed you, you have no right to complain about the consequences.
All those "someones" are actual people, in the real world, who have every right to a say on how that money is spent.
As for "Your legal concepts of property... do not apply to us. They are all based on matter, and there is no matter here." Seriously?
So you won't mind if I hack into your bank account and cut and paste all your money into mine, leaving you destitute and living on the street, without any means to pay for your internet habit?
No? So you DO have a concept of "property" then!
The Internet is a fucking communication's network. That is all. Get over yourselves.
-
Sunday 5th February 2012 09:49 GMT TheOtherHobbbes
No, I think
"capitalism" runs on sunshine and unicorns and making shit up for profit and stealing from people who can't fight back.
Do you think Bill Gates got rich by writing good software? Do you? Really? Huh?
The Internet, meanwhile, runs electricity and *brain power.*
In case you haven't noticed, quite a lot of the software that makes it work was developed by people for free. Quite a lot of the rest fell out of government-funded (oh, the horror...) research programs.
And as for the electricity - if it weren't for loud fundamentalists like you and the political interference of idiot energy corporations genuflecting to the all-powerful god of 'free markets - if, in fact, we did proper rational planning and foresight and strategy as a culture, instead of leaving planning to coke-snorting barrow boy traders and peri-menopausal executives - energy would be cheaper, more reliable, and less in need of military support.
But we don't.
Which is why we still have people like you yelling loudly and irrationally that this fiasco is some kind of win for our species, instead of the epic and hugely embarrassing fail that it really is.
-
-
Tuesday 7th February 2012 01:01 GMT Matt Bryant
RE: CHRoNoSS
"WRONG we paid for it...." Really? Please do account for what overwhelming amount of taxes you have personally paid that you think gives you the self-imposed right to tell the rest of us what to do?
".....NOT 1% elite....." More of the "we are the 99%" rubbish, sprouted by the tiny 0.00001% minority.
"....you think all that money means anything to me ?..." I think you don't have any, which is obvious by your ranting about "elite" and money in the first place.
-
-
-
-
Saturday 4th February 2012 14:43 GMT httpss
I am minded to consider
that a hollywood cabal is seeking to control internet usage in a way that no government has yet managed.
To sieze persons and property outwith their national boundaries by having the FBI act on their behalf, who,in turn, activate overseas law-enforcement by proxy e.g. NZ recently.
The recurring hacks visited by the Anonymous collective and aimed at such old-world entities, are not so much a shot across the bows of those who seek control of the free internet, as a massive firework display which says 'you can not control us but we can shaft you with impunity', or words to that effect..
viva Anonymous
-
Tuesday 7th February 2012 01:18 GMT Matt Bryant
RE: I am minded to consider
"....we can shaft you with impunity...." Yeah, tell that to Ryan Cleary, Matthew George, Jake Davis, and those are just the ones old enough to be named, most of the Anonyputz skiddies caught have been just that, minors. I hear Kevin Mitnick, Rafael Nunez, Robert Butyka all thought they were uncatchable too.
-
Monday 6th February 2012 12:02 GMT Magnus_Pym
Good to know the Met have their finger on the pulse
I wonder if they even know where Sheffield is. They appear to show a marked lack of knowledge, concern or respect for the world outside the M25. They appear to show a marked lack of knowledge, concern or respect for the world of online security.
Perhaps it's true what they say about London weighting: Wages weighted + 25%, IQ requirement weighted - 50%.
This topic is closed for new posts.
Biting the hand that feeds IT
