Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Inner World of Gov-Sponsored White-Hat Hacking

samzenpus posted more than 2 years ago | from the good-guy's-bad-guys dept.

Government 146

romanval writes "Anonymous leaked emails of white-hat hacker firm HBGary shows how it develops and markets products to government agencies. From the article: 'In 2009, HBGary had partnered with the Advanced Information Systems group of defense contractor General Dynamics to work on a project euphemistically known as "Task B." The team had a simple mission: slip a piece of stealth software onto a target laptop without the owner's knowledge. They focused on ports—a laptop's interfaces to the world around it—including the familiar USB port, the less-common PCMCIA Type II card slot, the smaller ExpressCard slot, WiFi, and Firewire. No laptop would have all of these, but most recent machines would have at least two.'"

cancel ×

146 comments

Sorry! There are no comments related to the filter you selected.

I'm a little teapot, MOTHERFUCKER (-1)

Anonymous Coward | more than 2 years ago | (#35259700)

And a teapot _always_ gets first post!

Re:I'm a little teapot, MOTHERFUCKER (-1, Offtopic)

Alex Belits (437) | more than 2 years ago | (#35260034)

I'm a little teapot

No, you are not.

Re:I'm a little teapot, MOTHERFUCKER (-1)

Anonymous Coward | more than 2 years ago | (#35260092)

Am so

Re:I'm a little teapot, MOTHERFUCKER (0)

Anonymous Coward | more than 2 years ago | (#35260992)

No, you are a LARGE teapot. And for the sake of everyone's eyes please pull up your pants when you are outside. Get some suspenders or something.

Re:I'm a little teapot, MOTHERFUCKER (0, Offtopic)

somersault (912633) | more than 2 years ago | (#35260514)

But look good sir, he is short and stout! Behold his handle.. and there his spout!

Re:I'm a little teapot, MOTHERFUCKER (0)

Anonymous Coward | more than 2 years ago | (#35261026)

And if you tip me over, will I not pour out?

Re:I'm a little teapot, MOTHERFUCKER (1)

Securityemo (1407943) | more than 2 years ago | (#35261174)

Just not on my carpet; on my neighbors carpet if you will. I have work and guests to attend to, and he's a sorry old man-crone, not to mention poor. And I suspect he steals my newspaper on Saturdays sometimes. Just don't tell him I said that, or our many affairs and conspiracies will go sour.

Re:I'm a little teabag, MOTHERFUCKER (-1)

Anonymous Coward | more than 2 years ago | (#35260124)

Teabagging yo mama.

Black hat not White (5, Insightful)

Anonymous Coward | more than 2 years ago | (#35259720)

A 'White Hat' hacker is someone who aims to improve security; HBGary are aiming to take advantage of exploits in order to hack into computers, for mining personal information. They are most definitely 'Black Hat'.

Re:Black hat not White (5, Funny)

Purist (716624) | more than 2 years ago | (#35259828)

The work was being done for a government agency. White Hat.

:-)

Re:Black hat not White (5, Insightful)

phunster (701222) | more than 2 years ago | (#35259876)

Richard Nixon said "If the President does it, it is legal." We all know how that worked out for him. It sounds like you are substituting "government agency" for "President." No one is above the law, not a President, and not a government agency. Black Hat is Black Hat no matter who is doing it, or who they are doing it for.

Re:Black hat not White (1, Interesting)

Securityemo (1407943) | more than 2 years ago | (#35259884)

So hacking into the government systems of an oppressive government in order to cause it damage somehow as part of a larger campaign to topple it without invading and killing lots of people would be "evil"?

Re:Black hat not White (5, Insightful)

Divide By Zero (70303) | more than 2 years ago | (#35259976)

It's nothing to do with "good" or "evil", it's what you do with the results. If you hack, say, Hamas, and then use that information to your advantage, you are Black Hat. If you hack Hamas, then walk in through their front door with a report of how you owned them (pwned, pwnz0red, whatever) and how they can fix their systems, you are White Hat.

White Hat can be "evil", Black Hat can be "good". Value judgments are independent of the definition - are you there to improve bad security or exploit it?

Re:Black hat not White (4, Insightful)

Corbets (169101) | more than 2 years ago | (#35260586)

It's nothing to do with "good" or "evil", it's what you do with the results. If you hack, say, Hamas, and then use that information to your advantage, you are Black Hat. If you hack Hamas, then walk in through their front door with a report of how you owned them (pwned, pwnz0red, whatever) and how they can fix their systems, you are White Hat.

Not quite. If they REQUEST that you "hack" them and you do so, you're a white hat. If you do it without being asked, then you're a black hat. Walking through the door later is a CYA technique only.

Re:Black hat not White (2)

Securityemo (1407943) | more than 2 years ago | (#35260724)

From a cynical perspective, yes, but it could also just be a person who is naive about not being considered a threat or a target of a lawsuit regarding cleanup fees.

Re:Black hat not White (1)

eggled (1135799) | more than 2 years ago | (#35259990)

Yes. Albeit the lesser of two evils, and infinitely preferable in the scenario you propose.

White hat hackers tend to work "for the good of all". Black hats exploit weaknesses to subvert protective measures for their own (or their organization's) benefits. The goal of white hats is to close security loopholes. Black hats exploit those loopholes.

Re:Black hat not White (5, Insightful)

Jeremiah Cornelius (137) | more than 2 years ago | (#35260816)

HBGary is Black Hat. And Mercenary. They are a boot on the neck of the American people.

Is torture "White Hat Interrogation" when done by the US, as opposed to the former DDR?

No. Only if your name is Rumsfeld, Gonzalez or Yoo, would you disagree.

HBGary is a fascist tool - more akin to the "Ministry of Information" of Brazil [wikimedia.org] , than any recognisable "White Hat" group - say Rapid7 [wikimedia.org] .

HBGary trades in 0-Days for profit, to organisations which act without regard to Constitutional provisions. They advertise tools and methodology to conduct PsyOps and openly advocate methods to subvert the democratic properties of modern public communications channels.

HBGary colludes with insiders to use Government power to cement corporate advantage over the interests of the citizens and tax-payers of the United States, in the name of "national security".

They are a fraud and a blight on the purported claims of a free and open society. Like in the movie "Brazil", the methods of Mr. Barr have identified individuals in error. In the age of Abdulrahman Zeitoun [guardian.co.uk] and Bradley Manning, the consequences are quite possibly as dire for those individuals, as they were for Mr. Buttle and Sam Lowery.

Re:Black hat not White (2)

russotto (537200) | more than 2 years ago | (#35260366)

So hacking into the government systems of an oppressive government in order to cause it damage somehow as part of a larger campaign to topple it without invading and killing lots of people would be "evil"?

No, but it would be "black hat" by the computer security definition.

HBGary seems to me to be in the same ethical position as any weapons manufacturer.

Re:Black hat not White (0)

Anonymous Coward | more than 2 years ago | (#35260968)

This being reality and not some fairy tale where the US gov't goes after "evildoers", yes, "evil".

Re:Black hat not White (1)

Securityemo (1407943) | more than 2 years ago | (#35261074)

I didn't say it necessarily was the US government who'd run the campaign.

they take knolwedge form black hats (0)

Anonymous Coward | more than 2 years ago | (#35260240)

and this hat or that i am hacker, the terms you give me or others is a joke. REAL hackers never work for the govt, those people are security people like cops. END OF STORY

Re:they take knolwedge form black hats (1)

Securityemo (1407943) | more than 2 years ago | (#35260280)

Terms, no matter how loaded with power and prestige, are irrelevant generalizations. Life is not a game of Shadowrun, just something very similar.

Re:they take knolwedge form black hats (4, Interesting)

Jeremiah Cornelius (137) | more than 2 years ago | (#35261062)

Ahhh... Let's cook-up another "Twitter Revolution".

"But for a defense contractor with ties to the federal government, Hunton & Williams, DOD, NSA, and the CIA - whose enemies are labor unions, progressive organizations, journalists, and progressive bloggers, a persona apparently goes far beyond creating a mere sockpuppet.

According to an embedded MS Word document found in one of the HB Gary emails, it involves creating an army of sockpuppets, with sophisticated "persona management" software that allows a small team of only a few people to appear to be many, while keeping the personas from accidentally cross-contaminating each other. Then, to top it off, the team can actually automate some functions so one persona can appear to be an entire Brooks Brothers riot online."

http://www.dailykos.com/story/2011/02/16/945768/-The-HB-Gary-Email-That-Should-Concern-Us-All [dailykos.com]

Re:Black hat not White (1)

gmuslera (3436) | more than 2 years ago | (#35260556)

So if that activities ended in a blood bath somehow, would end being called Red Hat?

Still, probably from which government was that agency will change the color of the hat too.

Re:Black hat not White (1)

Securityemo (1407943) | more than 2 years ago | (#35260732)

Or a Redcap [wikipedia.org]

Re:Black hat not White (2)

AftanGustur (7715) | more than 2 years ago | (#35261200)

The work was being done for a government agency. White Hat.

:-)

By that definition the Chinese hackers that were involved in Operation NightDragon [infosecisland.com] were probably also "Wiite hats"

Re:Black hat not White (1)

Purist (716624) | more than 2 years ago | (#35259866)

It seems nefarious in nature, but the techniques used to accomplish the task (for the government customer) are used to understand how to PREVENT similar attacks as well as perpetrate them. Maybe we could call this "Gray Hat".

P

Re:Black hat not White (3, Informative)

Anonymous Coward | more than 2 years ago | (#35259874)

It's very simple. Once you discover an exploit in someones code, you can choose to either inform them so they can fix it (White Hat) or withhold the discovery for personal gain (Black Hat).

black, white, gray... (3, Informative)

DEmmons (1538383) | more than 2 years ago | (#35260238)

It was my understanding, gleaned from sources including the good old Jargon File, that one of the most agreed upon standards for hat color definition is a combination of permission and intention:
  • White Hats are hired or are granted permission to attempt to crack a system's security by the owner(s), usually for the purpose of auditing security, discovering vulnerabilities, and understanding how to fix or minimize them.
  • Gray Hats crack security without authorization, but have no ill intentions once they succeed. These are either practicing their art for practice's sake, doing the owners a favor (unsolicited) by letting them know where the vulnerabilities are so they can fix it, or most likely both.
  • Black Hats crack security maliciously, for a wide variety of reasons - some personal, some financial, and some political. They intend to steal, vandalize, or otherwise harm the owners. Self-styled hacktivists may be an exception to some as they have intentions that they may believe are good, but in general fit here because they have niether the permission nor the intention of doing any good for the system's owners. This is probably the case for Cyber Warriors as well - those who are cracking security by order from their government, as soldiers in an online (but very real) war, or as spies. in these cases, it could mean that even a black hat isn't necessarily evil - and anyway, determining good and evil are probably outside of the scope of the discussion.

This is, of course, not the only way in which these terms are used, and they do in fact derive from the old spaghetti western convention of good guys in white cowboy hats, and bad guys in black. Technically, HBGary in TFA was not asked to do any form of cracking, just to develop tools and strategies. These tools, of course, were obviously for government-sanctioned attacks, and would have ended up in the hands of cyber warriors / spies. In use, it would probably qualify as a black-hat operation, although ostensibly for the cause of good if the ultimate goal is to thwart terrorists (though it must be kept in mind that many terrorists believe they are on the side of good. it's a strange world).

Re:black, white, gray... (1)

Anonymous Coward | more than 2 years ago | (#35260498)

For most, (I was one) this is a decision which is made in an instant, and the only guidance is how you were brought up.
I was faced with whoops I have root. I quickly noticed there was NO FIREWALL and all files were open and exposed and nobody had been logged on for a month or more. There were numerous binaries, after fighting everything off, getting a firewall up, and doing a virus scan, I couldn't find a rootkit. (Although I didn't have authorization, I fixed the problem because I knew the owner on a personal level, I then turned it to em) I like people and I know a lot of people like this. Anyway...

Which lead to other problems and disruptions with my business, but... back to the split second "your upbringing" decision. (I have since had many such encounters, and I can't believe how stupid the mistake(s) is.)

Are you willing to persist with slow retarded negative reactions to try to help someone who will certainly suck a lot of your time and resources?
Can you fix it "correctly" right now? wget file, edit settings, paths and make it all behave, install file
Do you simply take a note for future survival.
Safely (or not) openly suggest it somewhere that everyone should check a, b, c..
Have you sworn an oath to something else besides the US Constitution and protecting the president (brevity, lookup oaths)
Rather spy?
Learn?

The real problem I see here is the bigger picture. All this paranoia intelligence net is sucking the life out of American's productivity, trust, and leverage, it can't be sustained. This is nuts, either you get it or you don't. The light switches are being turned off on us US Citizens, but not the establishment government or officials.

Last year I told you how the Senators and officials have turned the switch on feedback or any dialog on the American people.

Today I point out, as the establishment is cleaning it's tracks up using time as a weapon, when you contact officials, (say using email) your reply is a template steered, machine generated, personalized tuned response. That isn't dialog, it's police state bullshit.

And I also point out in addition, (although it's been going for years) how when one official on one state's decision effects someone in another state, to (even contact via email) that official (who requires a bunch of personal information on a form template which is then exploited for the final filtered official response) ; *THE decision* is made by comparing address with district and if it doesn't match, the whole turd is dumped + Please help us get re-elected spiel.

I rather have their top 1000 foreign and corporate influences list.
Then when the town hall meeting comes along, boom.

Re:black, white, gray... (1)

ciabs (1972918) | more than 2 years ago | (#35260526)

Shred like Yngwie Malmsteen with truth
and restore the dialog

(fixed it)

Re:Black hat not White (2)

DavidTC (10147) | more than 2 years ago | (#35260636)

Actually, the distinctions are:

white hat - attacks with permission(Or attacks own computer.), informs target/manufacturers afterward of security holes and how to fix, if they see a way
gray hat - attacks without permission, informs target of hole and how to fix afterward. Often, these are hackers who noticed a security flaw by accident in someone else's system and were unable to get them to fix it, so does this to force them to, often by causing them public embarrassment but little or no damage.
black hat - attacks without permission for some other purpose, not only does not inform target of how to how to fix, but often does not want target to know they were compromised.

And this is definitely black hat stuff this article is talking about.

Re:Black hat not White (1)

ciabs (1972918) | more than 2 years ago | (#35260776)

attacks != oop's I have root; your use of the base word "attack" is false terror

Re:Black hat not White (1)

DavidTC (10147) | more than 2 years ago | (#35260988)

What the hell are you talking about? I didn't say that 'attacks == oops I have root'.

Someone who accidentally has root is not an attacker or a hacker in any sense.

If, after accidentally getting root, and being unable to get the server owner to do anything about it, he replaced the original web page with one explaining how the server was insecure, he'd be a 'gray hat hacker'.

Although, strictly speaking, if he ends up 'exploiting' a security flaw entirely by accident, he isn't really a 'hacker' at all, anymore than he'd be a safecracker because he noticed a safe is unlocked. He's just a 'gray hat person'.

Re:Black hat not White (0)

ciabs (1972918) | more than 2 years ago | (#35261016)

Bullshit, then remove the letters "attack*"

Re:Black hat not White (1)

ciabs (1972918) | more than 2 years ago | (#35261056)

You used the word attacks in all options
I know you "can't remove it" on slashdot.

But get what I'm saying here.
I get if you would want to retract it.

The description sucks.
But so does fear

Re:Black hat not White (1)

Securityemo (1407943) | more than 2 years ago | (#35261052)

Hair-splitting it like that amounts to using what should be a label of moral/ethical behavior as a title of prestige.

Re:Black hat not White (1)

ciabs (1972918) | more than 2 years ago | (#35261066)

Someone who accidentally has root is not an attacker or a hacker in any sense.

Actually, I think your full of it now. Enough lies.

Re:Black hat not White (1)

ciabs (1972918) | more than 2 years ago | (#35261082)

u persist using the word attack

Re:Black hat not White (1)

ciabs (1972918) | more than 2 years ago | (#35261094)

that's right sleep mode

Re:Black hat not White (1)

Securityemo (1407943) | more than 2 years ago | (#35261024)

Not really, it's still intrusion. Complexity and aggressiveness of the attack doesn't matter much, not to non-tech people at the least. Just look at McKinnon.

Re:Black hat not White (1)

GerardM (535367) | more than 2 years ago | (#35259910)

The original story at Ars Technica is called "Black ops: how HBGary wrote backdoors for the government". The person who submitted the story is not colour blind...
Thanks,
          GerardM

Re:Black hat not White (4, Interesting)

Blue Stone (582566) | more than 2 years ago | (#35260148)

I guess here at /. the 'editorial' policy is to provoke discussion regardless of the intellectually dishonest manner that's used. Summaries and titles that distort the original article seem to be more and more prevalent in order, I'd take a wild guess at, to provoke comments.

Ladies and gentlement, we are being trolled by the management.

A sad state of affairs.

Re:Black hat not White (1)

Securityemo (1407943) | more than 2 years ago | (#35260166)

As long as it's consistent it isn't so troublesome. This is a discussion site after all.

99.7% of stories by samzenpus are overhyped... (1)

denzacar (181829) | more than 2 years ago | (#35261032)

That's his "style". Why do they let him out of "idle" section is beyond me.

Pretty soon all "editors" will concentrate more on hype than on anything else, and summaries will have all the quality and integrity of io9 posts.
Just wait and see... Soulskill is already somewhat of a samzenpus-lite.

Re:Black hat not White (0)

Anonymous Coward | more than 2 years ago | (#35259924)

A 'White Hat' hacker is someone who aims to improve security; HBGary are aiming to take advantage of exploits in order to hack into computers, for mining personal information. They are most definitely 'Black Hat'.

But working for "our" side.

The world is full of bad people, and infiltrating their organization/s to gain intelligence and insight into what they're planning on doing is often messy.

Re:Black hat not White (0)

Anonymous Coward | more than 2 years ago | (#35259940)

The designations 'White Hat' and 'Black Hat' are apolitical. If you are exploiting code to hack into computers, you are black hat.

Re:Black hat not White (1)

Securityemo (1407943) | more than 2 years ago | (#35259958)

Okay, so you can be a black hat and still a good guy then. Problem is, the descriptions are not used in an amoral sense, so it becomes a bit contradictory.

Re:Black hat not White (0)

Anonymous Coward | more than 2 years ago | (#35260152)

why do you assume you are the good ppl?

Re:Black hat not White (1)

Securityemo (1407943) | more than 2 years ago | (#35260198)

I trust my own morals. But it evidently becomes complicated when "I" becomes "We". I think I'm the kind of person who has a really limited or absent sense of "we", though, but I seem to get along fine by just cooperating with people in life. Why do people have to complicate things such that a "group" becomes "social"? It might sound crazy, but I can't explain it better.

Re:Black hat not White (1)

schwinn8 (982110) | more than 2 years ago | (#35261384)

Still, the question above applies... why do you think your morals are necessarily "good"? For all we know, you could be a terrorist who thinks that what he/she is doing is "good" (you do realize they think they are doing a good thing, according to their morals). But, as you can see, your moral basis doesn't mean that it is good for anyone else or society as a whole. For this reason, good/bad MUST be considered socially / as a group, or as all of human-kind/earth-kind. Bottom line, just because you (or the hackers) think they are doing good, doesn't make it so. Hence, the above distinction for black/gray/white stands.

Re:Black hat not White (0)

Anonymous Coward | more than 2 years ago | (#35259936)

Indeed. Keeping a stock of 0-day exploits is morally reprehensible and perfectly deserving of that term. As if selling our security for personal gain wasn't bad enough, they are aiding a government which is actively violating the very principles and constitution upon which the country was founded. That is worse than 'Black Hat', that is deserving of 'Traitor'.

Re:Black hat not White (5, Insightful)

Anonymous Coward | more than 2 years ago | (#35259960)

No HBGary belongs to a completely new category of hackers. Neither 'black hat' not 'white hat', but 'ass hat'

Re:Black hat not White (0)

Anonymous Coward | more than 2 years ago | (#35260038)

Dude, whoever you are, you are clearly trying to push this term on all boards/things hbgary related. Give it up, you are boring me already.

Re:Black hat not White (1)

Securityemo (1407943) | more than 2 years ago | (#35260602)

It could be Aaron Barr himself using a "persona" to "spark a verbal braul" to "bring the discussion into the public eye"? :3

Re:Black hat not White (0)

Anonymous Coward | more than 2 years ago | (#35261258)

+1

Why "White hat"? (5, Insightful)

Goglu (774689) | more than 2 years ago | (#35259752)

Why would this qualify as "white hat"? Because they sell their solutions to corporations? Corporations are often no better than the mafia: check how well established and still active corporations helped bring Hitler to power.

What would it be called if they sold their solutions to the "legitimate" government of Saudi Arabia? Or to Hamas (who was elected as the representatives of the Palestinian people)? Would it still be "White hat"?

I propose that "White hat hacking" be reserved only to those who use their skills for the good of the community as a whole. Just my 2 cents.

Re:Why "White hat"? (1)

Gaygirlie (1657131) | more than 2 years ago | (#35259810)

Indeed. Some people, most notably samzenpus, apparently think it's white hat hacking when it's a company or government doing the hacking. But that obviously isn't the case. White hat hacking is really about people who do the hacking in order to improve security and to help people whereas in this case it is perfectly clear neither the government or HBGary has any intention of helping anyone except themselves.

Throwing a rootkit on someone's laptop without that person knowing about it and with the intention of allowing them unrestricted access to the laptop ever after is definitely black hat, especially since they have absolutely no intention of ever revealing the security holes or how the rootkit works or what it does.

Good Thing (5, Funny)

Wicked Zen (1006745) | more than 2 years ago | (#35259790)

~Well, it's a good damn thing they're developing these products for the government, and not like, someone we can't trust to use them responsibly.~

White-hat? I don't think so (4, Insightful)

moonbender (547943) | more than 2 years ago | (#35259792)

White-hat? Hacking doesn't automatically get a white hat just because it's done for your favorite government (or other organisation). Developing malware and rootkits destined for actual use is black hat hacking, plain and simple. HBGary did both black and white hat stuff.

Re:White-hat? I don't think so (1)

Securityemo (1407943) | more than 2 years ago | (#35259844)

You could argue that "Hats" is a bad construct, and that if you understand the consequences of your actions conventional moral terms serve much better. The only reason the terms are used, I think, is because of the fact that it's so easy to get away with things. There's no external moral reinforcement because there's really no effective law enforcement and the anonymity is total. I think this is why all the security people I've met IRL have been "neurotic" or "twitchy".

Re:White-hat? I don't think so (0)

Anonymous Coward | more than 2 years ago | (#35259886)

Perhaps we need a new category, Santorum Hat. Kinda like an Ass Hat, only more...graphic.

Re:White-hat? I don't think so (0)

Anonymous Coward | more than 2 years ago | (#35259918)

White hat doesn't apply here. HBGary could be best described as IT mercenaries.

Re:White-hat? I don't think so (1)

Securityemo (1407943) | more than 2 years ago | (#35259928)

"Good? Bad? I'm the one with the 0day." /
"The only law on the internet is assembly and RFCs."

Re:White-hat? I don't think so (0)

Anonymous Coward | more than 2 years ago | (#35260066)

Meh. Doesn't fit... If HBGary are mercenaries, then so are all the various DoD contractors and their sub-contractors. Also, mercenary would imply selling to the highest bidder, but quite clearly HBGary only dealt with the US government and US government contractors.

I actually don't believe the bank of america/chamber of commerce emails are legit, though I think most of the olders ones are. I think anonymous wrote a few of those emails to feed their anti-government/corporate agenda (yes, they obviously have an agenda). In the time line of the attack, anonymous apparently had email access for 3 days before posting the first torrent, and 10 days before the second torrent. Plenty of time to craft some email chains or to just add nefarious words to a few emails.

Re:White-hat? I don't think so (1)

Securityemo (1407943) | more than 2 years ago | (#35260144)

Yeah, it would have been "mercenary" if they where contracted to do actual "computer espionage" but here they only built the tools. Maybe there are other firms that do that sort of stuff though? And I believe most mercenary firms would not hire out their services indiscriminately. Blackwater (now Xe) is considered to be "trash" by other mercs from what I've read, and it certainly fits the alleged cocaine parties and shooting wildly in the air.

Re:White-hat? I don't think so (1)

DavidTC (10147) | more than 2 years ago | (#35260714)

HBGary are not 'mercenaries', they are 'weapon suppliers'.

Mercenaries are 'people paid to fight a war who are not in the armed services'. That's all that means.

Some of the DoD contractors are, indeed, mercenaries, although they really dislike being called that, thanks to our quite legitimate dislike of mercenaries.

"Greg Hoglund" not "HBGary" (3, Insightful)

Securityemo (1407943) | more than 2 years ago | (#35259812)

Greg Hoglund is a leading expert on rootkits, and per the article it was he who did all the developement and research. If the article tells the truth, the firm sold advanced rootkits to the US government, and the latest iteration would have been one that used advanced memory management techniques to jump around in process memory and do it's thing without using any OS-managed structures, thus evading detection. I don't grok this at all, but it sounds like an advanced version of a technique I read about where the malware extracted the code from DLL files and ran things without having to go through the OS. So that part was entirely llegit, but the social networks part (which the government apparently wasn't at all interested in, presumably because they already got a contract with those Palantir guys) was evidently a catastrophe in the making.

Re:"Greg Hoglund" not "HBGary" (0)

Anonymous Coward | more than 2 years ago | (#35261382)

Ovbiously many "smart" guys brainstorming their ideas (and spending on BMWs) and one smart guy doing all the work that matters.
Well this is a political scandal, government working with a semi-criminal company. I guess laws don't apply to them if they're under government contract.
And we blame Russian mafia...

Re:"Greg Hoglund" not "HBGary" (1)

Securityemo (1407943) | more than 2 years ago | (#35261438)

Actually it was founded by Hoglund, and it sounded like the core of the company was Hoglund and Hoglunds wife (as a manager of some sort).

White Hats ??? (0)

Anonymous Coward | more than 2 years ago | (#35259846)

Given all the unethical and outright illegal activities that the government has been up to recently, shouldn't a hacker firm employed by the government to spy really be called professional black hats ? ( BTW, in China they're called 'patriotic hackers' ).

The Chinese government says: (0)

Anonymous Coward | more than 2 years ago | (#35259848)

Told you we were just whitehat hacking all along.
Guess imitation is the sincerest form of flattery after all.

How is this White Hat? (0)

Anonymous Coward | more than 2 years ago | (#35259858)

Usually when you're compromising or bypassing the security of another's system to steal or plant data it's considered black-hat, regardless of who does it.

What?? (0)

Anonymous Coward | more than 2 years ago | (#35259880)

Nowhere in the article does it mention "White-hat" hacking.... I smell bait. Flame, troll, or otherwise. Good read non the less.

explains much (1)

bugi (8479) | more than 2 years ago | (#35259896)

They spend so much time dicking around with my laptop at airports and borders so it's not so suspicious when they also dick around with your laptop. Now if they'd just hire somebody with a clue to fondle my ports, I could get through the line much much faster.

Re:explains much (1)

Securityemo (1407943) | more than 2 years ago | (#35259914)

That's just stupidity and people performing tasks without understanding the reasons behind them. But from what we've seen, "US intel" would evidently take advantage of the situation of confusion, I.E. install malware onto targets during border checks. They probably already are.

Re:explains much (0)

Anonymous Coward | more than 2 years ago | (#35260020)

As oppsed to PLA 3rd Department - who simply enter your hotel room while you are visiting, say Bejing, and ghost your entire drive while you are out to dinner.

Hell sometimes they don't even bother to put your laptop back the case.

Re:explains much (1)

Securityemo (1407943) | more than 2 years ago | (#35260054)

I suppose they have to deal with stupidity as well as anyone else. Wonder how they handle it, what with their "saving face" culture? Or maybe their military/police has a different internal culture?

Re:explains much (1)

Anonymous Coward | more than 2 years ago | (#35259926)

I pop in a separate hard drive when I travel. when I arrive, i swap it with the real one (which is encrypted of course).

Re:explains much (0)

Anonymous Coward | more than 2 years ago | (#35260980)

And this protects you from the logging hardware they installed how, exactly?

Re:explains much (1)

Securityemo (1407943) | more than 2 years ago | (#35261128)

Malware can be explained away as malware, especially if it logs to a "dead drop" of some sort that can't be linked back to the intruder. A hardware computer bug, if found, would be much harder to explain away. Especially if found en masse by people who's only link in space and time is crossing the US border.

Re:explains much (0)

Arancaytar (966377) | more than 2 years ago | (#35260096)

fondle my ports

Dude, TMI.

submitter here (4, Informative)

romanval (556418) | more than 2 years ago | (#35260080)

I was gonna put quotes (") around "white hat" but I was out of space. Slashdot needs to accept longer titles.

This title for was difficult to make because the TFA has subject matter that's all over the map: Collections of 0-day unpublished exploit vectors, rootkits with keyboard loggers disguising payload as ad click tracking data, and social network tracking via bot accounts. Tough to summarize in just 50 characters.

Re:submitter here (1)

penguin_punk (66721) | more than 2 years ago | (#35260136)

Don't worry. Just be content that your story made it to the front page. Some people will bitch about articles regardless.

Re:submitter here (-1)

Anonymous Coward | more than 2 years ago | (#35260204)

Then forgo spaces bitch.

Re:submitter here (0)

ItsJustAPseudonym (1259172) | more than 2 years ago | (#35260782)

YahOKwe'llgetrightonthat,AC.

Re:submitter here (0)

Anonymous Coward | more than 2 years ago | (#35260254)

Why not simply call it "The Inner World of Government Sponsored Hacking"?
Since the company does both white and black hat hacking this title is not only easier to fit within the 50char limit but it is also more precise.

Re:submitter here (0)

Anonymous Coward | more than 2 years ago | (#35260932)

You could leave out the "The" in the title.

Re:submitter here (1)

Securityemo (1407943) | more than 2 years ago | (#35261342)

"Inner World of Government Sponsored Hacking: Effectively Recognizing the Signs of Paranoid Schizophrenia in the Information Age - A Primer w/Case Studies".

HBGary is the archetypical black-hat firm (0)

moxsam (917470) | more than 2 years ago | (#35260120)

Just because what they did may be legal, although I have my strong doubts it actually was, doesn't mean that they are not black-hat hackers. They obviously have no morals, thus they are a black-hatted.

funny name (sort of ) (2)

roman_mir (125474) | more than 2 years ago | (#35260486)

It's sort of ironic that another product with the same name (Plan B) is used to get rid of unwanted 'intrusion', not promote it...

Pedants ruined this discussion (2, Insightful)

Anonymous Coward | more than 2 years ago | (#35260742)

I'd read TFA earlier. I decided to read the discussion here to see what interesting thoughts people might have on the topic, only to find page after page of arguments about hat colors. WTF? Pedants very rarely ever add to the discussion. Their comments seem mostly intended to inflate their own sense of superiority, and sadly often derail the discussion here as so many readers seem inclined to try to prove they are smarter. I'm sure someone will post a snarky reply that I must be new here. I'm not. I learn something every day reading here. However, this has got to be one of the most vacuous discussions I've seen related to what is a technically interesting topic that deserved better.

Re:Pedants ruined this discussion (1)

Securityemo (1407943) | more than 2 years ago | (#35260774)

This is because the only ones that can really contribute to this discussion is those who have technical knowledge of computer security and those who have experience with government or IT security contracting. You should probably be happy that anyone here can contribute at all to the discussion.

Police States of America (0)

cosm (1072588) | more than 2 years ago | (#35260780)

So is it just me, or is it fucking police state of America week on Slashdot?

Re:Police States of America (1)

Securityemo (1407943) | more than 2 years ago | (#35260842)

It's Horrible Hour! All drinks at the bar cost their base price plus a random amount of cash between 10% and 90%. If you pay too little, you get fondled. If you pay too much, you get fondled. If you get caught bringing in liquor into the establishment, you are shot.

/. news editors (1)

Magada (741361) | more than 2 years ago | (#35260910)

A day late and a dollar short, as ever.

If that qualifies as "White hat"... (0)

Anonymous Coward | more than 2 years ago | (#35261070)

... then I'm both the Pope and the fucking Queen of Britain.

The hats color is seen from victims perspective (0)

Anonymous Coward | more than 2 years ago | (#35261334)

If HBGary was doing this to help the people they were hacking, then they are white hat.

But the were doing it to destroy the people they were hacking, so they were black hat.

Gary's Mod (0)

Anonymous Coward | more than 2 years ago | (#35261450)

This must be that Gary's Mod I've seen on Steam.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?