Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Contents of Leaked HBGary Emails Reveal Wrongdoing

CmdrTaco posted more than 3 years ago | from the run-and-hide dept.

Democrats 369

chargersfan420 writes "Ars Technica has sifted through the contents of the HBGary emails leaked last week in the attack by Anonymous and posted an interesting story about some of the things they were up to (which include rootkit development, selling rootkits to the private sector, and an entire list of 0-day exploits in a variety of OSes and other software, among a variety of other devious plans). Today they are reporting a democratic push for a congressional investigation of HBGary Federal."

cancel ×

369 comments

Sorry! There are no comments related to the filter you selected.

Careful what you wish for (2, Interesting)

elrous0 (869638) | more than 3 years ago | (#35350626)

a democratic push for a congressional investigation of HBGary Federal

You're going to dig for info on their union-busting, but you're going to be very embarrassed if you find out that the Obama administration was in bed with these scumbags on some other sleazy project(s) that come up too. They were working for the banks, but some of these firms were (or at least had been) working for the government too. Might want to check with the White House before you start digging too deep.

Re:Careful what you wish for (2, Interesting)

The Wild Norseman (1404891) | more than 3 years ago | (#35350670)

How better to hide incriminating evidence if you're the one in charge of the investigation in the first place?

Re:Careful what you wish for (2)

spun (1352) | more than 3 years ago | (#35350866)

Some democratic members of Congress claim to want an investigation. Easy enough to claim to want that as a democratic congressman in a republican congress. Nota bene, the White House hasn't called for an investigation. You think these kinds of investigations are totally partisan? You think there won't be members of the investigative committee who are gunning for Obama? Okay, you might think that, but I doubt Obama does.

Anyone want to take bets on this, what are the odds that there will be an investigation of HBGary? Anyone want to put up some money on the "Sure, there will be an investigation" side?

Re:Careful what you wish for (3, Interesting)

bertoelcon (1557907) | more than 3 years ago | (#35350932)

Anyone want to take bets on this, what are the odds that there will be an investigation of HBGary? Anyone want to put up some money on the "Sure, there will be an investigation" side?

Can I be on the "There will be an investigation, but not a good one." side?

Re:Careful what you wish for (2)

nedlohs (1335013) | more than 3 years ago | (#35350876)

They won't be in charge of a Congressional investigation, the Republicans would be.

Re:Careful what you wish for (0)

Anonymous Coward | more than 3 years ago | (#35350882)

The 9/11 commission will find no wrongdoing on HBGary's part and no evidence of rootkits, exploits, or of anyone at HBGary using e-mail before the Anonymous attack.

Re:Careful what you wish for (1)

GooberToo (74388) | more than 3 years ago | (#35351182)

The 9/11 commission

Good! You mean we'll get an extremely detailed report which accurately depicts 99.99% of the known available facts. Excellent!

Re:Careful what you wish for (1)

icebike (68054) | more than 3 years ago | (#35350986)

How better to hide incriminating evidence if you're the one in charge of the investigation in the first place?

Why would they have to hide this? Its no longer admissible, thanks to Anonymous.

Allegedly stolen property by a criminal organization during a criminal break-in with no chain of custody essentially sanitizes the evidence
and probably any other evidence obtained via this evidence.

They should write a check to Anonymous thanking them for the service.

Re:Careful what you wish for (1)

The Wild Norseman (1404891) | more than 3 years ago | (#35351084)

Sure, [em]this[/em] evidence, not further evidence that the inquiry might turn up.

Re:Careful what you wish for (1)

icebike (68054) | more than 3 years ago | (#35351220)

They weren't even under investigation until the break in.

So there is no possible claim to inevitability of discovery, and pretty much ANY evidence developed out of this evidence is tainted.

Re:Careful what you wish for (-1, Troll)

interkin3tic (1469267) | more than 3 years ago | (#35350838)

I'd be shocked if Obama was using these guys. Not because I think he's too moral to do that, just that would show a surprising amount of cunning for a democrat.

Wait, maybe he did in a scheme to get himself impeached. Nevermind, totally believable.

Re:Careful what you wish for (5, Insightful)

Anonymous Coward | more than 3 years ago | (#35350864)

As an "Obama supporter" (if that even makes sense) I would like this investigation, so that this comes to light if it is true. Since my support of people is not axiomatic, I would like evidence supporting their trustworthiness. I understand this position may appear alien.

Re:Careful what you wish for (3, Insightful)

sjames (1099) | more than 3 years ago | (#35350886)

That's why we need 2 congressional investigations in parallel. One run by Republicans digging up any dirt they can find on Democrats, and one by Democrats digging dirt on Republicans.

What we really need is a Highlander style competition amongst politicians. That way there's just one we need to feed to a tree chipper to restore democracy in the U.S.

Re:Careful what you wish for (1)

Stregano (1285764) | more than 3 years ago | (#35350978)

That's why we need 2 congressional investigations in parallel. One run by Republicans digging up any dirt they can find on Democrats, and one by Democrats digging dirt on Republicans.

but it is not election time yet. They are good at doing that during that time

Re:Careful what you wish for (1)

return 42 (459012) | more than 3 years ago | (#35351260)

Yeah, getting rid of the old guard at one stroke and letting the people take over worked great in 18th century France and 20th century Russia and Iran.

Re:Careful what you wish for (5, Insightful)

twoallbeefpatties (615632) | more than 3 years ago | (#35350908)

I've been occasionally hearing this argument lately. "Yeah, we know these guys are doing bad things, but what if you find out that your guys are doing bad things, too? That would prove that you're even more evil, now wouldn't it!" It sounds like an attempt to conflate a hypothetical situation with what's actually going on. You know, things that there are no evidence for yet do not deserve equal weight with things that are actually evident.

This is in no way to say that I think the Obama administration is completely blameless and angelic in all things. If we were to discover that this firm was working on some of the same hacking and propaganda techniques on behalf of the government, then I'd damned well like to know about that as well. If the Obama administration was using these tactics on American citizens, I hope the investigation uncovers it somehow. And if you, parent poster, murdered a bunch of people ten years ago, I would hope that you are sent to jail for it. You know, if you did that. But in the meantime, we've got documents pointing to fraud being done by this firm on behalf of the Chamber of Commerce, so why don't we start with that?

Re:Careful what you wish for (1)

Stregano (1285764) | more than 3 years ago | (#35350964)

I would not mind if that happened. I voted for Obama, but if he is or his administration is doing dirty tactics, I would rather know than just assume he is doing more good than bad.

Re:Careful what you wish for (4, Insightful)

dachshund (300733) | more than 3 years ago | (#35351016)

You're going to dig for info on their union-busting, but you're going to be very embarrassed if you find out that the Obama administration was in bed with these scumbags on some other sleazy project(s) that come up too. They were working for the banks, but some of these firms were (or at least had been) working for the government too. Might want to check with the White House before you start digging too deep.

Have you ever considered that we might like to know about government malfeasance even if it's done by people we voted for? (hell, especially in that case).

If this radical idea had occurred to the Republican voter base back in 2001, maybe they wouldn't have to deal with a Democratic President in the first place.

Democratic != democratic (2)

winkydink (650484) | more than 3 years ago | (#35351164)

Capitalization is important. Consider the sentence:

i helped my uncle jack off a horse

Re:Careful what you wish for (1)

mcmonkey (96054) | more than 3 years ago | (#35351228)

It doesn't matter what you wish for. This will never happen.

The obvious question (for me) was, why would congress get involved? If people at this company were cracking security and spreading exploits, wouldn't that be a case for the cyber unit of the local police? Or if there's some interstate/international level of operations, perhaps the FBI?

Well, I RTFA. It seems this company and some partners were hired by Uncle Sam to work on cracks to be used against terrorists.

And there you go, end of story. Hidden by the shield of "national security" none of this will be investigated, nothing will be made public, no one will be called to testify, no one will be charged or prosecuted. It's the same story as thinking the phone companies would be investigated for wiretaps done at the government's request.

The only exceptions will be what Anonymous makes public and if any members of Anonymous are identified and prosecuted.

If you live in the USA and you don't like it, the folks in Egypt, Libya, et al are showing us what it takes to effect change in government.

who? (0)

bhcompy (1877290) | more than 3 years ago | (#35350652)

Who the hell is HBGary? Some schmuck from Huntington Beach? Is that his Slashdot handle?

Re:who? (0)

Anonymous Coward | more than 3 years ago | (#35350706)

Ah yes, the token "Slashdot reader who lives under a rock, in a cave, on another planet."

You visit Slashdot, so you're probably reading other technology news sites. Surely you've heard of Wikileaks, Anonymous, etc?

Re:who? (1)

bhcompy (1877290) | more than 3 years ago | (#35351148)

You mean all that social activism shit? I'd rather play CS than worry about some groups vendetta. Life's too short

Re:who? (1)

trollertron3000 (1940942) | more than 3 years ago | (#35350764)

Hairy Back Gary, that guy that lives in your mother's basement. The one she calls your uncle.

Re:who? (1)

spun (1352) | more than 3 years ago | (#35350880)

I thought it stood for "Huge Balls" Gary. As in, that guy must have some huge fucking balls doing what he did.

Re:who? (1)

MoriT (1747802) | more than 3 years ago | (#35351224)

That''s an insult to his testicles; I am sure they are significantly smarter than he is.

Re:who? (1)

Securityemo (1407943) | more than 3 years ago | (#35351208)

I assume it stands for (Greg) Hoglund (something or someone with an initial "B") Gary. This is the third time I would post the same tirade, just google for "Greg Hoglund".

Somehow (0)

Anonymous Coward | more than 3 years ago | (#35350664)

The word Karma comes to mind...

Re:Somehow (1)

spun (1352) | more than 3 years ago | (#35350912)

Karma: a concept for people who want to believe in justice but don't want a daddy-figure meting it out. Sorry, but no. There is no such force as karma, unless we make it. If we want justice, we shouldn't wait for a holy sky father or invisible morality scale to create it, we need to do it ourselves.

Re:Somehow (1)

gknoy (899301) | more than 3 years ago | (#35351142)

I think that what he meant was, the result was what some might term "karmatically appropriate" (even if we don't properly understand a true meaning of karma). Here's how:

- Many people see Anonymous as posing a threat of illegal stuff. (or Stuff we don't like, depending on who you ask.)
- HBGary Federal positions themselves as someone who can identify who Anonymous are, so that we can punish them for illegal stuff.
- Anonymous retaliates, and exposes all of HBGary Federal's communications.
- Apparently, HBGary Federal was engaging in shady stuff, and we'd never have known had they not targeted Anonymous.

Did anything illegal happen? The letter suggests that forgery, wire fraud, and computer fraud might have taken place and that Congress should investigate the ways that private contractors turn their military contracting experience on private targets.

(quoting Ars.) It's most interesting that the questionably-legal things that they were pursuing would likely never have been known, had they not attempted to "bring down" Anonymous. The company was probably small enough that a whistleblower would be unlikely to be involved, and they were generally under Anonymous' radar until they pissed them off.

It's fascinating: most of us dislike the idea of vigilante justice. However, in this case, it was directly responsible for uncovering something which might be wrongdoing (hence the call for an investigation). Wow.

Re:Somehow (0)

Anonymous Coward | more than 3 years ago | (#35351272)

Karma has nothing to do with justice. Interestingly, you've used a common Christian misinterpretation of it.

That's gotta bother you.

Score one for Anonymous. (4, Insightful)

unity100 (970058) | more than 3 years ago | (#35350684)

eventually anonymous would become a V for vendetta mask behind which vigilantes would do things that needed to be done, like this. Where are the people who were foaming at the mouth against Anonymous just a few weeks ago huh ? Here is anonymous justice, packed up and ready to go. The justice which was in no way delivered by the normal means you were speaking about that people should follow.

of course good guys, indifferent guys, and bad guys will do things by hiding behind such a mask. but, that doesnt make the presence of that mask, something bad.

Re:Score one for Anonymous. (1)

earls (1367951) | more than 3 years ago | (#35350734)

Amen, I'm glad someone has a memory.

Re:Score one for Anonymous. (1)

Omnifarious (11933) | more than 3 years ago | (#35350904)

It is really sad when we have vigilantes who are better and more capable than our own law enforcement at just about every aspect of what law enforcement is supposed to do.

Re:Score one for Anonymous. (2)

unity100 (970058) | more than 3 years ago | (#35350968)

its not that they are better and more capable. its just that law enforcement is at the hands of governments which are lackeys of corporations. they just are not prosecuting the filthy.

Re:Score one for Anonymous. (2)

Wyatt Earp (1029) | more than 3 years ago | (#35351168)

No, law enforcement is hampered by the law and Constitution.

Anonymous aren't shackled by laws.

Re:Score one for Anonymous. (1)

MrEricSir (398214) | more than 3 years ago | (#35351030)

Huh? Are you seriously advocating that law enforcement break into computer systems of suspicious companies?

I'm no lawyer, but I'm pretty sure that would get the police/FBI into heaps of trouble.

Re:Score one for Anonymous. (1)

_Sprocket_ (42527) | more than 3 years ago | (#35351040)

It is really sad when we have vigilantes who are better and more capable than our own law enforcement at just about every aspect of what law enforcement is supposed to do.

So what you're saying is you expect a branch of law enforcement who is good at harassment and illegal computer access?

Re:Score one for Anonymous. (2)

jedidiah (1196) | more than 3 years ago | (#35351118)

One that is competent at computer security would be nice.

Being able to break into something isn't just about breaking into stuff. It's also about making sure your stuff doesn't get broken into.

With "chain of custody" sorts of things, that's rather important.

Re:Score one for Anonymous. (1)

Wyatt Earp (1029) | more than 3 years ago | (#35351180)

Somehow I think of Hoover era FBI tactics and Cointelpro CIA tactics were in effect right now he would be screaming for Constitutionality and enforcement of the law.

Re:Score one for Anonymous. (1)

NoZart (961808) | more than 3 years ago | (#35351100)

Case of "Life imitates Art". Every superhero comic is about that.
What i fail to grasp is why is it cool in fiction but sad in reality? (honest question)

Re:Score one for Anonymous. (5, Insightful)

Anonymous Coward | more than 3 years ago | (#35350928)

Don't forget ACS:Law as well.
Us Britons had to suffer their bullshit and lies for many years.
No more people suffering their crap anymore. And they will get the punishment they deserve.
Now if only someone would go after Global Debt Recovery AKA Tower Investigations AKA a bunch of other terrible companies who buy off loans legally out of date and scare people in to paying up or face "harsh punishments"...

The Anonymous Movement isn't one group, it is many, there are no members, just people with the same ideals.
This gives them power.
Of course, no doubt many countries are in the process of getting rid of any anonymity online.
It won't work, but they will try. Even many ISPs are against some of the crap governments try to pull.
The moment a "No-Anonymity" law is mentioned, all rights groups it applies to will instantly shoot it down. (you can bet your ass EFF will be on it in a heart beat)

Re:Score one for Anonymous. (0)

Anonymous Coward | more than 3 years ago | (#35350998)

> Where are the people who were foaming at the mouth against Anonymous just a few weeks ago huh ? Here is anonymous justice, packed up and ready to go.

Where they foaming against Anonymous, or one of the actions executed under the name of Anonymous?
In the latter case: I don't see, how praising one an action, does preclude criticise one other, or the other way around. And even more so, when it is under an umbrella name like Anonymous, where the people responsible for the HBGary hack distanced themselves from the LIOC stuff.

Re:Score one for Anonymous. (1)

unity100 (970058) | more than 3 years ago | (#35351026)

they were foaming against anonymous. ranging from debasing them as pimpled wannabee kids to outlaws, illegals that violate society and whatnot.

Re:Score one for Anonymous. (0)

Anonymous Coward | more than 3 years ago | (#35351120)

Where are the people who were foaming at the mouth against Anonymous just a few weeks ago huh ?

The people who foam the loudest are the ones with the most to hide, like those who called for the execution of Julian Assange over Wikileaks' leaks. They'll continue to foam one way or another, no matter what.

There's also the naive group who buy into the first group, and foam along in support of an authority they trust would do no wrong. Some of them may stop foaming and realize they were wrong. Most likely, most of these people have long stopped paying attention.

Re:Score one for Anonymous. (0)

Anonymous Coward | more than 3 years ago | (#35351248)

Wow, a post where you are not talking about how much drupal sucks and how awesome your framework is. I'm shocked.

Countermeasures against HBGary (2)

gatkinso (15975) | more than 3 years ago | (#35350698)

1) Don't use Windows
2) Don't use Facebook

Re:Countermeasures against HBGary (1)

andrea.sartori (1603543) | more than 3 years ago | (#35350732)

3) don't write things that could later be used against you

Re:Countermeasures against HBGary (2)

PrescriptionWarning (932687) | more than 3 years ago | (#35350786)

4. Don't be evil and you won't have anything that could be used against you

Re:Countermeasures against HBGary (4, Funny)

Leafheart (1120885) | more than 3 years ago | (#35350834)

4. Don't be evil and you won't have anything that could be used against you

Oh man. That was funny. You had me a moment there.

Re:Countermeasures against HBGary (2)

gknoy (899301) | more than 3 years ago | (#35351178)

It's true. If you set out to behave ethically in all your endeavours, and are honest and forthright with people, the only attacks people can make against you will be lies. Sure, you'll face attacks, but you don't have anything that you would need to be actively hiding to stay "safe".

Re:Countermeasures against HBGary (5, Interesting)

Red Flayer (890720) | more than 3 years ago | (#35351266)

If you set out to behave ethically in all your endeavours, and are honest and forthright with people, the only attacks people can make against you will be lies. Sure, you'll face attacks, but you don't have anything that you would need to be actively hiding to stay "safe".

That only holds true if

1. "ethically" is the same as "legally".
2. You're version of "ethically" is the same as everyone else's version of "ethically".

Re:Countermeasures against HBGary (2)

Securityemo (1407943) | more than 3 years ago | (#35351252)

5. Don't hire admins that will let "you" reset your SSH password through an insecure medium without verification that it's actually you.

Re:Countermeasures against HBGary (3, Insightful)

Carewolf (581105) | more than 3 years ago | (#35350776)

3) Don't use Flash
4) Don't use Java

Interesting what they have unpublished 0-day exploits for.

Re:Countermeasures against HBGary (1)

MikeDirnt69 (1105185) | more than 3 years ago | (#35350814)

3) Bazooka

Wow. (3, Insightful)

Tolkien (664315) | more than 3 years ago | (#35350722)

So they were clearly and intentionally on the more shady end of ethical boundaries. They aren't a security firm, they're crackers for hire.

Re:Wow. (2)

bberens (965711) | more than 3 years ago | (#35350804)

I don't see how any of this should be surprising. My understanding is that these guys were contract spooks hired out by the CIA, FBI, NSA, etc. to do work they either wouldn't or couldn't do. It shouldn't surprise anyone that the NSA and their private counterparts have databases of 0-day vulnerabilities and rootkits lying around to use for whatever "legitimate" spooking purposes arise.

Re:Wow. (1)

JBMcB (73720) | more than 3 years ago | (#35350832)

It shouldn't surprise anyone that the NSA and their private counterparts have databases of 0-day vulnerabilities and rootkits lying around to use for whatever "legitimate" spooking purposes arise.

Quite the opposite. I'm sure every major and minor computer security firm has a large database of virii, hacks, exploits, trojans, and other various malware. How are you supposed to defend your customers against malware if you don't have any examples?

Re:Wow. (1)

shog9 (154858) | more than 3 years ago | (#35350916)

Of course, there's a difference between keeping anthrax in your freezer because you're researching treatment and prevention... and keeping anthrax in your freezer while looking for someone who'll pay to create a panic.

Re:Wow. (2)

andrea.sartori (1603543) | more than 3 years ago | (#35350936)

The two are not mutually exclusive though.

Re:Wow. (1)

gknoy (899301) | more than 3 years ago | (#35351194)

Yes, but the former is ethical and the latter is decidedly NOT.

Re:Wow. (1)

Stregano (1285764) | more than 3 years ago | (#35351008)

Don't call me Eugene. I am the Plague

Re:Wow. (2)

amicusNYCL (1538833) | more than 3 years ago | (#35351102)

So they were clearly and intentionally on the more shady end of ethical boundaries.

Yes, exactly! They were CLEARLY, and INTENTIONALLY, on the... uhh.. well, the "more shady" end of what we like to call "ethical boundaries". Clearly!

Small d ? (2)

mbone (558574) | more than 3 years ago | (#35350742)

I suspect that what was meant was that there is a Democratic push (by big D Democrats) to investigate HBGary. I haven't heard of any sit-ins over the issue, at least as yet.

And i TOLD you. (4, Interesting)

unity100 (970058) | more than 3 years ago | (#35350744)

i told you that, going after anonymous would cause more hardcore circles, which are in constant rebellion to anything that is establishment, to take up the cause of the anonymous.

Anyone spending a few years in the early stages of internet, in which those underground circles were not so underground like today, would be able to know and tell the same. Its the rebel net culture. That underground is multitudes over the level of what the private lackey corps or govts. can afford to hire or educate. They are of a sort that grows/breeds on its own.

Despite their roads have diverged with most of us the early netizens like me, i indeed learned to develop a deep respect for their kind. For, even if they do a lot of shady stuff, they do have a very strong attachment to some principles. and that's something to be respected.

Anyway. see, what they have done. good luck to govt and their lackeys in finding who did it. they may even be inside hbgary itself. you'll never know. once a rebel, always a rebel.

Re:And i TOLD you. (0)

Anonymous Coward | more than 3 years ago | (#35350878)

I won't deny you your Master of the Obvious Award, but I think there is more overlap between Anon and 'more hardcore circles' than you give credit for.

Anon is very large and certainly not made exclusively of top notch crackers. But there are likely some, and taking down HB Gary took only a couple with actual cracking skills as well as a little ogranizational and strategic ability. Not that an SQL injection and rainbow tables are way up there on the skill chart. The other two components I mention were fairly high level though.

Anon needs a lot of warm bodies to run the LOIC and such. And to order pizzas and moving boxes and fusker, but they aren't all just warm bodies.

Re:And i TOLD you. (1)

unity100 (970058) | more than 3 years ago | (#35350954)

your analysis is off target.

surely, if you look at the face of it, you will see pimpled teens going about with sql injection scripts grabbed off the net.

but, see, the group which was dubbed as pimpled teens, staged a 'social engineering' attack, and grabbed email history of a filthy outfit, deleted their backups, and posted it online.

it doesnt take too much brain to see that the skill level of this group is as not low as you propose.

Re:And i TOLD you. (1)

gknoy (899301) | more than 3 years ago | (#35351214)

Not only that, they (in theory) did it all while staying anonymous. I wouldn't even begin to know how to do that part of it.

Re:And i TOLD you. (1)

BJ_Covert_Action (1499847) | more than 3 years ago | (#35351106)

...they do have a very strong attachment to some principles. and that's something to be respected...

One should always be wary of principled men.

Explains why Aaron Barr left in a hurry (1)

Lead Butthead (321013) | more than 3 years ago | (#35350748)

Talk about rats leaving a sinking ship...

Re:Explains why Aaron Barr left in a hurry (1)

hjf (703092) | more than 3 years ago | (#35350818)

I never get the point about rats leaving a sinking ship. Where the fuck are the rats going anyway???

Re:Explains why Aaron Barr left in a hurry (1)

chemicaldave (1776600) | more than 3 years ago | (#35351082)

I never get the point about rats leaving a sinking ship. Where the fuck are the rats going anyway???

Actually, Brown Rats are excellent swimmers.

Re:Explains why Aaron Barr left in a hurry (0)

Anonymous Coward | more than 3 years ago | (#35351216)

I never get the point about rats leaving a sinking ship. Where the fuck are the rats going anyway???

The same place the people who leave the sinking ship are going?

Re:Explains why Aaron Barr left in a hurry (1)

gknoy (899301) | more than 3 years ago | (#35351232)

Better to swim with the debris than get carried under by a large (flooded) container that used to float.

Re:Explains why Aaron Barr left in a hurry (2)

lowtekk (518270) | more than 3 years ago | (#35351274)

I thought he ran after he shot Alexander Hamilton in a duel.

Wait, there is more! (-1)

Anonymous Coward | more than 3 years ago | (#35350780)

Amazing how Dems will push for the investigation of these emails but declined climategate on the basis that the emails were obtained illegally or "private conversations".

I sense this is nothing more than kabuki theater and more fakery from a few political hacks.

Haha. Read the memo they left in the conference (5, Interesting)

unity100 (970058) | more than 3 years ago | (#35350802)

http://nakedsecurity.sophos.com/2011/02/16/lessons-to-learn-from-the-hbgary-federal-hack/ [sophos.com]

down below.

http://sophosnews.files.wordpress.com/2011/02/hbgary-rsa-sign.jpg?w=640 [wordpress.com]

"A group of AGGRESSIVE hackers known as 'Anonymous' illegally broke into blah blah ..... blah blah and stole proprietary and 'confidential' information which was STOLEN by us by using ROOTKITS and VIRUSES and 0 DAY EXPLOITS from private citizens' computers ....."

corporate lack of shame. you produce rootkits, viruses, 0 day exploits, malware to spy on people, steal their confidential, legally private information to SELL them, and then you dub that information 'proprietary' information belonging to you ....

i wonder what will they say in their defense in front of senate committee. what's more, i wonder what will the senate committee say to them, in regard to their dealings with this filthy outfit.

whats the slogan of hbgary anyway ? "hey - we produce viruses, rootkits, 0 day exploits and malware to steal your private information to sell to corporations and government !!!" ?

Re:Haha. Read the memo they left in the conference (0)

Anonymous Coward | more than 3 years ago | (#35350828)

Doesn't surprise me. Corporations are sociopaths by nature...

Re:Haha. Read the memo they left in the conference (1)

definate (876684) | more than 3 years ago | (#35351108)

Interesting that you think that a corporation is a person, and as such you can apply the same analysis you apply to people, to it. I guess you also support the government treating corporate entities as people with rights.

Re:Haha. Read the memo they left in the conference (1)

Even on Slashdot FOE (1870208) | more than 3 years ago | (#35351170)

It's not like the government is going to put the "corporations are people, too" thing up for a public vote, and even if they did the corporations would force the vote to go their way. As such, you may as well try to give them the drawbacks of being people, too.

Re:Haha. Read the memo they left in the conference (1)

definate (876684) | more than 3 years ago | (#35351256)

LOL So instead of tackling the problem, just try to make it shitter for them? I guess that's a fall back position, but the former is the real solution.

Re:Haha. Read the memo they left in the conference (-1)

Anonymous Coward | more than 3 years ago | (#35350972)

You know, the government stealing and spying on you shouldn't be a problem. I mean it's for the greater good. The problem is when they do it to the advantage of your competition simply because they bought some senator or two.

Re:Haha. Read the memo they left in the conference (1)

definate (876684) | more than 3 years ago | (#35351092)

That's the worst slogan I've ever heard.

It's not even catchy.

All I have to say is... (1)

al0ha (1262684) | more than 3 years ago | (#35350812)

Quis custodiet ipsos custodes?

Where money and power is concerned there is no freedom and nothing is sacred; except money and power.

Re:All I have to say is... (1)

Anonymous Coward | more than 3 years ago | (#35350862)

Quis custodiet ipsos custodes?

Qui sine nomine custodiet ipsos custodes.

(It's almost like there are Roman Legions of 'em. Benefits of a classical education.)

Re:All I have to say is... (0)

Anonymous Coward | more than 3 years ago | (#35351184)

Quis custodiet ipsos custodes?

We solved this by putting a shower in the janitor's closet.

HBGary has DMCA'd a blogger now as well (1)

Anonymous Coward | more than 3 years ago | (#35350844)

HBGary has also DMCA'd a security blogger over a post about "Malware DNA" as well.

This is the same blogger HBGary called 'nutty but smart' (I paraphrase) in their emails and then cited to his work as 'a good idea'

See: http://conanthedestroyer.net/2011/02/15/wherez-it-at-hbgary-response/

I call shenanigans (2)

retardpicnic (1762292) | more than 3 years ago | (#35350898)

The problem I have with this is that I think its just noobs selling shit to boobs.The more this story develops I become more and more uncertain that HBGary had te technical know how to make working root kits, and 0-days for multiple OS's. I betcha these guys would just sit waiting for bugtraq to update and hurriedly package it, that i do believe they are capable of. Some of the things that were apparently willing to sell or selling require superior technical understanding, and if the twats at HBG had that, they wouldn't be so chock full of epic loss right now

Re:I call shenanigans (3, Informative)

gartogg (317481) | more than 3 years ago | (#35350922)

RTFA.

There were contracts and delivered goods with 0-day kits to both government and corporate sources.

Re:I call shenanigans (1)

gknoy (899301) | more than 3 years ago | (#35351270)

Were they actually delivered, or were they merely advertised? I know that often what marketing sells as feasible is far from what is actually delivered.

Re:I call shenanigans (0)

Anonymous Coward | more than 3 years ago | (#35351024)

Agreed, if they were the 1337 haxors they claimed to be then they would be rolling in dough from a classified contract. No matter what, they didn't have anything the government wanted, and it seems that even if they did have "skillz" the shameful and noisy way they did business would be a big turn off to the groups they were trying to sell to. It is hard to kick it with James Bond if you are dressed like a clown and yelling about how good you are at doing "spy stuff".

Re:I call shenanigans (1)

Thud457 (234763) | more than 3 years ago | (#35351262)

Damn, I can't find the "Bloom County" where the judge is giving the verdict in Steve Dallas' hacking trial.

Re:I call shenanigans (0)

Anonymous Coward | more than 3 years ago | (#35351130)

I stopped reading your post at "noobs" and I'm glad I did because I accidently saw the word "epic" while replying. Bonus points for not using the word "fail", but you'll forfeit those for using "epic" without "fail".

And the problem with this is? (2, Insightful)

Anonymous Coward | more than 3 years ago | (#35350958)

http://en.wikipedia.org/wiki/The_Yes_Men

The Yes Men often deploy a satirical approach: they pose as a powerful entity (typically a corporate or government representative or executive) and make ridiculous and shocking comments that caricature the ideological position of the organisation or person. Furthermore, they acknowledge the idea that many corporate or government entities manipulate their ideology using spin; in response, the Yes Men use this power of spin to their own advantage, and use media outlets to disseminate their personal interpretation of the situation. A sense of humor and shock value is usually employed to make these issues more palatable to the general public and to call greater media attention to stories of interest.[1] Some of these outrageous ideas include the possibility to sell one's vote or that the poor should consume recycled human waste. On most occasions, little to no shock or outrage is publicly evoked in response to their prank.

On occasion, the Yes Men's phony spokesperson will make announcements that represent fictitious scenarios for the anti-globalization movement or opponents of corporate crime. The result often heed false news reports which cover the demise of the World Trade Organization, or Dow Chemical paying compensation to the victims of the Bhopal disaster, which the Yes Men intend to provide publicity for problems concerning these organizations. One of the effects of apologizing and promising support on behalf of an organization is that the organization is then later forced to re-acknowledge the event in question and retract all of the proposed good will. This served to further publicize the negative event of the organization and sets-up the organization to look bad for taking back any support The Yes Men offered under the name of their organization.

--

There are people who attack corporations in this way, and are not investigated by the Democrats on anything like a regular basis.

security firm? . (0)

Anonymous Coward | more than 3 years ago | (#35350974)

memo to self: ask security firm if they know and read Bruce Schneiers blog

So what about the DoJ (3)

elashish14 (1302231) | more than 3 years ago | (#35351056)

Are they gonna be investigated too?

Why a Congresional Investigation? (0)

Anonymous Coward | more than 3 years ago | (#35351080)

Why would Congress involve itself in an investigation of a simple criminal conspiracy?

democratic or Democratic? (-1)

Anonymous Coward | more than 3 years ago | (#35351138)

"democratic"? I didn't vote for this investigation, did you?

confucius say (1)

v1 (525388) | more than 3 years ago | (#35351158)

"He who lives in glass house should not throw stones"

ok it's not attributed to him, but is attributed (in various slightly differing forms) to a wide variety of people, including Ben Franklin. Nothing quite as entertaining to see someone tasked with bending laws get bent over BY the laws, from their own pen.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>