Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘Sociology’ Category

Digital Natives, Digital Immigrants, Exo-Nationals and The Digital Lord of The Flies

leave a comment »

SAMSUNG DIGITAL CAMERA

XXXXXXXXXXXXXXXXXXXX

Digital Natives

Last week Josh Corman was at a conference and live tweeting commentary and thoughts online about INFOSEC and around the ideas of Cyberwar. At one point he mentioned the idea of “Digital Natives” against the backdrop of nation states and it struck me again as something I needed to expand upon. Though Josh had said he wanted a chance to explain further to me his ideas before I posted I don’t feel like I think that differently than he does about the topic. Though perhaps I do, I am not sure as I have yet to hear his ideas in full but I wanted to get this out of my head now so here it is.

Digital natives as a term has been around since 2001 when Marc Prensky coined the term in his work “Digital Natives, Digital Immigrants” was published. In this article he explains the basis of the idea that since kids from 2000 on (I would say earlier for some of us) have grown up with computers and the internet as a ubiquitous appliance/medium they tend to be greatly different in thinking, acting, and general attitudes than their parents and older generations. These people who did not grow up with the technology always around them and used by them are termed to be “Digital Migrants” and have emigrated to the use of the Internet and technologies. As such, these immigrants are often seen as foreigners in the digital world with antiquated ideas on how things should work and methods of doing things. The article (see below link) also goes into some detail on the cognitive differences as well as social differences that Presnky was seeing in the studies he was conducting.

Prensky; Digital Natives, Digital Immigrants

Prensky; The Emerging Online Life of Digital Natives

Another paper that Prensky wrote was on the emerging online lives of these “digital natives” in that you could see the emergent behaviors progressing as online life (Web2.0 and Social Media for example) expanded to allow for more connectivity and social malleability. In both though the idea is put forth that we now have a generation or a couple really, that are inherently living their lives in a completely different way than their parents and all of it predicated on rapidly changing technology. This idea lends itself to the problems we face today as INFOSEC ptactitioners, governments, law enforcement agencies, and as parents to children who on the face of it are cognitively different than we are. Add to this the problem that much of our lives are now greatly affected by these technologies (banks, power, credit, reputations etc) that this generation or two now can control at very young ages for good or for ill and we have a problem that we must understand in order to manage.

Digital Immigrants

Moving on we have the Digital Immigrants, those who have moved into the digital space with smart phones, PC’s, Laptops, Ipads, and the like. Many do not leverage these devices in the ways that the natives do and in fact do not understand them on the whole. Outside of the people in the business of creating these wonders and creating their infrastructure the bulk of the populace older than 30 on average have little cognition of how things really work. I know this is a gross generality but just go with me on this and let’s not quibble ok? So, we have all these people who still use paper books and write things on pads and the natives think on the whole that they are a foreign species according to Prensky.

What really shakes out for me is that on the whole the LEA’s, the Gov, The Generals, and corporate execs of the world are all pretty much on the whole not of the Z or iGeneration (Natives) This means that they are all immigrants and by the terms of the idea not really connected to the ideals, attitudes, and cognitive changes that the iGen’s have in place. Add to this that aforementioned inability to really understand the technology itself nor how it could be leveraged and we have a pretty big problem with the world don’t we? Look at all this talk over cyberwar today and the outmoded modalities that are being used to try and grapple with the problems. How many times have you had the experience gentle reader with your boss or some other person as you try to explain to them the security problems with technology just to get a blank look back? …You get my point…

So we have the digital natives on average running circles around the immigrants (kids vs. parents, iGen vs. those in power) and friction occurs. All you really need look to are the cases of Aaron Swartz and Weev to see it play out in the media and the courthouse. What we commonly see as nothing really wrong the immigrants see as abhorrent, illegal, and immoral. The fact that say Weev just wrote a script to enumerate pages to us is nothing while in the eyes of the corporate types and the law it is an offense worthy of going to jail for 3.5 years and a lot of money in recompense to the corporation that was enumerated. Until such time as the immigrants are all gone and only the natives inhabit the net and the meatspace we will not have substantive cognition of the new generations mores and means of living with the technologies and how the laws can be changed to make a little more sense about offenses online as well as problems like cyber-warfare. It will take a at least another generation until parity is reached.

Digital Exo Nationals

While I think that the ideas of Digital Natives and Immigrants was what Josh had in mind as the core to his statement I also think he was alluding to those natives as being their own state. This is an idea that has been brought about by Anonymous and I think could be termed as “Digital Exo-Nationals” Those out there who feel that the net is a stateless space where no one state rules them (nation) nor do the mores of meatspace apply within the electronic world they live in. A group like Anonymous can claim to be truly stateless and on the face of it they can be on one level, but I think that on  the whole anyone who is not persistently living just online (meaning they reside inside of a computer network) is in fact affected greatly by where they were raised, by whom, and are the product of their upbringing. This fact will always color people’s reactions and there will always be some form of nationalism to them as they interact online or take up arms in defense of some ideal.

With that said though I think it is nominally an idea that has merit. I believe in many ways the deizens of the net (i.e. the iGen/Natives) think of themselves as apart from the “real world’ that they physically inhabit when they are online, which today is pretty persistent at a connectivity level. This cognitive dissonance creates quite the dichotomy of perceptions for the natives. Once offline they must generally adhere to the structures of the “old world” as opposed to the pretty much wild west of the Internet and on average they manage to separate the two lives much like the quote from “The Matrix” by Agent Smith;

Agent Smith: It seems that you’ve been living two lives. One life, you’re Thomas A. Anderson, program writer for a respectable software company. You have a social security number, pay your taxes, and you… help your landlady carry out her garbage. The other life is lived in computers, where you go by the hacker alias “Neo” and are guilty of virtually every computer crime we have a law for. One of these lives has a future, and one of them does not. 

This is pretty much the perception for the immigrants right? While on the other side Neo would consider himself a freedom fighter or a seeker looking for a basic truth that the old system (i.e. The Matrix) is trying to prevent him from seeing. Think about this idea for a minute while reflecting on Anonymous today in the Wikileaks age. I think you will see the parable here and this is a core issue between Immigrant culture versus the new Native one. It is interesting to note though, that in the case of the Matrix, the natives are in fact both Neo and Smith in one sense but only Neo resides in a corporeal way… But I digress into philosophy here and before I break out my copy of “Simulacra and Simulation” on you I will stop.

Ok back to the issue at hand. We have digital natives now that perceive themselves as “Exo-Nationals” the net is their country and it is outside of the corporeal world. Their rules are not the rules of the real world and their mores are different. Their culture is one that is new and evolving and unfortunately the world they inhabit is not really theirs to control. Since the backbone of the infrastructure is owned by corporations and governments they’re really only renting if not actually squatting in their exo-national domain. This fact however does not stop them from trying to control the networks and in many ways they are able to through hacking and the use of good OPSEC. You see, in reality the natives who consider themselves Exo-Nationals are in fact guerrilla’s for the most part to my thinking.

 The Digital Lord of The Flies

No matter the dialectic, there are issues to the dichotomy between the natives and the immigrants that can beget darker things. Since on average the common kid today can bypass most protections a parent my try to purchase for their home computers, that is if they are even cognizant enough to try, we have a generation that pretty much can run amok online. Without oversight the digital natives pretty much run the show. This has been touched upon by sociologists studying 4chan and Anonymous in the past and is quite valid a point. The mores of the natives are greatly different within the online world than those that we would teach them in the offline one. All of this is really predicated on the idea that once online the native is “anonymous” by use of technological means in the extreme or just the perception thereof by those who do not cognitively understand it (younger natives still learning)

Generally though the natives learn quickly that they can do many more things online that parents and others would find frightful offline and in public. It is this “disinhibition effect” through percieved or technical anonymity that allows for this behavior to evolve and thus gives rise to what I call the “Digital Lord of The Flies” effect. In essence the children have been left to their own devices on a digital island and those more powerful take over and rule rather mercilessly. In the last few days I got a first hand view of this effect with regard to teens and twenty somethings in the gamer/Xbox verse. Where gaming had become banal some of these “crews” or “Teams” began upping the ante by hacking, carding, and what they call GT (gamer tag) “Jacking” All criminal activities that are perceived by these kids as ok because they are not doing these things to people in reality (and by reality I mean in person in front of them)

There seems to be a disconnect within the psyche for these kids where their actions are just not real because it happens online. Some of these kids that I tracked online due to recent events with the attacks on Brian Krebs that leads me to believe some of them may in fact be on the road to sociopathy. This though is not the case for all of them of course so one has to ask how is it that they feel so moved to carry out these deeds online and not feel the least bit of remorse about them? It is this disconnect that fascinates me really and I will be looking further at it in the future. As more and more generations move into the natives category being born into a world with prevalent technologies we will only see more of these problems until that parity I spoke of happens. When the parents of all these kids are just as savvy about the net as their kids are, then we will be able to teach them.. Of course in thinking about this it comes to me that perhaps that will only shift to natives teaching natives the same behaviors…

Sigh…

Time will tell I guess.

K.

Written by Krypt3ia

2013/03/22 at 20:51

So APT Is China *snicker* Now What?

with 2 comments

icanhaz

zl’s egt amsk sbfmt kze kwcyfocggp ktlhiu!

Avanced? Persistent? Threat? 

As RSA comes to a close and the corridors of the hall stop ringing with the acronym APT bleated out by a megaphone from the Mandiant booth I find myself once again looking at the problem as opposed to the hype. Let me simplify this for you all a little bit here to start though. APT is not necessarily “advanced” as the Mandiant finally lets you all out there not in the secret squirrel club know. In fact the APT’s are often just outsmarting the average end user on a daily basis and you and I both know it does not take a mental genius to do that right? Seriously there is nothing overly advanced nowadays in sending phishing emails and doing recon to assess your targets. Sure there is some coding going on once inside that is novel but really, any good hacker will tell you that they can code some shit up to keep persistence or maybe just buy it on the black market if needed. This is not rocket science here.

On the persistence thing yes, yes they are. They are persistent not only in trying to keep their toehold but also in that they bombard companies with emails in order to have a signal to noise attack. This is nifty but really it’s not a new technique. So ok persistence means they keep trying but it is often our own failings that ALLOW their persistence. Everything from the #click_sheep who keep clicking on every god damned email they get that asking if they want a bigger penis to companies lack of controls over patching and other standard procedures that they should be carrying out on their infrastructure. So when really looking for someone to blame look in the mirror folks. Hey maybe you will look in the mirror and see that you are Chinese huh?

Finally the “threat” part well I think I just covered that huh? YOU are the real threat in this vector. The adversary is just leveraging that fact to obtain their goals. The threat is not Chinese, Russian, Israeli, or French. It’s us. We are the threat and this was the case even before computers and espionage came together. How do you think a lot of the information was stolen back in the day from governments and companies? That’s right kids! It was by people being paid off or being leveraged in some way by spies and spy agencies. Now though, we really don’t have to leverage people as much with compensation or threats. Instead we just leverage their human natures and boy oh boy does it work ever so well!

Our sloth, greed, and general cluelessness are our own undoing.

Is WHO Hacked You That Important?

So Mandiant puts out a report on our Chinese hackers and everyone is a twitter over the “revelations” As someone who has personally dealt with this type of activity in my work life I was pretty apathetic about the report and it’s being published outside of the “sekret squirrel” world. Sure, they probably set us all back some and certainly have set the stage for a great amount of douchery to come but really, what good comes from this report and the data it dropped? Hurriedly I have seen many glom onto the hashes and the techniques that the Comment Crew was using in order to fortify their environments since the drop. Of course this may be to no avail as soon I am sure the CC will be changing their ways but hey, it gives us all something to do huh?

Meanwhile people are nodding their heads and saying “BAD CHINA” while the government pops out 140 page draft resolutions on how to deal with China and their hacking of our IP. I for one see this as just a lot of smoke and mirrors that may in the end have no greater effect other than political gain but hey who am I right? Let’s let it roll as everyone gets their panties in a bind over China. Others though have piped in and said that maybe it’s not only China but all too often these voices are not enough to cut through the cacophony of stupid to make it to the reasoned ear. Guess what kids it’s not just China and it never has been and this is the problem of fixating on one target. You tend to lose the other and then they come up behind you and shoot you in the back of the head.

The upshot here? Who hacked you is NOT as important as WHY you got hacked and HOW you got hacked. The old WHO WHAT WHY WHEN & HOW are important equally and we unfortunately have collectively latched onto the WHO and this will be our downfall. At least Mandiant is looking at the how but I am not hearing much about how to remediate the problems that cause the problem to start with. Instead as we see with the government response they are going to the WHO and saying “cut it out” and anyone who thinks that that is going to make them stop is really biting too tightly on the crack pipe. So back to the point which should be plainly clear. We are the target and we are the problem. It is important to understand the who but you cannot leave out the WHAT, WHERE, WHEN, and WHY. If you do then you will never win the battle.

Know Thy Enemy.. Know Thyself…

It is said that if you know your enemies and know yourself, you will not be imperiled in a hundred battles; if you do not know your enemies but do know yourself, you will win one and lose one; if you do not know your enemies nor yourself, you will be imperiled in every single battle.

Sun Tzu: Art of War

It’s a trite thing to some out there *looking at you Jericho* to quote Sun Tzu in any cyber context but in my case here it is absolutely correct to quote. The problem I am finding in much of the approaches to trying to defeat or lessen the APT problem focuses less on knowing the self (aka your network and your people) and more on blinky light solutions to stop them dead in their tracks as the vendor propaganda states. Some even go as far as to proclaim that security awareness is pointless which I called bullshit on before rather vociferously in the past. I find it to be one of the more reprehensible statements made up until yesterday’s revelations that a panel gave at RSA saying that “We are soon going to live in a post crypto world” and that crypto is pointless because the APT keeps avoiding it. This is one of the most idiotic statements I have heard in a while and it just makes me think people misunderstand APT even more than before. Everyone thinks they are unstoppable and that is not right. These attacks can be mitigated but it will take real work to do do not some blinky verndor solutions.

The point here is this; We need to carry out due diligence and we need to be vigilant in our security apparatus. We need to engage the end users and teach them about malware and phishing and keep teaching them over and over and over again. Wrote learning is the ONLY way that this will get into their collective heads. Sure, we can also use technologies to attempt to arrest the spear phishing attacks but if you have a 3 star general who is a #click_sheep well, you are pretty much fucked if you are not really paying attention to the network SIEM and other mitigations in place and even then, with creativity those too can be outwitted. These APT types use common traffic to hide within and that is the problem. The pivot is the key here, they are using your network to their advantage just like a Judo expert. Will you be able to stop them all? No. Will you be able to considerably cut the attack success down with holistic methods? I believe you can and I have seen it in action. Others have said much the same thing and I hope more people start paying attention.

I agree that knowing who is attacking is important but it is only important as long as you take the time to be introspective about what they are seeking from you and how they are getting it out of you. What flaws in your infrastructure and culture are they exploiting that is allowing them to rob you blind and how can you remedy them to stop them. These are the key questions that seem to be missing from so many vendor offers like Crowdstrike and others out there today offering offensive defense or active defense. Sure, if your org is working properly and you have security enlightened end users go for the disinformation honeypot things and other means of defense. However, if your people are a bunch of #click_sheeple then what is the point? You will be PWND and it will be all be moaning and wailing “woe is me” in the end …Trust me.

Oh, and a last word here on the #click_sheep thing. Why am I harping on it? Look at the reports again. 99.999 percent of the attacks are being performed via phishing and spear phishing STILL! We have known about this type of attack how long? Come on people! There’s a reason it is done this way. It’s because people are not being trained properly as well as their systems are not being patched up! I know what you are thinking “but there’s 0day!” Yes yes there is but that is only a small percentage of the attack surface at present.

CLICK CLICK PWN.

Behavior Modification Is Needed

Now that I have ranted a while let me just re-iterate the facts. We are to blame for the APT successes. The term was coined back in 2006 and though it’s been in the secret squirrel world it was a known quantity. In fact I would say that it was not only the APT but generally crackers who were using these techniques for the most part and the APT just went along with it and refined it. This is not new and now that it is all out in the open we need to really pay attention here and look at the problem from the macroverse level and not just the myopic microverse that we in the industry tend to have. This isn’t just a technical problem it’s a sociological and psychological problem that we have to work on. Many say that there is no defense to social engineering attack but I do not ascribe to that. With the proper security education and awareness training anyone can defeat SE attacks. It just takes training like that which Dave Aitel thinks is pointless.

9/11 pointed out to the intelligence community that an over-reliance on technology failed to detect and stop the 19 hijackers from AQ. This failure was remedied by adding record numbers of assets post 9/11 to carry out HUMINT (Human Intelligence) and what we learned most of all that technology in itself is useless against human nature and a healthy dose of avoiding tech. It was tradecraft that allowed the plot to succeed even when their phone conversations were being tapped. I make this analogy because once again we are facing the same problem within the INFOSEC community as well as the government and military’s. The adversary is relying on human nature and we are relying on technologies created by humans. It’s a bad mix really and it needs to be re-evaluated to include more introspection on the people creating, maintaining, and using the technologies today. So far I am not seeing too much of this ethos being bandied about in the community and I think it is at our own peril.

I feel like it should be a catch phrase akin to the GHW Bush era’s “It’s the economy stupid” In my case though its more along the lines of “It’s not just the technology stupid” We have been myopic and we need to cut that out. The next shiny whizbang appliance is not going to stop that 3 star #click_sheep from opening the email addressed to him with the misspellings about how he has a package from UPS and needs to install this .EXE file to get it.

Derp.

K.

Written by Krypt3ia

2013/02/28 at 15:31

It’s The 90’s All Over Again.. Except This Time Online: Political Correctness and Human Nature

leave a comment »

Remember The 90’s and The PC Movement?

Ahh the 90’s… A time when things were good. The economy was booming, terrorism was, well, starting again having been in a lull since the 70’s, and we all were just zippidy doo da about life! Well most of us were. Others though, well, they were fretting over our collective moral souls because we were an inch from perdition’s flame from vulgar behavior and attitudes! That’s right kids, for those of you who were too young to remember, this is the time when the government started to think that they should control (but in the end label) the lyrics of songs or records because they could be harmful to children  and much more insidious things ensued. Step into the Wayback machine kids… Political Correctness The “Culture Wars” Culture Wars: The Struggle to Define America by James Davison Hunter Pat “Fuckin” Buchanan *shudder* It was a scary time kids, but then again, so were the 70’s and 80’s as well if you were around for them and cognizant of what was going on. It was this landscape though, the 90’s that really bears the most on the conversation I want to have with you all though. The 90’s where the technology today (internet) began to be prevalent and also a scary scary thing to the powers that be. Just as the times were changing socially, artistically, and most of all to me, musically, the technology also gave people an outlet as well as to some, a means of control, just remember the clipper chip and you’ll know what I mean.

In other areas though, there seemed to be this movement toward “right behavior” and conforming to norms that, well, rankled me and I am sure many others. At the time we had people like Tipper Gore trying to get things labeled as (R) or (Mature) because they could not outright ban it (re rap music/gangsta rap lyrics) I remember her and certain people throwing a kanipchen fit over the images and lyrics to Guns-N-Roses Appetite for Destruction as well. I mean, I listened to it and I am just fine… Right? So why all the need to censor things? Was it perhaps that too many people were not, oh, say, watching their kids and dealing with them? Perhaps letting the TV raise them? Heh. Well, many jumped on board and it made the 90’s a hell of a fun time. I had thought we had gotten past all this claptrap, but, it seems its all coming back and now, it’s all about “online” content too! Of course, there are those looking to do the old fashioned route again like Middleborough Mass, where they decided to put out an ordinance against swearing in public. You read that right, they will fine your ass $20.00 for swearing! Morons.

Being “Sensitive”

The other day I had to endure a “sensitivity training” I will not go into the reasons why we were being trained but I will extrapolate for you all the reason why I think we were there. The real reason we were there was to 1) CYA for the company and 2) because far too many people are not raised to be accepting whatsoever of anyone being different in our collective cultures. It is my contention that if you are unable to be tolerant of others differences now at adulthood, then you are the product of a poor upbringing and failed to learn anything in Kindergarten. It’s really as simple as that. However, because of the legal system and because of the overblown nature of what is considered PC corporate behavior today, people have to go through the basics of “Don’t be an asshole” training. Now, for me, this also extends to the laws being drafted today about cyber bullying. Granted, people are bullied (kids and adults) and some do in fact take their lives over it. This is sad and I really wish it upon no one, but, is it not the job of the parents or the person to just realize that these people are assholes and get over it? I mean, it’s the internet for God’s sake! We are ALL ASSHOLES and we had better learn this from a young age.

We all need to develop coping mechanisms and much of this should stem from good parenting. Instead I fear, we have all abdicated the parenting to the beige box and the intertubes as opposed to sitting with your kids and having real discourse and bonding. Regardless, now it seems that the Nanny state needs to get in on the act and create law to help sort it all out. It’s one thing to make something criminal, and another to attempt to force behavioral modifications on us all that may yet infringe on our first amendment speech rights in this country. I think we are at the tipping point here and with all the cyber hubbub over warfare and criminality, the congress critters have taken the reigns in their oft ill conceived ways and will likely fuck us all in the end with their swift pens of “justice”

Laws On Online Behavior, or Making Free Speech Criminal

The re-birth it seems of the PC attitudes of the past now has begun to spill into the internet and its “Wild West” of cussing and bad behavior. Once again, people are starting to stir up rhetoric to speed congress toward action against those horrible people who inhabit the internet. Once again, it’s certainly not the parents job to control their children online and certainly not the individual’s right to be as vulgar or maybe say, buy a exceedingly large soda in NYC it seems. No! We need the Nanny State to come along and control what we do for our own good! Meanwhile that same group of people is allowing “Cyberwar” to be pre-emptively acted upon even though we have no fucking clue as to how to defend against such attacks on our own feeble infrastructure.

Lately I have been hearing stories of people being told to remove their blogs because they have offended someone, case in point today came from some child blogging on how bad her cafeteria was at school! Holy WTF?! What the hell is going on here? Is this not free speech? Are we not in America? Oh, wait, SHE was in Scotland.. Ok, so the daily haggis was not to her liking, but trying to stifle the creativity and the opinion of the child was just ok? NO, it was and IS not! Nor should it be even thought of as acceptable that this happen in the first place.  It was even worse that a governmental body tried to pull this crap, and this is what I fear here in the states as well. How long til we have “free speech zones” on the internet one wonders?

Meanwhile, back to bad behavior and the internet. Like I have said before, its the “internet” and the intonation there is that “who the fuck cares?” No one should take it seriously. If someone says something bad about you to the world, well, say that it isn’t true. If it isn’t true and you get fired or something happens and you have a case, sue their asses. Otherwise, all this claptrap about lil johnny’s feelings being hurt should just stop. There are already laws about harassment on the books and those should be used or amended for use to arrest someone on stalking etc. However with all of the rush to get legislation on the books, it seems that other areas are being exposed to piteously stupid law making around freedom of speech globally. Now, I realize that it is a global community and many places do not allow free speech, but, I am only here to ring the warning bell.

DING DING DING!

Pay attention to what the Congress Critters are up to or soon enough you will find yourself having to deal with some bogus charge of swearing in public or online.

FUCK! ASS!

K.

Written by Krypt3ia

2012/06/15 at 15:47

Virtual Arkham: Explaining Anonymous, Lulzsec, and Antisec Animus in Our Digital Gotham City

with 12 comments

Personae Dramatis: The Rogues Gallery

In this post I would like to show you what I have been seeing with regard to Anonymous the other groups that have spawned from it. Increasingly over the last year or two I have been seeing analogies both literally, and figuratively between the forces at play and I feel that all of it is directly affected by the comic book world of Batman. The analogies that I am making come from observing not only the actions of the parties but also the methods that they use (down to the imagery in word and graphical) to get that message out to the masses.

In the case of Anonymous and their spin off groups, I have observed a shift in personalities that could be termed an evolution in motivations and thought. Generally though, the game plan seems to be just a general way for the groups to sow anarchy while feeding their narcissistic needs through media attention. This is the crux of the issue I think as the core groups don’t seem to be solely motivated by ethical or political change. Instead, it all seems to be focused on a few drivers;

  1. Lulz Just for the hell of it, or a desire for amorphous anarchy
  2. A feeling of power over other forces (government/law) that subsumes their feelings of powerlessness
  3. A need to fulfil the narcissistic tendencies by sowing havoc and seeing it in the media (like some narcissistic serial killers Denny Rader for example)

Equating this with the world of the Batman has been in the back of my mind for some time, especially since my dealings with Jester. His logo and his persona of the “joker” from the last Dark Knight film set the stage for me to start to think in this vein. A more recent video by the History Channel solidified all of this for me. The video, “Batman Unmasked: The Psychology of the Dark Knight” struck me as not only as being the zeitgeist of this article, but, also seemed to show a generation of comic book and movie goers that are internet denizens that want to emulate this last iteration of “The Joker” specifically.

The Heath Ledger portrayal of Joker seems to have been the catalyst to me, of many an internet anarchist. The media surrounding this being his last role as well as the way the character was re-written in this story arc, hit a common nerve with the masses. So much so, that seemingly, the Joker became the more emulated and lauded character in the story over its real hero, Batman. It is from this realisation that I derive the rest of the analogies made here. Of course these are gross generalities, but, I tend to think that given the recent activities (riots in the UK and flash mob thievery in the US as well as all the lulz) there is a strong correlation to be made.

First though, lets look at the Rogues Gallery that end up in Arkham Asylum…

Ra’s Al Ghul and The Shadow Assassins

Ra’s is a control freak. His agenda is to have order but his means to get that order mean subjugation of the masses and removal of anyone that does not conform to his sense of right and wrong. This order that he wishes to impose comes from his shadow assassins and their lethality without question.

The Riddler

The Riddler is a pure narcissistic criminal genius. His narcissism though, is usually his undoing as he cannot perpetrate any crime without leaving overt clues in an attention seeking pathology. It is this pathology, the need for the attention that drives him altogether and is his undoing.

The Penguin & The Joker or PenguiJoker

The Penguin (Societal and Governmental corruption) and The Joker (pure anarchy) are two rogues that have become one in this scenario. Within the world of Batman though, each attacks the order seeking to destroy it for their own ends. In the Penguin we have someone looking to corrupt the system. Meanwhile, the Joker, is pure anarchy diametrically opposed to the order (aka Batman) Joker’s need is fuelled by a nihilistic world view twisted with a good deal of insanity.

All of the Batman wannabes in hockey suits

Lastly, we have the Bat-men, the would be vigilante’s who want to be the Bat, but, don’t have the tools to really be of use. This character set was added from the last film (The Dark Knight) and I generally attribute to one player in the real world (if you call it that) version of Gotham Knights being played out on the internet. That individual(the afore mentioned jester) oddly enough aligns himself visually much of the time with “The Joker” but, he is more like the hockey suit wearing would be Batman.

Now that I have laid down the Batman’s Rogues Gallery, I will move on to the real world players and their motives aligned with my premise.

Anima & Animus:

The shadow, in being instinctive and irrational, is prone to projection: turning a personal inferiority into a perceived moral deficiency in someone else. Jung writes that if these projections are unrecognized “The projection-making factor (the Shadow archetype) then has a free hand and can realize its object–if it has one–or bring about some other situation characteristic of its power.” [3] These projections insulate and cripple individuals by forming an ever thicker fog of illusion between the ego and the real world.

C.G. Jung

According to Jung and even Freud, the darker side of the psyche can drive our actions solely by the shadow self. One can see hints of their theories in the actions of each of the groups we are talking about here. Even the subtle connections made from overt symbolism can be made through the icon of Antisec itself. As seen at the top of the page, the connections are there to be made between the characters of Penguin, Joker, and Riddler, even if the original core image came from another source altogether (V for Vendetta) I believe that the collective unconscious here latched on to the images of Riddler/Joker/Penguin and co-opten them, if they didn’t actually do so overtly and with forethought.

So, with all of this said, I will make the claim now that I believe the movements and the players have been created out of vainglorious motives and have not changed at all since taking on the mantle of ethical and political change through civil disobedience. To that end, here are the players aligned to their characters from the world of Gotham as well as their psychological underpinnings.

Anonymous: Ra’s Al Ghul and The Shadow Assassins

Anonymous started out as a group of people who inhabited the 4chan group but wanted to do something different for ‘entertainment’ This loose idea was co-opted when they began to commit civil disobedience for their own purposes either political or for the aforementioned entertainment value. Either way, their animus is wholly about the control which they can wield over others. This should never be forgotten, that the core of the group ethos has nothing to do with change or moral/ethical betterment. It is in fact all for their own enjoyment.

Lulzsec: The Riddler

Lulzsec came into being because they felt that the ethos and moral constructs of Anonymous were too weak and they wanted to escalate the ‘lulz’ for their own enjoyment. The take away here is that just being pranksters was not enough, instead they wanted to show everyone they were smarter than everyone else AND that they could do so and get away with it. All the while, they performed these acts in an exceedingly narcissistic way. A key player in this that has been caught would be Topiary. It seems that even in the face of prosecution he thumbs his nose at authorities as well as seems to be enjoying the limelight (philosophical book in hand for the cameras)

Antisec: The Penguin & The Joker or PenguiJoker

The love child of Anonymous and LulzSec are #Antisec. This agenda or perhaps subgroup (I tend to think there are cells of Antisec) has chosen a logo that decidedly shows the melding of at least two of the Batman Rogues Gallery (Joker and Penguin as you can see at the top of this article) This too follows into their attitudes about what they are doing and why they are doing it. They really have no rhyme or reason for what they do other than their own entertainment and attention. This is a classical narcissist behaviour  and by all communiqués laid out by LulzSec, they fully enjoyed their ‘voyage’ in the lulz sea.

Antisec also has a Penguin side to them too. By using the system against itself (i.e. using the governments lack of network and system security) they poke them in the eye by subverting their own data to shame them. This is a lesser characteristic as I see it, but it is still important to note as well as point out the imagery (homage) to the Penguin in their logo whether it was overtly done or by proxy of some unconscious connection made by the designer.

th3j35t3r: All of the Batman wannabes in hockey suits

Finally, we have the jester. A character who wants to be the Batman, but fails to actually affect any kind of real change in the battle. For all of the attempts made, the efforts fall flat and to date, nothing has been attributed to him that substantially made a difference against the Anonymous/Lulzsec movement. I believe he does this as well as his other DDOS actions out of a self described sense of helplessness. Jester makes the claim that he had to do something as he saw his comrades dying at the hands of Jihadists. He made similar remarks about why he was attacking Anonymous, as they were outing data that could harm those in the field of battle.

Either way, his motivations seem to be tainted with a bit of narcissism as well, seeking the attention of the media as he has in the past makes him part and parcel to the overall problem.

Escalation:

And so it goes on… The Anon movement has begat others who have agenda’s of their own (or perhaps pathos is a better word) As the movements lose interest in the day to day grind of operations, they will increasingly seek to up the ante. As the media winds down on them, they will need to seek even bigger targets and outcomes to end up back on the top of the news, all the while feeding their collective need to be the centre of attention. The flip side of this will be that the authorities, unable to cope easily with the problem at hand, will create new and more stringent laws that will harm us all. Though this will not matter to the groups.. Because this is unimportant to their end goal of satisfying their needs. It will keep going round and round and the outcomes are likely not to be good. There will be a lot of collateral damage and in the end, no one will have profited at all from it all.

End Game:

So what is the end game here? Will there be any good outcome from this?

Not if it keeps going the way it has been. More indiscriminate hits against targets without showing anything for it along the lines of showing corruption or malfeasance will only lead to more knee jerk reactions by authorities. I imagine some will be caught and tried for their actions, others will escape and perhaps go on to other things… Overall though, it will not make a better world. It will only have fulfilled the dsires temporarily of the ones perpetrating the acts against.. Well anyone and everyone.. Until they get put into Arkham.

K.

ウェブ忍者が失敗する : Dox-ing, Disinformation, and The Fifth Battlespace

leave a comment »

Digital Ninja Fail: ウェブ忍者が失敗する

The recent arrests of alleged key members of LulzSec and Anonymous have been called into question by the ‘Web Ninja’s‘, a group of would be hackers who have been ‘DOX-ing” the anonymous hierarchy for some time now. Yesterday, they posted the following on their page concerning the arrest of a man from the Shetland Islands who is purported to be ‘Topiary‘ by the Met and SOCA.

Now, this is a bold statement for anyone who really knows what they are doing in the intelligence analysis field. So, it is my supposition that these guys have no clue about what they are doing by making bold assertions like this. The data they have is tenuous at best and by making such bold statements, I have to wonder if indeed the so called ‘Ninja’s” themselves might not be a tool of anonymous to in fact sow that disinformation.

Here are the facts as I see them;

  • To date, the federal authorities have not questioned anyone who was DOX’d by the Ninja’s that I am aware of
  • The individuals who were DOX’d that were investigated by the authorities were in fact outed by LulzSec/Anonymous themselves
  • Adrian Chen has spoken to the person that the Ninja’s have fingered and claims that he (said person) went to the authorities himself. So far he is still not a suspect.

So, taking into account these facts, I would have to say that the Ninja’s have failed in their stated mission so far and I would suffice to say that if they are indeed a part of a disinformation campaign, then that too has failed. After all, the police seem to be ignoring the data put on the interent by the likes of the Ninja’s in favour of other tried and true tactics. The primary tactic as I see it, is grab one individual and then get them to roll over on their compatriots in the face of massive jail time.

This pretty much works all the time as we, as human beings, are most willing to sacrifice others for the self. In the case of the likes of LulzSec skiddies, I would have to say that the ages of the players, and their generational tendencies will allow them to cut deals pretty quickly. It’s my assessment that they are in it for the self gratification and lulz, not for the altruism that the LulzSec and Anonymous press releases have been trying to have one believe. My assumption is that if indeed the 19 year old guy they popped in Scotland is involved with LulzSec, and is in fact Topiary, he will roll over soon enough.

I also believe that these are all untrained operatives and they have made and will make more mistakes. I am pretty sure that the alleged “leaderless” group has leaders AND that unlike a true guerrilla warfare cell, will know the other players personal details. Essentially, they have had no compartmentalisation and they will all fall eventually though interrogation and deal making. As I said before, the insider threat to the organisation is key here, and it was this idea I think the Ninja’s had.. Well, at least that was the original idea of the Ninja Warrior. They were spies who infiltrated the ranks and destroyed from within.

So far with these guys.. Not so much.

Welcome To Spook World: Disinformation Campaigns and Intelligence Analysis

Now, on the whole disinformation thing, I know that the Lulz and Anonymous have said that they are using disinformation as well to try and create a smoke screen. Frankly, all of the intelligence out there that is open source is suspect. Maltego map’s of end user names as I have shown in the past can be useful in gathering intelligence… Sometimes. For the most part, if a user keeps using a screen name in many places and ties that name to real data, then they can be tracked, but, it takes a lot of analysis and data gathering to do it. Though, many of the foot soldiers within the Anon movement are young and foolish enough to just keep using the same screen names for everything so there is a higher likelihood that the data being pulled up on Maltego and with Google searches is solid enough to make some justified conclusions.

With the more experienced people though, there has been some forethought and they have protected their identities as best they could. What became their real downfall was that they could not rise above petty infighting and dox-ing each other. Thus you have the start of the potential domino effect on the core group as well as anyone who has any peripheral affiliation with the Lulz. Be assured, those who have been pinched are giving up as many names as possible as well as whatever is on their hard drives, Anon hacker manuals or not. All of these scenarios lead to the conclusion of more arrests by the authorities and even more skiddies getting into legal trouble around the globe. Meanwhile though, if the core group has been smart, then perhaps the leaders will skate for a time, using the masses as canon fodder.

Gee kids.. Did you know that you were all expendable?

On another tac, I would like to speak about the potential of the disinformation campaigns being perpetrated by the authorities as well. Consider that the trained professionals out there who are hunting these characters (Topiary, Sabu, et al.) are also adept at using not only the technologies of the fifth battlespace, but also the training afforded them in ‘spook world’ This means disinformation campaigns, mole hunts, and insurgencies of their own, getting to the inner core of Anonymous and Lulz. Now, that there were six (alleged) lulzer’s it would be more difficult to do, especially if those LulzSec folks really do know one another (as they claim they do not, which, I just don’t buy.. Remember the compartmentalisation issue) The agent provocateur’s are out there I am sure and with each rung of the ladder, they get closer to the core group.

That is unless the core group falls apart on their own and DOX’s each other out. In the end, I am going to suggest that the authorities will use all of the tricks of the trade on the Anon/Lulz folks to bag them… And with concerted effort by government resources, they will get their men/women.

Untrained, Unruly, and Unprofessional Operators:

“Discretion is the better part of valour” as they say, and in the case of the Lulz and Anon crews, they seem to not have a clue. Perhaps the Lulz think that by being unruly and unpredictable to a certain amount, will be just the cover they need, but, I think that their lack of discretion will be their undoing as well as their hubris. Had many of these folks had some real training, they might have just stood down for a while (not just a week or so) after setting sail into the sunset.

As I have said before, it was a bad idea to recruit and have comm’s out in the open on IRC servers even if they had ‘invite only’ channels. As is being seen now, someone (jester perhaps) has taken down their servers again after other outages due to Ryan Cleary’s attack and pressure from the government on those connection sources that the Anon’s were using. I am sure the idea was to have a movement that could also serve as diversion for the core users as well as to LOIC, but this all failed in the end didn’t it? The LOIC is what has given the FBI the 1,000 IP addresses as a hit list, so to speak, that they are now using to collect people and charge them for the DD0S attacks.

Had these people been trained or not been so compulsive, they might have had more of a chance to keep this up for a much much longer time. As I write, the Lulz do continue, but they have slowed quite a bit since the arrests started again. This I think is because the cages are starting to get rattled and people are finally coming to the conclusion that some discretion is needed to not end up Bubba’s play pal in prison. It’s a learning curve, and likely going to be a painful one for the kiddies.

Unprofessional actions within this area of battle will end up with your being put in jail kids.

To end this section I would also like to add this thought. My assessment of the Lulz core group is this;

  • They were drunk on the power of their escapades
  • The more followers they had and more attention, the less risk averse they became
  • They seem to have compulsion disorders (don’t say it.. Aspergers!) that seem to not allow them to lay low (until now it seems)
  • The ego has eaten their id altogether
  • Base ages are within the teens with a couple over 20

Technical Issues Within The Fifth Battlespace:

Another BIG issue within this battlespace is the technology. The Anon’s and Lulz have been ascribing to the idea of “Proxies, we haz them! So we’re secure!” and to a certain extent they are right. There are always ways around that though and certainly leaks in data (such as the TOR leaks that have happened) that could lead someone to locate the end user behind the proxy, so they are not fool proof. Certainly not if the fool in question is some skiddie 12 year old using LOIC un-proxied and not obfuscated while they D0S Paypal.

The problem is that the technology could fail you as well as the untrained operative could make small and large mistakes that could lead authorities right back to their IP and home accts. On the other side of that equation is that when properly done, it is damn hard to prove a lot in hacking cases because of obfuscation, as well as mis-configured end systems that have been hit. I cannot tell you how many times I have seen incidents play out where the target systems had no logging on as well as being completely un-secured, thus leaving practically nothing for a forensics team to find and use.

Once again, this brings us back to the insider threat, whether they be the insider who decides to go turncoat, or, the agent provocateur (i.e. Jester and the Ninja’s as well as others from the authorities) who infiltrate the Lulz and then gut them from the inside. What it really boils all down to is that in the end, it will be the foibles of the Lulz core and the actions of spooks that will bring them down.. And I think they are learning that very fact now.

JIN; One Must Know The Enemies Mind To Be Victorious:

As a last note, I would like to say to the Ninja’s, you need to learn and practice your Kuji-in. It is obvious to me that you have failed on the ‘Jin’ (knowing the opponents mind) with your dox attempts. Until such time as I see people being hauled in that directly relate to your documents posted, then I am going to consider the following to be the case:

  1. DOX-ing is mostly useless and takes quite a bit of analysis before just releasing names
  2. The Feds are not taking your data as gospel, nor should the general public or media
  3. You yourselves may in fact be a tool of Anonymous/Lulz and as such, spewing disinformation
  4. You could be right, but by releasing it to the public at large, you are letting the Lulz know to destroy evidence and create obfuscation that will hinder arrests later.

Ninja’s got results.. Not so much for ‘Web’ Ninjas. At least Jester, if his claims are true, is breaking their C&C channels lately.. Which has its own problematic issues.. Just like his meddling in the Jihadi area, but, that’s a story for another time.

K.

The Lulzboat Sailed The Internets and All I Got Was This Stupid Garbage File!

leave a comment »

That’s it? All we get is this stinkin garbage file?

Well, it seems that the Lulz are over for now as last night saw the Lulzboat sail into the sunset. In a post on twitter and a rapidly seeded file dump on Pirate Bay, the LulzSec collective decided to hang up their tophat claiming that they were basically going to pull a Costanza at the top of their game.

Within the torrent file the following parting words were sent:

Friends around the globe,

We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet. The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us.

For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It’s what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.

While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you. Even Hitler and Osama Bin Laden had these unique variations and style, and isn’t that interesting to know? The mediocre painter turned supervillain liked cats more than we did.

Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we’ve gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don’t stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.

So with those last thoughts, it’s time to say bon voyage. Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind – we hope – inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere.

Thank you for sailing with us. The breeze is fresh and the sun is setting, so now we head for the horizon.

Let it flow…

Hrmmm.. 50 days? Is there any real significance to this other than perhaps the party van was pulling up outside your doors and you had to dump the garbage file quick like? Honestly, the files that you dumped, while in sheer numbers of passwords and logon’s to a few sites is well, kinda weak. In short, there is nothing revelatory here. I mean, jeez at LEAST the garbage file in the movie had some interesting malware shit in it right?

The Files:

So, we have some AT&T data from inside that cover some frequency ranges, and some manuals, minutes from meetings etc that are kind of interesting. There is a scan of the FBI.gov site that shows a vuln, and they managed to add Pablo Escobar to the Navy jobs database.

Whoopee.

All in all I have to give the Lulzsec crew a big “MEH” on this as well as their other dumps really. Sure, they have pointed out that low hanging fruit is abundant on the internet, but, really, who in the security or hacking world did not know this? Further more, what does the average everyday end user care? I mean, if their passwords are stolen, they will reset them. If their money is stolen they are insured by the Fed… Is there a great hue and cry from the masses because Lulz were had by the general populace to have the Lulzboat crew hoisted on the yard arm?

Not that I have seen.

In short kidz, you have only served to amuse yourselves and others out there but if you had anything else in mind about bringing change to the scene, I don’t think you have succeeded. People are creatures of habit and sloth. Short of taking the whole system down for the count, nothing will be so epic as to make corporations secure their networks and perform due diligence. Those who have done so out of worry because of your antics will go back to their peaceful Luddite slumber.

Leaving So Soon?

So, on to your sudden departure from the scene. I have the feeling that as I had written about before, you were coming to realize that perhaps you could never be as clever or wily to evade detection and prosecution given your penchant for the dramatic you all seem to have. Your propaganda machine and communication channels were leaking, this you could see from the A-Team dumps.

You guys have tried variations of your names, you have attempted obfuscate as much as you could, but, in the end, your re-use of favored screen names was your undoing. You see, the jester has been scouring the internet (I am sure with help from others) looking for any connections to those screen names or iterations thereof. I myself have done this and came up with analogous data to what jester and others have posted. With each successive day, your true identities are being uncovered if they have not fully been as of now.

However, this re-use of nick names and ties to email addresses aside, you guys just were immature enough to do yourselves in with petty disputes and the use of non trustworthy assets. This whole outing of each other thing was one of the most stupid things I have seen. Sure, some of it could be digital chaff, with you trying to set out disinformation, but I think that is not the case. Your own hubris shall be the thing that ends up placing the party vans on your collective front steps.

Lets face it, you played the game of spooks and I think in the end, you will lose. In fact, I think that you should probably have been better off had you just gone off seeking some sharks with frikkin lazers on their heads in your volcano lair instead of playing with the fire that you have been. Once they do pop you, you all are going to see some very interesting things inside jail as the governments kluge together terrorism charges on you.

Your Legacy:

Well, I guess we will have to see if anyone decides to take up the Lulzsec mantle. For now, we all await the party van posse to pick you all up sooner or later. You have spawned some more fools though like Team Poison who want to up the ante with releases of data like old Tony Blair stuff… That was kinda lame too frankly and made so sense when they claimed to still have access.. Why dump what you have and then claim to still have access? If it was current, I am pretty sure they have yanked the plug on that mail server and ‘five’ has it.

Oh, did you take that into account? I mean, he is Tony Blair after all… They are MI5… ‘Expect them’

So where was I?… Oh yeah..

In all of your dumps you delivered nothing worth your or our time. You proved a point that SQLi is prevalent but who didn’t know this? You have proved that you were pretty immature and likely suffer from Asperger’s yourselves… Well that will be the claim that your lawyers make to the judge won’t it huh? I mean that is the mental illness du jour as excuses go for immature hacking antics today isn’t it? I don’t think that will work though, the government just doesn’t care, they will medicate you and then put you on trial. You see Asperger’s is not a form of insanity, and the insanity plea, as some of us know, is NOTORIOUSLY hard to use as a defense in court. Nope, you guys really actually suffer from inflated ego’s and too much jolt cola.. That’s my diagnosis, for what its worth.

So, yeah, legacy… Well, you certainly have tried to do your best imitation of SPECTRE, but instead you came off as Bighead. I am sure there will be others following in your footsteps, but, in the end I don’t think you have launched a new SPECTRE.

Nope, I expect your real legacy will be the creation of more draconian laws by the government as a backlash to your antics. Laws that will make all our lives a bit more less private and a lot more prone to being misused. I also expect that the lulz will continue, though at your expense once you are all caught and put into the pokey.

… And those lulz will also be epic fail.

K.

Anonymous, Not So Headless, Not So Resilient To Insider Threats

with 3 comments

Owen -> SmilingDevil: we lost a numbe rof servers last night
SmilingDevil -> owen: 😛 we need some more security.
Owen -> SmilingDevil: dude
Owen -> SmilingDevil: it forcved level3 to stop announing a /24
Owen -> SmilingDevil: it was in the gbps range
Owen -> SmilingDevil: doom alone got hit with 1 gb
SmilingDevil -> owen: gigabit or gigabyte?
Owen -> SmilingDevil: all leafs went down
Owen -> SmilingDevil: add it all up
Owen -> SmilingDevil: yeah huge
SmilingDevil -> owen: 😛 we need a hidden irc server for the admins.
SmilingDevil -> owen: that only they know about
Owen -> SmilingDevil: um thats called the hub
Owen -> SmilingDevil: 🙂
SmilingDevil -> owen: did they take that too?
Owen -> SmilingDevil: but anyhow
Owen -> SmilingDevil: we suffered alot of damage

Hello, My name is Hubris:

Well, it seems that the leaderless hive was actually co-opted by a small band of ‘leaders’ who were, by the account of one of their own (Ryan) power and fame hungry.

You don’t say!

The events that transpired last weekend with the ‘coup de tat’ as Anonymous called it, do not surprise me whatsoever. Ryan’s taking over of the servers with a small band of followers just proves out my theories about Anonymous not being a truly headless organisation. In fact, the further fact that a small group has in fact taken over, shows that no action, whether it be militant or social can be carried out effectively by a disparate group of individuals. Every putsch needs a set of leaders and followers.

Anonymous and those who run it either are too naive to understand this, or, they just want to deny it to get people to buy into the propaganda that they are truly an autonomous swarm and are self empowered. The truth of the matter seems to be playing itself out now for the world to see with this takeover.  As the articles out there state, and I have said in the past, there will always be people with keys to the kingdom such as Ryan. An operations manager or admin has to run the systems and maintain them. These people and those who they work with/for are definitely the biggest insider threats as Ryan has shown. In his case though, he leveraged his knowledge and access he had to overtake other systems, lock them, and effectively damage the Anon network from operating.

It seems that the actual hacks on Sony and the general tone of late from the “collective” (i.e. the core group who pulled off the HBGary hack) had become too much for Ryan and thus he pulled the plug. Frankly, I too have felt that Anonymous had become too big for its own britches of late and was waiting for more federal warrants to ‘van’ the kiddies. In the end though, it took one of their own to bring them down.. Which, seems to me I said before that all it will take is one of the core group to be ‘vanned’ and then become a CI for the Feds to bring the rest of them down. I mean, no one really looks forward to a federal case against them and perhaps pound me in the ass prison do they?

Given the choices, I am sure someone would easily go turncoat and give up names and data to save their own bacon. Perhaps its just a testament to the ineptness on the part of the Feds to not have gotten someone in the box and sweated it out of em.

The King is dead! Long live the King!

So, here we are, Anonymous has declared a DOX war on Ryan as of today and Ryan has effectively locked them out and shown them that no one should be trusted with the keys to the kingdom. The insider threat is the highest one.

Always.

While Anonymous’ core group re-groups, one wonders what will happen to this new splinter group that Ryan is setting up. Odds are in my book, that they too will also fall into the same behaviour eventually that Ryan and his pal’s decided they did not like. After all, most of these people are still kids. Kids with powerful tools and ideas that certainly have changed the game in many ways for corporations and individuals the world over. However, as kids, they lack the experience to adroitly handle all this power that they wield. They take on childish manners and slang, act out, and eventually start the backbiting as seen this weekend.

So how long will it be before thinq_ goes down the same path as Darth Vader as well?

Social Dynamics:

This is all a grand social experiment that is being played out on the Internet for all to see. No matter how many times the groups and their leaders may claim that they are leaderless and a collective, Anonymous will by their very human and social natures, gravitate toward a leadership modality. We are social animals who for thousands of years have had kings, strong men, and others who lead us. Hell, look at our society today, half the world just went ape over the marriage of royalty in Britain. Clearly, we have some inherent need or desire to be lead. Look as well as the cult of celebrity today. These people are ‘leaders’ if not by thought (because many are dullards) but by style or cool factors (perceived)

Hell, for that matter, we still have a ‘president’ here in the states. A king by any other name really. Sure there are limits to their power, but just take a look at what GWB did during his 8 years and tell me that wasn’t mighty king like. He was after all, “The Decider” Nope, no matter how many times you beat your collective chests and bleat out that you are a swarm, you are all still subject to human nature.

Face it kids.

Wash, Rinse, Repeat:

In the end, I predict that more ‘autonomous’ groups will arise. Each will be a faction unto themselves with de facto leaders that will either start the trend or will emerge later on. Thought leaders, action leaders, charismatic leaders. All of them will have their own agenda’s and eventually, will fall like every king or queen throughout history.

Wash, rinse, repeat.

K.

Written by Krypt3ia

2011/05/10 at 17:19