Posts tagged Anonymous
Barrett Lancaster Brown, best known as the so-called former mouthpiece for the hacker collective Anonymous, is sitting in a jail cell in Texas. For the past eight months, Mansfield Law Enforcement Center has been home for the journalist and activist now known as Prisoner 35047177.
Three hots and a cot will continue to be his routine at least until September, when he is scheduled to stand trial on 17 charges, including allegations that he threatened an FBI agent and committed identity theft and credit card fraud.
The slightly built 31-year-old former heroin addict denies the charges. What he does admit is that he used his hacker connections to look under rocks and uncover what he considered evidence that the U.S. government was using private security companies to clip the wings of Internet activists and sympathetic journalists.
Brown: I Wasn’t A Hacker
Brown’s sometimes questionable behavior and affiliations make him a confusing and polarizing character. He claims he never hacked anything, and we’ll probably never know with certainty exactly which details in his story stack up, or what involvement he had with Anonymous’ core hackers.
There doesn’t seem to be much evidence Brown was involved in any actual hacking, despite his connection to both Anonymous and his obsessive interest in federal security contractors. But his outspokenness, drug history and outlandish claims make him unsympathetic and hard to believe — an unlikely poster child for Internet freedom. And his unbalanced, over-the-top YouTube rants — more on those below — made him an easy target for the feds.
What we do know is that in early 2011, Anonymous targeted a security contractor called HBGary Federal and its CEO Aaron Barr after Barr publicly claimed he’d infiltrated the hacker collective. When Barr threatened to reveal the identities of Anonymous members, the group hacked straight into HBGary’s servers, stealing 70,000 company emails.
Brown, through his affiliation with Anonymous, then posted a link to those hacked company documents on a public website called Project PM and wrote about his findings for the U.K. Guardian. Brown, who seems to have been conducting an obsessive investigation of both HBGary Federal and Stratfor (another security contractor hacked by Anonymous), claimed the material proved that the companies were hired by the government to monitor and shut down various online activist groups. In particular, he alleged that HBGary was working with high-level government agencies to feed fake information to WikiLeaks.
The aftermath of the HBGary episode led to Barr’s unceremonious departure from the firm. Brown would later claim on YouTube that Barr’s well-connected friends then mounted a federal vendetta against him.
In The Feds’ Crosshairs
Brown, one of the few public figures available for authorities to target for the activities of Anonymous, is basically a fall guy for the hacker collective. He faces 100 years behind bars if found guilty on all counts. And right now he’s stewing in a cell where he may be getting less than proper care. In a Pastebin message from last September, Brown claimed he did not receive appropriate medical attention for crushed ribs suffered during the FBI’s raid of his home.
Between his connection to Anonymous and his obsession with digging up dirt on the national security state, Brown pinged up on the feds’ radar pretty quickly. He was first indicted last year after allegedly threatening federal agents. He was arrested, then subsequently indicted a second time for allegedly linking to stolen documents from Stratfor that included credit card data.
The third indictment involves an obstruction charge of concealing evidence, wherein Brown allegedly hid two laptops when federal agents stormed his mother’s home in a raid. The laptops were eventually found and confiscated. The alleged threats and credit-card charges led prosecutors to push for a life sentence.
In some ways, Brown’s muckraking wasn’t all that different from what many journalists have always done, updated to employ digital tools. Reporting based on leaked documents — which, of course, aren’t usually authorized for release — is as old as investigative journalism itself.
But Brown pushed the boundaries, and his drug history and proximity to the hacker community made him more vulnerable than other rabble rousers such as columnist Glenn Greenwald. Brown wasn’t a staffer at a major publication, and his own blistering public statements and threats, on both television and YouTube, gave the government all the motivation it needed to take him down.
Barrett Brown’s Incendiary Videos
Major news organizations like the New York Times and The Guardian both describe Brown as a victim of persecution. And in many ways he is, although some of his alleged actions are criminal by definition, such as threatening the life of a federal agent.
Brown’s legal troubles began when his mother’s Dallas home was first raided in March of 2012. At that time, the feds confiscated his laptop, and by his account terrorized his mother and sent his life into a downward spiral.
After the raid, Brown took to the Web to tell his side of the story. On Sept. 11, 2012, Brown posted a trio of videos lashing out at perceived enemies:
At around the 12:00 mark of video number 2, Brown says that the FBI views him as a bad guy, and that he’s going to prove in the court system just how bad of a guy he is. About a minute later he demands that the FBI return his laptop, notebook and Xbox.
In the third video, shot and released a day later, Brown brings up his heroin addiction and subsequent move to suboxone, a narcotic used to treat oppiate addiction. At around the 12:00 mark of this video, Brown warns that he is armed and has been trained to shoot, saying if any FBI agents come to his home, particlary one agent that really irked him for allegedly harassing his mother:
I will shoot them and kill them… I have no choice left but to defend my family, myself, my girlfriend, my reputation, my work, my activism, my ideas and the revelation that my friends are going to prison so we can have a chance to get out for other people. So they would matter. And frankly, you know, it was pretty obvious I was going to be dead before I was 40 or so, so I wouldn’t mind going out with two FBI sidearms like a f***ing Egyptian pharaoh. Adios.
Hours later, while on a live feed on TinyChat, Brown’s home was raided and he was arrested. The whole thing is captured in this almost surreal video:
Since his arrest, Brown’s mother Karen has also been targeted by authorities. She pled guilty to obstructing the execution of a search warrant, and now faces up to a year in jail and a $100,00 fine. Sentencing has not yet been scheduled.
Brown has gotten some support from the Internet community, but nothing like the outpouring for the recently passed Aaron Swartz. Anonymous created a White House petition to stop his prosecution, but the reprieve didn’t come close to getting the required 100,000 signatures by the April 20 deadline. Supporters have built several sites to educate the public about his plight, the timeline of his case and to help raise money for legal representation.
Hard Times For The Fall Guy
Brown’s supporters have raised about $20,000 for legal fees, and Brown has a new team of lawyers replacing his previous public defendants. But the court had up until last week frozen Brown’s access to those funds, which meant that Brown’s new legal team of Ahmed Ghappour and Charles Swift were essentially working pro bono. But that all changed last Wednesday when the court allowed the transfer of funds to pay for the lawyers’ travel expenses and fees.
It’s still a long way to Brown’s September trial, which could end up conflated in public perception with two other prominent hacker prosecutions. There’s the case of Matthew Keys, the journalist facing a $750,000 fine and jail time for allegedly feeding passwords to Anonymous members who then defaced the Los Angeles Times‘ website. Andrew Auernheimer, the hacker also known as Weev, is also appealing his sentence of more than 41 months in prison for his role in a 2010 hack of AT&T.
All of these cases are related to the much-maligned Computer Fraud and Abuse Act (CFAA) the outdated law that has led to a number of questionable prosecutions — often of activists like Aaron Swartz rather than actual computer criminals. By the time Brown’s trial gets going, there could be government movement to reform the poorly constructed law.
Prosecuting Brown Won’t Stop Hacking
The federal case against Brown, once you understand the details, doesn’t pass the laugh test. It turns hyperlinking into a crime akin to breaking into secured computers and casts loose and admittedly unwise Internet soapboxing as criminal conspiracy against federal agents. And it turns one link into 11 separate charges of alleged identity theft.
Arresting hackers and fringe collaborators doesn’t seem to be slowing the tide of cyberattacks. The last 12 months have seen some of the biggest cyber attacks on record. Denial of service attacks are up 12% since 2011, according to data from the security firm Arbor Networks. If the government really wants to stop hacking attacks, it needs to focus more on the actual perpetrators and less on show-trial prosecutions of peripheral figures like Brown.
Which isn’t to say that Brown himself deserves to get off scot-free, just that his proposed punishment should fit his alleged crime. No matter what the circumstances, once you threaten the FBI, the feds are pretty much guaranteed to come down on you. And even Barrett Brown should have known that.
Photos courtesy of Shutterstock, Twitter
View full post on ReadWrite
Anonymous has called for an Internet blackout to protest CISPA, the much maligned cybersecurity bill that threatens your privacy more than it protects it. But without the support of Reddit, which co-sponsored last year’s SOPA blackout, the Web isn’t listening.
About 200 hundred sites have joined the #CISPABlackout today in protest of CISPA, which last week passed the House of Representatives. That may sound like a big number, but the list mostly consists of small sites within the hacker community. That’s a big contrast to the last year’s SOPA protests, which drew support from huge organizations like Google and Wikipedia.
— Anonymous (@YourAnonNews) April 22, 2013
Exceptions include the nonprofit Fight for the Future, which has tweeted solidarity but has not blacked out its site. Another is Stan Lee’s Comikaze, the comic book convention backed by the former Marvel Comics head honcho, which has blacked out its site.
A Reddit Divided
Reddit itself appears conflicted over the CISPA blackout. Some Reddit sections, aka subreddits, have switched their background color to black and added a CISPA protest banner and link, but have stopped short of a full blackout that would inconvenience users by obscuring links. As of about 11am PT, subreddits including “pics,” “politics,” “funny,” “askreddit” and “technology”) have black backgrounds, although their listed links remain visible in the foreground. Reddit’s front page and subreddits such as “news” and “worldnews” remain un-blackened.
It’s a clear case of the hacker collective overestimating its influence, as my ReadWrite colleague Dan Rowinski suggested to me in chat earlier today. “Without Reddit, it is just Anonymous proclaiming something into its own echo chamber,” he wrote.
It also doesn’t help that Internet firms themselves are divided on CISPA. Microsoft and Facebook may have recently walked back their support for the bill — which, by the way, faces a veto threat from President Obama — but Google hasn’t taken a position. And a rogue’s gallery of telcos, ISPs and other tech firms support CISPA.
CISPA threatens our privacy by essentially giving the government a blank check to monitor all of our online communication, without a warrant. So a sign of solidarity blacking out the Web would be a good thing. But it seems the collective isn’t as influential in garnering support as it is when its making cyberattacks. Which is too bad, because this mission would actually be a good thing.
Below is a video from Anonymous explaining more about the blackout:
If you want to contact your local senator or congressperson, check out this list of contact information from Anonymous. Here’s some background on Anonymous’ plans and how you can further support the blackout.
Lead image via Imgur, although it’s circulating across the Internet and its provenance is unknown
View full post on ReadWrite
While you were sleeping last night, Anonymous hacked into the U.S. State Department’s website, reportedly in the name of fallen comrades Aaron Swartz and recently arrested members of LulzSec. Personal data – including names, email addresses and phone numbers of hundreds of State Department staffers – were leaked online to the ZeroBin website.
— Anonymous (@YourAnonNews) February 20, 2013
The group also allegedly hit the investment firm George K. Baum and Company, which has ties to Stratfor, the private intelligence service that worked with the CIA (another former target of the group).
Did you know this: dazzlepod.com/stratfor/?emai…That Investment Bank is linked to Stratfor
— OpLastResort (@OpLastResort) February 19, 2013
In that attack, Anonymous also published the account data and transaction information of the bank’s users. The OpLastResort Twitter account says the death of Aaron Swartz is the reason behind the group’s focus to target the government with such ferocity. “This tragedy is basis for reform of computer crime laws and the overzealous prosecutors,” they write on the group’s Twitter bio.
But in an ironic twist, “Operation Last Resort” may have very unintended consequences.
Will this attack finally wake up the sleeping giant that is the United States government?
The threat of online security is very real, and the result of this newest action could truly galvanize lawmakers and previously unsure Congressmen to support the dangerous CISPA bill and introduce even harsher Internet laws. This kind of overreaction could cause more damage than the attacks themselves.
With this attack following on the heels of Anonymous defacing sites owned by MIT, the United States Sentencing Commission, the Federal Reserve and a failed hit on broadcasts of the State of the Union speech last week, the wheels for enacting Draconian laws may already be in motion. Anonymous, which champions Internet freedom, may have just pushed the Web down a dark shaft.
Making matters worse, is what’s still in the arsenal of the online activist group. Anonymous claims to possess “warheads,” codes to unlock encrypted files said to contain sensitive government data, allegedly obtained during the January 25th hack of the U.S. Sentencing Commission site.
Under Obama’s new cyberlaw mandate, these actions are all cyber threats and punishable by severe action. How far is the government willing to go to stop these attacks, and what will the ultimate effect on all our civil liberties be?
Image courtesy of Shutterstock.
View full post on ReadWrite
You now can get hauled into federal court in the United States for sharing a link in a chat room, apparently.
Barrett Brown, the journalist covering Anonymous-related activities for news outlets like The Guardian, was charged late Friday with 12 charges including linking, identity theft and fraud related to the Stratfor Global Intelligence hack.
The indictment reads, “in that Brown transferred the hyperlink ‘http://wikisend.com/download/597646/stratfor_full_b.txt.gz’ from the Internet Relay Chat (IRC) channel called ‘#AnonOps’ to an IRC channel under Brown’s control called ‘#ProjectPM,’ said hyperlink provided access to data stolen from the company Stratfor Global Intelligence, to include in excess of 5,000 credit card account numbers.”
Brown, who’s also writing a book about Anonymous, shared a link that thousands of people have shared before him. Brown is not charged with hacking into Stratfor, mind you, just linking. In fact, Brown’s involvement with Stratfor was more as a press laison than anything else.
As someone who has been in and around Anonymous since 2008 as either as an activist or journalist, Brown’s indictment is downright terrifying. I’m not the only one that thinks so either.
Gawker’s Adrian Chen called this indictment “frightening because it seems to criminalize linking,” and he’s right. There is nothing in the language of the indictment that clarifies when it is okay to link to documents Anonymous puts publicly online.
I’ve linked to “stolen information” countless times in articles I have written about Anonymous activities, and I know of other journalists and bloggers who have done the same. Besides articles, I’ve also retweeted Anonymous posts, posts that contained information that could be classified as stolen. There is nothing in Brown’s indictment that clarifies whether sharing links in this manner is illegal either.
“Worryingly, there is no specific information to indicate what, if anything, differentiates Brown’s behavior from that of any Twitter user simply retweeting the link to those files,” wrote Lorraine Murphy at The Daily Dot.
Who else retweeting dodgy information will be arrested?
Immediately following news of Brown’s indictment, Internet activists, journalists and bloggers protested by tweeting the link that got Brown arrested, under #RightToLink.
Asher Wolf, an online privacy advocate and creator of CryptoParty, led the charge with:
— Asher Wolf (@Asher_Wolf) December 8, 2012
It has been tweeted more than 230 times. Many #RightTo Link tweets argued that criminalizing hyperlinking and sharing hyperlinks infringes on free speech, but the hashtag failed to draw many First Amendment activists. As of Monday evening, #RightToLink had collected just under 1,600 individual mentions according to Topsy. One of my favorites tweets, as it encapsulates the fear, comes from VinceintheBay:
“It’s a slippery slope. What’s next? No copy + pasting? No control + F? No right clicking? WTF?! #RightToLink #WarOnLinks”
VinceintheBay’s tweet may seem hyperbolic, but there is the Richard O’Dwyer case to consider. The feds tried for two years to extradite O’Dwyer, a British citizen, for creating a site that linked to copyright-infringing material (a.k.a. Hollywood movies). Unlike Kim DotCom’s Megaupload, O’Dwyer’s TVShack never hosted actual content — it was a link aggregator like Reddit.
O’Dwyer managed to avoid extradition last week by signing an agreement to pay $32,000 to “victims whose copyrights were infringed by TVShack,” a sum which represents the profit O’Dwyer made from ad sales on his site.
Will Brown be as “lucky”?
Image courtesy of Barrett Brown’s YouTube channel
View full post on ReadWrite
On September 25, Todd Mintz wrote an article titled “The Stench of Anonymous Blogging” on Marketing Pilgrim. It’s a well-written post, and Todd makes a ton of good points. Transparency, accountability, and authenticity are all important in the world of search marketing. There are plenty of professionals with good advice that write under their real [...]
View full post on Search Engine Journal
Email addresses are the keys to the kingdom of all our personal data. It’s too bad we had to relearn this lesson last week when Wired’s Mat Honan had the crap hacked out of him. A foolproof way to limit your exposure to such attacks is to sign up to different services using as many different un-guessable email addresses as possible. On Tuesday, an app I’ve been using called Gliph made that really easy to do. Here’s how to set it up.
What Is Gliph?
Gliph is like a Guy Fawkes mask for your online identity. It’s a free app for iPhone, Android and the mobile Web. You can use it to send encrypted text messages to other Gliph users with as much or as little personal information exposed as you want. And starting today, you can also use it to send and receive email to anyone through your regular email client without ever exposing your identity or information.
Not only can you use Gliph email to sign up for other services without exposing yourself to a hacking, you can use it for Craigslist transactions or any other kind of temporary encounter where you want to exchange contact info.
You could accomplish a similar thing by setting up a bunch of new email addresses on free Web-based email services. But with Gliph, email addresses are easy to create and delete, your emails sent via your addresses all come to one location, and you don’t have to log into multiple services to access different email accounts.
Step 1: Claim A Gliph
Instead of picking a user name when you sign up for Gliph, you get to create a string of three to five icons that represents you. Have fun with it!
Step 2: Create A Cloak
You get one free randomly generated email address when you sign up for Gliph. The addresses don’t have anything to do with your Gliph name; they’re something like
email@example.com. In Gliph, you can add a note, like “signup for Dumb.ly app,” so you can remember what that email is used for.
Step 3: Email To Your Heart’s Content
You can now send cloaked email to any address. None of your information is exposed to the recipient, not even your Gliph symbols. They only see the randomly generated Gliph email address.
When the recipient replies to that address, Gliph forwards the message to the email address you used to sign up for Gliph. So if you gave Gliph a Gmail address, that’s where you’ll get the responses. If you reply from there, the message will be routed through Gliph, so it will appear to come from your cloaked address.
Make sure people on both sides check their spam filters if messages don’t appear. In our tests, Gmail allowed the messages through, but Outlook.com mail filtered them out.
Remember: Unlike Gliph-to-Gliph messages, which are encrypted and remain inside the service, the content of these emails is not secure. Not only is it exposed to the recipient, the replies are sent directly to the email address you provided to Gliph, which may not be secure, either.
Your email address, and thus your identity, will never be exposed when using cloaked email from Gliph. But you can’t assume that the words in the message will be kept private, too.
How To Get More Cloaks And Enable Attachments
Your cloaked email address will stick around, but if you want another one, all you have to do is successfully invite someone to join Gliph. That’s not just a gimmick; it’s great to have trusted friends and contacts on Gliph because that lets you communicate with them using the totally secure, encrypted messaging it offers. It’s also great for journalists and sources to protect anonymity, for example.
Once you’ve gotten five people to sign up for Gliph through your invitations, your account gains the ability to add attachments to cloaked emails sent from Gliph, even for cloaks you already had.
View full post on ReadWriteWeb
The digital music space is flourishing, yet at the same time, it remains fractured by a multitude of separate services and apps.
It’s a problem that hacktivist collective Anonymous blames on the dominance that major labels still exert over the industry. The solution, the group says, is what it calls a “fault-tolerant and open platform for social music.”
In a white paper with that very title, the group outlines its vision for how music could be consumed in the future. While they have historically come to the defense of piracy-related sites and organizations, Anonymous isn’t advocating copyright infringement. Instead, they want to disrupt the music industry by providing universal access to legal music from a single interface.
It’s an endeavor not unlike the open source desktop music app Tomahawk, which scans one’s local library and then augments with tracks from sources like SoundCloud, YouTube, Spotify and Ex.fm.
Anonymous’ solution is a Web-based app called AnonTune. The concept is quite similar to Tomahawk, albeit with a much more crude user interface. The project is nowhere near completion, Anonymous concedes, but once it’s finished the creators envision it upending the digital music space by breaking down the walls between legitimate sources of music from across the Internet.
An Olive Branch to Copyright Holders?
Even though Anonymous isn’t taking an overtly pro-piracy position, and even comes close to sympathizing with the industry’s desire to eliminate illegal downloading, it’s hard to imagine the RIAA and major record labels embracing what the hacktivist is trying to do.
Even so, AnonTune is designed to avoid legal liability by not hosting any content but rather pulling it from third-party sources. If an unauthorized song from YouTube shows up in AnonTunes, that’s Google’s problem, the group reasons.
One of the things that makes Tomahawk so comprehensive is its ability to plug into Spotify’s massive library of music, assuming one has a paid account with Spotify. Given the stake that the major labels have in Spotify, it wouldn’t be shocking to see the service deny the AnonTune Web client access to its library, if it can help it.
Right now, the project’s biggest handicap, other than limited content, is the design of its UI. To be frank, it’s hideous. This presumably will be addressed as development moves forward, especially if they want this to be something the average person is willing to use.
There are also some security concerns due to the app’s reliance on Java to run, but the developers have denied that their approach presents any security issues.
If things work out and the platform turns out to be viable, the people behind it believe it could “facilitate open research and innovation into the music listening experience.” It could take concepts such as Pandora’s Music Genome Project to the next level using things like biometric feedback and sentiment analysis of music.
Sound ambitious? These are some high-minded goals. But perhaps they’re not too far off if Anonymous is indeed onto something with this.
View full post on ReadWriteWeb