Aaron Barr believed he had penetrated Anonymous. The loose hacker collective had been responsible for everything from anti-Scientology protests to pro-Wikileaks attacks on MasterCard and Visa, and the FBI was now after them. But matching their online identities to real-world names and locations proved daunting. Barr found a way to crack the code.

In a private e-mail to a colleague at his security firm HBGary Federal, which sells digital tools to the US government, the CEO bragged about his research project.

“They think I have nothing but a heirarchy based on IRC [Internet Relay Chat] aliases!” he wrote. “As 1337 as these guys are suppsed to be they don’t get it. I have pwned them! : )”

But had he?

http://www.wired.com/threatlevel/2011/0 ... mous/all/1

Love it

Still reading the article, but paused to come in here and say this is as hilarious, as it is bizarre!

Definitely bizarre.

Interesting read, and more than a little bit funny.

Barr has hoooge ego problem.

Stir up a bunch of hackers just when your company is trying the find a buyer. Smart.

Anonymous hacktivists: We've got Stuxnet code

A member of Anonymous claims to have taken possession of code for the infamous Stuxnet virus.

Topiary, an online activist affiliated with the 4-chan-spawned internet coalition, claimed on Twitter to have gained possession of the malware. He said: "Anonymous is now in possession of Stuxnet – problem, officer?"

Anonymous claims to have lifted the source code during a high-profile hack against HBGary, a security consultancy that was trying to identify senior members of the group. HBGary's email database was siphoned off and posted as a torrent during the same attack.

Later, another Twitter account affiliated with Anonymous posted links to what purported to be a partial decompile of Stuxnet.

Even if Anonymous had possession of the Stuxnet source code, it's doubtful they would be either able or motivated to do anything with it. The highly complex code might be adapted to attack other industrial control systems, at least in theory, but that hardly fits with anything Anonymous has done in the past.

Stuxnet is blamed for setting Iran's nuclear program back by months if not years after it infected the industrial control systems at its nuclear facilities, causing high-speed centrifuges to speed up and slow down abnormally and thereby causing high failure rates. The sophisticated and highly-targeted malware is widely rumoured to be the fruit of a joint US-Israeli operation.

Security watchers are sceptical about the claim that Anonymous actually has the Stuxnet source code. Snorre Fagerland, a senior threat researcher at Norman, writes in a Twitter update: "Anonymous only have Stuxnet binaries and disassembly. Not the original source." ®

http://www.theregister.co.uk/2011/02/14/anon_stuxnet/

Seems a bit silly to say you've got it (if they actually do). Hell, even if they don't have it, it's more ammo for their more powerful critics

Exactly. It is unlikely to have copyright of the CIA or Mossad in it. Also they also have kill squads for those that they dislike. No reason to upset either. If you are anti american then you are completely redundant at the moment because the Americans are doing a wonderful job of destroying it without outside help. Wikileaks is barely a pimple in their problems right now.

HBGary Federal Spied On Families And Children Of US Chamber Of Commerce Opponents

from the lovely-folks dept

The story of HBGary Federal keeps getting worse and worse. After threatening to reveal the "leaders" of the leaderless group Anonymous, the company's servers were hacked and emails released, exposing a bizarre plan to intimidate Wikileaks critics to get them to stop supporting the site, and to plant false information. A few days later, it came out that HBGary Federal (along with partners Palantir and Berico) also had proposed a similar campaign to help the US Chamber of Commerce silence critics. New reports show that HBGary Federal boss Aaron Barr apparently went so far as to "demonstrate" his ability to intimidate people by using social networking info to dig up information and photos on people's families.

In fact, in a bit of bravado, he even used the same tactics to reveal info he was able to glean about the family of one of the lawyers, Richard Wyatt, who had contacted HBGary Federal from the law firm/lobbying firm of Huntoon and Williams, in looking to secure their services for both the Bank of America anti-Wikileaks campaign and the US Chamber of Commerce anti-critics campaign:

I still don't think that hacking HBGary Federal's email was the right move, but if anyone has ever come close to deserving such treatment, it seems like Barr may be in the lead.

http://www.techdirt.com/articles/201102 ... ents.shtml

Pics and links above... Barr really does think he's some sort of master psychologist , doesn't he?

Anonymous victim HBGary goes to ground

http://www.bbc.co.uk/news/technology-12481803

They're obviously not that good are they?

Well the company could not really survive after that. Probably no loss to humanity or society. The fact that this company were spying on kids should put the staff on the sex offenders register.

You couldn't believe a word from HBGary, so I'd have my suspicions about emails being 'changed' and threats...

Well maybe his is saying it to cover up his own incompetence.

As it said quite clearly on his website; "It would appear that security experts are not expertly secured". I thought that was a nice turn of phrase.

More HBGary Federal Fallout: The Government Wants To Buy Software To Fake Online Grassroots Social Media Campaigns

from the ipropaganda dept

The latest in the long line of revelations from the HBGary Federal email leak, is that HBGary Federal wanted to create software that could make it easy for staffers to create and maintain a massive number of fake online social network personas, allowing them to control virtual armies of totally fake people, whose only mission is to spy on others and spew paid-for propaganda. But, what's even more amazing is that not only did the emails reveal HBGary Federal employees talking about building a platform for letting people more easily manage an army of fake personas, but that the US government put out a request for exactly that kind of software last June, with its request for "Persona Management Software."

Software will allow 10 personas per user, replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user's situational awareness by displaying real-time local information.

The request appears to come from the Air Force, and the idea is to use such a tool in Afghanistan and Iraq... but if the government has such tools, is it really that big of a stretch to see them using them in other contexts as well? While I do wonder how effective such a tool really is, the idea that it can pretty successfully build up "friends" using social media, and then use those for propaganda purposes seems just wrong. It seems that even the folks at HBGary Federal were somewhat perplexed by this government opportunity, with one employee sending around an email that said, simply: "WTF Dude?" while someone else questioned whether it could really be serious.

Of course, once again we're seeing HBGary Federal in the middle of a plot that sounds like the script of a bad movie. Still, the question remains: are these kinds of actions par for the course, or did HBGary Federal's boss spend way too much time watching crazy SciFi movies and using them for inspiration?

http://www.techdirt.com/articles/201102 ... igns.shtml

I can't imagine it working too well (the net's a bit too dynamic for that), but it just shows you the intent...

HBGary's nemesis is a '16 year-old schoolgirl'

http://www.theregister.co.uk/2011/03/17 ... interview/