Lulzsec claim to have the 2011 uk census data.
Discussion
DWP said:
Are we surprised a 19 year old, beat the system? Dear God the incompetence is so huge as to be beyond satire.
not lulzsec, just ran an irc server which lulzsec had a channel on..from ttter:
FYI all members of lulzsec are safe. ryan Clearly has little to do with lulzsec besides running irc.lulzsec.org. Media needs to fix story
MikeGTi said:
What exactly do these hacking groups intend to achieve with their antics?
I take it that they all operate for a "cause"
...that of self-satisfaction I'd imagine
Just this week there was a story on BBC news about exactly that... "Why?"I take it that they all operate for a "cause"
...that of self-satisfaction I'd imagine
http://www.bbc.co.uk/news/technology-13605629
In a way, it does at least keep big business/governments 'honest' in that they do have to try to keep data secure and being constantly tested helps motivate them. What's less good, though, is when the defences fail and data is leaked. But I guess without the 'stick' there would be no motivation to keep security up...
...wait I've just realised the Gov probably doesn't give a st about losing my data. So they still won't care about using better security in future.
MikeGTi said:
What exactly do these hacking groups intend to achieve with their antics?
I take it that they all operate for a "cause"
...that of self-satisfaction I'd imagine
Well this is a very good question. While we cannot truly answer why they did it, it should be fairly easy to stop the majority of the intrusions.I take it that they all operate for a "cause"
...that of self-satisfaction I'd imagine
From what I can see, most of the breaches where data has been thieved (games co's etc.), have been done via very simple SQL-injection exploits in the main. It is fairly trivial to prevent this type of vulnerability with the smallest amount of preparation and configuration. What wasn't done via SQL is likely to be done using some other simple attack vector. Companies are not taking their responsibilities seriously. An additional 10-20% of effort and investment would probably stop 80% of the intrusions. No one is truly safe, unless they are not plugged in, and if you are targeted for a specific reason, despite the most advanced protection layers, there will be a chink somewhere.
The investment required is a classic conundrum. I've not managed to find anyone in the security industry who has come up with a workable solution, the problem in essence being: Management are advised to spend money on security, if they do so and the controls are implemented well, then the chances of an intrusion are greatly reduced. Thus, management then think that that investment was wasted - as there has been no discernible return, beyond 'not being hacked'. If the investment doesn't occur, then the chances of having a security incident are greatly increased and if (when?) it happens there will be internal recriminations of not investing the money. It's always a hindsight issue.
Tonsko said:
From what I can see, most of the breaches where data has been thieved (games co's etc.), have been done via very simple SQL-injection exploits in the main. It is fairly trivial to prevent this type of vulnerability with the smallest amount of preparation and configuration.
Or even the adherence to very basic programming good practice which costs absolutely nothing. Who on Earth still thinks it's a good idea to execute dynamically constructed SQL strings?carmonk said:
So where's the evidence they've actually got any data? All I see is a st ASCII drawing by some wispy-bearded pizza eater.
http://twitter.com/#!/LulzSec/status/83172089711964161@LulzSec The Lulz Boat
Just saw the pastebin of the UK census hack. That wasn't us - don't believe fake LulzSec releases unless we put out a tweet first.
Tis a laugh isn't it
"The teenager - named online as Ryan Cleary - was said to have been on his computer in the process of hacking the Serious and Organised Crime Agency when police came through his front door. The dramatic arrest came after a joint inquiry by detectives from the Yard's e-Crime Unit and the FBI."
http://www.thisislondon.co.uk/standard/article-239...
"The teenager - named online as Ryan Cleary - was said to have been on his computer in the process of hacking the Serious and Organised Crime Agency when police came through his front door. The dramatic arrest came after a joint inquiry by detectives from the Yard's e-Crime Unit and the FBI."
http://www.thisislondon.co.uk/standard/article-239...
I am happy to be wrong of course, but there is a difference between those who "claim" and those that "do". Although there are plenty of instances of organisations that do both, it is uncommon in general. Did a 19 year old hack all of these networks and systems? Possible, but not probable. The time taken to do this is extending and its likely that he (or his group) is behind maybe 1 or 2 of these.
Happy to be proven wrong, but its unlikely he has the census data too. In the community of hackers, proof is everything, therefore claiming things doesnt win kudos. Anyone can claim anything, its in the proof and at the moment there is no proof. Lets see what happens, but the details are unlikely to be known since he's been arrested.
What he can expect is an extended period on remand and then subsequent extradition to the US on hacking charges, followed by a nice stretch. I wonder if he was looking forward to being the prisoners bh for a few years?
Happy to be proven wrong, but its unlikely he has the census data too. In the community of hackers, proof is everything, therefore claiming things doesnt win kudos. Anyone can claim anything, its in the proof and at the moment there is no proof. Lets see what happens, but the details are unlikely to be known since he's been arrested.
What he can expect is an extended period on remand and then subsequent extradition to the US on hacking charges, followed by a nice stretch. I wonder if he was looking forward to being the prisoners bh for a few years?
number2 said:
I didn't get round to it for ages then eventually did it on-line. It took all of 30 seconds. Really not intrusive at all unless you don't like telling people you are caucasion/black/etc and have a job/don't.
No, I don't like telling the Govt anything. Frankly they know where I live as I pay council tax. What else do they need to know?off_again said:
I am happy to be wrong of course, but there is a difference between those who "claim" and those that "do". Although there are plenty of instances of organisations that do both, it is uncommon in general. Did a 19 year old hack all of these networks and systems? Possible, but not probable. The time taken to do this is extending and its likely that he (or his group) is behind maybe 1 or 2 of these.
Happy to be proven wrong, but its unlikely he has the census data too. In the community of hackers, proof is everything, therefore claiming things doesnt win kudos. Anyone can claim anything, its in the proof and at the moment there is no proof. Lets see what happens, but the details are unlikely to be known since he's been arrested.
What he can expect is an extended period on remand and then subsequent extradition to the US on hacking charges, followed by a nice stretch. I wonder if he was looking forward to being the prisoners bh for a few years?
Pretty much the case, I suspect. The bad lads can do things with DNS that make them extremely difficult to trace. Its unlikely a mastermind is going to be traced to somewhere easily extritable quite so easily and quickly. Cannon fodder or playing silly games with hack kit this boy.Happy to be proven wrong, but its unlikely he has the census data too. In the community of hackers, proof is everything, therefore claiming things doesnt win kudos. Anyone can claim anything, its in the proof and at the moment there is no proof. Lets see what happens, but the details are unlikely to be known since he's been arrested.
What he can expect is an extended period on remand and then subsequent extradition to the US on hacking charges, followed by a nice stretch. I wonder if he was looking forward to being the prisoners bh for a few years?
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff