LulzSec, Anonymous, ICE, FBI and users Part III

Posted on by

Get caught up on this series Part I, and Part II.
So I’ve been talking about these four groups and how they have been interacting. However, these groups are not interacting in a vacuum. Theses groups are either hacking governmental organizations or they are hacking corporations.When Anonymous and LulzSec (or any other hacking group) goes after a company, they are trying to get one of two things, some times both, either user data or  some sort of dirt on the company itself.

User information can range from names, locations, email address to IP addresses and credit card information. Since these guys are going after big companies, like Sony, Blizzard, and other gaming companies, they are most likely going after as much information as they can get their hands on. When it comes to dirt on a company, they go after big companies and small alike. They went after Bank of America in an attempt to reveal improper behavior to punish someone for the financial mess we’re in. Small companies like HBGary was a bit of a grudge match. HBGary claimed that they were able to bring down all of Anonymous, which pissed the group off. HBGary was hack and completely discredited and also showed a lot of nastiness going on in the security world in general.

In some ways it’s pretty obvious how stealing using information impacts the user. Recently, Sony’s PlayStaion Network was down for a month, because of the security breach, which included some 1.3 million user’s information being stolen including credit card information. In another case a game called Brink was hacked and 200,000 users information was stolen.

So, obviously these guys are in the wrong right? Well, yes and no. They think they are completely in the right here. They could have been doing all these things and not made it public. Just stole the information, then sell it to someone and make a lot of money from it. Or perhaps use it themselves. In some cases they did that. Anonymous ordered about 100 pizzas to a Sony Executive’s house. In fact, Sony is currently being sued for the weakness of their network. We would not have known about it, without the hacker attack.

The US government is fighting back and taking down servers which have obvious impacts on users and hosting agents at the same time. However, both ICE and the FBI feel they are 100% in the right based on the law. ICE firmly believes that it has the required authority and rights to take down websites, and the FBI feels it can take whatever servers it needs to find these guys.

It’s the immovable object versions the unstoppable force, with the regular internet users in the middle. Most users won’t notice unless some website they are using goes down, or they find out their card has been hacked. Users that play games, watch movies, and create content have the most risk in this battle.

How can users mitigate their risk? Well, the best thing to do is to get a specific online credit card that has a low limit that will cover your gaming and general online purchases. If you’re only spending $10/month on games then get a card that will have a maximum of $100 or something like that. Minimize the number of credit cards you use online, and try to avoid using debit cards as much as possible. Additionally, try to create difficult passwords, something with multiple capital letters, numbers and special characters if the website allows it. Such as: Dr.Wh0d^nn!t something more random might be better, but it’s still a much more difficult password to deal with than drwhodunit. If you are unable to create passwords like this, then you should request it from the website you are using.

Finally, there’s only so much you can do as a user. Some of this has to deal with how the internet is structured. I’ll discuss this tomorrow. Protect yourself as much as you can.

The NY Times posted this article yesterday about LulzSec.

LulzSec, Anonymous, ICE, FBI and users Part II

Posted on by

Yesterday, I discussed Users, Anonymous and ICE. Today I will introduce LulzSec and the FBI and how they interact with the other two groups, if I have space I’ll also add some of the impact on users.

LulzSec is a rather new hacking group. I think I’ve been seeing posts about them since about June. I’m pretty sure they’ve been around longer than that, but within the last few weeks they’ve really picked up their online activity. This group claims they are fighting for the user and are going after, white hat, black hat, and government agencies. White hat and black hat are different types of hackers. White hats will find vulnerabilities, and then notify the firm of this vulnerabilities in their systems. The white hats help protect user data from the black hats, which are typically the bad hackers. LulzSec is something of a gray hat. They hack firms and then publicly display the vulnerabilities, by they claim they are doing this only to force the firms to change their behavior. They are also attempting to out bad apples, or so they say, in the white hat community. These guys are apparently pretty good, as their domain name was seized by ICE, and they took it back. On the ICE seizure page, in my previous post, they added this “rage guy” to it. They claim they only do it for the Lulz (lols or laughs).

I found this on the Telegraph’s website. No idea who owns the copyright

This of course did not make the US government too happy. So, two days ago the FBI got involved in the situation. They proceeded to take the server which the LulzSec website was hosted. Which impacted innocent websites as well. As the hosting agent wasn’t aware of this action until a few hours after it occurred. According to the hosting agent, the FBI took additional servers that weren’t involved at all. Here’s an article from the NY Times with a bit of a time line of the event. The LulzSec website is currently no longer up, as it appears the server with the website has been taken offline.

LulzSec has been targeted by both governmental agencies and some members of Anonymous and other hacking groups. The hackers are trying to show that these guys are a bunch of amateurs and aren’t covering their tracks very well. There’s been one LulzSec arrest so far in Spain. There have also been numerous Anonymous arrests as well. Each arrest supposedly is a leader in the movement, which each movement denies and mocks the arresting government as being incompetent and the person they caught is only a bit player in their campaign.

So what’s the big idea? They hack stuff, they get arrested, they lose connection to the internet. What’s the big deal? Well, I think that both Anonymous and LulzSec are using hacking as a means of protesting, but also attempting to fight over the structure of the internet. Anonymous feels that no one is listening to the larger internet community on how they feel firms should interact on the internet, and they also feel that the internet should be open and should be unregulated. LulzSec is a bit more of a loose cannon and are basically trying to cause as much mayhem as they possibly can. However, I think that they are using a different technique to achieve the same aims, an unregulated internet.

Tomorrow I’ll discuss some of the impact on users and what the structure of the internet means for most users, and how it can affect how the internet works in the future.

LulzSec, Anonymous, ICE, FBI and users

Posted on by

I this post, and some future posts, I plan to discuss several different entities and how they are currently impacting web usage, some potential future impacts and how users fit in with all of this. First I’ll talk about the users and then talk a little bit about each of the other entities and some of the current activities.

For users, I think every one is aware of the broad range of types of people on the internet. You have your grandma and grandpa who only use the internet for email, or I’ll these users novices. Then you have the more sophisticated users, which use various chat programs and may look at different websites and get their news, these are basic users. Intermediate users and basic users kind of blur together they’ll probably user online games, both paid games and simple online games like yahoo games etc. Next there are Advanced users. These people are consumers of content and may create some. They are probably also aware of how to create websites and pretty technically savvy people. Then you have the Power users. People that use massive amounts of content, create their own content and spread large amounts of information over sites like 4chan, reddit, digg, and various other Web 2.0 sites. These users are typically well aware of what’s going on with these four groups I listed above. These groups do not have hard and fast end points, it’s more of a continuum. In some cases it’s difficult to tell the difference from an advanced user and a power user.

So why are the Power users, and some advanced users, aware of the activities of these groups more than other people? In some cases these power users are actually involved in Anonymous, or actively support the action of the members of Anonymous. Ok, is that a good or bad things? Well, that’s a really difficult question to answer.  I can only answer that by explaining who and what Anonymous is.

Anonymous came about from the chat rooms of 4chan, and similar groups such as that. I’m sure there are many other sources that I’m completely unaware of, probably IRC(Internet Relay Chat). But what do they do? Well, partially they are a response to the governmental responses to Wikileaks, an organization devoted to safely leaking government or business related information (whistle blower site). They decided to attack, through a Distributed Denial of Service attack (DDoS) (Which basically take a website offline), websites that didn’t want to work with Wikileaks, like PayPal, MasterCard, Visa, and Amazon. However, it has since escalated to include many governmental agencies. Such as the US government and other organizations. This wouldn’t really be that big of a problem if it was just DDoS, which are illegal but short lived. They also started to hack companies and steal information.

So who is ICE and why do I care about them? Well, ICE is the US commerce department. The same people that are in charge of the US boarders. Some how, they have been given broad authorization to target websites that are either streaming or directly distributing copyrighted material. They do this through seizing websites. Which has been considered very questionable under constitutional authority. See the picture below for an example of a website seized by ICE.

ICE Seizure web page

Well, I still don’t know if that’s a good or a bad thing. They could be going after child pornography or shutting down those pirating websites. You know, those are good points. ICE, accidentally shut down a few websites, wrongly claiming the accused was distributing child porn. These were actual businesses that were shut down due to this. 
Well, this post has gotten rather long. So tomorrow, I’ll post about LulzSec and the FBI and hopefully discuss how all four of these groups intersect with each other. As a teaser, all four of these groups feel that they are fighting over the control and structure of the internet.

YouTube Copright School

Posted on by

Since I’ve been posting recently about copyright and infringement and YouTube, I figured I should watch the video they have posted for “Copyright School.” Although I tried to embed the video into this post it appears it’s not working. So you can find the link here.

The video itself is moderately annoying. The song used through out the video kind of reminds me of this song.  It explains the bare bones basics of copyright works and how copyright can work on YouTube. It shows how copying a video is copyright infringement, and how potentially filming a live concert can be considered copyright infringement. Although they didn’t explain it was infringement because of the song not because of the video itself.

The fair use part is rather deplorable. However, this is to be expected. I’m sure whenever the writers got to this section the lawyers heavily edited it. I’d argue that it’s overly protective of YouTube. By stating that most remixes are likely to be outside of fair use, the video makes it very safe for YouTube itself. Youtube can point to this video and say, “See we told them those remixes weren’t allowed under fair use.” However, this is not entirely accurate. In fact the very video they use to explain this problem most likely is covered by fair use. Realistically, there’s no difference between the video Youtube uses and Numa Numa.

I’m not an expert at fair use, so I decided to post some commentary from one person who is. Here’s a pretty good discussion between Colbert and Lawrence Lessig. In this they discuss how remixing is and should be ok under fair use. It can benefit both parties. Here’s a blog post written by Lessig describing some of the failures of the fair use system as well.

So what can we gather from these two discussions and the YouTube video? First, YouTube is clearly putting itself in a position to not be liable for any work that may not actually fall under fair use. Second, it’s difficult to determine what is and what is not fair use. Lessig also points out that there is a dividing line between commercializing the work and keeping it for free. I’d suggest as much as possible to clearly understand these issues before attempting to commercialize any remixes.

In the terms of the internet commercialization isn’t the same as it used to be. Placing ads on your blogs or within your videos basically commercializes your work.

Btw here are two remixes from the Colbert Lessig Inteview.

Copyright’s History and what’s gone wrong

Posted on by

I’m not going to go into a super deep history of copyright here. What I plan to do is outline the general idea behind copyright and how it’s shifted over time. If you want an in depth discussion on this I suggest reading it from Lawrence Lessig’s book Free Culture which the link to a direct download isn’t working right now. I can email it to you if you’d like, I believe.

Basically, the idea of copyright came about around the same time as patent protection. The idea, which is rooted in the same theories as patent protection, is to give just reward to people who created creative works, without fear of someone stealing it, and selling it for their own gain. This worked extremely well in a time when to listen to a great piece of music you had to listen to it live. This is where the public performance aspect came into affect. Of course, books were much more difficult to copy en mass as it’s really expensive to print a run of books. Copyright was originally much shorter in length of time than it is currently. At the longest it was until the creator of the work died. Now, as we know, copyright can persist significantly longer. We have more interaction because the material is more accessible. In the early 1900’s there was a big congressional hearing about sheet music. If sheet music should be allowed at all. Today, I think our version of sheet music is the video or musical remix, al a GirlTalk. I feel like I’m really pimping Lessig today, but he also wrote a book specifically about this topic called simply enough Remix. In this book he interviews GirlTalk about this very topic.

So, how does this shift in copyright really impact us? Well, as we can tell from the O’Dwyer case, RIAA, MPAA, and their equivalents in other countries, we interact with copyright on a daily basis. Not enough of us have a clear understanding of how we’re actually interacting with it. It’s conceivable that the video commentary out on Youtube for video games is technically copyright infringement. However, it would be stupid for video game publishers to go after the Youtubers, like my friends at KBMod, because they are effectively giving free advertisement for these games.

I suggest people that are active in posting videos online on Youtube become aware of the copyright issues that you may be interacting with. Sadly, ignorance is not a defense. The books I’ve mentioned above are easy to read. Lessig writes in a very clear way that non lawyers can understand easily.