Security Analyst Explains Why We Love Lulzsec
- Thread starter Andy Chalk
- Start date
Interesting take on this, actually... Lulzsec seem to be basically ad-hoc 'white' hackers, hacking into big databases and informing companies that they're security is flawed so they can fix it.
Oh, also, Lulzsec also recently hacked into the NHS (National Health Service - the British health system) database apparently. Said they "stumbled upon" the admin passwords and stuff, though they didn't steal anything. Just thought I'd point out another example. ;P
Oh, also, Lulzsec also recently hacked into the NHS (National Health Service - the British health system) database apparently. Said they "stumbled upon" the admin passwords and stuff, though they didn't steal anything. Just thought I'd point out another example. ;P
I did a report on cyber security right before the PSN outage. This pisses me off, I could have used LulzSec in my paper 
Dude, awesome post, thanks. Any more tips?Low Key said:So that's why I am having such a laugh at all of this. I'm in college for IT security. I guess this means I'll have a job open to me when I finish.
It sucks to see customers of these business suffer, and I know it doesn't seem like it, but trust me when I say it's for the greater good. Wouldn't you rather know your data is secure rather than trust a company that doesn't even have an operating firewall? I know I would.
Take this with a grain of salt if you must, but there are a few easy ways to protect yourself from hackers even when these companies can't.
Step 1: Always use HTTPS in your browser rather than HTTP. Most sites don't use SSL certificates (which is retarded, sorry Escapist, looking at you), but utilizing the sites that do use them is best.
Step 2: NEVER, I repeat, NEVER use your day to day credit card for online transactions, ever. Go out and get a prepaid credit card if you must purchase something online.
Step 3: I wouldn't trust online banking with my name, let alone my account numbers. Avoid it at all costs. If you must use it, only use it at home (you never know who is running Wireshark over wifi), but don't expect these banks to keep your data safe.
Only YOU can protect YOU. If you think all of these companies give a fuck about anything more than their bottom line, you are delusional.
Just out of curiosity, I'm no web developer, what's the difference between HTTPS and HTTP?
He gives the public too much credit.
I'm a network security professional by trade; I don't have any particular love for hacker groups, primarily because it introduces more and more legal burden as time goes on.
I'm a network security professional by trade; I don't have any particular love for hacker groups, primarily because it introduces more and more legal burden as time goes on.
LoL, security doesn't exist, that is the reference to a security blanket. It feels safe, but it can't protect you from anything.
If someone wants your stuff, they can get it, all that matters is the amount of moral crimes they are willing to commit to get it.
Anyone who thinks you are safe is a ignorant, no matter how many rules or laws exist to keep you that way, you can't stop them if they have the will to make it happen.
He is right though, the smartest thing would be to not put your private information out there. That is the social change that he is surely talking about.
If someone wants your stuff, they can get it, all that matters is the amount of moral crimes they are willing to commit to get it.
Anyone who thinks you are safe is a ignorant, no matter how many rules or laws exist to keep you that way, you can't stop them if they have the will to make it happen.
He is right though, the smartest thing would be to not put your private information out there. That is the social change that he is surely talking about.
HTTPS means that particular site is using SSL (secure socket layer) certificates, just another layer of security.Traun said:Dude, awesome post, thanks. Any more tips?Low Key said:So that's why I am having such a laugh at all of this. I'm in college for IT security. I guess this means I'll have a job open to me when I finish.
It sucks to see customers of these business suffer, and I know it doesn't seem like it, but trust me when I say it's for the greater good. Wouldn't you rather know your data is secure rather than trust a company that doesn't even have an operating firewall? I know I would.
Take this with a grain of salt if you must, but there are a few easy ways to protect yourself from hackers even when these companies can't.
Step 1: Always use HTTPS in your browser rather than HTTP. Most sites don't use SSL certificates (which is retarded, sorry Escapist, looking at you), but utilizing the sites that do use them is best.
Step 2: NEVER, I repeat, NEVER use your day to day credit card for online transactions, ever. Go out and get a prepaid credit card if you must purchase something online.
Step 3: I wouldn't trust online banking with my name, let alone my account numbers. Avoid it at all costs. If you must use it, only use it at home (you never know who is running Wireshark over wifi), but don't expect these banks to keep your data safe.
Only YOU can protect YOU. If you think all of these companies give a fuck about anything more than their bottom line, you are delusional.
Just out of curiosity, I'm no web developer, what's the difference between HTTPS and HTTP?
In laymen terms, it means that the only parties who can see what you are typing in, say for instance on Google, are you and Google. No one else. Essentially, SSL creates an encrypted tunnel between you and the website you are on.
If you are running Firefox, you can install an add-on that automatically uses HTTPS instead of HTTP on sites that have SSL certificates. Here's a link: https://www.eff.org/https-everywhere
I wouldn't be surprised if soon news starts spreading, about the "global war on cyber-terrorism", and how most countries in the world will be enforcing legislations, to "protect us" from the dangers of the internet......
...by restricting our access and controlling what we do.
...by restricting our access and controlling what we do.
As far as I know, Anonymous has never been in it for personal data nor have the published anything of the sort. I know Sony is saying something different, but their story has changed so many times since this all started. They are just trying to cover their asses so their stock stops plummeting.-Samurai- said:
LulzSec on the other hand, have published others' personal data, but the majority of their work has been breaking into high profile websites to prove the state of security amongst them is utter shit. While I don't support the theft of personal data, I do in fact support the cracking of websites to send a message that the bottom line of multi-million/billion dollar corporations should include the security of their customers data.
Ultimately, both groups are in better standing with me than say some random hacking group from some random Eastern block nation that does a hit and run on a website purely for profit. Identity theft is the largest crime being committed today. You may not have been affected yet (yet is the keyword), but chances are it WILL happen to you and assure you that neither Anonymous or LulzSec will be behind it when that time comes.
Truth be told recent events have made me a little more cautious with my online dealings. Anyway, I'm using Chrome, so that isn't of much help to me, however I did found a similiar extension for Google Chrome - https://chrome.google.com/webstore/detail/flcpelgcagfhfoegekianiofphddckof . As far as I know it's not as refined as the Firefox one, but at least there is one for users of that browser.Low Key said:HTTPS means that particular site is using SSL (secure socket layer) certificates, just another layer of security.Traun said:Dude, awesome post, thanks. Any more tips?Low Key said:So that's why I am having such a laugh at all of this. I'm in college for IT security. I guess this means I'll have a job open to me when I finish.
It sucks to see customers of these business suffer, and I know it doesn't seem like it, but trust me when I say it's for the greater good. Wouldn't you rather know your data is secure rather than trust a company that doesn't even have an operating firewall? I know I would.
Take this with a grain of salt if you must, but there are a few easy ways to protect yourself from hackers even when these companies can't.
Step 1: Always use HTTPS in your browser rather than HTTP. Most sites don't use SSL certificates (which is retarded, sorry Escapist, looking at you), but utilizing the sites that do use them is best.
Step 2: NEVER, I repeat, NEVER use your day to day credit card for online transactions, ever. Go out and get a prepaid credit card if you must purchase something online.
Step 3: I wouldn't trust online banking with my name, let alone my account numbers. Avoid it at all costs. If you must use it, only use it at home (you never know who is running Wireshark over wifi), but don't expect these banks to keep your data safe.
Only YOU can protect YOU. If you think all of these companies give a fuck about anything more than their bottom line, you are delusional.
Just out of curiosity, I'm no web developer, what's the difference between HTTPS and HTTP?
In laymen terms, it means that the only parties who can see what you are typing in, say for instance on Google, are you and Google. No one else. Essentially, SSL creates an encrypted tunnel between you and the website you are on.
If you are running Firefox, you can install an add-on that automatically uses HTTPS instead of HTTP on sites that have SSL certificates. Here's a link: https://www.eff.org/https-everywhere
Sega's dearly missed console division.
Rise from your grave!
When Sony, Nintendo and Microsoft killed their division off they made the mistake of dumping their dreams on an ancient burial ground of ET games.
Rise from your grave!
When Sony, Nintendo and Microsoft killed their division off they made the mistake of dumping their dreams on an ancient burial ground of ET games.
BONUS SPOILER: LULZSEC SECRET PLAN
[youtube]ypGxYM3MHqY[/youtube]
They're basically going to play Altered Beast with the world. If you think things are bad now, wait til they turn into furries and still bitchslap lax computer security around.
[youtube]ypGxYM3MHqY[/youtube]
They're basically going to play Altered Beast with the world. If you think things are bad now, wait til they turn into furries and still bitchslap lax computer security around.
Well of course security firms are going to love this stuff, sony hired 3 or 4 just to investigate the break ins, add to that the paranoia when all these splinter groups start going after anything they deem worthy of time and effort.
The more groups like this spring up no matter if they are hacking for the lulz or for some greater cause or are out to ruin peoples lives and or bring down corporations, it really does not matter all that much in the grand scheme. More groups attacking more things means that everyone has to sit up get there house in order before they get hacked.
Things were pretty boring with anon for the longest time, they had a fairly focused agenda, they had things they would and would not do, no doubt some of those things were out and out illegal, but they never crossed that line and went after personal customer info unless it was to make a point.
Then the sony thing happened and it is like pandora's box opened. Sony was blaming anon, anon is saying they didnt do it, then anon breaks out in civil war, now anon is many, now all sorts of stuff hits the fan.
So yea if these groups did not exist IT security pros would be obsolete, even if all this stuff chilled at the ebay and google anon levels most everything would be pretty calm, so this current climate means there is ton of ton of money to be made now and in the years to come.
The future will make now days seem like the wild west, i am sure many governments will have much tighter control under the watchful eye of the mpaa, and the music industry, and we will see much stricter systems global filters and making sure forceably that people surf safe and do not pirate.
These people now could end up being the rebels of the future, protecting peoples rights and all that, but hell guys why no action against china? china is like the poster boy for oppressive government, actively censors and monitors each and every one of their users aggressively, and people still vanish out of existence in china when they get too out of line. I mean hell, if there was ever a big juicy target with a bullseye painted on its head and screaming attack us there it is.
And best part noone would have given a rats spit if china whined or protested, you could have been heroes to billions of chinas citizens even if only managed to take a bit of the restrictions loosened one way or another. and in the global view even if your were an hacker group most people would have supported you for a good long while no matter what else you did.
The more groups like this spring up no matter if they are hacking for the lulz or for some greater cause or are out to ruin peoples lives and or bring down corporations, it really does not matter all that much in the grand scheme. More groups attacking more things means that everyone has to sit up get there house in order before they get hacked.
Things were pretty boring with anon for the longest time, they had a fairly focused agenda, they had things they would and would not do, no doubt some of those things were out and out illegal, but they never crossed that line and went after personal customer info unless it was to make a point.
Then the sony thing happened and it is like pandora's box opened. Sony was blaming anon, anon is saying they didnt do it, then anon breaks out in civil war, now anon is many, now all sorts of stuff hits the fan.
So yea if these groups did not exist IT security pros would be obsolete, even if all this stuff chilled at the ebay and google anon levels most everything would be pretty calm, so this current climate means there is ton of ton of money to be made now and in the years to come.
The future will make now days seem like the wild west, i am sure many governments will have much tighter control under the watchful eye of the mpaa, and the music industry, and we will see much stricter systems global filters and making sure forceably that people surf safe and do not pirate.
These people now could end up being the rebels of the future, protecting peoples rights and all that, but hell guys why no action against china? china is like the poster boy for oppressive government, actively censors and monitors each and every one of their users aggressively, and people still vanish out of existence in china when they get too out of line. I mean hell, if there was ever a big juicy target with a bullseye painted on its head and screaming attack us there it is.
And best part noone would have given a rats spit if china whined or protested, you could have been heroes to billions of chinas citizens even if only managed to take a bit of the restrictions loosened one way or another. and in the global view even if your were an hacker group most people would have supported you for a good long while no matter what else you did.