Group items tagged

Steve Mansfield-Devine, editor of Network Security, analyses the threat of the Anonymous activist hacking group. In doing so he discusses the collaborative tools used to organise the members of Anonymous into a focussed effort. The tools discussed include the Low Orbit Ion Cannnon (LOIC) and various spinoffs, Internet Relay Chat (IRC) and Twitter. Mansfield-Devine's discusses the Anonymous group's usage of the LOIC as a Distributed Denial of Service (DDoS) weapon. Mansfield-Devine makes a clear point that only with enough users is the LOIC effective, making the effective usage of the LOIC a collaborative operation. The more users collaborating with the tool, the more effective it becomes. Mansfield-Devine discusses how Anonymous members are coerced into participating in an LOIC attack, specifying IRC and Twitter as the main forms of mobilisation of members. His discussion highlights IRC as a primary form of organisation, with Twitter being taking a more secondary role in directing potential participants into IRC channels. Mansfield-Devine does note that Twitter became an integral part of Anonymous organisation when their domain names were taken offline by authorities during Anonymous operations. Tweets were sent out to redirect the Anonymous participants into new IRC chat rooms to continue the attack. Overall, this article concisely covers IRC, Twitter and LOIC based aspects of Anonymous collaboration and organisation. Mansfield-Devine, Steve. 2011. "Anonymous: Serious threat or mere annoyance?" Network Security 1: 4-10. http://dx.doi.org.dbgw.lis.curtin.edu.au/10.1016/S1353-4858(11)70004-6

In this article Mansfield-Devine explores the threat of the organisation Anonymous and the collaborative tools they use to organise the group. In relation to this, he specifies that Anonymous uses "Low Orbit Ion Cannnon (LOIC) and various versions, Internet Relay Chat (IRC) and Twitter" as his key tools for facilitating organised attacks on institutions (Mansfield-Devine, 2011, p. 4). This article links to the article 'Kony 2012: The Template for Effective Crowdsourcing?' by Olubunmi Emenanjo, on more than one level, they are both about outside organisations against institutions, and they both undeniably rely on social media and the power of the crowds for the mobilization and facilitation of their actions and recruitment (Emenanjo, 2012). The success of the Kony 2012 campaign and Anonymous's attacks can be pin-pointed to how the organisations are aimed at a particular audience, reinforced by social media platforms, and most importantly how they harnessed networking tools to deliver their messages. However a major difference between the two groups is that the Kony 2012 organisation has a consistent online identity, while Anonymous has anonymity. Little is known about the organisation itself but the tools they utilise (LOIC, IRC, and Twitter) lead us so assume that their audiences engage with the organisation. References Emenanjo, O. (2012). Kony 2012: The Template for Effective Crowdsourcing? Communia. Retrieved from http://stipcommunia.wordpress.com/2012/03/13/kony-2012-the-template-for-effective-crowdsourcing/ Mansfield-Devine. (2011). Anonymous: Serious threat or mere annoyance?. Network Security, 1, 4-10. http://dx.doi.org.dbgw.lis.curtin.edu.au/10.1016/S13534858(11)70004-6

Although much of this article is not particularly useful to my focus on Anonymous, this article still raises some interesting notes. The way in which the author plays down the impact of Anonymous' actions towards the end of this article is of particular interest. The author often refers to the disorganized nature of the Anonymous movement, and suggests frequently that although a number of individuals may be involved, automated 'botnets' are often more effective than Anonymous members (Mansfield-Devine, 2011). For my focus, this is the most important part of the article because of the way in which the author neglects to take note of Anonymous members who do more than simply use LOIC and other DDoS attacks. Although it may be true that Anonymous DDoS attacks may not result in significant, long term damage to their targets, the disruption caused by such attacks can often provide enough distraction for Anonymous hacktivists to retrieve data from said targets. With hacktivist groups within movements such as Anonymous being responsible for the largest amount of stolen data in 2011 (AFP, 2012), Anonymous DDoS attacks could pave the way for much more damage to be done to websites than the temporary service disruptions noted by the author of this article. Mansfield-Devine, S. (2011). Anonymous: Serious threat or mere annoyance? Network Security 1: 4-10. Retrieved from http://www.sciencedirect.com.dbgw.lis.curtin.edu.au/science/article/pii/S1353485811700046 AFP. (2012). 'Hacktivists' biggest data thieves in 2011: Verizon. Retrieved from http://au.news.yahoo.com/thewest/a/-/world/13242086/hacktivists-biggest-data-thieves-in-2011-verizon/

This article, recently published by security firm Imperva, investigates how an Anonymous attack is mounted. A Particularly interesting point is that this article makes no mention of IRC channels, instead painting Facebook, Twitter and Youtube channels as the main methods of communication for Anonymous. Also interesting is that such communication is referred to as recruitment, recruitment of technically savvy hackers and not so technically savvy activists who are willing to participate in the attack. Particular attention should be paid to pages 6-8 which outline the recruitment activities over Facebook, Youtube and Twitter. Imperva outline the technical methods used to stage the attack, mentioning that there are 10 -15 'Anons' working to analyse the victim website for security vulnerabilities. These are more experienced hackers who are searching for a vulnerability that might allow them to retrieve private data from the victim (p.6). Although not mentioned in this article, perhaps these experienced hackers collaborate using Internet Relay Chat. When no vulnerability was found, Imperva notes that Anonymous instead tries a DDoS attack, but instead of employing the LOIC, a web based version is used for ease of participation (p.13). This way, users of any device can be recruited (through social media) into participate in the attack with minimum of barriers to entry. Although this article focusses heavily on the technical aspect of the attack, a significant portion of the article deals with the recruitment of participant through social media, alongside discussion of the online variant of the LOIC collaborative Denial of Service tool. Anatomy of an Anonymous Attack. 2012. Imperva. http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymous_Attack.pdf

This document may prove to be quite a significant additional reference to my focus of my chosen topic of the Anonymous movement and hacktivism. This article discusses precisely what Mansfield-Devine (2011) neglected to note; that within the Anonymous movement, there are a number of individuals with significant hacking skills who are able to retrieve valuable data from the targets of Anonymous attacks. The article quite thoroughly deconstructs the order in which Anonymous attacks typically occur, the differences between the two major types of individuals who participate, and circumstances under which Anonymous attacks are generally able to be successfully performed (2012). Of particular interest, is the emphasis placed on the importance of acknowledging the fact that Anonymous attacks are not always as harmless as they may appear. Another interesting note is found within the conclusion of the report. The report suggests that targeted, small-scale data retrieval attacks are the preferred means of attack for the Anonymous movement and that "DDoS is the hacker's last resort" (Anatomy of an Anonymous Attack, 2012). This would suggest that unlike many sources of information regarding Anonymous hacktivism attacks, Imperva has identified the serious nature of many incidents involving the Anonymous movement, which do not necessarily receive as much immediate attention as a simple DDoS attack may. Anatomy of an Anonymous Attack. (2012). Imperva. Retrieved from http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymous_Attack.pdf Mansfield-Devine, S. (2011). Anonymous: Serious threat or mere annoyance? Network Security 1: 4-10. Retrieved from http://www.sciencedirect.com.dbgw.lis.curtin.edu.au/science/article/pii/S1353485811700046

Courtenay Honeycutt and Susan Herring discuss the collaborative potential of Twitter. This is of particular relevance to the discussion of Anonymous organisation tools, as Anonymous uses Twitter for a large amount of its public relations. @Anonops, @AnonymousIRC and @Youranonnews are twitter users with substantial followers, each with greater than 250,000 followers. Anonymous's favourite method of attack - Distributed Denial of Service (DDoS - works better with every additional participant. Anonymous must recruit members to participate in such attacks through Twitter, Facebook and Youtube. Twitter presents the most anonymous and easily digestible communication channel of the three, whilst also being extremerly active during past operations such as #oppayback. Therefore, Twitter plays a central role in the collaboration of anonymous, especially communicating with those who do not take an active role in IRC chats. Honeycutt and Herring examine the conversational and collaborative potential of Twitter with the use of the @ symbol to direct conversation. This activity is very prominent among the Anonymous Twitter account listed earlier. Anonymous Twitter feeds are full of responses to criticisms and answers to questions. It is worthwhile to note that Honeycutt and Herrings article was written in 2009, before use of the @ symbol became recognised by Twitter as a certified way of creating conversation. Now, it is easy to transverse conversation simply by clicking tweets with an @ symbol. During Anonymous operations, Twitter provides an invaluable resource in being able to address such a number of followers at once. Honeycutt and Herring also note similarities between Twitter and IRC channels, also noting that the hectic, crossing conversation are perhaps part of the appeal to some of IRC. This is certainly present in Twitter, but without the constraints of server based IRC channels. Twitter presents a global audience to which Anonymous reaches out, when recruiting

Matt Brian, mobile editor for The Next Web, discusses the popularity of pastebin.com among hacking (or perhaps more accurately 'cracking') groups. Brain notes that Pastebin is a tool originally designed for collaboratively editing code, but has since gained popularity among malicious security crackers as a method of releasing stolen data to the public. While there are numerous spinoffs of the simple text-sharing concept, pastebin.com remains the most popular. Searching the pastebin.com website for 'anonymous' or their (now disbanded and arrested) spinoff group 'Lulzsec' reveals a considerable level of Pastebin usage by Anonymous. Manifestos and anouncment seem to be a popular use of Pastebin by Anonymous. For example searching '#opegypt' reveals a list of sites taken down by Anonymous - perhaps it was collaboratively updated while the operation took place? The Anonymous group link to Pastebin.com pastes (or other equivalent websites) through blogs and twitter accounts associated with the Anonymous movement. Brain notes its utility in escaping the 140 character limitation of twitter, whilst still retaining anonymity with minimum fuss. If illegal material was posted on Anonymous blogs such as anonops.blogspot.com, youranonnews.tumblr.com or anonnews.org it would likely violate terms of service and result in blogs being closed. Pastebin.com therefore, provides a suitably nebulous zone for posting illegal content. Brain makes extensive note of the use of Pastebin.com to release sensitive, stolen information to the web. Although the hacking groups mentioned are not always directly related to Anonymous, it highlights the usage of Pastebin.com as a tool for sharing information. Hacker groups could potentially be working on releases or manifestos collaboratively with their peers, although this in not discernible in the final Pastebin product. Brian, Matt. 2011, June 5. "Pastebin: How a popular code-sharing site became the ultimate hacker hangout." The Next Web: Social M

This article provides an interesting (if somewhat brief) account of the Anonymous movement, and associated (as well as un-associated) hacktivist networks, using a relatively simple internet tool and altering the intended usage to suit the purposes of the movement. The article focuses mainly on the usage of Pastebin by an offshoot of the Anonymous movement called LulzSec, and how the group was able to use Pastebin to greatly aid their hacktivism efforts (Brian, 2011). Although now disbanded and with most of its members arrested (Apps, 2012), LulzSec very successfully utilised Pastebin for various leaks and links to their efforts of retrieving data from a number of high-profile organizations. This article touches on another example of the confrontational tactics for raising media awareness outlined by Andrews and Caren (2010), and thus the two articles may provide relevant references for discussions relating to the reactions to hacktivist groups such as LulzSec, as well as providing information regarding another tool used by such movements. In terms of my focus on the Anonymous movement, the article may not provide a direct reference to the divides between individuals within the movement based on motivation for activities under the Anonymous movement. The article does however provide a relevant secondary source for additional discussion relating to the way in which particular offshoots of the Anonymous movement operate. Andrews, K., & N. Caren. (2010) Making the News: Movement Organisations, Media Attention, and the Public Agenda. Retrieved from http://proquest.umi.com.dbgw.lis.curtin.edu.au/pqdweb?did=2527572391&sid=1&Fmt=6&clientId=22212&RQT=309&VName=PQD Apps, P. (2012). LulzSec Arrests Hurt Hacker Groups, Anonymous Movement Hard To Kill. Reuters. Retrieved from http://www.huffingtonpost.com/2012/03/08/lulzsec-arrests-anonymous_n_1331982.html Brian, M. (July 5th, 2011). Pastebin: How a popular code-sharing site became the ultimate hacker hangout. Retrieved fr

This is a page from BitTorrent.com's Idea Bank, a messageboard where people can post the ideas they would like to see adopted by BitTorrent's programmers. This page can be used as a text in the way that it demonstrates the user attitudes toward collaboration in bittorrent. The page shows conversation in fourteen posts. Firstly, we see something of the ideology of bittorrent, coming from the culture of Open Source software it actively invites the user's input into development. The conversation is interesting because it presents distinct 'for' and 'against' arguments on the inclusion of a 'thank you pop up'. The context of the page is salient, sitting at number two in popularity on the requests board, one realises that not being able to say thanks to peers is of concern to members of the swarm. The majority of commenters see the 'thank you pop up' as a good thing (nine 'for' comments to four 'against') stating sentiments of altruism, politeness and an intent to strengthen relationships within the bittorrent community. User Jp comments: "The world would certainly be a better place to live in, if only it's people would start to be kind toward those who share. To become more polite is a small step for man and a bigger one for humanity. I will surely pop one up (a thank you window) to the man who will spread the code for a better living." On the other hand the 'against' comments relate statements as to why a 'thank you pop up' is actually harmful to bittorrent community, Jimmy Hendrix posting: " I absolutely.......... absolutely do NOT want a feature to say thanks, chat, or get to know anybody that I'm downloading from. I want to stay as anonymous and impersonal as possible. Viren......you do know that this is still illegal? request/ban viren chocha." While the swarm is by nature anonymous, users do you yearn for a way to extend a warm hand to members they are collaborating with. Whilst the extralegal nature of bitorrent inhibits the devel

This suggestion combined with the much polarised reactions in the comments section is worth looking at and thinking about. Although the majority of the comments are positive and there are a significant amount of votes for this feature, five out of fourteen of the comments are either against it or express that they would not want to use it by bringing up issues like anonymity as well as legal issues. Unlike the interactions within the close social group looked at in the paper "BitTorrents and Family Guy: teenage peer group interactions around a peer-to-peer Internet download community", it seems that some of the users' who made comments about this suggestion do not want to make contact with other BitTorrent users, perhaps because the illegal nature of the exchange makes them feel uncomfortable. Their perspectives suggest that they just want to use BitTorrent for downloading and uploading, and not directly as a kind of community. I think they may have a point, and real life social groups as well as online communities seem to function fine without communication being possible directly within BitTorrent programs. It is interesting to think if file-sharing was less taboo, perhaps it would be more acceptable for social features like this to be directly integrated into the platforms.