Random & The HBGary Federal stuff

Disclaimer – This was an earlier post, with a lot of speculation on my part, in regards to the HBGary hack by Anonymous. After more thorough research, a revised post was released here. Please refer to this if you are looking for a hopefully more accurate account

 

So the last few days, weeks, whatever have been a bit quiet. So i’ll just take this time off and talk about some of the issues i’ve been thinking about.

First of all, i need to get rid of a bunch of hardware, so if you need anything like memory, or servers (without their harddrives), or regular desktop machines.. or i suppose i might even have a few smaller lcd screens, hit me up with a comment or an email. I’ll post a better list later, but here’s some of the stuff:

• Two HP DL380 tower servers, i don’t have the specs on hand, one was i think a dual processor and the other single. RAM included
• An IBM xSeries tower server, which is actually pretty compact and not too loud, but also, it’s not very fast
• Various desktop towers
• RAM: DDR1, DDR2 (1GB and smaller sticks), and various DDR1 and DDR2 SO-DIMMs for laptops
• I may also be selling two 17″ LCD screens
• Various expansion cards and what-have-you

I’d also be interested in finding a pair of 2GB non-ECC DDR2 for my desktop, since running multiple virtual machines is putting a strain on my current 6GB configuration.

Currently i’m on an Oracle 11g course, which lasts five days. I’m not really going to be a database guy, and frankly i’m not too interested in this either. I do it from a pure carreer perspective, and because i know that we have a lack of Oracle knowledgeable people where i work.

Also, this morning i realized we live in a world where few clocks ever tell the same time. Waking up, eating breakfast and walking to the train station, i was confronted with at least 8 different versions of what the time currently was. Bewildering.

Anonymous owns HBGary and HBGary Federal

Disclaimer – This was an earlier post, with a lot of speculation on my part, in regards to the HBGary hack by Anonymous. After more thorough research, a revised post was released here. Please refer to this if you are looking for a hopefully more accurate account

And i don’t mean they bought the fuckers. So here’s the story as i’ve been able to patch it together: HBGary Federal (a separate corporate entity working under the HBGary name, providing infosec research and such for government) CEO and Co(?)-owner Aaron Barr decided he was going to blow this whole anonymous case wide open. Now as i’ve discussed in multiple posts, this stems from the clear stupidity and thick-headedness of people, refusing to understand what and how anonymous works. Barr had the brilliant idea of “infiltrating” the anonymous networks (err.. i mean the public irc-channels at anonops.ru #anonops #anonymous #reporters etc.) and find out as much as he could about the leadership of anonymous. He then compiled in data from various social networks, simply taking a persons IRC identity or other available data, and connecting it to mostly random people using the same nicknames or such on Facebook, for instance. You should now be able to see how faulty his methodology is to begin with. He then boasted that he has the identities of most of anonymous’ leadership and organisers. He made up roles and titles for various people, like “co-founder of anonymous”. Anonymous caught wind of this, and decided to have a look at the list.

Supposedly 16 year old female hacker ‘kayla’, known on the IRC channel as `k, social-engineered an admin at rootkit.com, Jussi Jaakonaho (who is also a chief researcher at Nokia, incidentally) pretending to be Greg Hoglund, CEO at the main company HBGary. Note that HBGary is not directly affiliated with HBGary Federal, though it carries a 15% share of HBGary Federal in the form of investments. Through Jussi, she was able to get root access to the servers at rootkit.com. From there the problems escalated, and while i don’t have the full details, i suspect credentials or data found on rootkit.com were used to compromise Barr’s account on HBGary Federal, and numerous other locations, such as Twitter.

The result was an onslaught of defacement and luls from Anonymous, as they downloaded over 50 000 internal e-mails from HBGary and HBGary Federal employees and executives. These were subsequently published as a torrent, which can be found with little to no trouble. To add insult to injury, Anonymous sent the “brilliantly” collected (and false) data that Barr was supposedly going to sell to the FBI (as evidenced by an 11 AM meeting on monday 7th February found in his e-mails) to the FBI for free. Barr claims he was never going to sell the data, or that he was going to redact the names, but that’s really irrelevant at this point. He also claims it was only for research purposes, but internal emails show he was clearly going to profit in a business sense either directly through selling the data/research or through PR he would have gotten for “exposing” the “leaders” of Anonymous. All of which is total and utter bullshit. Most of the people on the list have little or no affiliation to anonymous, and could have gotten into serious trouble had this data not come out in time.

Barr’s twitter account was owned, adding “raging homogay” to his about-box, and posting various lewd comments on his feed. His new Twitter avatar is also a variation of a classic 4chan meme, “Forever Alone”, modified to “Forever Barrlone”. You should really check it out, it’s quite funny if you are into this whole meme business. Also read all the tweets from the past few days, as they provide some insight into what went on.

Ted Vera’s (COO / President at HBGary) Linked in profile was also defaced to change his name to Colossal Faggot, though i doubt it’s still out there. Google cache might still have it, plus i suppose screenshots exist.

All in all i can’t say i give a flying fuck about any of these people or their respective companies. If you are in the security business, and particulary in the business of selling research and data to the federal government (thank god it’s not mine), then you need to be competetent and know what the hell it is you are doing. If you are an incompetent asswipe, then bad things may happen to you. You don’t deserve your job, your bonuses, your cushy little office and the notion of job security. You deserve to go back to school, admit your failures and start over. Though that might be a bit hard at this point, seeing as i would find it very unlikely that the likes of Barr would ever be hired to do anything with computers ever again.

Anonymous has stated they have in ther posession more emails that are as of yet unpublished, and they have had negotiations with the owner and CEO of HBGary as to the next steps in this whole debacle . The IRC logs of that are quite .. a read. Anonymous demanded that for the rest of the data to stay secret (this is called extortion), they need to see Aaron Barr stripped of his job, and all future investments to HBGary Federal. Also they requested that all such funds instead be diverted to the Bradley Manning defense fund, the EFF and other such causes. HBGary is in the process of thinking about things.

Quite a thing to see the CEO of a multi-million dollar company on IRC, begging these anonymous types not to release more mails, as they would cause millions in damage. “Think about what this will do to your reputation”, HBGary urged. Anonymous replied with “What reputation, and why should we care?”

It has to be rather bewildering for your average corporate type to face an adversary that does not care for the traditional things. Reputation is irrelevant. Possible consequences, irrelevant. Legal threats, irrelevant. Sure, you can (and they have) caught a number of people associated with anonymous, but there are tens, maybe hundreds of thousands of people ready to take their place, if they feel like it will get them the laugh of the day.

I’ll end with another paraphrasing from the IRC logs, where one Anonymous stated, after just saying he knows this will cost HBGary millions, and that he doesn’t care, that he will now go play Fallout.

Oh and one more thing…

I have to really hand it to both Greg Hoglund, and especially Penny Leavy, who is president of HBGary. She took time out of a nightmarish day, to go on IRC and talk to anonymous. She tried to talk to these people, and she tried to grasp the concepts. Aaron Barr however, who also appeared on the channel under the alias CogAnon, was less than courteous. He talked trash and left without answering any questions, clinging to the one sentence he thinks will save him: “I did it all for research”. That’s like pissing on an angry mob, who has already burned down your house, broken your car and kidnapped your cat.