LulzSec: "We might be brought to justice, but we just don't care."

LulzSec: "We might be brought to justice, but we just don't care."

Summary: LulzSec has just released a press announcement concerning their motives up to this point, and it's official: They're doing it all for the lulz and nothing more.

SHARE:
41

A new press release has hit the Web today from Lulz Security in celebration of their 1000th tweet which states their motives and intentions up to this point, as well as how they feel about their actions and how others are responding. With plenty of guesswork happening on behalf of media outlets everywhere (not excluding yours truly), LulzSec truly is just doing it all "for the lulz." To quote:

For the past month and a bit, we've been causing mayhem and chaos throughout the Internet, attacking several targets including PBS, Sony, Fox, porn websites, FBI, CIA, the U.S. government, Sony some more, online gaming servers (by request of callers, not by our own choice), Sony again, and of course our good friend Sony.

While we've gained many, many supporters, we do have a mass of enemies, albeit mainly gamers. The main anti-LulzSec argument suggests that we're going to bring down more Internet laws by continuing our public shenanigans, and that our actions are causing clowns with pens to write new rules for you. But what if we just hadn't released anything? What if we were silent? That would mean we would be secretly inside FBI affiliates right now, inside PBS, inside Sony... watching... abusing...

Do you think every hacker announces everything they've hacked? We certainly haven't, and we're damn sure others are playing the silent game. Do you feel safe with your Facebook accounts, your Google Mail accounts, your Skype accounts? What makes you think a hacker isn't silently sitting inside all of these right now, sniping out individual people, or perhaps selling them off? You are a peon to these people. A toy. A string of characters with a value.

This is what you should be fearful of, not us releasing things publicly, but the fact that someone hasn't released something publicly. We're sitting on 200,000 Brink users right now that we never gave out. It might make you feel safe knowing we told you, so that Brink users may change their passwords. What if we hadn't told you? No one would be aware of this theft, and we'd have a fresh 200,000 peons to abuse, completely unaware of a breach.

In the passage above, it seems as though they feel their stance is a noble one for exposing what is possible through example. There's no doubt that what they've done has caused people to pay attention and consider just how safe their data is or isn't not just by their own control, but by the control of entities they are supposed to be able to trust. One can't help but wonder what else they have pillaged from the countless multitude of servers containing private information.

While sane, rational eyes not disconnected from caring about the livelihood of other human beings allows one to easily to see the flaw of their logic, the insult added to injury is the fact that they don't care what happens with the data once its released. In fact, they rather enjoy watching the havoc being created by anonymous evil-personified individuals.

LulzSec's Twitter stream has been filled with retweets from people who have used the previously-leaked 62,000 email addresses and passwords to do everything from prank 80 year-old women by sending them adult novelty items, to supposedly ruining relationships on Facebook. But that's just the start of it.

LulzSec sums up quite well how they feel about their "shenanigans" in the following passage of their press release:

Yes, yes, there's always the argument that releasing everything in full is just as evil, what with accounts being stolen and abused, but welcome to 2011. This is the lulz lizard era, where we do things just because we find it entertaining. Watching someone's Facebook picture turn into a penis and seeing their sister's shocked response is priceless. Receiving angry emails from the man you just sent 10 dildos to because he can't secure his Amazon password is priceless. You find it funny to watch havoc unfold, and we find it funny to cause it. We release personal data so that equally evil people can entertain us with what they do with it.

If you've been holding out hope that their intentions have been anything but frivolous, you can stop wondering. LulzSec does everything they're doing simply because they can. It's only by pure accident that they can say they're proving a point in the process. It's no secret that infrastructures around the globe aren't secure as they should be, but now we all know to what extent. Regardless, this is fun and games the Lulz way in the Internet age, at the expense of the helpless and uninformed everywhere. The following essentially wraps up just how they feel:

We've been entertaining you 1000 times with 140 characters or less, and we'll continue creating things that are exciting and new until we're brought to justice, which we might well be. But you know, we just don't give a living f#*k at this point - you'll forget about us in 3 months' time when there's a new scandal to gawk at, or a new shiny thing to click on via your 2D light-filled rectangle. People who can make things work better within this rectangle have power over others; the whitehats who charge $10,000 for something we could teach you how to do over the course of a weekend, providing you aren't mentally disabled.

How do you feel about LulzSec's intentions at this point? Obviously, they're just doing it for fun and not much else. Share your thoughts in the comments below!

-Stephen Chapman SEO Whistleblower

Topics: Collaboration, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

41 comments
Log in or register to join the discussion
  • RE: LulzSec:

    "It?s only by pure accident that they can say they?re proving a point in the process. It?s no secret that infrastructures around the globe aren?t secure as they should be, but now we all know to what extent."

    Hardly news. The NSA beat them to the punch last December and many thought that admission was long overdue.
    http://www.reuters.com/article/2010/12/16/us-cyber-usa-nsa-idUSTRE6BF6BZ20101216
    zlgtr
    • RE: LulzSec:

      @zlgtr

      Its the time for the Cyber War!
      why the Government is not taking a step ahead !!!!!!!!!
      http://thenewscourier.blogspot.com/2011/06/officials-comfirmed-that-cia-website.html
      TechExpert21
    • RE: LulzSec:

      @zlgtr If a person stood over you with a gun and called you a peon it would have the same expression as what this group of tards has done. We need to find them and prosecute them to the extent of the law, perhaps even create some new and clever ways of prosecuting them.
      DiggityDoug
      • RE: LulzSec:

        @DiggityDoug

        Problem is, the law cause the insecurity. I am french, so i don't know for the U.S., but we have a law (The LCEN), which force website to stock password in clear....

        Government at their best...

        and i don't speak of th problem with the U.S wanting to keep U.E. bank information for 15 years...

        And in case you don't know, some security expert discovers security fails, comunicate them anonymously, and what happen?

        Laws suits. Take the case of Guillermito or Fernando Gont or Serge Humpich...

        I don't agree by princips with them, but i think their action is a good wake-up call.
        cabale
  • RE: LulzSec:

    I don't agree or disagree with what they are doing. At least they are letting it be known what they are doing and what their intentions are.
    arndt_matt
    • RE: LulzSec:

      @arndt_matt
      I don't agree with them. If there is a fault at infrastructure, they should contact that organization "privately", not by exposing everything "publicly". This distabilizes trust on internet in the public eyes, which is already at the edge of downfall. I don't agree with them in anyway.
      Ram U
      • RE: LulzSec:

        @Rama.NET

        in all fairness, you shouldnt really trust the internet with anything
        5FingerDiscount
      • RE: LulzSec:

        @Rama.NET <br><br>if they contact privatly , why would they be called as hackers

        Its the time for the Cyber War!
        why the Government is not taking a step ahead !!!!!!!!!
        http://thenewscourier.blogspot.com/2011/06/officials-comfirmed-that-cia-website.html
        TechExpert21
  • RE: LulzSec:

    Some of your arguments here have merit, but what about the obvious one you're missing? Take this statement and turn it on its head:

    "... the insult added to injury is the fact that they don?t care what happens with the data once its released."

    How about, "the insult added to injury is the fact that for-profit custodians of your sensitive information don?t care what happens with the data once they possess it."

    What is the argument that Sony, Facebook, Skype, Google, and others raise in defense of their penny-pinching and/or laziness while in possession of your data? Is there any excuse these days for failing to deploy well-documented, well-tried security practices? Facebook didn't even deploy ssl until just a few months ago. Why not? Did it cost too much? Was it too hard? What?

    Worse, we have no way of knowing what any of these companies' internal security standards are. Every system administrator, a whole lot of executives, and even a few clerks at every one of those companies has access to sensitive data, and some have no compunctions about exploiting that access. You can quibble about the Lulz' philosophy and methods, but the fact is, they are chipping away at the smallest part of the information security problem. Disgruntled employees do not need to hack into anything to gain access to, then sell or in some other way exploit your sensitive data - or even just your email address.

    Kiosks staffed by teenagers, college students, or dropouts selling cell phones at shopping malls are mini-caches of social security numbers, credit cards, and cellular phone numbers. What are the controls around those kiosks, anyway?

    Well, I have to go. This is a pretty fascinating debate, thanks for having it!
    burntd0g
  • RE: LulzSec:

    Burntd0g is correct. And let me add, this whole situation is the strongest possible argument for not putting all your data in the cloud. Loss of control is suffering. It is suffering when someone has power over you. Losing control over something and having that control of your data go to someone else (a big corporation like Dropbox for example) means they now have power over you. If someone cannot see that this is an acute form of suffering and a real and present danger as the push toward cloud computing becomes stronger then that person is very ignorant.
    josh92
  • RE: LulzSec:

    Interesting comments from them. But do I believe there is really such a group called Lutz? I think it is a couple of nerdy chinese/russian goofs sitting in the computer room basement in Hong Kong... lol.
    SpankyFrost
  • RE: LulzSec:

    LulzSec logic is the same as other terrorists like AlQaeda. We attack innocent people to force your government to change policies we disagree with. If someone gets hurt well, we will celebrate it and hope more new followers will go out and target innocent people too. Time we declare this group a terrorsit organization and send them to Guantanamo, The definition of terrorism is using attacks to force changes in policies you don't like. Please tell me how they are any different? And just like Al Qaeda's first attack on the WTC, it will only escalate. Not hyperbole. Not exaggeration. Just fact. If we had cracked down on Osama Bin Laden back then we could have avoided 911. Let's act now to avoid the online equivalent.
    StopthePrivacyTerrorists
    • Nothing to do wil AlQaeda since Lulz do not care about government and they

      @StopthePrivacyTerrorists: ... do not make actual victims. Receiving dildos is nothing like being killed.

      And, they retain most of information they got; only releasing portion of it to create enough attention.
      DDERSSS
      • RE: LulzSec:

        @DeRSSS

        Veerrrrry good. Receiving dildos is not like being killed. But is it like having your life hacked. It is exactly like someone holding a virtual gun to your life and being able to do what they want, when they want, and how they want.

        Where you not able to read? Lives have been impacted negatively becuase of their actions. They enjoy causing grief, embarassment, and panic in people.

        You sir/madame are what is called a useful idiot.

        They should be locked up, pure and simple.
        Mr.Mister
    • RE: LulzSec:

      @StopthePrivacyTerrorists I totally agree with you. These guys need to be sitting in 5X8 cells with no access to anything that runs on electricity.
      dch48
  • RE: LulzSec:

    "the whitehats who charge $10,000 for something we could teach you how to do over the course of a weekend"

    I guess that means that what they do isnt worth shit... It must be as easy as 1, 2, 3.

    Yea. Not!. configuring the stuff is the easy part. Telling Windows Server 2008 to use IPsec is easy.

    Discovering new flaws and writing software to encrypt and creating new security standards to stop the black hats (Lulzsec) is where the money is at.
    TechGuyChris
    • RE: LulzSec:

      @TechGuyChris
      I just hope you know that there are 2 types of black hats . . .
      1. Hackers: Are people that hack just because they can.
      2. Crackers: Cyber criminals that have a monetary gain from hacking.
      mgaul
    • RE: LulzSec:

      @TechGuyChris
      .......
      Its the time for the Cyber War!
      why the Government is not taking a step ahead !!!!!!!!!
      http://thenewscourier.blogspot.com/2011/06/officials-comfirmed-that-cia-website.html
      TechExpert21
  • Don't like the message so you report it as spam? Cowards!

    My original message which some coward reported as spam just like terrorists who hide in caves was:
    LulzSec logic is the same as other terrorists like AlQaeda. We attack innocent people to force your government to change policies we disagree with. If someone gets hurt well, we will celebrate it and hope more new followers will go out and target innocent people too. Time we declare this group a terrorsit organization and send them to Guantanamo, The definition of terrorism is using attacks to force changes in policies you don't like. Please tell me how they are any different? And just like Al Qaeda's first attack on the WTC, it will only escalate. Not hyperbole. Not exaggeration. Just fact. If we had cracked down on Osama Bin Laden back then we could have avoided 911. Let's act now to avoid the online equivalent.
    StopthePrivacyTerrorists
    • RE: LulzSec:

      @StopthePrivacyTerrorists The definition of "Terrorism" is, in fact, "The use of violence and intimidation in the pursuit of political aims." From Princeton.edu, the definition is, "the calculated use of violence (or the threat of violence) against civilians in order to attain goals that are political or religious or ideological in nature; this is done through intimidation or coercion or instilling fear"

      Explain to any of us, I implore of you, how these two definitions, taken from reputable sources that are academic and moral apply to what you have said.

      Now to take apart what you have said.
      1. "My original message which some coward reported as spam just like terrorists who hide in caves was:"
      To report spam is the duty of someone who uses the internet, and to each person, spam is something else. Because you are calling for someone to be detained in Guantanamo, you are therefore expressing, implied or otherwise, a desire to see humans tortured and possibly executed without due process of the law.

      2. "LulzSec logic is the same as other terrorists like AlQaeda. We attack innocent people to force your government to change policies we disagree with. If someone gets hurt well, we will celebrate it and hope more new followers will go out and target innocent people too."
      Now when I read this, I almost marked your comment as spam as well, but I decided to try to reason with you like an intelligent human being. How is any of this an "attack" that is meant to target and hurt innocent people? If you are saying that in regards to the man who received dildos, yes, it could have been a traumatic experience for him because of some religious belief, but that is like me saying that I want a Mormon thrown in jail because he tried to convert me. There has been no physical attacks done by any party of lulzsec, as far as I know, which makes it, in essence, less violent than the Australians who pioneered the major use of the internet in the 80's, if I remember correctly. For those who don't know, they tried to electrocute and kill many technicians of the electric and phone company who were trying to stop these people from using the newly created "net".

      3. "Time we declare this group a terrorsit organization and send them to Guantanamo, "
      This goes back to what I said before, that this in itself is an offensive post as you request that people be detained illegally, stripped of their rights as a human being, and possibly have their right to life taken away.

      4. "The definition of terrorism is using attacks to force changes in policies you don't like."
      As I showed before, this is not the definition of terrorism.

      5. "Please tell me how they are any different? And just like Al Qaeda's first attack on the WTC, it will only escalate. Not hyperbole. Not exaggeration. Just fact. If we had cracked down on Osama Bin Laden back then we could have avoided 911. Let's act now to avoid the online equivalent."
      Now I will tackle this last part together. Back in the early 90's, America was waging a war in the middle east and Osama Bin Laden was on our side. However, when the war ended, America pulled out and left the country. Because of that, many people who were militaristic in nature wondered why America was not staying to help, and then turned against America. I assume that when you say "If we had cracked down on Osama Bin Laden back then we could have avoided 911", you mean that before the event itself, back in the 90's. There are many people who would agree with you, but the past is the past and we can not change it.

      Now to continue on with more intelligent discussion, what would have to be done to prevent acts like this would be costly for companies. The reasons that this happens is either laziness, ignorance, or flaws in the system previously. For example, to protect Windows properly, it would need to be rebuilt from the ground up, something that has not been done is about 40 years, I believe. Three years ago, I met the lawyer who was in charge of defending their case to extend their patent for the original Windows operating system, arguing that their source code has never been re-written and needed to be kept secret so people couldn't steal it. Then it would have to be rebuilt with competent programmers who did it out of a love for the project and a desire to write the best code.

      Attacks will continue, and the only way for the government to act would be to impose rules and regulations against the people, most of the time who are doing nothing wrong. The ones who are breaking the law will usually protect themselves from harm and the ones that don't know they are doing something wrong will not and end up being the ones punished.

      Also, please stop trying to impress us with your intelligence by using "hyperbole", and then "exaggeration" right after. They mean the same thing. One of the definitions is "exaggeration."
      bokin411