Anti-Sec is not a cause, it’s an excuse

In a move clearly inspired by LulzSec, an Italian hacker recently uploaded a torrent containing personal information of thousands of Italian university students. This information was stolen from a slew of Italian university websites. According to the press release posted by Lulzstorm this was done “to tell every Italian student how little secure their personal data are”. I can think of better ways.
 
The spate of recent data thefts and subsequent publication, in the name of Anonymous, Lulz Sec, LulzStorm or the umbrella movement Anti-Sec has had a tangible impact on the safety and security of thousands of innocent internet users.
 
While there may be sympathy in some quarters for attacks on security contractors such as HB Gary and Infraguard or government websites in oppressive states; that sympathy rapidly evaporates when the result of publishing stolen material endangers the lives of serving police officers. Or when it compromises the privacy and safety of hundreds of thousands of innocent customers of online portals or gaming services.
 
The call to arms to the disparate hacker community that is represented by Operation AntiSec might read like something from a cyberpunk novel but in reality it is being used by far too many to lay a thin veneer of altruism over something entirely selfish. At least LulzSec had the decency to be honest in their manifesto, they were simply courting chaos.
 
The truth is that the majority of people now assembling under the Anti-Sec banner are doing this simply because they can. The convenience of having a “cause” somehow making it laudable. It is true that there are far too many poorly secured and configured web-sites out there. It is also true that the customers of those websites deserve a higher degree of care than they currently receive. It is manifestly not true to say that the interests of those people are best served by pasting their personal data all over the internet.
 
In the ultimate irony, the original AntiSec manifesto from back in 2001 was all about the irresponsibility of full disclosure. That same manifesto was reposted when Imageshack was compromised 8 years later. The manifesto criticised the “security industry” for using full-disclosure to develop “scare tactics” to convince people into by security. Are you listening Operation AntiSec?
 
This is a call for responsible disclosure in the Anti-Sec community, find the flaws, publish your successes if you must, but have the decency to spare the innocent victims of your crimes. Obscure personal data before you publish; otherwise you are considerably worse than those you are attempting to shame.
 

15 thoughts on “Anti-Sec is not a cause, it’s an excuse

  1. security grilles

    I personally think most of us do not realise the importance of internet security. We are spammed everyday about protecting our data virtually but how many of us know how to do it. The governement should be knowledging people more about how to protect ourselves against cyber attack instead of repeating it everyday.

    Reply
  2. Pingback: Securosis Blog | Friday Summary: July 14, 2011

  3. Pingback: Zerstörung der Privatsphäre Unschuldiger ist niemals zu rechtfertigen - datensicherheit.de Informationen zu Datenschutz und Datensicherheit

  4. Pingback: Hacken für den guten Zweck? - Hersteller Nachrichten

  5. Pingback: Hacken für den guten Zweck? Pressemitteilung

  6. Pingback:   Hacken für den guten Zweck?  -  BDZ-Presse

  7. Pingback: Pressemitteilung zu Hacken für den guten Zweck? | Weltjournal.de - Das online Presseportal

  8. Pingback: Hacken für den guten Zweck?

  9. Pingback: Hacken für den guten Zweck? | Deaf News Magazin

  10. Pingback: Hacken für den guten Zweck? » Trend, Micro, Ferguson, Bedrohungen, Datenschutz, Daten » OxMarketing

  11. Pingback: Hacken für den guten Zweck? | new News

  12. Pingback: Hacken für den guten Zweck? | IT News, NewMedia und Nachrichten zu Software Entwicklung

  13. Pingback: Hacken für den guten Zweck? | Presseportal für kostenlose Pressemitteilungen

  14. Pingback: Seminarbörse » Hacken für den guten Zweck?

  15. Pingback: Trend Micro Asia Pacific News Library - Anti-Sec is not a cause, it’s an excuse

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>