Pushing Bounds And Tempting A Fight

Doug Bernard | Washington DC

If one could speak about Anonymous as a singular entity, then it’s clear that Anonymous is spoiling for a fight.

But of course, Anonymous is anything but a singular thing. It’s been called a hive of numberless drones, an amorphous hidden collective of computer hackers and even “The Borg.” By definition it’s a group that has no boundaries, and thus no members. Officially, at least.

“We are not a group. You cannot join us.  We are an idea,” taunts the computer-generated voice in one of their many online videos.

OK, “Anonymous.”  But for a group with no members, you sure have been busy of late. Consider that in just the last week or two, some tentacle of Anonymous has claimed responsibility for hacking the following people or groups:

“Ultimate Champion.” After feuding with anti-SOPA activists via Twitter, Dan White, founder of the lucrative “Ultimate Fighting Championship” found his website cracked and his personal information published online and shared via his own Twitter account. White has since gone silent on the web.

The FBI and Scotland Yard. Following the recent seizing (and freezing) of the Megaupload.com website and the arrest of its flashy owner Kim Dotcom in New Zealand, Anonymous brazenly recorded an entire conversation between FBI and Scotland Yard agents discussing last year’s arrest and prosecution of seven individuals believed connected to an earlier Anonymous hack. While the call wasn’t on a secure line, they were able to record without detection, and likely with help of cracked email files either at the FBI or Scotland Yard.

Puckett & Faraj. One of the more prestigious (and expensive) legal firms in the United States, Puckett & Farai represented U.S. marine Frank Wuterich, who was charged with dereliction of duty and convicted in a court-martial relating to the 2005 killings of 24 Iraqis in Haditha.  Segments of Anonymous felt the conviction wasn’t enough, so promptly released 2 gigabytes of private information from the law firm for public view. So thorough was the data grab that Puckett & Faraj’s business manager is on record as saying “this may completely destroy the law firm.” (The Puckett & Faraj website is still nothing but a blank screen.)

Syrian President Bashar al-Assad.  Yet another offshoot of Anonymous obtained what it calls the email addresses and passwords of hundreds of Syrian government officials, among many other documents, and predictably posted them all online, amid much smirking and self-congratulation. (As of 1900 UTC, Feb. 7, the list at Pastebin is still publicly viewable.)*

They hacked Polish government websites after that nation’s parliament passed the Anti-Counterfeiting Trade Act, as well as government websites in Italy, the Czech Republic and those of the EU.  They released personal information about top city officials in Oakland, California, after that city’s confrontation with the “Occupy Oakland” protest group. They redirected online customers of CBS and Universal to dummy sites following their support of SOPA/PIPA. They even hacked Symantec, the firm whose software is supposed to protect computers against invasion and hacking, and released its source code (albeit old code, says the company.)

All this, not even counting the 100-odd small credit card hits along the way, spells a lot of busy little hacker hands, all calling themselves “Anonymous.”

Different Names, Same Result

As we’ve noted, Anonymous calls itself a group with no membership or leadership; that’s what it says, at least. But in reality, there are leaders and core members. There must be.

In truth there may actually be many competing leaders and subgroups all operating under the umbrella cover of “Anonymous.” AnonOps, AntiSec, LulzSec, AnonymousIRC, Anon_Sexy: these and many others look and sound like separate groups, with separate messages and pet causes. They even speak with different voices: a tweet or a posting by the now disbanded LulzSec reads like that of a cocksure 12 year-old boy, while videos and “news releases” from AnonOps have what you might almost call a seriousness about them.

Swarm attacks like DDoS hacks don’t just happen, they have to be planned and timed. While no one may be leading any particular hack, every one of them must get rolling at someone’s suggestion or instigation. And the more sophisticated multipronged attacks – like those that humiliated cyber-security firm HB Gary last year – require coordinated resources and actions. By definition, someone (or a group of someones) must be orchestrating the whole affair.

Take, for example, this week’s news of a new search engine for felons. Called “MegaSearch.cc” it coordinates the many separate lists of stolen credit card numbers held by various criminals around the world into one searchable database. That kind of coordination requires someone to register the site, maintain the data set and pay the bills, even if by theft.  (By the way, a quick search of Megasearch’s registration suggests, unsurprisingly, that it is connected to a noted malware server, so readers are encouraged not to go exploring without protection.)

Part of the problem may also be the success of the Anonymous brand itself. As hacks have grown bolder and grabbed bigger headlines, unaffiliated hackers have no doubt been tempted to test their abilities for mischief and advertise their misdeeds under the “Anonymous” shadow, thus creating a new round of headlines, and on and on.  Thus it seems like the “group” is constantly growing, but in fact it’s merely getting credit for the work of others it inspired.

Either way, the end result is the same. More hacker hands mean more hacks.

How Far Is Too Far?

Anonymous has its admirers, but it also has enemies, and not just those whose websites it has broken. One of them is “th3j35t3r” – code for “The Jester” – who self-describes as a”hacktivist for good” and has frequently taken shots at Anonymous (which has shot back). As generalizations go, it’s fairly true that hackers tend not to always play well with each other, and infighting among those who claim some Anonymous connection is common.

And there are missteps as well. Earlier this year someone claiming to be Anonymous released a video threatening to take down the servers of major international banks, the United Nations, Microsoft, YouTube, Twitter, and Facebook. “Operation Global Blackout” was billed as punishment for the megaupload.com seizure, and the voice warned that unless megaupload’s servers weren’t released within 72 hours, Anonymous would darken the web.

72 hours came…and went, with no serious activity. Shortly after, in a second video release, a voice claiming to be Anonymous explained:

“Why haven’t any of the things stated in the initial video happened yet? Simple. Because this proposed idea doesn’t have a set period of time when it will go into effect, as it is an on-g0ing operation. Like I said…I explained what we can do, not what we will do.”

Critics are unconvinced. Apart from the backtracking, the two statements have a different tone. Anonymous videos almost never use “I” or its variants, but the updated video is filled with them. Was it a mistake? Or are different hacker groups within or near Anonymous fighting again?

We’ve said before and say again that the safest bet is that Anonymous will soon be linked to another high profile, highly embarrassing hack attack. Private data will be released, faces will redden and Anonymous will gloat. But is that it? Nobody has ever been physically hurt, or worse, because of an Anonymous hack; no government has fallen and no commerce has been permanently disrupted. Which begs the question: is Anonymous little more than an embarrassment machine? Will anything seriously consequential ever result from their efforts?

How far will Anonymous go before it goes too far?

The answer may come sometime soon.

*Ed. Note: beyond the seriousness of any individual or group hacking and publishing government officials pass codes, we couldn’t help but note that nearly every password used wouldn’t even pass the most basic security analysis.  “12345″ is never, ever, a smart pass word; a drunken bear could probably crack that.

Just What, If Anything, Did Wednesday’s Protest Achieve?

Doug Bernard | Washington DC

UPDATE: Friday, January 20, 2012: Not content to leave the battle un-joined, the hacker group Anonymous stepped into the SOPA fray Thursday evening by launching a massive denial of service attack on several SOPA supporters, including Universal Music, the RIAA and MPAA. Also targeted was the U.S. Department of Justice and U.S. Copyright Office; although those attacks are likely to have been prompted more by Thursday’s shutdown of the website “MegaUpload” by Justice officials. AnonOps claims that 5,635 individual machines were used to launch the coordinated attacks, the largest single effort yet by Anonymous.  As we’ve noted before, when there’s a big story that has anything to do with the Internet, expect Anonymous to step in.

Whether the protests and hacks changed minds isn’t clear; however it has changed the bills’ fortunes on Capitol Hill. Friday Rep. Lamar Smith (R-TX) announced he would shelve SOPA for the moment, while in the Senate, Majority Leader Harry Reid (D-NV) cancelled a vote on PIPA.

It had been building for days. “Twitter, join the protest,” tweeted Ben Huh, founder and CEO of the mega-successful “I Can Has Cheezburger” websites. “Go Google for blacking out logo!” read another.

For weeks Huh had been using his Twitter account and other means to encourage Internet companies of all stripes to join in a one day protest against two pieces of legislation currently before Congress. “SOPA”, for Stop Online Piracy Act, and “PIPA”, the “Protect IP Act” were designed, say its authors, to crack down on overseas copyright piracy by strengthening the U.S. government’s hand in who they could prosecute and remove from the web.

Introduced more than a year ago, the legislation has the strong support of major entertainment companies such as Sony or the Motion Picture Association of America, or MPAA. But it has equally strong opposition, centered mostly among civil libertarians, online freedom activists and Internet-based firms like Google and Wikipedia.

This back and forth has put the bills into a sort of legislative limbo – not scheduled for floor or committee markup, but not officially dead, either. So beginning early January, Huh and others proposed a protest that would grab headlines, and perhaps knock SOPA’s advocates back on their heels. Their Internet sites would go dark for 24-hours, replacing their usual content with a stark message warning about the dangers of the bills, and urging users to contact their members of Congress.

One of Ben Huh's many tweets about the dangers of SOPA

So what happened? To start, Wikipedia went dark – kind of. The online compendium of facts large to obscure was unavailable for 24 hours, offering instead a shadowy black-and-white message on why PIPA and SOPA would censor services like theirs. It was billed as a total blackout, but as mobile phone and tablet users quickly found out, there was a still a back door open for full access from mobile devices.  Ben Huh’s “I Can Haz Cheezburger?” family of 54 websites of lolcats and goofy pranks all featured a large shield that could only be removed by clicking through to a site warning about the bills, and urging users to sign letters of protest. (Once clicked, however, all the lolcats were again available.) Google slapped a large black box over its logo, although its search function continued to work, and online magazine Wired blacked out all the text on its site, which, however, became visible when you moused-over it.

“Boing Boing”, “Firefox”, “Tumblr”; these and many more sites limited services and featured ominous warnings about the bills. But many other sites did not participate. Twitter refused to join the protest, calling such a single-issue stoppage of a global company “foolish.” Amazon.com didn’t make mention of the bills either – but this perhaps was less surprising as retailers, in general, would not be as threatened under PIPA and SOPA than over content-rich sites. Even some editors of Wikipedia complained that the blackout could threaten Wikipedia’s reputation as a non-biased source of information. “My main concern is that it puts the organization in the role of advocacy,” editor Robert Lawton told the Associated Press.  “Before we know it, we’re blacked out because we want to save the whales.”

Screen grab from Wired's front page featuring SOPA-inspired blackouts

In the end, the protest garnered headlines but changed few minds. Ebay, Facebook, Yahoo!, Google, Twitter and others still oppose SOPA, while NBC Universal, Comcast, 3M, Walmart, the RIAA and others still support it. And the larger question now is: what will opponents do if and when the bills actually start moving again in Congress? A one day blackout is one thing; shutting access for an indefinite period of time will be a much harder, and costlier, sell.

For his part, SOPA author Rep. Lamar Smith (R-TX) has introduced a “manager’s amendment” – which you can read here – which represents a modification of the original bill, and one that, for parliamentary reasons, Rep. Smith may begin to move through committee as early as February. In the meantime, SOPA & PIPA proponents, such as the Creative Alliance, have announced they will soon launch an advertising campaign about the benefits of the bills.

And Ben Huh isn’t the only one taking his campaign to Twitter. SOPA supporter Rupert Murdoch tweeted yesterday: “Seems blogosphere has succeeding in terrorizing many senators and congressmen who previously committed. Politicians all the same.”

Stay tuned.

A Year That Began And Ended Anonymously

Doug Bernard | Washington DC

It’s something of a party game, this time of year, to look back and put together lists. Top ten this, bottom five that; trends that are in or out, predictions about the coming calendar year.

Of course, it is largely that: a party game. Of all the moments of 2011, all the events on which tragedy turned or innovations sprang forward, there’s really no way to boil it down to a simple list. Was the death of Steve Jobs #5 or #4 in significance? Purely a matter of perspective. Which was the more important story, the attempt by Egypt to erase that nation from the Internet (unsuccessful) or efforts by Syria to keep it going, but use tricks to monitor and eavesdrop on social media (still ongoing)? That story hasn’t yet been finished. Has Facebook become everyone’s creepy friend? Depends who you ask.

We’re not even going to play the game, instead leaving it to others for some fun on the New Years. Rather, we have just one nominee in a new category: Top Story That Remains A Mystery.

That story starts and ends with one word: Anonymous.

We’ve written copious items about the antics – some silly, some serious – of the Anonymous hacker hive. The year began with Anonymous trying to shut down MasterCard and PayPal, for their decisions not to process donations to the group Wikileaks. It continued with Anonymous targeting various Arabic governments trying to repress the civic unrest on the streets and online, moved to attacks on the U.S. government for various reasons, then to corporate titans such as Sony, in support of the “Occupy Wall Street” movements around the world, and the bloody Mexican drug cartels. Just days ago, as the year was drawing to a close, Anonymous hacked the private intelligence group Stratfor – of which yours truly is a user – and published the personal details of all those registered with the group to receive its services.

This week the “AntiSec” branch of Anonymous published its handiwork. 50,277 credit card numbers were released, along with 86,594 e-mail addresses, 27,537 phone numbers and 44,188 encrypted passwords.  (If you’re wondering if you’re part of the hack, you can check here.)  Stratfor says it has addressed the problem, but of course, it really hasn’t. Now that all that data is out there, it can’t be erased.

For just about every significant news story this year, some part of Anonymous’ digital shadow hung large. We’ve even heard from Anonymous personally this year; after one of our stories, members of the group (presumably) hacked my personal email account, just to deliver a message. Dear Anonymous: I hear you.

But truth be told, I don’t fully understand you. Nor, I think, does anyone, really. For any given attack, there’s no sure way of knowing if Anonymous was behind it, or just some free-lancers looking for a little Internet mayhem. And then again, who’s to say what Anonymous even is? There’s no board, no director, no organizing structure. Just hundreds, or thousands, of web lurkers stirring up the digital pot. Anonymous is like fog: you can see it, but no matter how hard you try, you just can’t grab it.

So as we look back at what’s happened, and squint hard to try and imagine what the future holds, our money is that Anonymous will be there throughout the new year, whatever the story.

All good things to all our readers in the coming new year.

And Taking the OWS Protests Online

Doug Bernard | Washington DC

Periodically we like to share a few of the stories and posts from across the web that caught our eye. There are no editorial threads implied connecting these items together, other than being interesting.

#1: Anonymous vs. the Zetas.  Over the last year, the hacker collective Anonymous has gone after a wide range of targets – the Sony Corporation, the CIA (the U.S. intelligence agency), and Barney the Dinosaur to name a few. But now, they’re facing a very different adversary: Mexico’s vicious Zetas drug cartel.

In several videos posted online, presumed members of Anonymous threaten the Zeta cartel with revealing the names and addresses of their top supporters, including journalists and police members, unless the Zetas release a member of the hacker group allegedly kidnapped.  “You have made a great mistake taking one of us.  Free him,” warns one masked messenger.

There are no confirmed details of the kidnapping, or little else about this story; which is no surprise, considering it pits a lawless “hacktivist” community against a powerful drug mob. One Anonymous spokesperson says the kidnapping happened in October in the Mexican city of Veracruz. In fact, that region is the power base of the illegal drug ring known as “Los Zetas.” The U.S. Drug Enforcement Agency labels the Zetas as the most violent drug cartel and paramilitary operating in Mexico, and in the past the Zetas have kidnapped, tortured and killed several journalists and online activists working to expose the cartel’s activities. On the other side, it’s presumed parts of the Anonymous collective are working in Mexico and may have information on the cartel’s supporters, but because of the hidden and highly decentralized nature of the group, it’s hard to know for sure.

A screen capture from one of Anonymous' videos threatening the Zeta drug cartel

It’s also not unusual for online activists to do battle with the drug cartels.  “El Blog Del Narco” was one of the first, and still among the most popular, documenting the comings and goings of members and supporters of the Sinaloa drug cartel, a rival smuggling operation to the Zetas. And the cartels have violently struck back, recently hanging and mutilating several online activists from a bridge with signs warning that “this is going to happen to all of those posting funny things on the Internet.” The drug lords do not fool around.

But neither does Anonymous, which is why the threat is being taken seriously. If the group carries out its threat to post on November 4th, both members of the media and the drug cartels will work to confirm the information – the media to document it, and rival cartels to target their opponents. And spreading the risk around, any hackers the cartels have worked with in the past will also come under a shadow of suspicion. In the words of the masked Anonymous spokesperson, “Wait and see.”

#2: Taking the “Occupy” Protests Online. There are currently dozens of real-life protests in the real world streets of many major cities: New York, London, Toronto, Tokyo, and many others. Beginning in New York a few months back, “Occupy Wall Street” (OWS) protesters cite inspiration in part from the massive rallies of the Arab Spring earlier this year. While no governments have yet toppled, the protest encampments  quickly grew and spread, generating lots of media coverage but little else so far.

And now, again like the rallies in Cairo and Bahrain, protest supporters are working to document the movement online. The head of MIT’s Center for Civic Media, Ethan Zuckerman, writes of a new joint project between the People’s Production House, or PPH, and NewsMotion.org to bring civic journalism to the protest tent cities.

(AP Photo/John Minchillo)

People’s Production House is a nonprofit journalism training operation working to bring digital tools to the street and help individuals tell and share their own stories. PPH creative director Marisa Jahn, a self-described citizen activist, has joined with NewsMotion’s Julian Rubenstein, a former Washington Post reporter and longtime journalist and documentarian. Together they tell Zuckerman they’re launching a project tentatively titled Basta!, a web platform specifically designed to cover OWS from the protesters point of view.  Says Zuckerman:

“The platform seeks to combine original content and curated aggregation, to identify the best, most relevant and accurate sources, whether they’re official, unofficial or citizen sources. One of the key challenges of the system is finding a way to both tell the broad story – seeing the various points on a map where people are participating in the movement – and the deep story. The group is commissioning and serializing portraits of individuals to show off the complexities of these issues, with the goal of being able to tell subtle, multifaceted stories related to the issues.”

Many of the protests, including OWS, already have their own websites, and there are thousands of videos posted online by individuals taping events; perhaps most memorably when protester and Iraq war veteran Scott Olsen was seriously injured in a confrontation with police in Oakland, California. Basta! is not yet online, but you can view some of the coverage PPH has been assembling at their website.

Courtesy Aram Bartholl/Creative Commons

#3: “Open Intern@t” For years, the German artist Aram Bartholl has made the web – and our interaction with it – a major theme of his work. In “Dead Drops,” he embedded real, working flashdrives in buildings and public spaces, allowing daring passersby to upload or download documents. For “WoW,” he constructed enormous signs bearing the names of volunteers, who agreed to walk through major cities with someone else holding the sign above them, much as players do in the online game World of Warcraft (or WoW). Now in “Open Intern@t,” he’s carrying around those ubiquitous LED “OPEN” and “INTERN@T” signs seen hanging in shops around the world. And his signs don’t lie: he also carries a mobile 3G hotspot around with him, allowing people on the street near him to log onto the Internet for free. However, this is art…or a “public intervention,” in his words.  So part of the deal is that Bartholl keeps moving, forcing people either to follow around close to him or get pushed off the web.

As art goes, we’re not so sure. But we’re considering buying his “work” and taking it on trips with us.

OPEN INTERNET from aram bartholl on Vimeo.

And Spreading Malware Hits Big and Small Alike

Periodically we like to share a few of the stories and posts from across the web that caught our eye.  There are no editorial threads implied connecting these items together, other than being interesting.

#1: LulzSec vs. NewsCorp: After very publicly disbanding just a few weeks ago, it seems the LulzSec hackers have come out of retirement and have a new target – Rupert Murdoch.

The “lulz” began early this week with a hack of The Sun, one of News Corporation’s many newspapers and sister publication to the recently shuttered News of the World.  “Media moguls body discovered” yelled the headline of a phony story, mocking Mr. Murdoch and the recent troubles of his News Corporation.

The bogus article was quickly erased, but the hackers warned of more serious problems to come.  Specifically, the LulzSec Twitter feed claimed the group has up to 4 gigabytes of private emails from the Sun’s servers – which they may, or may not, begin releasing, depending on which Twitter claim you believe.

@AnonymousSabu, thought to be one of LulzSec’s founders, tweeted that “We’re releasing something we found in The Sun’s mail server, shortly. Ouch. Ready for the media storm?”  But when that release failed to occur, @AnonymousIRC, associated with a hybrid LulzSec/Anonymous offshoot, tweeted this: “We think, actually we may not release emails from The Sun, simply because it may compromise the court case.”  That was quickly followed by this tweet from @LulzSec: “We’re currently working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have.”

So far, no media organization has admitted to any partnerships with LulzSec, AnonOps, AntiSec or any of the other heads of the larger Anonymous hydra.  But  in an interview with British newspaper The Independent this weeek, Sabu warns that The Sun hack was “simply phase 1″ of a larger operation that hackers intend to launch against other News Corporation’s properties – and Murdoch himself.  Not content to stop there, Sabu then suggested additional targets, warning: “New York Times, Forbes, LA Times, we’re going in.” Read the rest of this entry »

Who, And Where, Are The Greatest Threats To Internet Security?

In this Sept. 24, 2010, file photo the National Cybersecurity & Communications Integration Center (NCCIC) prepares for the Cyber Storm III exercise at its operations center in Arlington, Va. (AP Photo/J. Scott Applewhite)

The web has been humming with talk this week – talk, concern, worry and general shpilkes – about Internet security.  There’s good reason: not only are there renewed questions about just which hacker group is responsible for what cyber-attack, but the rate and severity of computer hacks appear to be escalating rapidly.  In the last week alone the governments of Brazil, Antigua, Australia and Zimbabwe have all been hit hard, with secure and private information literally pouring out onto the web.  “Anonymous” on Tuesday declared ‘war’ on the city of Orlando, going as far as dressing Mickey Mouse up in the “Guy Fawkes” mask of AnonOps.   One day later the newly formed hacker group “AntiSec” targeted the major media firms Universal Music and Viacom, while also returning to an earlier hack – the Arizona Department of Public Safety – only this time with a new document dump of sensitive information.  It seems no-one is immune: even singer Amy Winehouse’s website was defaced Friday by a group calling itself “SwagSec”, which vows to “…take back the Internet from the white devil.”

The hacking playground has become crowded territory, and despite efforts of the FBI (also a recent hacker victim) and British authorities, there are no signs the web is becoming any less insecure.

Below are several stories we found online this week: none of them specifically concerning the Lulz-Anti-Anonymous-Swag-Sec tangle, but all that still raise serious questions of web privacy and security. Read the rest of this entry »

Why the Latest, Hottest Hacker Group May Never Have Existed.

I’ll admit it.  Like many of my colleagues, I’m a sucker for a great story.  Sure, I run it through the standard fact-checking traps, and try to question and independently confirm each detail.  And always, I remind myself that if it smells too good to be true, it probably isn’t.

Still, sometimes I get taken in.  And other times…I’m not quite sure.

The LulzSec mascot, toasting the symbol of Anonymous

Latest case in point: LulzSec.

Now, if you’re in any way tuned in to the latest Internet happenings or follow cyber-security issues, you’ve been hearing a lot about LulzSec of late.  If not, here’s a short primer: when they popped up on the hacker scene just a few months back, it was hard to know what to make of them.  First, there was its mascot.  Unlike Anonymous’ iconic empty black suit, or taunting Guy Fawkes mask, LulzSec’s logo was a somewhat snooty-looking creature, complete with top hat, monocle and a glass of wine.  Then there was its name – “Lulz Security” or LulzSec for short – suggesting more mischief than activism.  As we discussed in an earlier post:

“LulzSec” appears to be a collective venture whose main goal is making trouble – or in their own words, “causing lulz.”  In the lingo of the Twitter Age, ‘lulz’ is a variant of ‘lol’, which means “laugh(ing) out loud.”  However, while a lol might be applied to a joke or funny picture in appreciation of something mildly amusing, a lulz has come to mean laughs at the expense of others.   A cute kitten picture prompts a lol; someone who has their accounts hacked and private information exposed is a lulz.”

But few were laughing once LulzSec got up and rolling.  They’re widely credited with engineering a major hack of Sony’s Playstation Network, exposing the private information of potentially millions of players.  Sony was so embarrassed by the attack that the chief corporate officers offered a rare public apology, bowing deeply before the press.  And the attacks didn’t stop there: among LulzSec’s other targets: the U.S. Senate, the Arizona Police Department, Fox.com, the FBI, the Public Broadcasting Service, the state of Brazil, and the CIA. Read the rest of this entry »

And Better Blogging Through Stripping

Periodically we like to share a few of the stories and posts from across the web that caught our eye.  There are no editorial threads implied connecting these items together, other than being interesting.

#1: The Fight Over Airwaves.  Several facts of war are as old as battle itself.  They are ugly, bloody affairs.  Far too much that is precious is lost.  And each new war creates its own new technology.

Military history through the centuries demonstrates the winning side doesn’t have to be the richest or biggest  – but they do have to be the most adaptable to new innovations.   In Iraq and Afghanistan, that innovation has been the IED.

A controlled IED explosion in Iraq (photo: U.S. Marine Corps)

Read the rest of this entry »

…And Taking Armenia Off

Two items recently caught our eye.  There’s not much on our part to add, but in retrospect they both seem to speak to a similar theme – that of how fragile our online worlds can be.

First, the nonprofit Access Now – a loose group campaigning for expanded online freedom and access – has released new report designed to protect pro-democracy activists in the Arab world.  “Protecting Your Security Online” comes in both Arabic and English versions, and includes many ideas and pointers for anyone wanting to protect their online activities from prying eyes.

Topics include secure browsing, circumvention technologies, encryption and many others, including this helpful tip that we think can’t be repeated enough:

“There are increasing options for utilizing GPS technology in order to demonstrate your physical location when online. This can be a powerful tool when used as part of a coordinated campaign to map out reports from the ground using mobiles during a crisis or key event, but it also gives out incredibly sensitive information about your location and activities. We recommend you turn GPS tracking off for programs such as Twitter and Bambuser unless it’s temporary and critical to an activist project you’re working on. Even if the GPS is not displayed, it is critical to disable the collection of this information in your web browser or other client.”

Beyond this specific report, the Access Now site is a rich cache of news, events, and projects focused on expanding Internet access and use, and well worth spending some time exploring.

The second item comes from Armenia, but actually begins in neighboring Georgia.  As reported here by the Guardian newspaper, it seems an elderly Georgian woman who was scavenging for old, unused copper pipes accidentally cut through an underground cable.

The cable that provides nearly all Internet access to Armenia.  Oops.

Seems nearly all of Armenia’s Internet traffic is routed through Georgia, and that particular cable.  Severed with a simple shovel, it threw Armenia’s businesses, government and 3.2 million residents  temporarily offline.  ZDNet adds this incredulous comment:

“I cannot understand how this lady managed to find and damage the cable,” Giorgi Ionatamishvili, head of marketing for Georgian Railway Telecom, told AFP in the report.  “It has robust protection and such incidents are extremely rare,” he added.

Apparently, not robust enough for a spade wielded by a 75-year-old pensioner.  The woman’s name has not been released, but wags in Georgia have already begun referring to her as “the spade-hacker.”

The connection has been repaired, and all appears well.  However, we  worry this may give Anonymous new ideas.