Posted by jrichards on Jul 22, 2011 in Security | 4 comments
People at school are saying they really aren’t hackers but the news says they are a group of hackers. Do you know who they are and what they are? Are they hackers?
That is a loaded question!
Depending on who you talk to they are either hackers or they aren’t. The media seems to have the notion that anything computer related that is bad is a result of hackers. “There is a new virus today that deletes so and so file. The hackers who wrote it…” It’s hard to take the media seriously when they go into computer or internet security and even their chief security officers seem to get the information wrong or use the wrong lingo at times.
Let’s discuss two of the bigger incidents Lulzsec members can claim.
1) They performed a DOS attack on a government web site and it became unresponsive for a short period of time.
2) They have broken into a number of people’s email accounts and leaked email information to the internet world.
Lulzsec can claim they did both of the above and no one can dispute that. But if you are asking if they are HACKERS because they performed (or have the ability to perform) the above actions, then the answer is no. They aren’t hackers at all. The above can be done without knowing anything about security or computers at all.
In the security boards I frequent and through many of the IT world this group are considered “script kiddies” which is often construed as the name “hacker” through the media. I won’t say they are script kiddies but most security professionals or anyone working in the field will likely tell you Lulzsec is the furthest thing from a computer hacking group.
1) DOS attacks
If you have enough people with enough computers and any of 100+ freely downloadable DOS attack applications from Google you can take down most any unsuspecting web server. It doesn’t really hurt anyone. It’s just people using a freely available program with enough support to bring a computer down. It has nothing to do with hacking or security. Anyone with 12 brain cells could pull it off if they had enough resources.
2) Email “hacking”
This, by itself, is one of those things that strike a nerve with me. There isn’t such a thing as “email hacking” unless someone has say a Lotus Notes client on their computer and they also have the databases stored locally (oops) and someone manages to break into the computer and recover the email data. What people consider email hacking isn’t hacking at all. People break into email accounts all the time and it is almost always due to the victim using an insecure password. If that person used a 25 character cryptic password (undercase, uppercase and numeric characters without using any words) Lulzsec wouldn’t be able to get into the email account if they had 6 months to work on it.
Again, there are HUNDREDS of free applications on Google that can be used to brute force email passwords for Yahoo, Hotmail, Comcast, Qwest, etc. The software is FREE. And all that you really have to do is type in an email address and a link to a sign-in form and it’ll try every combination of a computer-generated password as it can until it finds one that signs into the account. Anyone can do it if the password is short or easy enough to guess but really the people who run these types of programs or the DOS programs mentioned above are nothing more than script kiddies.
Unless someone knows how to break into systems on their own, they aren’t hackers. That is a definition most security people are likely to agree with. So by this definition the answer is NO. Lulzsec is not a group of hackers. That’s not to say some members might have the ability to, it’s saying the group as a whole uses freely available programs to do all the work for them and they find easy targets to hit.
Was this answer helpful?
lulzsec is a bunch of pathetic kids who know nothing about security. they just want to make a name for themselves and they are. they are total losers! And the only LULZ is them! hahaha. really though they don’t know anything about computers my 80 year old grandma.
The group Anonymous also fall into the category of deadbeat computer enthusiasts that have as much technical experience and knowledge as the underside of a frog. They are a bunch of kids (hopefully they are kids, if adults are playing with scripts the way they do I’d be ashamed of myself) just trying to make a name for themselves. They aren’t able to do any real hacks.
Did you hear Anonymous claims they can hack FB on November 5th?Who wants to bet Anonymous will embarrass themselves by promising something they have no way of succeeding at? I’ll laugh my @ss when they fail! They can’t do anything right.
Mail (will not be published) (required)