Archive for September 16th, 2012
It hasn’t been the best of months for Anonymous, the loose hacktivist collective that likes to view itself as the most potent threat on the Web to big government, big business, and those who do not share its views on pretty much anything — law enforcement, the environment, internet freedom, copyright laws, politics etc.
Several of its recent claims have been exposed as not just inflated, but outright fabrications.
FBI hack refuted
Earlier this month, AntiSec, an offshoot of Anonymous, posted more than 1 million Apple Unique Device Identifiers (UDID) to Pastebin, and claimed it had stolen more than 12 million of them from an FBI agent’s laptop in March.
The group claimed to have personal mailing addresses and phone numbers besides the UDIDs, plus device tokens for the Apple Push Notification Service (APNS) for numerous types of Apple devices such as iPhones, iPads and iPod Touches.
The FBI immediately denied that any of its computers had been compromised. Apple said it had never provided UDIDs to the FBI. And, as Michael Mimoso noted on the Kaspersky Labs blog Threatpost, David Schuetz, a senior consultant with Intrepidus Group, found that the real source of the breach was BlueToad, a Florida based technology provider for digital publishers.
“[Schuetz] found a password dump online for BlueToad dated March 14, the same week AntiSec said it had breached the FBI computer. Any hesitancy Schuetz had regarding BlueToad’s connection to the breach was evaporating,” Mimoso wrote.
Earlier this week, BlueToad CEO Paul DeHart publicly confirmed via the company’s blog that it was the source of the breach, that it had contacted law enforcement and was cooperating in the investigation.
GoDaddy’s outage claimed
There was also the recent boast by Twitter user @AnonymousOwn3r that he had shut down the website provider and domain name registrar GoDaddy on Sunday with a distributed denial-of-service (DDoS) attack.
Wrong again, said GoDaddy interim CEO Scott Wagner, who explained on the company website that the problem was a “service outage due to a series of internal network events that corrupted router data tables.”
Then there was the claim last month that Anonymous was looking to break into the communication system between NASA and the Mars rover Curiosity.
That didn’t even pass the laugh test for most security professionals, who viewed it as a bad joke or a weak attempt at trolling.
Last March, LulzSec, which operated under the Anonymous umbrella, after the FBI arrested and then flipped its leader, Hector Xavier Monsegur, who went by the hacker name of “Sabu.”
Does all this mean that the Anonymous brand has been undermined? Do its boasts and threats have any credibility in the security community?
Yes and no, say those who track its exploits. Most agree with Cole Stryker, an author who has researched Anonymous and who The New York Times quoted describing it as “a handful of geniuses surrounded by a legion of idiots.”
Those idiots, say experts, are going to make a host of errors and laughable claims. But that does not mean there is no danger from the core group.
“What we have here is a bunch of kids, largely in UK and here and dozens of other places such as Brazil, Turkey, Iran, China, Ukraine, Romania and lesser numbers in other places across the planet — a bunch of really bored kids who want to be a part of something, but have no clue,” said Kevin McAleavey, cofounder of the KNOS Project and a malware and hacking expert.
“How seriously do I take Anonymous’s claims? About as seriously as I take ‘The Daily Show,'” he said. “Yes, there are a handful of really dangerous people who those kids admire and who occasionally feed them a breath mint. One or two of them have already been apprehended. The rest have gone back to collecting exploits and writing malware, and selling them to criminals and government spooks for real cash. They won’t touch Anonymous any more because the heat is too high.”
Nick Selby, a Texas police officer and information security consultant who runs a police-led intelligence blog, noted at the time of the LulzSec bust that there is essentially no barrier to claim membership in Anonymous. “It doesn’t require massive technical skills — just reasonable knowledge and a willingness to break the law,” he said.
But Aaron Cohen, founder of the Hacker Academy, said he thinks it would be foolish to discount the group’s skill and power. He said he has a hard time talking about Anonymous, “because we don’t know who they are. People are out there doing things under the name of Anonymous, but you don’t really know if that’s true.”
Cohen said the whole idea of an Anonymous brand misses the point. “They’re not looking for branding,” he said. “They’re doing it under a pseudo name. There is no call to arms to get somebody. But if one person says they’re going to get a company, then everybody tends to rally around that person.”
But Cohen adds that he thinks Anonymous has been “pretty reliable so far,” in both its claims and its threats. And he said whether it is Anonymous or some other group, good hackers are proof that “if people want to break into something badly enough, they can.”
“So if you’re a target, it’s best to tighten up,” he said.
Blogs are a great forum to share your opinion, ideas and expertise. But the philosophy of build it and they will come is not true in the world of the web. Millions of blogs exist and without some work, yours is at risk of falling deep in the search results among the others never to be read.
Here are a few sure fire ways to guarantee that you will not see any traffic on your blog.
1. Close yourself off – Guest blogging and accepting guest blog posts alike is a great way to keep your page current and to build backlinks to your content. By encouraging others to post on your blog, you gain their help in promoting their database of readers to come see what they have to say on your site. In turn, when you guest blog on other people’s blogs, you do the same by getting your content in front of new sets of eyes.
2. Pay no attention to design – The look and feel of your blog directly impacts whether a person wants to stay on your site when they arrive or whether they feel like running. When you design a blog that looks appealing, people will be more likely to read what you have to say. If your content is compelling enough, you will have a repeat visitor and a loyal fan that will help spread the word about your site to their network of friends.
3. Participate on other sites – One great way to get found is to participate in discussions online. This can be done by leaving comments on blogs or answering questions on sites such as Quora. When you do this, you tell the world that you are an expert in a particular topic. If they want to read more, you could easily get high quality leads going to your blog to consume your content.
4. Give no way to subscribe – Do not expect to be remembered tomorrow by the people who visited you today. Instead, take your opportunity to stay in front of them by having an easy way to subscribe. Drive subscriptions by making your subscribe box visible and noteworthy so people have no choice but to see it.
5. Become a hermit – Believe it or not, even though your blog and business are online, meeting people face to face is still one of the best ways to drive people to your site. When you become a hermit you lose touch with the world and fail to network in a meaningful way that can help your business and blog grow. Instead, attend conferences and get out and meet people at local networking events as often as you can.
6. Disengage with your readers – People generally go to a blog to gain some sort of information. However, when there is no engagement, they may feel as if their voice is not being heard and may not have as much desire to engage with you. Instead, ask questions in your blog posts, survey your readers and find new ways to get them to post comments on your blog that will make them feel more invested in what you have to say.
7. Avoid controversy – This is a difficult one but without getting involved in current topics or events, you lose out on the ability to start a conversation on your site about something important and help generate traffic in that way. Your blog is your forum to voice an opinion and controversial topics are a great way to do this. But remember, always leave the forum open for others to voice their opinions back in return and start a conversation instead of a dispute.
Blogging can be a great way to generate traffic, but without doing it right your blog could be left flat and without the visitors you need to succeed.
About the Author:
Patrick Del Rosario is part of the team behind Open Colleges, one of Australia’s pioneer and leading providers of Open Colleges Management Courses and diploma of management. When not working, Patrick enjoys blogging about career and business. Patrick is also a photography enthusiast and is currently running a photography studio in the Philippines. If you have a blog and would like free content. You can find him on Google+ or drop a line at patrick (at) oc.edu.au.