In celebration of its 1000th tweet, the merry hacksters of Lulz Security issued a manifesto Friday that gives an inside look at the guiding philosophy behind their recent campaign of cyberattacks, and explains why the group isn't really as nefarious as their identity-theft exploits suggest.
"For the past month and a bit, we’ve been causing mayhem and chaos throughout the Internet, attacking several targets including PBS, Sony, Fox, porn websites, FBI, CIA, the U.S. government, Sony some more, online gaming servers (by request of callers, not by our own choice), Sony again, and of course our good friend Sony," said the group in a statement posted to Pastebin.
Just don't think these attacks are a bad thing, says LulzSec -- or at least not as bad as they could be.
"The main anti-LulzSec argument suggests that we’re going to bring down more Internet laws by continuing our public shenanigans, and that our actions are causing clowns with pens to write new rules for you," says LulzSec. "But what if we just hadn’t released anything? What if we were silent? That would mean we would be secretly inside FBI affiliates right now, inside PBS, inside Sony… watching… abusing…"
Whether we want to admit it or not, LulzSec explains, none of us are safe from the hoards of depraved digital villains who lurk in the shadows of the online world. Of course, we can condemn LulzSec for stealing hundreds of thousands of website-users' identities. But we should also be thanking them for at least telling us about it, the group says.
"We’re sitting on 200,000 Brink users right now that we never gave out. It might make you feel safe knowing we told you, so that Brink users may change their passwords," writes LulzSec. "What if we hadn’t told you? No one would be aware of this theft, and we’d have a fresh 200,000 peons to abuse, completely unaware of a breach."
This sentiment -- that LulzSec is doing us all a favor by publicizing their dastardly deeds -- is actually shared by a growing number of people the "white hat" (i.e. non-criminal) cybersecurity industry. These people, tasked with protecting us from their evil counterparts, have been trying desperately for ages to explain the cornucopia of risks that goes with life online. Until now, however, few have paid attention. Instead, most of us non-hackers hide behind paper walls of anti-virus software, thinking we're all-good. LulzSec simply forces us to pay attention.
Regardless of whether you agree with LulzSec, the group says they're not going anywhere, at least until they're "brought to justice, which [they] might well be." And even if LulzSec is taken down by the authorities, there will just be some other group to take their place. "This is the lulz lizard era," says LulzSec. Arm yourself, or get used being abused.
Read the full LulzSec statement below. (WARNING: Some NSFW language):
Dear Internets,
This is Lulz Security, better known as those evil bastards from twitter. We just hit 1000 tweets, and as such we thought it best to have a little chit-chat with our friends (and foes).
For the past month and a bit, we've been causing mayhem and chaos throughout the Internet, attacking several targets including PBS, Sony, Fox, porn websites, FBI, CIA, the U.S. government, Sony some more, online gaming servers (by request of callers, not by our own choice), Sony again, and of course our good friend Sony.
While we've gained many, many supporters, we do have a mass of enemies, albeit mainly gamers. The main anti-LulzSec argument suggests that we're going to bring down more Internet laws by continuing our public shenanigans, and that our actions are causing clowns with pens to write new rules for you. But what if we just hadn't released anything? What if we were silent? That would mean we would be secretly inside FBI affiliates right now, inside PBS, inside Sony... watching... abusing...
Do you think every hacker announces everything they've hacked? We certainly haven't, and we're damn sure others are playing the silent game. Do you feel safe with your Facebook accounts, your Google Mail accounts, your Skype accounts? What makes you think a hacker isn't silently sitting inside all of these right now, sniping out individual people, or perhaps selling them off? You are a peon to these people. A toy. A string of characters with a value.
This is what you should be fearful of, not us releasing things publicly, but the fact that someone hasn't released something publicly. We're sitting on 200,000 Brink users right now that we never gave out. It might make you feel safe knowing we told you, so that Brink users may change their passwords. What if we hadn't told you? No one would be aware of this theft, and we'd have a fresh 200,000 peons to abuse, completely unaware of a breach.
Yes, yes, there's always the argument that releasing everything in full is just as evil, what with accounts being stolen and abused, but welcome to 2011. This is the lulz lizard era, where we do things just because we find it entertaining. Watching someone's Facebook picture turn into a penis and seeing their sister's shocked response is priceless. Receiving angry emails from the man you just sent 10 dildos to because he can't secure his Amazon password is priceless. You find it funny to watch havoc unfold, and we find it funny to cause it. We release personal data so that equally evil people can entertain us with what they do with it.
Most of you reading this love the idea of wrecking someone else's online experience anonymously. It's appealing and unique, there are no two account hijackings that are the same, no two suddenly enraged girlfriends with the same expression when you admit to killing prostitutes from her boyfriend's recently stolen MSN account, and there's certainly no limit to the lulz lizardry that we all partake in on some level.
And that's all there is to it, that's what appeals to our Internet generation. We're attracted to fast-changing scenarios, we can't stand repetitiveness, and we want our shot of entertainment or we just go and browse something else, like an unimpressed zombie. Nyan-nyan-nyan-nyan-nyan-nyan-nyan-nyan, anyway...
Nobody is truly causing the Internet to slip one way or the other, it's an inevitable outcome for us humans. We find, we nom nom nom, we move onto something else that's yummier. We've been entertaining you 1000 times with 140 characters or less, and we'll continue creating things that are exciting and new until we're brought to justice, which we might well be. But you know, we just don't give a living fuck at this point - you'll forget about us in 3 months' time when there's a new scandal to gawk at, or a new shiny thing to click on via your 2D light-filled rectangle. People who can make things work better within this rectangle have power over others; the whitehats who charge $10,000 for something we could teach you how to do over the course of a weekend, providing you aren't mentally disabled.
This is the Internet, where we screw each other over for a jolt of satisfaction. There are peons and lulz lizards; trolls and victims. There's losers that post shit they think matters, and other losers telling them their shit does not matter. In this situation, we are both of these parties, because we're fully aware that every single person that reached this final sentence just wasted a few moments of their time.
Thank you, bitches.
Lulz Security
It may seem like an era of internet insecurity has been ushered in thanks to Anonymous and Lulzsec, but one group called the Web Ninjas is fighting back and even claims to have exposed the identity of LulzSec’s leader.
