Antisec Movement
Encyclopedia
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
industry. Antisec is against full disclosure
Full disclosure
In computer security, full disclosure means to disclose all the details of a security problem which are known. It is a philosophy of security management completely opposed to the idea of security through obscurity...
of information relating to but not limited to: software vulnerabilities, exploits, exploitation techniques, hacking tool
Hacking tool
A hacking tool is a program designed to assist with hacking, or a piece of software which can be used for hacking purposes.- Examples :Examples include Nmap, Nessus, John the Ripper, SuperScan, p0f, and Winzapper. Bribes, have also been designated as among the most potent hacking tools, due to its...
s, attacking public outlets and distribution points of that information. The general thought behind this is that the computer security
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
industry uses full-disclosure to profit and develop scare-tactics to convince people into buying their firewalls, anti-virus software and auditing services.
Movement followers have cited websites such as SecurityFocus, SecuriTeam
SecuriTeam
SecuriTeam is a free and independent computer security portal, covering both security news and the most recent threats, with a database dating back to 1998...
, Packet Storm
Packet Storm
Packet Storm Security is a website offering current and historical computer security tools, exploits , and security advisories. It is operated by a group of security enthusiasts that publish new security information and offer tools for educational and testing purposes...
, and milw0rm
Milw0rm
milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre in Mumbai, the primary nuclear research facility of India, on June 3, 1998...
to be targets of their cause, as well as mailing lists like "full-disclosure", "vuln-dev", "vendor-sec" and Bugtraq
Bugtraq
Bugtraq is an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of exploitation, and how to fix them...
, as well as public forums and IRC channels.
As recently as 2009, attacks against security communities such as Astalavista and milw0rm
Milw0rm
milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre in Mumbai, the primary nuclear research facility of India, on June 3, 1998...
, as well as the popular image-host ImageShack
ImageShack
ImageShack is a free image hosting website. ImageShack has a subscription service but the majority of its revenue is produced from advertising related to its free image hosting. The imageshack.us Alexa ranking in September 25, 2007 was one of the top 40, but now as of September 25, 2011 it's...
, have given the movement worldwide media attention.
History
The start of most public attacks in the name of the anti-security movement started around 1999. The "anti-security movement" as it is understood today was coined by the following document which was initially an index on the anti.security.is website.~el8
~el8 was one of the first anti-security hacktivist groups. The group waged war on the security industry with their popular assault known as "pr0j3kt m4yh3m". pr0j3kt m4yh3m was announced in the third issue of ~el8. The idea of the project was to eliminate all public outlets of security news and exploits. Some of ~el8's more notable targets included Theo de RaadtTheo de Raadt
Theo de Raadt , born May 19, 1968 in Pretoria, South Africa, is a software engineer who lives in Calgary, Alberta, Canada. He is the founder and leader of the OpenBSD and OpenSSH projects, and was a founding member of the NetBSD project.- Childhood :...
, K2, Mixter
Mixter
Mixter is a computer security specialist. Mixter first made the transition out of the computer underground into large-scale public awareness, in 2000, at which time newspapers and magazines worldwide mentioned a link to a massively destructive and effective, Distributed Denial of Service attacks...
, Ryan Russel (Blue Boar), Chris McNab (so1o), jobe, rloxley, pm, aempirei, broncbuster, lcamtuf, and OpenBSD
OpenBSD
OpenBSD is a Unix-like computer operating system descended from Berkeley Software Distribution , a Unix derivative developed at the University of California, Berkeley. It was forked from NetBSD by project leader Theo de Raadt in late 1995...
's CVS repository.
The group published four electronic zines which can be found here.
pHC
pHC called themselves "proud supporters of pr0j3kt m4yh3m". This group also waged war against the security industry and continued to update their website with news, missions, and hack logs.Less recent history
Most of the original groups such as ~el8 have grown tired of the anti-security movement and left the scene. New groups started to emerge.dikline
dikline kept a website http://dikline.org which had an index of websites and people attacked by the group or submitted to them. Some of the more notable dikline targets were rave, rosiello, unl0ck, nocturnal, r0t0r, silent, gotfault, and skew/tal0n.giest
In August 2008, mails were sent through the full-disclosure mailing list from a person/group known as "giest".Other targets include mwcollect.org in which the group released a tar.gz containing listens of their honeypot networks.
ZF0
ZF0 (Zer0 For Owned) performed numerous attacks in the name of pr0j3kt m4yh3m in 2009. They took targets such as Critical Security, ComodoComodo
Comodo Group, Inc. is a privately held group of companies providing computer software and SSL digital certificates, based in Jersey City, New Jersey, in the United States...
and various others. They published 5 ezines in total. July 2009, Kevin Mitnick's website was targeted by ZF0, displaying gay pornography with the text "all a board the mantrain.".
AntiSec Group
A group known as the "AntiSec Group" enters the scene by attacking groups/communities such as a Astalavista, a security auditing company named SSANZ and the popular image hosting website ImageShackImageShack
ImageShack is a free image hosting website. ImageShack has a subscription service but the majority of its revenue is produced from advertising related to its free image hosting. The imageshack.us Alexa ranking in September 25, 2007 was one of the top 40, but now as of September 25, 2011 it's...
.
Graffiti reading "Antisec" began appearing in San Diego, California
San Diego, California
San Diego is the eighth-largest city in the United States and second-largest city in California. The city is located on the coast of the Pacific Ocean in Southern California, immediately adjacent to the Mexican border. The birthplace of California, San Diego is known for its mild year-round...
in June 2011 and was incorrectly associated with the original Antisec movement. According to CBS8, a local TV affiliate "People living in Mission Beach say the unusual graffiti first appeared last week on the boardwalk." They also reported "...it was quickly painted over, but the stenciled words "we're back Monday morning." It was later realized to be related to the new Anti-Sec movement started by LulzSec
LulzSec
Lulz Security, commonly abbreviated as LulzSec, is a computer hacker group that claims responsibility for several high profile attacks, including the compromise of user accounts from Sony Pictures in 2011. The group also claimed responsibility for taking the CIA website offline...
and Anonymous
Anonymous (group)
Anonymous is an international hacking group, spread through the Internet, initiating active civil disobedience, while attempting to maintain anonymity. Originating in 2003 on the imageboard 4chan, the term refers to the concept of many online community users simultaneously existing as an anarchic,...
.