Play By Play Of How HBGary Federal Tried To Expose Anonymous... And Got Hacked Instead

from the tick-tock dept

Nate Anderson has put together an excellent play-by-play of the whole HBGary Federal fiasco, mainly by going through the emails that Anonymous leaked. It's well worth reading the whole thing, so I won't repeat the key points here, but what's really fascinating is the back-and-forth between HBGary Federal CEO Aaron Barr and others at HBGary Federal, including his main technical guy, who clearly thinks Barr's methodology is worthless. It becomes clear that the technical guy sympathizes with Anonymous and Wikileaks and Barr even calls him on this point (admitting that he too sort of feels that way, but he recognizes this as a PR opportunity). The coder at one point mocks the whole plan as:
Step 1 : Gather all the data

Step 2 : ???

Step 3 : Profit
Yup. That's a coder alright. Then there's this fascinating argument where the coder points out that the statistical basis for Barr's claims (basically analyzing who people's friends on Facebook are is about as accurate as your daily horoscope:
Barr: [I want to] check a persons friends list against the people that have liked or joined a particular group.

Coder: No it won't. It will tell you how mindless their friends are at clicking stupid shit that comes up on a friends page. especially when they first join facebook.

Barr: What? Yes it will. I am running throug analysis on the anonymous group right now and it definately would.

Coder: You keep assuming you're right, and basing that assumption off of guilt by association.

Barr: Noooo....its about probabilty based on frequency...c'mon ur way smarter at math than me.

Coder: Right, which is why i know your numbers are too small to draw the conclusion but you don't want to accept it. Your probability based on frequency right now is a gut feeling. Gut feelings are usually wrong.

Barr: [redacted]

Coder: [some information redacted] Yeah, your gut feelings are awesome! Plus, scientifically proven that gut feelings are wrong by real scientist types.

Barr: [some information redacted] On the gut feeling thing...dude I don't just go by gut feeling...I spend hours doing analysis and come to conclusions that I know can be automated...so put the taco down and get to work!

Coder: I'm not doubting that you're doing analysis. I'm doubting that statistically that analysis has any mathematical weight to back it. I put it at less than .1% chance that it's right. You're still working off of the idea that the data is accurate. mmmm…..taco!
That same coder later warned another company exec saying that "I feel his arrogance is catching up to him again and that has never ended well...for any of us." Fascinating read all around.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    Marcus Carab (profile), Feb 11th, 2011 @ 4:33pm

    This is an amazing story...
    The chat logs (linked in the article) of the parent company's CEO visiting an IRC channel to negotiate with Anonymous are insane (and pretty fascinating) - they are really long but search for the name "Penny" to find when she arrives.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 11th, 2011 @ 5:54pm

      Re:

      Never beg Anonymous to stop because Anonymous is irrational when it comes to things like emotion and empathy. If you are being targeted by Anonymous, do not engage, I repeat, do not engage. Just run and hide and hope to hell it all blows over.

      But don't expect to reason with them.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        aldestrawk (profile), Feb 11th, 2011 @ 7:18pm

        Re: Re:

        Actually, Barret Brown, a non-anonymous member of Anonymous, who is actually named in Aaron Barr's investigation document, had a link to the Pirate Bay torrent on his Daily Kos blog. After Penny Leavy, the president of HBGary and husband of Greg Hoglund, talked with him he agreed to take down that link. Of course, he could not remove the emails from being publicly available on the internet.
        HBGary seems to be trying very hard to separate itself from Aaron Barr's actions despite having an investment in HBGary Federal. As more email messages are pointed out it looks like the leadership of HBGary was well aware, and supportive, of what Aaron and HBGary Federal were doing.

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Johnny, Feb 12th, 2011 @ 2:47am

        Re: Re:

        > But don't expect to reason with them.

        Don't violate the "laws of the Internet" and you'll never come in their crosshair.

        > Never beg Anonymous to stop because Anonymous is irrational

        I think they are quite rational. You don't need to beg, you just need to cease and desist with whatever immoral activity you are engaged in. Bet you any attack would stop immediately.

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          KasparsM, Feb 15th, 2011 @ 2:03am

          Re: Re: Re:

          > I think they are quite rational. You don't need to beg, you just need to cease and desist with whatever immoral activity you are engaged in. Bet you any attack would stop immediately.

          You probably didn't read the IRC chat or are equally clueless about how the internet actually works. If you ignore all the lolz and fcks you will see that the "children" were much more rational and realistic. They had to repeat several times that there is not way to stop the leak that is already on torrents. It's just how it works. No amount of C&D can stop what is already in torrents.

          There was still a time to stop leaking Greg's emails and the "children" put forth 2 conditions for this -- (1) fire Aaron Barr or if it is not possible, pull out investment from HBGary Federal and (2) donate it to some charity. Penny refused to accept any of these conditions and defended Mr. Barr by saying that they have found this rare talent for this job and it is just a one time mistake.

          The rest is now the history. All emails got released and now the whole world is shocked about utter disregard towards civil liberties by so-called security firms. Regardless what the law says, they are morally more guilty than the hackers who stole the info.

           

          reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 11th, 2011 @ 6:00pm

    It's amusing watching an exec try to negotiate with spoiled children on a power trip.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    The Infamous Joe (profile), Feb 11th, 2011 @ 6:16pm

    Jailtime.

    FTA: [Barr] worked to link these IRC handles to real people, in part using his social networking expertise, and he created fake Twitter accounts and Facebook profiles.

    Isn't making fake Facebook accounts a felony?

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      aldestrawk (profile), Feb 11th, 2011 @ 6:34pm

      Re: Jailtime.

      It's a violation of Facebook's TOS. The only thing that will happen is Facebook will delete your account. Hmmm... maybe that's how to get your account deleted convince them you are fake. A federal prosecutor tried to make a violation of the Myspace TOS a felony in the Lori Drew (cyber-bullying) case but an appeals judge overturned the conviction because it would have made the law, making it illegal to access a computer without authority or exceed authority, too vague and allow every web-site with a TOS to effectively write it's own law.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        The Infamous Joe (profile), Feb 11th, 2011 @ 6:46pm

        Re: Re: Jailtime.

        It was a tongue-in-cheek rhetorical question hinting at the Lori Drew case and how absurd it was. But if I were genuinely confused, you would have been very helpful!

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          aldestrawk (profile), Feb 11th, 2011 @ 7:27pm

          Re: Re: Re: Jailtime.

          It's hard to tell on the internet when someone is being tongue-in-cheek. I ran across someone recently who wrote that people should look up the word "treason" in the dictionary because that is what Julian Assange should be convicted of in the US. That person was serious!

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 12th, 2011 @ 8:29am

            Re: Re: Re: Re: Jailtime.

            Assange is not a us citizen and therefore couldnt be convicted of treason. However, Manning is another case.

             

            reply to this | link to this | view in chronology ]

        •  
          identicon
          blah, Feb 11th, 2011 @ 7:40pm

          Re: Re: Re: Jailtime.

          It's become illegal to use fake online identities for malicious or deception purposes in California now. You can thank the "cyber-bullying" crap for that:

          http://www.huffingtonpost.com/2010/09/29/identity-online_n_744091.html

           

          reply to this | link to this | view in chronology ]

          •  
            icon
            aldestrawk (profile), Feb 11th, 2011 @ 9:21pm

            Re: Re: Re: Re: Jailtime.

            Actually, you can thank Joe Simitian for that. The state Senator introduced that law because he, himself, had been victimized by someone who spoofed his email address and sent messages to government and business associates filled with profanities. The law is restricted to impersonating an actual person not just any fake identity. The Huffpo aggregation is of an Ars Technica story that is not very accurate. A much better analysis is here:

            http://www.zdnet.com/blog/perlow/analysis-californias-online-impersonation-law-effective-ja nuary-1/15322

            by the noted sex columnist Violet Blue. (yeah, I was surprised too, but it is a good analysis).

             

            reply to this | link to this | view in chronology ]

        •  
          identicon
          anothermike, Feb 14th, 2011 @ 11:14am

          Re: Re: Re: Jailtime.

          Well in that case, 9/10. You lost a point for insufficient foaming. "But, but, but... Lori Drew MURDERED Megan whatsername!!1!" Always include proper nouns and capitalization in your whargarble.

           

          reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 11th, 2011 @ 7:18pm

    Coder: You keep assuming you're right, and basing that assumption off of guilt by association.

    Barr: Noooo....its about probabilty based on frequency...c'mon ur way smarter at math than me.

    Coder: Right, which is why i know your numbers are too small to draw the conclusion but you don't want to accept it. Your probability based on frequency right now is a gut feeling. Gut feelings are usually wrong.

    Barr: [redacted]



    This is why various elements of the corpocracy keep making bad decisions. They're all run by pointy-haired bosses straight out of Dilbert. From record label CEOs, to the State Department, to any number of others, the fact of the matter is most of the world's problems are ultimately caused by an elite core of bumbling idiots that have somehow convinced themselves that they know exactly what they're doing, when in reality they have no idea.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      xenomancer (profile), Feb 11th, 2011 @ 8:35pm

      Re:

      The Dilbert reference just made making it through this long day worthwhile. Down with the pointy hair'd ones!

      "elite core of bumbling idiots"
      The next wave of international warfare could be brought on by the preemptive use of these fools on countries we want to fail. Hold on a sec... Egypt makes a lot more sense now.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 11th, 2011 @ 8:53pm

      Re:

      Yes it is true, any one in charge is a bumbling idiot. Who runs techdirt again?

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Trails (profile), Feb 13th, 2011 @ 9:12am

      Re:

      Actually, imo one of the most salient quotes from the article come from the para just after where that:

      Later, when Barr talks about some “advanced analytical techniques” he’s been pondering for use on the Anonymous data, the coder replies with apparent frustration, “You keep saying things about statistics and analytics but you haven’t given me one algorithm or SQL query statement.”



      Barr was claiming analysis without any analytics. That is fail, and going around spouting you've identified Anonymous members based on that is irresponsible and stupid. The guy walked into Anon's reaction, epic duh.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 11th, 2011 @ 9:47pm

    Why Penny is going to an IRC chatroom?
    Does she wants to get hacked even more?

    Oh noes Penny!

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    harbingerofdoom (profile), Feb 12th, 2011 @ 7:30am

    interesting.... history repeating itself with modern tech and a few variations.

    whats the difference between todays anon type groups who activly break laws in order to make a political statement and sayyyyyy the symbionese liberation army who actively broke laws to make political statements

    or the black panther party who actively broke laws to make political statements.

    or students for a democratic society who broke laws to make a political statement

    or those civil rights folks who routinely broke laws in the south order to make political statements.


    if your anser to that is "they are all lawbreakers and need to all be rounded up and jailed" you fail miserably at historical interpretation

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      The eejit (profile), Feb 12th, 2011 @ 8:33am

      Re:

      "Those who fail to learnt he lessons of History are doomed to repeat it."

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 12th, 2011 @ 8:45am

      Re:

      I think there is a big difference between refusing to sit at the back of the bus and hacking websites.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        The Infamous Joe (profile), Feb 12th, 2011 @ 9:00am

        Re: Re:

        Elaborate?

         

        reply to this | link to this | view in chronology ]

      •  
        icon
        duffmeister (profile), Feb 12th, 2011 @ 9:14am

        Re: Re:

        both are law breakers that are committing an essentially victimless crime. (a defiled website is not akin to a murder case)

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 12th, 2011 @ 3:59pm

        Re: Re:

        The Luddites broke everything trying to stop progress did they succeed? nope they were going against the grain and they failed.

        The founding fathers where traitors.
        The American Unions where based on breaking the law and to this day they are know for their dirty tactics, yet they enacted a lot of changes.

        About the back of the bus thing, it was not viewed like that at the time, I don't see how that is different from the current situation.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    BlackDrak, Feb 12th, 2011 @ 8:51am

    Thank you

    for the LULZ!

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    RadialSkid (profile), Feb 12th, 2011 @ 9:27am

    This whole thing honestly reads like some sort of satire.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Fredric L. Rice, Feb 12th, 2011 @ 11:03am

    Fraud "security expert"

    Aaron Barr is a fraud trying to sell his "security expert" scams to the U. S. government. That fucking crook needs to be jailed for committing fraud against the American tax payers.

    Glad to see Anonymous out there exposing these right wing Christian traitors and crooks and defending Democracy. Anonymous is win. Barr is fraud.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      TDR, Feb 14th, 2011 @ 10:13am

      Re: Fraud "security expert"

      Does it ever even occur to you that there are Christians who don't agree with what he and others like him do? Or is your hatred of them so deep that you lump them all into one group to better demonize them? I'd like an answer, please.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Paul`, Feb 12th, 2011 @ 11:06pm

    The only way to deal with Anon is with cats. The few times I have seen a human reaction from those people is probably the time they ruined the life of a guy posting videos of himself torturing a cat.

    Barr should open a cat orphanage or something.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Katie, Feb 13th, 2011 @ 4:37am

    Here's what amazes me about the doofus Aaron Barr --

    In order for his "theory" on social networking analysis to "work" he is assuming that everybody with FB and twitter accounts, and those who show up in chat rooms, or post to discussion groups or blogs TELL THE TRUTH about themselves.

    It's a testament to Aaron's total lack of self-awareness (and thus the inability to draw fundamental conclusions from that) that he LIES online and doesn't recognize that others can do the same. How does he know that the twitter/FB profiles of his "targets" aren't as phony as his stuff was?

    The stupidity is breathtaking. I'd say that Anonymous, in the long run, probably SAVED the company a lot of money over the long haul by outing the doofus NOW before he got the company in hot water with actual clients buying into his hare-brained scheme.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Saint Subversive, Feb 13th, 2011 @ 11:05am

    Accept / Except

    Aaron Barr: "At any given time there are probably no more than 20-40 people active, accept during hightened points of activity like Egypt and Tunisia where the numbers swell but mostly by troll"

    So what grade did this halfwit drop out of? It's "except", not "accept", dink.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous, Feb 14th, 2011 @ 1:21am

    I'm sure gov is paying no attention to all this.

    Not.

    I'm sure this will all end up being nothing.

    Not.

    I'm sure no one will end up in jail.

    Not.

    Sleep well.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This