Potential Lulz: Security Experts Think UK Police Tricked Into Arresting The Wrong Person Over LulzSec Hacks

from the now-wouldn't-that-be-funny dept

Police in the UK recently reported that they had arrested a hacker who goes by the name Topiary, and often acts as the spokesperson for LulzSec. There's just one problem. A number of the people who follow LulzSec closely (and who have attempted to expose who they really are) note that much of the evidence they have suggests that Topiary is someone entirely different, and that the real Topiary purposely copied his "identity" from a "troll." They're suggesting that the police caught the "troll" instead of the real Topiary. At this point, who knows what's the actual situation, but it wouldn't surprise me if the folks involved in LulzSec were slightly better at covering their tracks (or using misdirection) than the police were at tracking them...


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    Bas Grasmayer (profile), Jul 29th, 2011 @ 1:41am

    Now that's trolling!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Prisoner 201, Jul 29th, 2011 @ 1:59am

    They have an IP address.

    Of course they have the right guy.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 2:25am

    Man, if this is true, then we are screwed. If some punks that like to play Internet pranks can fool law enforcement with some basic misdirection (IP address spoofing? Impersonating a 'troll'?), then what would someone that wants to intentionally cause harm do?

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 29th, 2011 @ 4:18am

      Re:

      Of COURSE this is true. You don't seriously think the baboons who work for law enforcement have the intellectual capability, the experience, and the knowledge to deal with the complex nuances of tunneling, redirection, encryption, routing, etc.?

      They are being played by teenagers and twenty-somethings who are their intellectual masters. (Which is not to say that they won't eventually catch some of the LulzSec folks: after all, these baboons are well-known to use illegal methods in order to compensate for their lack of rudimentary critical thinking skills. And sometimes those illegal methods work.)

      But your point is quite apt: anyone who was actually seriously bent on doing harm would have no trouble evading the baboons. That's a pretty sobering thought.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    NotMyRealName (profile), Jul 29th, 2011 @ 2:28am

    lulz

    stupid troll is... in jail.

    True nerd rage can be an awe-inspiring and terrible thing to behold. :)

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    PaulT (profile), Jul 29th, 2011 @ 2:32am

    ...but the RIAA told me that an IP address was incontrovertible evidence that a person is a pirate! How can they be wrong?

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 29th, 2011 @ 8:43am

      Re:

      The person can unknowingly have Sub7 (or a modern equivalent) on his computer. Someone else could be pulling the strings through his computer.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    mike allen (profile), Jul 29th, 2011 @ 3:15am

    It is funny as the guy was arrested on a remote Scottish island I doubt it is the right man.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      The eejit (profile), Jul 29th, 2011 @ 3:37am

      Re:

      Never underestimate stupid. And don't misunderestimate the police.

      Oh, and an IP adderess is iron-clad proof that the guy is a fruitcake. Well, according to LulzSec anyway.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    That Anonymous Coward, Jul 29th, 2011 @ 3:43am

    They have "experts" warning them that the collective could be overtaken and directed by the KGB, and we think they understand the tech proof?

    The only thing that could have made it more awesome would have been Topiarys cell ringing as they were taking him into custody and the police looking confused as Rick Astley serenaded them....

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 3:56am

    arrests, exciting and new, come aboard there expecting you...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 3:59am

    Levels of deception

    So, what do we have here.

    First, we had the police saying they arrested the correct guy.

    Then, we have people saying the police were tricked into arresting the wrong guy.

    But I would not be surprised if this has even more levels of mindfuck. We could have the police arresting the correct guy and we being tricked into thinking they arrested the wrong guy. Or they could have arrested the wrong guy, and we are being tricked into thinking they arrested a different wrong guy.

    Or perhaps the police arrested the wrong guy, and they are trying to make us believe that they have the correct guy and that the cries of "you got the wrong guy" are just misdirection (reverse psychology-like). Or perhaps that is what they want you to think, and they have the correct guy after all. Or perhaps the correct guy does not exist, and is a character role-played by two or more people. Or perhaps he is a NSA plant, pretending to be Anonymous pretending to be a NSA plant.

    Once you start thinking things might not be what they seem, it is turtles all the way down.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 29th, 2011 @ 4:07am

      Re: Levels of deception

      Occam's Razor:

      An IP address and/or online identity is poor proof (it can be faked, spoofed, etc). Police used that as evidence and got "someone", which COULD have been the wrong guy.

      Without further data, we can say nothing, but it is worrisome if it turns out to be true.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Richard (profile), Jul 29th, 2011 @ 4:49am

      Re: Levels of deception

      Or perhaps the police arrested the wrong guy, and they are trying to make us believe that they have the correct guy and that the cries of "you got the wrong guy" are just misdirection (reverse psychology-like). Or perhaps that is what they want you to think, and they have the correct guy after all. Or perhaps the correct guy does not exist, and is a character role-played by two or more people. Or perhaps he is a NSA plant, pretending to be Anonymous pretending to be a NSA plant.


      I've blown your cover AC.

      You're Donald Rumsfeld aren't you?

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 29th, 2011 @ 8:49am

      Re: Levels of deception

      The problem is that police are mostly uneducated. They don't know anything. If they did, they wouldn't be police. Most governments, and their employees, are stupid. That includes the FBI, and just about any other agency.

      They are used to going after crackheads on crack, and crack dealers who sell drugs to crackheads. They are used to going after victimless criminals. They are used to going after people with half a brain, people even stupider than them. They have an easy job that requires no brains.

      When they have to go after people 100 times smarter and more intelligent then they are, they're going to get ran around in circles 100 times over. They think that just because they can catch some crackheads and maybe outsmart them a little bit, they can do the same to educated technocrats. They have a whole new thing coming to them. They're police, what do you expect? They don't know anything.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Jul 30th, 2011 @ 2:29pm

        Re: Re: Levels of deception

        Heck, the FBI et al still haven't set up their e-mail addresses in most of their state departments. If you try to forward something to them, you need to forward it to the FBI department in your specific state. Unfortunately, most of them, on their website, still say something to the extent of, we're working on creating an e-mail server. These people are too retarded to even operate an e-mail server. Almost every private corporation has an e-mail address and has had one for several years now. Governments are incompetent.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    Beta (profile), Jul 29th, 2011 @ 4:55am

    counting coup

    Yes, that's kind of impressive. I suppose.

    You trick the police, so that they arrest someone as you but it's really

    A random stranger........................... 1 point
    A troll.......................................... 2 points
    A pensioner who doesn't use internet... 30 points
    A police officer.............................. 50 points (+5 for every level of rank above Inspector, +100 if undercover trying to infiltrate LulzSec)
    An anti-tech government official........ 100 points (UK House of Commons, Scottish Parliament, clueless judge, etc.)
    A serial killer................................ 400 points

    All scores increased by 10% for each day police fail to realize the mistake, up to 30 days. Scores doubled if prisoner is brought to trial as you, tripled if convicted, quadrupled if killed trying to escape.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Michael Lockyear (profile), Jul 29th, 2011 @ 4:58am

    The masterminds behind LulzSec and Anonymous have established that they are competent hackers.

    A competent hacker will access the internet from an open / hacked wifi connection / university internet lab, and route his / her handy-work through a network of rooted servers (spread around the world), with possibly a VPN (paid for with stolen credit card) and/ or TOR thrown in for good measure.

    If the authorities are able to trace an attack through this web to its origin (and this in itself is unlikely) the person that they will arrest will be a hapless idiot with an insecure wifi account / or rooted machine. Of course anyone of us could be that hapless idiot as the hackers have demonstrated that they are able to make "experts" from law enforcement and internet security companies look like infants.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      out_of_the_blue, Jul 29th, 2011 @ 5:11am

      Re: "masterminds behind LulzSec and Anonymous..."

      Are probably FBI agents doing yet another set up of witless patsies, as in the numerous "terrorists" rounded up for show trial. Activities of these "masterminds" just happen to be handy for justifying an increase of surveillance and requiring ISPs to keep extensive logs. So at best, this publicly touted yet not actually serious "hacking" is helping the police state along.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        HothMonster, Jul 29th, 2011 @ 8:18am

        Re: Re: "masterminds behind LulzSec and Anonymous..."

        wow OOTB making sense, gratz.

        I have to agree if anyone understands the internet less than our government and law enforcement its the general public. They say suspects arrested people believe it no matter how unlikely it is that any competent hacker is hacking from home.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    out_of_the_blue, Jul 29th, 2011 @ 5:02am

    "A group calling themselves the Web Ninjas..."

    how do we know those soi-disant experts are anything more than teen script kiddies? Because the NYTimes says so and Mike takes anything in the NYTimes as gospel?

    You people are gauging difficulty of tracking by tools available to you, and it leads to wrong conclusions. I'm going to bet that the technical resources available to the police for tapping the net and seeing where the "tunnels" lead are better than those that the "Web Ninjas" have. The police can not only apply filters to catch net traffic, but can do man in the middle tracing in real time, or require websites to turn over logs.

    Scotland seems to have some odder-than-usual activity: "Gay Girl in Damascus", who turned out to be a 40 year old American, was residing there.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      PaulT (profile), Jul 29th, 2011 @ 5:20am

      Re: "A group calling themselves the Web Ninjas..."

      They may call themselves web ninjas, but your troll-fu is weak today...

      Seriously, you use something in a linked story to try and attack Mike, then go on the offensive against "you people" for things nobody here has said.

      "Scotland seems to have some odder-than-usual activity: "Gay Girl in Damascus", who turned out to be a 40 year old American, was residing there."

      So, Americans are weird and spend their time trolling. I think there's another strange American who goes by the handle out_of_the_blue - what's his excuse?

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Richard (profile), Jul 29th, 2011 @ 5:51am

      Re: "A group calling themselves the Web Ninjas..."

      I'm going to bet that the technical resources available to the police for tapping the net and seeing where the "tunnels" lead are better than those that the "Web Ninjas" have.

      A poor bet. From a cerain amount of inside knowledge I can tell you that law enforcement privately admit that they can only really catch the "low hanging fruit".

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Jul 29th, 2011 @ 6:59am

        Re: Re: "A group calling themselves the Web Ninjas..."

        Yes and No.

        Yes most law enforcement is technically challenged.

        No there are people who are seriously tracked and who do pose major risk. These people are seriously tracked by agencies like the NSA who are in a class above everyone else.

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          Richard (profile), Jul 29th, 2011 @ 9:21am

          Re: Re: Re: "A group calling themselves the Web Ninjas..."

          These people are seriously tracked by agencies like the NSA who are in a class above everyone else.

          Yeah those agencies are different - including the one that employed the guy who invented RSA 5 years before R, S and A did. Those agencies take on the best programmers coming out of Universities so they do know what they're talking about. However generally speaking they don't bother themselves with this kind of stuff.

          When it comes to the people who they do track they know perfectly well not to try the "front door" - modern encryption is, for practical purposes, watertight. They will be looking for the peripheral stuff that gives you away - but the effort required to do that simply isn't worth it for this type of target.

           

          reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 29th, 2011 @ 6:12am

      Re: "A group calling themselves the Web Ninjas..."

      "You people are gauging difficulty of tracking by tools available to you, and it leads to wrong conclusions. I'm going to bet that the technical resources available to the police for tapping the net and seeing where the "tunnels" lead are better than those that the "Web Ninjas" have."

      You don't know much about networks, do you? The tools the police has are the same you and I have. The only advantage they have is more information sources (they can ask the ISPs directly for collaboration), which us average people don't have.

      Perhaps you should learn how the Internet works. And play a little game called Uplink (yeah, it's not entirely realistic, but the idea of it is about on par with reality).

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Michael Lockyear (profile), Jul 29th, 2011 @ 6:13am

      CSI is fiction!

      Script kiddies would NOT have been able to hack:
      ~HB Gary Federal (Internet Security experts ... lol)
      ~Italian Police (the cyber crime evidence server ... lol)

      While it is possible that certain intelligence agencies have tools and people at the their disposal which may allow them to "see where the tunnels lead", I very much doubt that the authorities would allow these tools (if they actually exist) to be used in garden variety criminal matters and certainly would not allow these techniques to be documented in court (such techniques would have to break a few laws).

      I suspect that many of the arrests that have been made over the last few months are related to the use of the LOIC software as it is not really feasible to stealth the identity of machines running a DDoS tool (proxy'ing DDoS scale traffic would be difficult).

      As for the identity of Topiary...maybe it is kid in Scotland, or maybe a kid in Sweden...or maybe this is all just disinformation (which is what I would expect from the spokesperson of a hacker group).

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 29th, 2011 @ 6:14am

      Re: "A group calling themselves the Web Ninjas..."

      Really? You seriously think that the baboons have more network clue that the people who designed the protocols and wrote the code?

      The ONLY chance that the baboons have is to use illegal methods: illegal searches, illegal wiretaps, illegal detainment, illegal questioning, illegal intimidation.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      RadialSkid (profile), Jul 29th, 2011 @ 6:23am

      Re: "A group calling themselves the Web Ninjas..."

      I'm going to bet that the technical resources available to the police for tapping the net and seeing where the "tunnels" lead are better than those that the "Web Ninjas" have.

      Well, we KNOW that's true.

      You see it on TV all the time: A bunch of detectives huddled around a computer staring at a grainy JPEG, and then suddenly one of them says "Enhance." And then, the bespectacled rookie lab guy types a few random things on his keyboard (no mouse clicks necessary), and before you know it, the computer lets out a bleep, the image scans down, and suddenly the police have a perfect, high-definition photograph of their suspect.

      I mean, I certainly don't have access to that type of technology. But I'm not some totally boss cop tracking down evil hackers, am I?

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Jul 29th, 2011 @ 7:35am

        Re: Re: "A group calling themselves the Web Ninjas..."

        Lol. You see that Blade Runner Lite scene in almost every cop show now.

         

        reply to this | link to this | view in chronology ]

    •  
      icon
      Ink Spot (profile), Jul 29th, 2011 @ 7:10am

      Re: "A group calling themselves the Web Ninjas..."

      The tool sets available to the police are rudimentary and readily available. The data sets they maintain and have access to however grow stronger, broader and deeper.

      The tool sets you're speculating about are in the hands of those bound by non-disclosure where mere confirmation of their existence can and does result in removal from society.

      The police can not be trusted with such informations, they are, after all, just police and it is these same police that would be the first to start changing sides when any realisation sets in that they are, in fact, directly supporting the bad guys.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      xenomancer (profile), Jul 29th, 2011 @ 8:18pm

      Re: "A group calling themselves the Web Ninjas..."

      "I'm going to bet that the technical resources available to the police for tapping the net and seeing where the "tunnels" lead are better than those that the "Web Ninjas" have."

      Even if that were true, how the hell do they "trace" the "tunnel" when sneakernet (ie, leaving one's house) and open WiFi (ie, not using one's personal internet connection) are involved? Do they just click their heels three times and say "I wish there was justice?" I know its plausible they might actually do real police work rather than rely the current erosion of privacy rights, but I find it unlikely that LulzSec could have survived as long as it has with all of the heat its drawn were they as stupid as you're suggesting.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Jul 31st, 2011 @ 7:52am

        Re: Re: "A group calling themselves the Web Ninjas..."

        Many places that have open internet also have security cameras. You know, it's funny how it works, but sooner or later they will figure out which guy is always at the given location at the given time.

        sneakernet isn't really much safer.

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 31st, 2011 @ 7:50am

      Re: "A group calling themselves the Web Ninjas..."

      The funny part is that for the most part, these hacker groups seem to be a couple of intelligent people and bunch of children they have tricked into doing the dirty work for them.

      LOIC is a perfect example. Nobody with even half a brain would turn that thing on, yet many did and many have been arrested as a result. None of the leaders of these groups would get caught dead with LOIC running on their machines. They need the sheeple to do the work, and most of those are in the 12 - 18 year old range, running out of Mom's basement or at best their college dorm room. They are the idiots of the revolution, the "ensign with the different colored uniform" of hacktivism.

      In the end, the leaders have to communicate to their sheeple, and that will always be the weak point. There will be logs, there will be connections made, and there will be exposure. Soon enough, one of the idiots at the top will get caught, and he will sing like a canary and everyone else will fall down with them, because he (or she) isn't going to want to do a long stretch in prison while everyone else plays GTA and posts naughty pics on anon.

      tick tick tick... the 15 minutes is almost up.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Jul 31st, 2011 @ 11:53am

        Re: Re: "A group calling themselves the Web Ninjas..."

        The funny part is that for the most part, these hacker groups seem to be a couple of intelligent people and bunch of children they have tricked into doing the dirty work for them.

        The really funny part is you believing that.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    out_of_the_blue, Jul 29th, 2011 @ 5:07am

    Also: the "Web Ninjas" claim to know who the real "Topiary" is!

    So how well is he hidden if amateurs can find this "mastermind"? -- Perhaps the "Web Ninjas" have done better at analyzing clues, BUT still Topiary is KNOWN!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jul 29th, 2011 @ 6:18am

    Interesting use of resources

    Rupert Murdoch hasn't (yet) been arrested, yet it's obvious to everyone that he and his employees have been engaged in wiretapping, interference with criminal investigations, fraud, etc. on a grand scale for many years.

    Yet the UK police seem to feel it necessary to go after Topiary.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    better smarten up, Jul 29th, 2011 @ 6:28am

    LoLSec is not script kiddies

    i told you all and i'll say it again THEY ARE NOT SCRIPT KIDDIES.... and it don't take much to get to there level.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    ohhhhhhhhh, Jul 29th, 2011 @ 6:46am

    @20

    google proxy chains and enjoy how everything you said dies a quick death ....

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    ohhhhhhhhh, Jul 29th, 2011 @ 6:50am

    @29

    and apparently neither do you cause with various types of proxies and chaining htem none can ever catch a real determined hacker...you just don't think properly and you DONT DO IT FORM HOME...at least not your home LOL....

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    ohhhhhhhhh, Jul 29th, 2011 @ 6:53am

    @30 then @33

    FACT you speak truth script kiddies are mostly able to use DDoS attacks...BUT while those go on some one else goes ...hrrmmm good front to really pull a wing raid...BAMB goods gotten moved and moved and moved and shoved up to public....all automated without them having to touch or have anything physically come near them....

    THIS IS late 90's tech for top notch hackers.
    ---------
    @33 think aobut how much blackmail rupert prolly has on most of the very people that would have to arrest him....yaaaaa.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Nicedoggy, Jul 29th, 2011 @ 8:50am

    Shetlands? really?

    Tell me the police didn't go to the Shetlands to arrest some dude.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      The eejit (profile), Jul 29th, 2011 @ 11:44am

      Re:

      Well, it's better than going to the Faroes. Or the Pharoh's, for that matter.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Michael Lockyear (profile), Jul 29th, 2011 @ 12:39pm

      They wanted to ride the pony...

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      G Thompson (profile), Jul 30th, 2011 @ 12:36am

      Re:

      Not only arrest, they have kept the guy over the normal holding period, and have been given the ability to keep them in custody even longer, all without one charge being laid.

      From the article:
      The most worrying aspect, however, is the continued detention without charge, which indicates that the police lacks sufficient evidence for a prosecution. According to the press release, the arrest was made under under the Section 3 of the Computer Misuse Act and Section 1 of the Criminal Law Act 1977, which would allow for a detention of 24 hours, which can be extended to 36 hours. This time has now elapsed and police have been granted additional three days for questioning.
      I smell something extremely fishy.

       

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This