Hacker, Hoaxer, Whistleblower, Spy
Page 30
During this surge of activity, arrests became more commonplace. By the end of July, fourteen Americans had been arrested for DDoSing PayPal, and British authorities had arrested two members of LulzSec: Topiary in Scotland and tflow in London (tflow’s name was not released at the time because he was still a minor). Right before Topiary’s arrest, he left behind an adage—it now stands alone on his retired Twitter account: “You cannot arrest an idea.”14
It was a hot summer. In this climate of menace and threat, I began to suffer weekly nightmares of G-men pounding on my door. I asked myself just what the hell I had gotten myself involved in, and I wasn’t the only one. During an interview, one Anon expressed surprise: “None of us knew we’d be here … locked up for decades, on the run, in exile, suicides mental illness ptsd [sic] etc etc.” Anons increasingly reached out to me with confessions of fear, fueling my own growing unease. On August 1, someone found me and wrote that “shit is getting EXTREMELY hot atm [at the moment] … for those who do AntiSec for instance.” The next day, another hacker told me, “I had helicopter land in a field next to me at 7 am this morning. My heart rate hit about 200, till I realized it was crop spraying.” Between the people freaking out to me in private, the litany of arrests, my life being put on hold as I poured increasing amounts of time into the research, the highly mediated text-based pseudonymous interactivity, and the growing tentacles of secrecy, I grew frustrated and burnt out. It was getting to me. I was worried about the future of Anonymous, about my future and the lives of those who had been arrested. Some hackers in AntiSec started to notice that I was down. Some contacted me privately, encouraging me not to quit. One told me that if I quit I would miss some really “special things.”
I didn’t even bother to ask what these things might be. The leaks and compromises were still going strong, but they had lost their luster. To me, #FuckFBIFridays and #MilitaryMeltdownMonday had started to become #FuckFBIFatigue and #MyMeltdownMondays. I was also frustrated that, while my access to AntiSec grew, more activity seemed to be emanating from other, small hacker teams that I remained largely in the dark about it. The days of large-scale Anonymous uprisings were being eclipsed. Anonymous had been exciting to me for a specific reason: it was the largest and most populist disruptive grassroots movement the Internet had, up to that time, fomented. But it felt, suddenly, like AnonOps/Anonymous was slipping into a more familiar state of hacker-vangaurdism. And it meant, from a purely logistical perspective, that Anonymous was becoming even harder to study.
In retrospect, there’s at least one concrete explanation for Anonymous’s growing fragmentation: direct government interference. Thanks to Edward Snowden’s NSA mega-leaks in 2013, we know that in the summer of 2011, Britain’s Government Communications Headquarters (GCHQ) targeted AnonOps’ communications infrastructure. A GCHQ special unit called the Joint Threat Research Intelligence Group (JTRIG)—which also engages in COINTELPRO-type meddling—launched DDoS attacks against Anonymous, calling it them “OpWealth” and “Rolling Thunder.”15
This was the first known instance of a Western government secretly using DDoS—criminalized in the UK and the US—as a tactic against its own citizens. GCHQ claimed that its operation was a success; the leaked slides boast that as a result of its DDoS of AnonOps’ IRC, “80% of those messaged where [sic] not in the IRC channels 1 month later.” By this time, the UK government had already arrested British participants for the same act. One of those arrested, Chris Weatherhead, aka “Nerdo,” was a central and much beloved AnonOps operator. Eventually, he would receive an eighteen-month sentence for his role in the DDoS campaign “Avenge Assange/Operation Payback.” He was not found guilty of engaging in an actual DDoS itself, but of aiding in the operation by running the IRC server. The British government, on the other hand, has faced no sanction for DDoSing activists. The law, clearly, is not applied equally. As Weatherhead put it on Twitter when he read the news: “My Government used a DDoS attack against servers I owned, and then convicted me of conducted DDoS attacks. Seriously what the fucking fuck?”16
This shotgun approach to justice sprays its punishment over thousands of individuals who are engaging in debate and protest, simply because a small handful of people in their midst have committed digital vandalism.
This attempted deterrence may have stalled Anonymous at large, but it did nothing to stop AntiSec. They were on a different IRC network. While some members did get arrested, and others left for a variety of reasons, the consensus was largely that, as one member of AntiSec told me, “there is no turning back.”
I had to take a break. I booked a trip to one of the most famous hacker conferences in the world, The Chaos Communication Camp, organized by the Chaos Computer Club every four years in Germany. I reasoned that some offline time spent with hackers I knew, with friends—or at least with people I could actually look at—might lessen the vertigo that had set in.
Yet after a string of days and nights at the hacker festival and an early morning flight from Germany, I arrived back in the United States more exhausted than before I had left. The Anonymous spirit, by contrast, seemed to have been refreshed. Making my way through baggage claim, I glimpsed a familiar image on a faraway TV screen—the Guy Fawkes mask. Jolted, I trotted over to the monitor. CNN was showing a tweet calling for “OpBART” (“BART” stands for Bay Area Rapid Transit). From the visual clues provided by CNN, I realized that this operation was not only big. It also seemed to fit the mold of the old-school, tumultuous, large-scale-uprising of the pre-AntiSec Anonymous. The 80 percent of users the GCHQ had supposedly blasted away with its DDoS were back, along with hundreds of newcomers.
OpBART’s point of origin can be pinpointed to July 3, 2011, when BART police fatally shot Charles Hill in the San Francisco Civic Center BART station. Though the man had been intoxicated and armed with a knife, killing him struck many as an excessive use of force. It was also a reminder of the general problem of police brutality. In 2009, cops had killed an African-American man, Oscar Grant III, at the Fruitvale BART Station in Oakland. He was shot in the back while they had him pinned to the ground. In response to the shooting of Hill, local organizers coordinated a protest on July 11. Roughly one hundred demonstrators disrupted BART service at the Civic Center BART station. Organizers called for another protest at the Civic Center BART station one month later. BART officials decided to block cellphone reception in stations to thwart the August demonstration. BART spokesperson Linton Johnson explained their rationale to CNN: “We made a gut-wrenching decision that was forced upon us by the protesters … They [the activists] made us choose between people’s ability to use their mobile phones [and] their constitutional right to get from point A to point B.”17
Last time I checked, the Constitution protects both free speech and freedom of association, but not freedom of transportation. Anonymous geeks, so well acquainted with constitutional rights, naturally got upset. Jackal, the main holder of the @YourAnonNews Twitter account, publicly inaugurated #OPBART with a string of scathing messages. He had over 300,000 followers, and soon after being featured on CNN, the account would amass another 200,000 (which also prompted the FBI to visit Jackal). Anonymous and other concerned citizens relied on the clever hashtag “#muBARTec” to connect this act of censorship to the wide-scale telecom blackout imposed by former Egyptian president Hosni Mubarak just a handful of months earlier, in January 2011.
Jackal was working with a small team. He maintained a semi-private nook, an IRC channel he called “the cabin,” that initially included only four individuals. Primarily conceived of as a social space, one of the early members appended the term “cr3w” onto the name, poking light fun at LulzSec and the other self-proclaimed “crews” mushrooming at the time. Operation BART, their very first op, accidentally transformed CabinCr3w from a social channel into a prolific and functioning team. In the coming months they would grow to roughly twenty participants. They would become known as specialists in open-source data mining—muckraking through databases provided
by other hackers who would infiltrate servers in search of information (though some hackers from CabinCr3w, like Kahuna [John Anthony Borell III], and w0rmer [Higinio O. Ochoa III] also engaged in digital trespass and were subsequently arrested).
But in mid-August, as OpBART was just beginning, the team remained tiny. And because its labor force was small, participants had to work around the clock for the first three days. Utilizing Facebook, CabinCr3w connected with locals to organize street protests and banded together with the wider Anon community by reaching out to some established organizers. A public #opbart IRC channel on AnonOps’ server became a rallying point. Everyone went to work drafting propaganda material to advertise the protest planned for Monday, August 15. In a mode familiar from Operation Avenge Assange, the organizers acted as choreographers—to borrow Paolo Gerbaudo’s fitting term—who harnessed and directed a fireball of fury.18
Alongside the protest and propaganda, some individuals engaged in some rather dicey, although admittedly lulzy, behavior; it was these acts that attracted mainstream media attention.
For instance, someone claiming the mantle of Anonymous found a racy, semi-nude photo of BART’s Linton Johnson on his personal website. This photo was then republished on the “bartlulz” website—to considerable fanfare—along with this brazen rationalization: “if you are going to be a dick to the public, then I’m sure you don’t mind showing your dick to the public … Umad Bro? #Bartlulz.”19
But more than anything else, it was a string of hacks that attracted national media coverage, from CNN to Democracy Now!
First, there was a website defacement on August 14. The interlopers simply defaced myBART.org with an image of Guy Fawkes. This was followed almost immediately by an intrusion that exposed the private data of 2,500 BART customers. A day after the second protest at the Civic Center BART station, organized by Anonymous and local activists, there was another intrusion, on August 17, into a BART police union website. This resulted in the publishing on Pastebin of the home addresses, email addresses, and passwords of 102 BART police officers, among other employees.
The day I returned from Germany, Democracy Now! contacted me to inquire whether I could join them the next day to speak about OpBART. I dreaded the prospect of being asked about the blatant privacy violations committed by such hacks, and the gymnastics required to explain the use of such tactics by a collective that ostensibly fought to protect privacy. Thankfully, the next day I was joined on live TV by masked Anon activist Commander X, and it was he who asked to offer a rationale:
AMY GOODMAN: And your thoughts… on going after the actual passengers themselves, people who might not want that personal information out?
X: … How else do you get the world to respond and secure your information? How else do you get these companies and these big governments to keep your information, the information you give them voluntarily, safe? I think we got our message across, and I’ll bet you one thing: I’ll bet you they fix that.20
Commander X, who spoke through a voice distorter, was not responsible for the breach, but the alleged perpetrator and a minority of other Anonymous activists shared their rationale. At the time, I had no idea who was behind the hacks, nor how other Anons viewed this breach. But soon after the interview, I returned home to find out.
Although there was tremendous—almost unilateral—support among Anons for protesting BART’s act of censorship, the hacking and dumping of private customer data was one of the most internally divisive acts I had yet witnessed. Conversation on the channels, and even publicly over Twitter, was brimming with criticism.
Consider, for instance, what happened when Lamaline_5mg logged in to the public OpBART channel on August 17 and claimed responsibility for the BART police union website hack. She offered a link to the dox:
*CrappyTIres doesn’t like info leaks
Not everyone agreed with OpNoPro. Others vocally supported the black hat ways of AnonOps:
[…]
*CrappyTIres looks for the knitting group
[…]
Sharpie concluded by echoing one of the most common rationales:
And then Lamaline_5mg said that she was not even Anonymous—raising the ontological question of just what makes one Anonymous anyway. She showed up on the Anonymous IRC server, proffered some dox, and then proceeded to work with other Anons to craft a message to the press; if that doesn’t make one an Anon, then what does? Regardless, the distinction mattered little in relation to the more general ethical questions surrounding hacking and doxing. By now, thanks to AntiSec, these tactics were a common fixture in the Anonymous landscape and would only grow more controversial:
Versions of this conversation would be repeated at least a dozen times elsewhere over the next few days. My reading was that most participants on AnonOps opposed the privacy-violating dumps, but mainly supportive of the other illegal tactics, like the BART website defacement, the email and fax bombing, and the DDoS (regardless of the fact that it failed—BART had implemented good DDoS protection). A minority supported the doxing simply because it served the greater purpose of media attention, or was an example of the “fractal chaos” that partly defined Anonymous.
The doxing also marked the first time that suspicions of a “false flag operation” fully flared within Anonymous. A false flag operation is a secret intervention in which a government agent performs a cont
roversial action on behalf of a political group to seed mistrust and controversy or provide justification for the government’s own escalated response.
Two days later, Lamaline_5mg published a statement on Pastebin that seemed to quell rumors of a false flag, though it did little to extinguish the controversy:
I find it shameful that the media do not condemn taking such drastic actions against a protest after the *killing* of an innocent citizen. He was not proven guilty, or do they actually judge people at their funeral? Implying this guy got a proper funeral.
I also find it disturbingly sad that the San Francisco Bay Area local media is being so supportive of the right to remain anonymous of the BART police personnel, when they didn’t give a shit about this man being killed.
Did they condemn the killing of this man?
All I did was give them (the cops) a taste of their own medicine, ie ‘Lamaline’ which is an (anal) analgesic… (Look it up)
It also means « The cunning », in french.21
In a subsequent interview with SF Weekly, Lamaline_5mg claimed to be French, female, and a preteen (the last two being unlikely). She said that the BART hack marked her very first intrusion.