On Ars Technica, Sean Gallagher delves into the Anonymosus-OS, an Ubuntu Linux derivative I wrote about yesterday that billed itself as an OS for Anonymous, with a number of security/hacking tools pre-installed. Sean's conclusions is that, contrary to rumor, there's not any malware visible in the package, but there's plenty of dubious "security" tools like the Low Orbit Ion Cannon: "I don't know how much more booby-trapped a tool can get than pointing authorities right back at your IP address as LOIC does without being modified."

As far as I can tell, Sean hasn't compared the package checksums for Anonymosus-OS, which would be an important and easy (though tedious) step for anyone who was worried about the OS hiding malware to take.

Update: Sean's done the checksum comparison and found 143 files that don't match up with the published versions.

Some of the tools are of questionable value, and the attack tools might well be booby-trapped in some way. But I don't know how much more booby-trapped a tool can get than pointing authorities right back at your IP address as LOIC does without being modified.

Most of the stuff in the "Anonymous" menu here is widely available as open source or as Web-based tools—in fact, a number of the tools are just links to websites, such as the MD5 hash cracker MD5Crack Web. But it's clear there are a number of tools here that are in daily use by AnonOps and others, including the encryption tool they've taken to using for passing target information back and forth.

Lame hacker tool or trojan delivery device? Hands on with Anonymous-OS

FBI's LulzSec informant Sabu: "Party boy of the projects" —

The New York Times has a colorful profile piece out on Hector Xavier Monsegur, who agreed to serve as an FBI informant in the LulzSec/Anonymous sting in hopes of reducing possible prison sentence of more than a hundred years. — Xeni •

Quinn Norton has an excellent piece over at Wired:Threat Level on the reactions within "Anonymous" to the news that LulzSec frontman "Sabu" (photo above) was collaborating with the FBI. Kim Zetter's take on the arrests and secret plea deals is here.

The Guardian has more on the big hacking news which Fox News broke yesterday (as noted in a post by Rob). "Sabu," the trash-talking, self-appointed leader of LulzSec, has been working for the FBI for the last six months. The FBI says he helped the US and various European governments identify and arrest five alleged LulzSec members charged with participating in defacement, DDOSing, and "doxing" against high-profile government and corporate targets. Sabu (above) is, in now identified as Hector Xavier Monsegur, a 28-year-old unemployed Puerto Rican guy living in New York, and a father of two. He was charged with 12 criminal counts of conspiracy to engage in "computer hacking and other crimes" last year, pled guilty in August, 2011, then "snitched" on his LulzSec friends.

Here's the FBI news release, which notably omits the names of any prosecutors (perhaps for fear of Anonymous attack).

Snip from Guardian story:

His online "hacker" activity continued until very recently, with a tweet sent by him in the last 24 hours saying: "The feds at this moment are scouring our lives without warrants. Without judges approval. This needs to change. Asap."

In a US court document, the FBI's informant – there described as CW – "acting under the direction of the FBI" helped facilitate the publication of what was thought to be an embarrassing leak of conference call between the FBI and the UK's Serious and Organised Crime Agency in February. Officers from both sides of the Atlantic were heard discussing the progress of various hacking investigations in the call.

A second document shows that Monsegur – styled this time as CW-1 – provided an FBI-owned computer to facilitate the release of 5m emails taken from US security consultancy Stratfor and which are now being published by WikiLeaks. That suggests the FBI may have had an inside track on discussions between Julian Assange of WikiLeaks, and Anonymous, another hacking group, about the leaking of thousands of confidential emails and documents.

The indictments mark the most significant strike by law enforcement officials against the amateur hacker groups that have sprung out of Anonymous. These groups, which include LulzSec, have cost businesses millions of pounds and exposed the credit card details and passwords of nearly 1 million people.

Read the rest

Report: LulzSec members arrested —

Fox News' Jana Winter reports that LulzSec's Sabu was caught and turned by the authorities last June and has been working with them since. Other members of the group were arrested today as a result, she writes; details will be unsealed today in district court. The name given, Hector Xavier Monsegur, would confirm earlier outings and doxings from the same period. Last June saw the group publicly suspend operations, if you'll recall, and suffer its earliest arrests. — Rob •

With help from the international police organization Interpol, Spain and three South American countries today arrested 25 people who are suspected of being Anonymous activist/hacktivist/hackers. They are accused of defacing government and corporate websites. Reuters:

Spanish police also accused one of four suspects picked up in the cities of Madrid and Malaga of releasing personal data about police officers and bodyguards protecting Spain's royal family and the prime minister.

Other arrests were in Argentina, Chile and Colombia, and 250 items of computer equipment and mobile phones were seized across 15 cities, Interpol said. Colombia's Ministry of Defence and presidential websites as well as Chile's Endesa electricity company were among the targets of the hackers, it said.

And not coincidentally, the Interpol website has been intermittently offline today.

In this YouTube video, someone in Anonymous garb has threatens a massive, embarrassing document dump for Vic Toews, the Canadian MP and Public Safety Minister whose domestic spying bill will require ISPs to log information on Canadians' Internet use and to turn that to police and appointed inspectors over without a warrant (and which immunizes ISPs from liability should they voluntarily turn over even more information, like the contents of email). The Anon demands that Toews retract his legislation.

Toews is a "family values" candidate who has consistently stood on a ticket that opposed gay marriage and espoused other supposedly conservative ideals, and he was publicly embarrassed when an anonymous Twitter user going by @Vikileaks30 tweeted choice quotes from the affidavits in Toews's messy divorce (which was precipitated by an affair with a much younger woman, whom Toews impregnated, and led to what his ex-wife described as an abandonment of his previous family). If there were further embarrassments of this nature in Toews's closet, it might alienate the voters who elected him on the basis of his "sanctity of the family" platform.

"All this legislation does is give your corrupted government more power to control its citizens," a synthesized voice says in one of the videos still posted to the site Monday.

"We know all about you, Mr. Toews, and during Operation White North we will release what we have unless you scrap this bill," it states.

The RCMP has been called in to investigate apparent death threats against Toews as controversy swirls around the legislation. Police said Monday they haven't yet decided whether a full investigation will be launched.

Hacker group Anonymous threatens Vic Toews

Alan Moore, writer of V for Vendetta and enigmatic wizard of comicology, describes the relationship between the Guy Fawkes mask and Anonymous, anti-ACTA protests, and the Occupy movement. Beginning with the Moore-ish phrase, "Without wishing to overstate my case, everything in the observable universe definitely has its origins in Northamptonshire, and the adoption of the V for Vendetta mask as a multipurpose icon by the emerging global protest movements is no exception," Moore goes on to semi-seriously condemn the ugly reality of post-capitalist winner-take-all economics and explain why V for Vendetta has found such fertile soil in this decade.

It also seems that our character's charismatic grin has provided a ready-made identity for these highly motivated protesters, one embodying resonances of anarchy, romance, and theatre that are clearly well-suited to contemporary activism, from Madrid's Indignados to the Occupy Wall Street movement. Neglect

Our present financial ethos no longer even resembles conventional capitalism, which at least implies a brutal Darwinian free-for-all, however one-sided and unfair. Instead, we have a situation where the banks seem to be an untouchable monarchy beyond the reach of governmental restraint, much like the profligate court of Charles I.

Then, a depraved neglect of the poor and the "squeezed middle" led inexorably to an unanticipated reaction in the horrific form of Oliver Cromwell and the English Civil War which, as it happens, was bloodily concluded in Northamptonshire.

Today's response to similar oppressions seems to be one that is intelligent, constantly evolving and considerably more humane, and yet our character's borrowed Catholic revolutionary visage and his incongruously Puritan apparel are perhaps a reminder that unjust institutions may always be haunted by volatile 17th century spectres, even if today's uprisings are fuelled more by social networks than by gunpowder.

Viewpoint: V for Vendetta and the rise of Anonymous (Thanks, Gawain Lavers!)

Here's some handy, infringealicious clip art for the discriminating Anon who wants to make a statement without paying a royalty: a Guy Fawkes mask, suitable for urban art, dress-up, and silkscreening.

Guy Fawkes Mask clip art (Thanks, @crisnoble!)