One of the more interesting, and sadly overlooked, stories to emerge from HBGary's email server (a fine example to its customers of how NOT to secure their own email systems) was a military project - dubbed Operation Metal Gear by Anonymous for lack of an official title - designed to manipulate social media. The main aims of the project were two fold: Firstly, to allow a lone operator to control multiple false virtual identities, or "sockpuppets". This would allow them to infiltrate discussions groups, online polls, activist forums, etc and attempt to influence discussions or paint a false representation of public opinion using the highly sophisticated sockpuppet software. The second aspect of the project was to destroy the concept of online anonymity, essentially attempting to match various personas and accounts to a single person through recognition shared of writing styles, timing of online posts, and other factors. This, again, would be used presumably against any perceived online opponent or activist. HBGary Federal was just one of several companies involved in proposing software solutions for this project. Another company involved was Booz Allen Hamilton. Anonymous has been investigating them for some time, and has uncovered all sorts of other shady practices by the company, including potentially illegal surveillance systems, corruption between company and government officials, warrantless wiretapping, and several other questionable surveillance projects. All of this, of course, taking place behind closed doors, free from any public knowledge or scrutiny.
@MonsatoCo is now suing small dairy farmers for advertising that they use no growth hormones. For NOT using their product.
We're going to hit @MonsantoCo with something a little bit more serious than a DDoS this time around. Fuck 'em. #ExpectUs
Over the last 2 months we have pushed the exposure of hundreds of pages of articles detailing Monsanto's corrupt, unethical, and downright evil business practices. We've created a nice go-to reference guide on piratepad/anonpad(anonpad.org/opmonsanto, backed up elsewhere), where anyone can read up on and add their own info about MonsantoCo.We blasted their web infrastructure to shit for 2 days straight, crippling all 3 of their mail servers as well as taking down their main websites world-wide. We dropped dox on 2500+ employees and associates, including full names, addresses, phone numbers, and exactly where they work. We are also in the process of setting up a wiki, to try and get all collected information in a more centralized and stable environment. Not bad for 2 months, I'd say.What's next? Not sure... it might have something to do with that open 6666 IRC port on their nexus server though ;)Expect Us
quote: First, it clearly did not properly protect its gateway machine. Second, much like Bitcoin-mega exchange Mt. Gox, it used an unacceptably weak level of encryption, exposing its users to harm. Third, it failed to code its databases to avoid SQL injection attacks, which should be mandatory for any contractor working with classified materials.