this post was submitted on 09 Feb 2025
874 points (97.0% liked)
Technology
61964 readers
4137 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Can they do something useful like destroy the debt infrastructure and delete all student loans and medical bills?
Spoiler
You've been watching too much Mr. Robot.
A more useful thing would be to do as much damage to Twitter as possible. In fact, why they haven't attacked Twitter while Musk has been disarming all of its safety protocols is fucking beyond me.
I'm sure backups and redundancies are "inefficient" since "everything is in the cloud, anyway".
Anonymous tends to not do useful things. They just talk a lot.
“Anonymous” isn’t like a formal group. The entire point is that anyone can say that they are anonymous. So yeah, people talk a lot. You can do whatever you like as anonymous.
mostly they are spending hours scrolling through social media accounts of certain types of people looking for dox materials. that's really about it
I'm all for attacking infra - we need to make this shit more resilient and we need to transition to memory-safe langs like Rust. This will hopefully accelerate it. Also, I lol at people saying Trump/Elon/Doge will destroy the US when in reality - these kinds of people who wanna attack it probably have way better chances to do so.
Memory safety is just a small part of infrastructure resilience. Rust doesn't protect you from phishing attacks. Rust doesn't protect you from weak passwords. Rust doesn't protect you from network misconfiguration. (For that matter, Rust doesn't protect you from some group of twenty-year old assholes installing their own servers inside your network, like you say.) Protecting your estate is not just about a programming language.
"Infrastructure", to me, suggests power, water, oil and food, more than some random website. For US infra, I'm thinking a lot of Allen-Bradley programmable logic controllers, but probably a lot of Siemens and Mitsubishi stuff as well - things like these: https://www.rockwellautomation.com/en-us/products/hardware/allen-bradley/programmable-controllers.html.
Historically, the controllers for industrial infrastructure (from a single pumping station to critical electrical distribution) have been on their own separate networks, and so things like secure passwords and infrastructure updates haven't been a priority. Some of these things have been running untouched for decades; thousands of people will have used the (often shared) credentials, which are very rarely updated or changed. The recent change is to demand more visibility and interaction; every SCADA (the main control computer used for interactive plant control) that you bring onto the public internet so that you can see what it's up to in a central hub, the more opportunity you have to mess up the network security and allow undesirables in.
PLCs tend to be coded up in "ladder logic" and compiled to device-specific assembly language. It isn't a programming environment where C has made any inroads over the decades; I very much doubt there's a Rust compiler for some random microcontroller, and "supported by manufacturer" is critical for these industries.
This is kinda what trump wants. If the government cant handle "online stuff" they can pitch privatization. It hurts more if tech megacorps get hacked. Though at this point I wou'd laugh if a bunch of internet nerds got the nuclear codes or locked up a bunch of satellites
Imagine if one nuclear head was pointed to every megacorp headquarters in the US.
Don't point at the HQs, point at their mansions / golf courses / private islands
Tomorrow
Trump: By executive order, I dismantle the computer warfare and defence division
Musk: It doesn't exist anymore!
The day after
Anonymous: They turned off their service that sanitized all inputs. We just stole everything from every department, and put cats on every governments webpage.
Do it, attack America's life points directly.
No, my Blue Eyes White Aryan!
By all means do. It's not like much of value is lost at this point.
hack the planet
It'll take 40 years to fix the damage he'll do in 4.
That assumes that we have a party interested in fixing anything.
President Dwayne Elizondo Mountain Dew Herbert Camacho will be interested.
I don't think 4 years of accelerated climate damage is gonna be fixed in 40 years...
Ah, Anonymous—the digital equivalent of a fart in a hurricane. Trump’s America? Weakness isn’t new—it’s baked into the propaganda circus we’ve called democracy since Reagan. You think script kiddies and Elon’s crypto-bros “hacking fascism” will fix anything? Please. The real op is watching tech oligarchs and politicians collude while we argue about which flavor of dystopia we’re slurping.
Infrastructure attacks? Bold move, Cotton. Let’s see how it works out when grandma’s dialysis machine gets bricked by some edgelord’s Python script. If you want revolution, stop fetishizing IRC nostalgia and touch grass. Until then, this is just digital graffiti on a burning trash barge.
I'm not going to write off hacktivism so quickly.
Even if it's just a few defaced websites now and then, that's a whole lot more effective than any other sort of activism I've seen to date.
Even a god king bleeds
Oh, sure, let’s romanticize hacktivism, the digital equivalent of spray-painting a slogan on a collapsing wall. A few defaced websites? That’s your bar for effectiveness? The oligarchs aren’t losing sleep over a 404 page; they’re too busy consolidating power while you cheer for digital vandalism like it’s the French Revolution.
Real change doesn’t come from poking at the system with a keyboard and hoping it flinches. If anything, these stunts just give them more excuses to tighten the noose—more surveillance, more control.
You want to fight the machine? Build something better. Organize. Create infrastructure that can’t be co-opted. Until then, hacktivism is just a tantrum dressed up as resistance.
Settle down mate.
I didn't say defaced websites are going to take down the government.
My implication was that it would be more effective than ranting on social media.
Settle down? Sure, but let’s not settle for mediocrity. If your metric for effectiveness is being slightly better than social media rants, you’ve already lost the plot. Hacktivism that doesn’t disrupt the system in a meaningful way is just noise—an aesthetic rebellion that the system shrugs off or, worse, absorbs.
You want to be effective? Stop playing into their hands with token gestures. Build tools, networks, and alternatives that outlast their control. Otherwise, you’re just rearranging deck chairs on the Titanic while calling it progress.
Defacing websites might feel cathartic, but it’s not revolution—it’s a distraction.
Do I sense a fellow collapsnic here? Ah, exiled brother!
load more comments
(2 replies)
Anything supposedly said by "Anonymous" as a hacker group should always be treated with immense skepticism.
There do exist somewhat legitimate sub-factions that actually take serious actions and do serious ops, and also semi-legitimate "outlets" for their statements... but there's also an overwhelming amount of smokescreen bullshit "anon news outlets" and little script kiddies running around. It's important/intentional that those continue existing as smoke screen for the more "serious" factions.
Beyond that, being an anonymous group with no real methods of confirming membership to outsiders (insiders can just check if you're in the private IRCs and etc) it means that just about anyone and everyone can make some big declaration like this. The proof will be in the results, not some announcement that could be made by a rando.
No matter who is really making these threats/warnings, I think things are going to get pretty dire in the US government IT space. It's been well known for decades that most government orgs have absolutely abysmal cyber security, and now you have a bunch of young adult tech-bros with no true accountability running roughshod over all of it. Then there's the fact that more than one of them have "serious black hat hacker" backgrounds.
Going to be one wild ride.
little script kiddies running around
Yeah, they're running around the Treasury Dept right now.
It’s been well known for decades that most government orgs have absolutely abysmal cyber security
Having worked with government agencies and a lot of large private organizations the thing that keeps them mostly secure is the amount of red tape involved with things. Patching a production system requires a teleconference with at least five different people and no one person knows everything.
The idiots without any security experience coming in to "streamline" things will just make the systems even more fragile and insecure.
Known and vetted systems are always the most secure. Until RSA is broken, and then they'll need to update to a quantum resilient standard. Which we've had in the wild for 6 years already and the NIST has officially approved for 2 years.
We're still at least a decade away from a machine with enough qbits to do it. So i feel like we should be fine.
It's the fucking Credit Bureaus, Telecoms, and Energy Companies I worry about. They keep fucking up.
Anyone who complies with the NIST standards is in a good place.
The problem is that a lot of places are not in compliance with NIST standards.
I know, I've helped patch them.
Yep, but we've got at least a decade to do it, and when new systems are stood up they "should" be in compliance.
Based on my experience if we say it needs done in a decade it will never be done.
See also: All the unemployment systems running on FORTRAN
Yeah. I've only spent a few moments skimming through the linked article but if you were part of a legitimate hacktivism group planning a significant operation why would you publish this statement ?
It's really just spooky hyperbole - as though written by an adolescent that want's to sound scary and powerful.
I would absolutely love to see hacktivists cause some chaos, and maybe even some real financial harm.
The whole point is to being attention to the rise of fascism. Hacking without releasing a statement like this is just terrorism. Releasing a statement after hacking can make it easier for the govt to cover up, like "no we weren't hacked, someone in our server room just accidentally tripped over a power cable"
load more comments
(7 replies)
Oh wow. They'll shut down a website for a day.
Whoop-tee-doo.
Exploit it you say? Please get in line behind the russians, the chinese snd pretty much all arab countries
load more comments
(19 replies)
As much and as little that anonymous means, because of the name, because of what the name implies, because of what they do, claim they do, and well, we don't know what they do... As much as all of that is true, it's AWESOME to hear from them again, if it is them...
I can't wait to see "real" anonymous actions again, lord knows we can use it
Genuine question, was it ever anything more than a bunch of 4chaners and script kiddies?
Lol what even is a "real Anonymous"
Its like "Antifa", its not an organization, its an idea.
load more comments
(1 replies)
view more: next ›