Assistance Requested in Identifying People who Snitched on Goatse Hacking Group

Posted by: diggin2deep

Assistance Requested in Identifying People who Snitched on Goatse Hacking Group - 01/30/11 04:32 AM

Thought I'd post this community announcement here. Snitching has hurt many of the people in the hacking community, let's change that.

Taken from https://hackbloc.org/content/court-docum...tial-informants
Do you know who the informant was? Contact Hackbloc Staff at staff[at]hackbloc.org

For those who haven't been following the story, Daniel Spitler and Andrew Auernheimer, alleged members of the computer security group Goatse have been charged with Conspiracy to Access a Computer Without Authorization and Fraud in Connection with Personal Information for their alleged role in exposing a major flaw in the way AT&T was storing the personal information of iPad users. The email addresses of many in rich and powerful circles was open to exposure including members of the White House Staff.

While the Department of Justice claims these two "hacked into" AT&T databases, the reality is that they simply queried them a number of times. On a public-facing web page, you could ask the database who was associated with which hardware ID and it would tell you.

In a court document posted on Cryptome, it's revealed that a confidential informant provided IRC chat logs to the FBI. According to the affidavit, "Approximately one month after the search of defendant Auernheimer's home, a confidential source (the "CS") contacted federal law enforcement officers and stated, among other things, that the CS routinely monitored "#dominion," one of the IRC channels used by Goatse Security members to communicate with one another. The CS also provided law enforcement officers with chat logs from the "#dominion" channel from on or about June 2, 2010 through on or about June 11, 201 O. Extending over 150 pages, those chat logs conclusively demonstrate that defendants Spitler and Auernheimer were responsible for the data breach and conducted the breach to simultaneously damage AT&T and promote themselves and Goatse Security. Excerpts from the chat logs are provided below."

While there was a snitch within IRC channel, it appears that Goatse members have also offered to work with the Department of Justice "hand in hand for a stronger country" which is all somebody would need to not trust the goatse folks. Future informants against other "malicious hackers"? The idea unfortunately isn't that far-fetched.

It shouldn't be hard to figure out who this snitch was in this case given that they were idling in an IRC room for extensive periods of time. We must protect our communities against snitches who will sell their friends down the river in exchange for legal immunity, status, nationalism, or anything else. Snitching only weakens our community, divides it, and sows distrust into our relationships. Find snitches, publicly out them, and excommunicate them from our community!

A statement was posted on the goatse site which is copied below:

"On the heels of the arrest of two of Goatse Security’s researchers, I felt compelled to write a statement reiterating a few points regarding last year’s AT&T breach which I believe are important:

1. The only data gathered was a list of e-mail addresses. No real names, mailing addresses, or any associated data was breached.
2. The data gathered was PUBLICLY AVAILABLE on AT&T’s web server. Any person could say “What is the e-mail address associated with ID XXXXXXXX” and the server would happily reply “[email protected]” or “invalid ID”. The process of doing so was simply automated using random IDs. There was no “real” hacking involved.
3. Through intermediary channels, Goatse Security notified AT&T of the hole in their system and waited until it had been patched before we made our disclosure.
4. Under no circumstances was the data EVER made public. It was only given to Gawker Media under the condition that it would be redacted, just as proof that the data *HAD* been leaked and this was not a fictitious claim.
5. AT&T has pressured the USDoJ and the FBI into building and prosecuting a baseless case because they care more about their own share price than their customers. Stated another way: the American government works at the behest of private corporations.

AT&T, the FBI, and the prosecution have labelled this as a “malicious” attack, directly against AT&T’s interests and their customers. This could not be farther from the truth. The flaw was quite literally stumbled upon; AT&T was never targeted, and upon gathering the data, it was not sold, distributed, or used otherwise (although it certainly had the potential to be used quite maliciously) – it was only disseminated to a single media outlet because we believed it was important enough to share. Were the hole discovered by a malicious party, the data could have been easily sold to the RBN at a very high price, could have been used to target iPad owners with AT&T phishing e-mails, the e-mails could have been sent iPad trojans, or otherwise. The private discussions we had to determine the extent of the flaw will undoubtedly be twisted and redacted by the prosecution to create an appearance of malice, as these were all topics touched upon. This can be damning even though the discussion itself is not a crime.

The case is based entirely upon IRC logs, anonymously submitted, which could be completely fabricated with no method of verification. The transcripts of these logs are solely being used to create an image of malicious intent.

The fact of the matter is quite simple: AT&T put their own customers at risk through negligence, their share price dropped when this fact was exposed, and they have now co-opted the USDoJ and the FBI to attempt to shift the blame from themselves to individuals who were looking out for the public good.

In the end, regardless of how the chat logs are made to appear, the facts do not change: GoatSec researchers found a hole, made sure it was closed, and responsibly disclosed its existence.
"