One day in February 2011, a twenty-six-year-old Chicago hacker logged onto the AnonOps IRC server and said to himself, “Now here is a productive conversation.” Anonymous was in the midst of targeting the notorious Koch brothers, major donors to Wisconsin’s Republican governor, Scott Walker. That frigid winter, activists all over the state had marched from the farms and factories into the state’s capitol in protest of Governor Walker, who was pushing for a bill that would strip away state employees’ rights to collective bargaining. This hacker watched as Anonymous DDoSed the Koch-funded free-market advocacy group Americans for Prosperity.
It was also frigid in Chicago. Whirling around corners and howling down corridors, the powerful winter wind gripped the city. This hacker, Jeremy Hammond, had barely been logged on for twenty minutes before losing his Internet connection. He sighed and pulled his six-foot, lanky body from his chair and shuffled outside. He stood on the back stoop, his fingers numb from the cold, as he desperately tried to adjust the Wi-Fi antenna. His laptop sat connected to the antenna, running “aircrack-ng,” which was busy doing its best to break into his neighbor’s wireless network. Hammond stood still. He knew that even the most minor movement could affect the wireless signal. It was 3 am, and he was freezing. Going inside wouldn’t help; there hadn’t been heat in the house for months. With the Internet connection finally reestablished, he returned to IRC, and was bathed in the blue light from his laptop for hours.
As Hammond read everything he could about Anonymous’s latest activist jaunts, something tugged at his soul. He identified with Anonymous and he wanted to be a part of it. Hammond was a fiery political activist; without a doubt he was—and remains—one of the most prolific, adamant, unwavering American hacktivists to have ever typed on a keyboard. By his early twenties, direct action had already become a way of life; between the ages of eighteen and twenty-eight, he was arrested eight times during political protests. At the 2004 Republican National Convention, held in New York City, he was scooped up during a drum-banging protest; the following year, he rallied against a neo-Nazi group in Toledo, Ohio, and was arrested for violating an injunction preventing street protests. More recently, in 2010, after burning an Olympic banner to protest Chicago’s bid for the 2016 games, he was sentenced to eighteen months’ probation and 130 hours of community service. Hammond proudly calls himself an anarchist because he believes passionately in “leaderless collectives based on free association, consensus, mutual aid, self-sufficiency, and harmony with the environment.”1
By summer 2011, with the snow long gone, he was actively compromising servers and websites for political purposes. It was fateful for him, for a little more than a year later he would be under arrest and headed toward a decade-long sentence in federal prison. Hammond told me about both his previous hacktivism and involvement with Anonymous in September 2013, during our first, and only, face-to-face meeting, at the Metropolitan Correctional Center in New York City where he was locked up awaiting sentencing. After his arrest in March 2012, we had communicated through old-fashioned paper and stamped envelopes (Hammond placed his stamps upside down). When I met him, he was wearing an oversized brown canvas jumpsuit draped over a body that no longer bore the lanky traces of his programming past. His bulging forearms—the most visible indication of the sixty pounds of muscle he had acquired in prison—rested on a brown table in the barren detainee meeting room. A soundtrack was provided by the buzzing and clicking of the fluorescent lights, their glare bouncing off the white cinder blocks. Having already sucked all aesthetic warmth from the room, the administrators found a way to make it even worse—by making it freezing.
In this delightful ambiance, as Hammond told me more and more about his past, it became increasingly clear that his technical skills had been sharpened specifically for their political capabilities.
Growing up with his twin brother and father in the immediate outskirts of Chicago, he was barely out of the crib when he began toying with computer games. By age ten, he graduated to programming his own games in QBasic on a black-and-white 10MHz laptop with MS-DOS6 and Windows 3.1. He got online soon after, setting up an IRC channel for game development. He also discovered and devoured hacker literary genres, like textfiles (also known as philes) and zines. Typically, these texts, “which teach the techniques and ethos of the underground,” as Bruce Sterling notes, “are prized reservoirs of forbidden knowledge.”2
Most exhibit strong anti-authoritarian or edgy overtones, which are patently evident in their titles:
Hacking Bank America CHHACK.ZIP
Chilton Hacking CITIBANK.ZIP
Hackers Digest HACK.ZIP
Phortune 500 Guide to Unix RADHACK.ZIP
Radio Hacking TAOTRASH.DOC
Anarchist Book ANARCHY.ZIP
Barbiturate Formula BLCKPWDR.ZIP
Electronic Terror EXPLOS1.ZIP
More Pranks to Pull on Idiots! REVENGE.ZIP3
Hammond ate this material up and (incorrectly) assumed that most other hackers shared his political sensibilities. It wasn’t until high school, when he started to attend the local 2600 meetings, that he experienced a bit of a rude awakening. He remembers most of the participants as “super white hats” whose politics lay nowhere near his nascent anticapitalist sensibilities. But, because he also self-identified as a hacker, he enjoyed attending these meetings. He saw the utility of learning from these people.
And then, as he explained, he was further politicized a little later, when “Bush stole the election, 9/11 happened, and the Patriot Act was passed.” At the age of twenty, he cofounded a radical website called Hack This Site with a corollary zine called Hack This Zine. This titles riff off Steal This Book, the 1960s counterculture manual-manifesto written by Abbie Hoffman. (The Yippies published the first hacker/phreak zine, The Youth International Party Line, which advocated ripping off AT&T, aka “Ma Bell,” as a revolutionary act. Its successor publication, Technical Assistance Program (TAP), would shed the overtly leftist political rhetoric.) Hack This Site covered computer security but also delved into radical political trends and events from around the globe, like the movement against the war in Afghanistan and the potential threats to democracy posed by computer-based voting machines.
Even if Hammond was an anomaly in the American hacker scene, there were enough kindred souls around the globe to constitute a small, but feisty, band of radical tech warriors. His zine helped breed a cohort of left-leaning hackers. In fact, one of LulzSec’s most politically minded hackers, Donncha O’Cearbhaill, aka Palladium, had been a reader before he and Hammond met online. And when Hammond wasn’t writing for the zine, he was channeling his technical skills more directly toward his political goals.
In the course of one of his earliest hacks, before he was involved in Anonymous—indeed, before Anonymous even existed as a name to channel activist causes—Hammond left the image of Guy Fawkes on a defaced website. As he briefly touched upon his Guy Fawkes defacement and described his love of the film V for Vendetta, his blue eyes sparkled, his otherwise pale face came to life, and the austere room seemed to soften. I prodded him for more details.
It was March 2006, only a year after he started to hack politically. He had teamed up with The BrigadaElectronica, a loose association of radical anonymous hackers. This coalition hacked into the websites of the Philippine National Police, the Malacañang Palace (the official residence of the Philippine president), the Office of the President of the Philippines, and the National Defense College of the Philippines in a show of solidarity with the Sagada 11, a cohort of activists, including a few volunteering with Food Not Bombs who had been detained in the northern Filipino province of Luzon and faced charges of terrorism.4 (Food Not Bombs is an association of radical collectives serving vegan and vegetarian food to the hungry.)
Hammond wasn’t the only budding anarchist fond of the Hollywood blockbuster V for Vendetta, released the same month as his hack in support of the Sagada 11. The film’s antihero dons a Guy Fawkes mask. Fawkes was once primarily known as a sort of mascot for seventeenth-century British regicide. His failed attempts at regicide are commemorated to this day in the form of a British holiday bearing his name, which celebrates the continuity of the monarchy through the widespread burning of bonfires. British writer Alan Moore adopted the mythologized figure into a dystopian comic book, which became a Hollywood film, which led to the reimagining of Fawkes’s visage as that of the quintessential terrorist-turned-icon-of-resistance. Even if all symbols are open to interpretation, some are more elastic than others. While the peace symbol can only signify one single position, this silent smiling man has, over the years, accrued a multiplicity of meanings before coming to stand as the face of popular dissent.
Soon after his first forays into political hacking, Hammond was arrested and detained in federal prison between 2006 and 2008. He had digitally infiltrated a right-wing organization called “Protest Warrior,” whose tag line is “Fighting the Left, Doing it Right”; he pilfered credit card information from their site’s database. Since he never used the credit card information, he was only charged for the computer intrusion, escaping the harsher sentence and fines that often attend fraudulent credit card use (the prosecutor was seeking a five-year jail term in addition to a $2.5 million fine, saying, “While Jeremy Hammond tried to make this about politics, we wanted to make this about what actually occurred, that he stole credit cards”).5 Sentenced to twenty-four months in jail and fined $5,358, he was sent to a medium-security prison and served eighteen months.
During our interview he offered a surprising confession. In 2008, as Anonymous began adopting the Guy Fawkes mask he adored, he was initially repelled by the group. He dismissed Anonymous as “script kiddies” (a derogatory term for a technologist lacking real skills) and found the “anything goes” culture of deviant trolling—which crossed the line into racism at times—“alienating.” But these were minor reasons compared to his broader rejection of hacktivism more generally. After a few years of political hacking, and two years in jail for the effort, he had asked himself whether “as an environmentalist … [he] was supporting the industrial beast with technology.” For a period he answered “yes,” and he backed away.
But with the emergence of WikiLeaks, and the leaks provided by Manning in particular, he saw the potential of technology “to expose crime.” At his sentencing, following his hacking stint for Anonymous, he would pay tribute to Manning: “She took an enormous personal risk to leak this information—believing that the public had a right to know and hoping that her disclosures would be a positive step to end these abuses. It is heart-wrenching to hear about her cruel treatment in military lockup.”
Hammond warmed to Anonymous early in 2011. He joined AnonOps during OpWisconsin but remained largely a spectator. As he learned the ropes, he also started to establish connections with others. On June 21, 2011, Hammond finally took the full plunge. He first approached Sabu and wanted to hand over some material but, after failing to connect with him, instead sent a private message to two members of LulzSec, first to Topiary and then to tflow, offering to offload some “candiez” that were in his possession. Hammond had recently gained privileged access to the Arizona Department of Public Safety website and siphoned the data he found there. LulzSec eventually accepted custody of the information and released it in four batches under the title “Chinga La Migra” (Spanish for “Fuck the Immigration Police”). It included email messages, names, phone numbers, home addresses, and passwords belonging to Arizona law enforcement, alongside operational materials such as private intelligence bulletins and training manuals.
The timing was perfect. When Hammond handed over the data, LulzSec was in the midst of a tectonic shift, from Internet trickster-fabulists to revolutionary militants. They had a new agenda and a new flag: “AntiSec,” short for Anti-Security. The shift is difficult to explain. Insiders confirmed that even for them, this period was mired in chaos. One Anon told me during an interview: “This was more chaotic in terms of so many subgroups forming, splintering, and redefining themselves … This was the age of LulzSec, AntiSec, TeaMpOisin, the A-Team, CabinCr3w, Buccaneers, Panther Moderns, etc.” Mysteries aside, one thing was certain: over the summer of 2011, Anonymous experienced a Cambrian explosion of hacker crews. Where previously a single IRC network (AnonOps) and a breakaway group (LulzSec) dominated the North American and European scene, an archipelago of hacker islands—with AntiSec becoming the most visible and notorious of the bunch—suddenly emerged from the Anonymous waters.
“It’s now or never. Come aboard, we’re expecting you”
In early June 2011, LulzSec was sailing at a fast clip and leaving behind an extravagant wake for the enjoyment of other Internet denizens. They didn’t know at the time, but they were sailing headlong into stormy weather. Seemingly out of the blue, on June 19, 2011, four days before the Chinga La Migra release, LulzSec unfurled “Operation AntiSec.” This operation was announced, true to form, via a press release on pastebin.com. But there was one key difference: its language. Featuring only a trace of humor (some bits about lizard blood and a reference to lyrics from the Love Boat theme song), its tone was strikingly revolutionary. The release also claimed something that LulzSec had not claimed before—that the operation was an Anonymous project:
Welcome to Operation Anti-Security (#AntiSec)—we encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word “AntiSec” on any government website defacement or physical graffiti art.
Whether you’re sailing with us or against us, whether you hold past grudges or a burning desire to sink our lone ship, we invite you to join the rebellion. Together we can defend ourselves so that our privacy is not overrun by profiteering gluttons. Your hat can be white, gray or black, your skin and race are not important. If you’re aware of the corruption, expose it now, in the name of Anti-Security.
Top priority is to steal and leak any classified government information, including email spools and documentation. Prime targets are banks and other high-ranking establishments. If they try to censor our progress, we will obliterate the censor with cannonfire anointed with lizard blood.
It’s now or never. Come aboard, we’re expecting you.6
Why did Topiary, who wrote the communiqué, push for this revolutionary stance? All evidence points to Sabu. A few weeks prior to the publication of the press release, Sabu had clamored online for the revival of an older AntiSec project.
The anti-security movement had briefly flourished at the turn of the century among some black hat hackers who had contempt for the security industry in general, and for white hat hackers in particular. This was a period when increasingly hackers sought and landed employment in the security industry. Under the mantle of anti-security, a slice of black hat hackers targeted security professionals—doxing them, dumping their mail spools—to protest the increasingly common practice of publicly disclosing exploits and vulnerabilities. Their reasoning, as offered in a founding document, was as follows:
The purpose of this movement is to encourage a new policy of anti-disclosure among the computer and network security communities. The goal is not to ultimately discourage the publication of all security-related news and developments, but rather, to stop the disclosure of all unknown or non-public exploits and vulnerabilities. In essence, this would put a stop to the publication of all private materials that could allow script kiddies from compromising systems via unknown methods.7
While this statement may sound reasonable, the group’s actions were aggressively bold. A more recent anti-security manifesto reflects the mayhem these hackers wrought on the security industry (see figure overleaf). As odd as it might seem, part of the motivation behind the original anti-security was cultural preservation, “to take back the scene.”
The original anti-security vision was a different animal from the one conceived of by Sabu and Anonymous. While the contemporary Anonymous AntiSec movement held little regard for white hats and was disgusted at what it saw as flagrant greed in the security industry, these were not its main enemies.
/Exposed
•Fuck full-disclosure
•Fuck the security industry
•Keep 0days private
•Hack everyone you can and then hack some more
Blend in.
Get trusted.
Trust no one.
Own everyone.
Disclose nothing.
Destroy everything.
Take back the scene.
Never sell out, never surrender.
Get in as anonymous, Leave with no trace.
[Good reads:
Antisec Group Exposed [mirror] [mirror] [mirror] [mirror] [mirror]
[Attachments:
Antisec Group Attachments [mirror] [mirror] [mirror] [mirror] [mirror]
[Check list / Goals:
Take down every public forum, group, or website that helps in promoting exploits and tools or have show-off sections. Publish exploits rigged with /bin/rm to whitehats, let them rm their own boxes for you. Spread the anti-security movement. Revive pr0j3ct m4yh3m.
[Rules of Engagement:
Don’t get too cocky.
Don’t underestimate anyone.
[Contact / Submit paper:
Instead, the AntiSec revival was driven by a more general sense of justice. The point was to own banks, governments, security firms, and other corporations in search of politically damning, leakable information. And, perhaps most crucially of all, the contemporary manifestation of anti-security did not go about its business quietly.
LulzSec’s first public mention of AntiSec was on Twitter: “So gather round, this is a new cyber world and we’re starting it together. There will be bigger targets, there will be more ownage. #ANTISEC.”8
Just three days after this message was posted, on June 7, 2011, at 10:15 pm, the FBI visited a towering brick housing project called the Jacob Riis Houses in Manhattan’s Lower East Side. They came to this Puerto Rican stronghold to arrest Hector Monsegur, aka Sabu. According to a leaked FBI warrant filed to gain access to Monsegur’s Facebook account, a corporation previously hacked by Anonymous culled an IP address that was handed over to law enforcement. The FBI retrieved subscriber information for the IP address, which led to Monsegur’s postal and email addresses. The authorities sought access to Monsegur’s Facebook account because the “pictures” would allow them “to confirm the identity of the individual who assisted in the unauthorized intrusion” and possibly also land other leads if Monsegur shared any information on the social media platform with his hacker associates. Although only twenty-seven years old, he was the foster parent to his incarcerated aunt’s two girls, then both younger than eight. Along with his Anonymous/LulzSec activity, the FBI had evidence linking him to credit card fraud. Facing the prospect of decades in jail and the loss of his two foster children, he flipped.
Just four days before his arrest, the LulzSec crew worried that some of its affiliates had jumped ship. Sabu had claimed he was going to wipe everything:
<Neuron>: Sabu, did we lose people?
<storm>: agreed
<storm>: did we?
<Sabu>:yeah
<storm>: who?
<Sabu>: recursion and devurandom quit respectfully
<Sabu>: saying they are not up for the heat
<Neuron>: im already wiping my enitre desktop
[…]
<Sabu>: wipe it all
<Sabu>: im wiping all my shit now
Whatever he did or didn’t do then, Sabu went from radical hacktivist to sitting in the FBI’s back pocket where he provided a direct portal to LulzSec. The LulzSec team, constantly online, found Sabu’s twenty-four-hour absence fishy. To test him upon his return, they asked him to own a server, which he did, quelling any concerns. Of course, the FBI gave him its blessing to proceed so he could maintain his cover.
Soon after his arrest, Sabu jacked up the AntiSec rhetoric previously hinted at in one brief Twitter message. He must have known that Hammond would find it enticing. Hammond would have likely been on the FBI’s radar, being one of the only anarchists and hackers in the United States who had already served time in jail. The rhetorical shift marked by AntiSec could just as easily have been a continuation of a sincere commitment. We may never know. But what we do know is that Sabu, just shortly after being flipped, pushed for the AntiSec press release to feature charged political language, and Topiary willingly wrote it. Topiary explained to me via email that
Sabu was highly interested in my writing of this message, but perhaps more so he was infatuated with LulzSec’s at-the-time follower count on twitter and saw it as a platform from which to push this kind of political stance. At the time it seemed no more than misguided angsty teenage performance art, but of course to others it was taken with a far more serious flavour.
The public, journalists, and Anonymous itself were all unaware that the FBI had Sabu on a tight leash. But everyone noticed just how much the press release diverged from LulzSec’s style. Media outlets from AdBusters to Fox News reported on the press release, with about half a dozen reporters pulling it apart to try and figure out what was going on. Stephen Chapman from ZDNet posed the key question:
What has existed up to this point as an aimless objective consisting of a series of random, pointless targets, is now coming together as a full-fledged anti-government/anti-establishment movement of potentially epic proportions. Has the digital revolution finally started—something we’ve been watching Hollywood play out for years now? Perhaps.9
Everyone was wondering, including myself, if this was yet another joke or the expression of a true sentiment.
The following day, LulzSec answered. They made good on Operation AntiSec’s promise by using Ryan Cleary’s botnet to DDoS Britain’s Serious Organised Crime Agency. The very next day, on June 21, law enforcement arrested Cleary at his residence in Essex, just outside of London. Newspapers across England were awash with dozens of images of the young man, a core AnonOps hacker and a LulzSec affiliate. As portrayed in the news, he conformed to the stereotype of a dysfunctional, isolated young male. Chubby with milky white skin, he rarely left his bedroom which, while not technically a basement, certainly resembled one, since every window was blocked with homemade silver-foil window blackout. The British tabloids did not miss a beat in sensationalizing every detail.
It was in this frenetic milieu that Hammond reached out to LulzSec with his Arizona material. He had originally wanted to give the data to Sabu, but Sabu was suddenly, and oddly, unresponsive to his queries. Seemingly kindred spirits, Hammond and Sabu had bonded over a shared goal of uniting disparate black hats to rally against injustice and oppression.
So Hammond, operating under the name “Anarchaos,” privately messaged Topiary and tflow, emphasizing that he did not want to “touch the torrent seed server with a ten feet pole.” tflow happily took the “candiez” and LulzSec immediately pushed the material online, listing it on the Pirate Bay’s torrent servers on June 23. Hammond had not earned the trust of the core LulzSec hackers and was not allowed to enter their private chambers. But his hack provided the catalyst through which the AntiSec vision became deed. Hammond wrote the Chinga La Migra press release himself:
We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbes, addresses and passwords belonging to Arizona law enforcement. We are targeting AZDPS specifically because we are against SB1070 and the racial profiling anti-immigrant police state that is Arizona.
The documents classified as “law enforcement sensitive,” “not for public distribution,” and “for official use only” are primarily related to border patrol and counter-terrorism operations and describe the use of informants to infiltrate various gangs, cartels, motorcycle clubs, Nazi groups, and protest movements.
[…]
Hackers of the world are uniting and taking direct action against our common oppressors—the government, corporations, police, and militaries of the world. See you again real soon! ;D10
Soon after the Chinga La Migra release, Hammond, still on probation for his previous hack, was paid a visit by the Chicago police and FBI for a probation check. He found it odd that for a routine check an FBI agent had joined the probation officer. “When they discovered K2 [synthetic marijuana], they put state charges on me for felony possession of marijuana, charges I beat when the drug results came back,” explained Hammond. In jail for a few weeks, Hammond was not around to witness the controversy that his dump stirred among the LulzSec crew. A number of them, such as tflow, pwnsauce, and later Topiary, regretted their decision to release the data. Although these young men had previously doxed a whole batch of corporate executives and released other, equally sensitive data, targeting police officers felt riskier. This territory, while familiar to Hammond, was unfamiliar to them.
In fact, tflow, who was sixteen years old at the time, encouraged the crew to disband LulzSec. It had only been alive for fifty days, but that is a lifetime on the Internet. Surprisingly, everyone, even Sabu, initially agreed. But then, without warning, Sabu changed his mind. tflow explained it to me: “In the fallout he was just outraged that we all wanted to quit despite him not wanting us to and he generally gets what he wants through manipulation.” Ryan Ackroyd (aka Kayla) also recalled one of Sabu’s more manipulative—and deeply ironic—tactics: “I remember him saying something like (not word for word) something about him risking his kids coming this far and stuff and that it was unfair to give up.”
Despite Sabu’s exhortations, tflow’s camp ultimately prevailed. LulzSec retired at the end of June 2011. Of course, they couldn’t help but go out in style, and so on June 25 they unveiled a final mega-release, including the text of an internal AOL networking manual, half a gigabyte of AT&T internal data, and the emails, usernames, and encrypted user passwords for sites ranging from HackForums.net to NATO’s online book shop. Even more interesting than the data itself—at least from the perspective of trickery and myth-making—was LulzSec’s final statement, again drafted by Topiary:
For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others—vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It’s what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures.11
The press release passed the LulzSec mantle to the nascent AntiSec movement. These hackers wanted, as tflow put it to me, LulzSec’s “legacy of hacks to continue.” The final statement continues:
behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us … Please don’t stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.
In jail, Hammond counted down the days until he could return to his newfound community of uber-political hackers. Upon release, he was, as he put it to me, “ready to rock again.” He had no trouble finding willing comrades.
Still, AntiSec’s future success was uncertain until three factors converged. First, Sabu, now working full time as an informant, made it his personal mission to keep AntiSec afloat. Second, Hammond functioned as the perfect confederate. A talented hacker who believed in the AntiSec mission, he became its unflagging workhorse, eventually dedicating most of his free time to the project. The third crucial factor was the existence of a broader team. Despite some LulzSec members having bid permanent adieu a number of them joined the new team. The fully constituted AntiSec crew would consist of roughly eight to twelve core participants—larger than LulzSec ever was. Composed of hackers and a few strategists, the team ensconced itself on a secret channel (with the not-so-secret name “#antisec”) on a server called “cryto.” Many had previously collaborated during the Arab and African Spring ops. I myself knew a number of them from this period, when I hung out on #freedommods, one of the invite-only social channels for the revolutionary ops.
Sabu, so often pegged as the leader of AntiSec, did not actually mastermind the operations or bark orders (in fact, he seemed quite scattered during this period, although later we will see that he went to Hammond with specific hacking requests). The entire AntiSec core team would sometimes work in unison, but more typically they splintered into smaller groups for different operations. For instance, a spin-off channel was created for the hack against the security firm ManTech. Some of the breakaway operations never included Sabu, and his contributions were rarely technical.
Still, Sabu played two vital roles. He was the point man for most exploits and intelligence passed to the team, and he became its public face. Whereas Topiary functioned as a trickster in his handling of PR for LulzSec, Sabu functioned for AntiSec as a seemingly authentic stable representative. Take the following tweet from June 20, a few weeks after his arrest: “Operation Anti-Security: pastebin.com/9KyA0E5v– The Biggest, unified operation amongst hackers in history. All factions welcome. We are one.”
A few members of AntiSec also encouraged Sabu to take on a separate, public profile as an individual. Influenced both by AntiSec’s prodding and direct pressure from the FBI, that summer Sabu used Twitter with full force, launching a stream of spitfire revolutionary rhetoric. Wielding his charisma, he acquired a cult-like status. With the demise of LulzSec, the mythic tricksters were gone. And while Sabu certainly became mythical, his style of public presentation was by no means that of a trickster. He occupied, instead, the archetypal role of revolutionary hacker outlaw. In the lead-up to this period, I had largely avoided him. But finally, in the middle of the summer, as he rose to prominence, I decided it was about time I reached out.
It was American Independence Day: July 4, 2011. Sitting in a boiling room with no air conditioner in San Juan, Puerto Rico—the city where I grew up—I struggled to finish reading an interview with Sabu (the first with this notorious hacker) as beads of sweat trickled down my forehead.12
Conducted by Samantha Murphy for the New Scientist, the piece offered the first public interview with Sabu. I was feeling lame because I, one of the world’s experts on Anonymous, had not even managed a single conversation with the kingpin himself. I had kept my distance from him because, to be frank, I found him intimidating. His disposition was not exactly warm and fuzzy. Prior to being flipped, he had kept a much lower online profile, and he exuded a sort of badass revolutionary attitude; he wasn’t someone you simply chatted with. Sabu’s calls for people to rise up were routinely directed towards his “brothers” and “sisters.” During chats on IRC, he would drop the word “nigger” and, unlike the trolls, he seemed to be using it without a hint of irony. Instead of a rich, alienated, white, basement-dwelling teenager, Sabu sounded like a street-hardened brother. Was it possible that his alienation and anger were borne not of middle-class anomie, but instead of poverty, racial marginalization, and torn families?
The interview recounted a 1999 escapade in which Sabu defaced websites in an effort to call for the end of the US military presence on the small Puerto Rican island of Vieques. Done with the piece, I worked up the courage to send him a private message:
<biella>: hey Sabu just wanted to say props to your work in Vieques
<biella>: I am from la isla and was quite involved with environmental politics back in the day
I waited for what felt like an eternity for his response. To me, it seemed like the world had stopped, the sweat drops freezing halfway down my back. But in reality, he responded almost immediately:
<Sabu>: nice
Then:
<Sabu>: so whats your goal? I see your name associated with being fed/sntich/writing docs on anonymous
<Sabu>: tell me your true intentions
<Sabu>: I am interested
My thoughts swirled. In a scene where reputation counts for so much, Sabu’s intimation stung. I now understand that his accusation was a smart move; he erected a frame that would make it hard for me to see him as a possible snitch. At the time, I could not even fathom that he might be working for the FBI. The question of how I might fend off his accusations eclipsed any other consideration:
<biella>: Sabu I am just an anthropologist
A millisecond after typing, I realized how stupid that probably sounded. Anyone with a basic knowledge of snitches knows that there is a well-documented history of anthropologists working as covert CIA agents. I tried to regroup:
<biella>: I fell into Anonymous accidentally back in 2008
<biella>: via Scientology
<Sabu>: ok
That did not seem good enough either:
<biella>: my passion is politics
<biella>: so I like to study the politics of digital media
<Sabu>: I understand that
And then I said something that now makes me cringe:
<biella>: in terms of anon, I am intrigued and am also concerned (FBI, my computer etc)
<biella>: I take precautions with my data, dont collect certain types of data either, which is frustrating but the only way I see around this
<sabu>: well whats your point of collecting data?
<biella>: I am bummed to hear that my name is associated with snitch/FBI but I understand in so far as it is part of the territory
<Sabu>: historical?
<Sabu>: social science research?
<biella>: I would say a combo of both those
I explained that I did not want to uncover “crimes.” Rather, I was interested in understanding social dynamics. Although our first conversation went rather poorly, much to my surprise—and relief—our chatting became both more regular and friendlier. I thought that either I’d convinced him of my noble intentions, or he had asked other AntiSec members about me. By this time, I was certain that informants were implanted in AnonOps, but in June and July very few rumors tagged Sabu as a rat, whereas other core Anonymous members were often plagued by accusations. My conversations with Sabu only fueled my paranoia. On July 23 he asked:
<Sabu>: you’re deep into anonymous channels and comms
<Sabu>: you never get visits from feds?
<biella>: not yet
<biella>: i have neither been stopped at the border though i travel without my main computer or no computer, not that i have anything incriminating
<biella>: i worry about this, i have contacts with the EFF [Electronic Frontier Foundation]
Much like my first conversation with Sabu, when I praised him in the hopes that he would talk to me, he instead began to butter me up, even thanking me:
<Sabu>: for all the work you do
<Sabu>: en serio mucho respeto [seriously, much respect]
<Sabu>: at the end of the day this movement can be amazing
He also started dropping hints that the FBI was watching me:
<Sabu>: … just because you’re legit doesnt mean they’re not following you
He was clever: I was the potential problem, not him. He would point this out repeatedly and then continue on with his revolutionary rhetoric. He made it hard to see him as anything other than a passionate activist, unwaveringly committed to the cause.
A few weeks after my first conversation with Sabu, I was invited to a secret IRC channel for a one-time conversation among AntiSec members. The participants included a handful of IRC operators from AnonOps and Emmanuel Goldstein, the publisher of hacker zine 2600 and host of a hacker radio show called Off the Hook. They convened to gauge whether Goldstein would be interested in lending his support to the AntiSec subproject oriented around propaganda and artistic creation, called “voice.” Here I was, invited to the inner sanctum. I watched intensely as the group of roughly twenty participants debated the merits of direct action and the purpose of the voice project.
Sabu set the agenda: “so gentlemen we’re going to bring in Emmanuel. He’s going to be the voice of anonymous and antisec on the radio and really wants to help push #voice over.” As it turned out, Goldstein had made no such promises, and while many seemed open to his participation, others objected immediately. Some accused him of being a snitch. Now, one must understand that rumors of snitching constitute part of the everyday background noise among hackers, and this noise itself becomes one of the main roadblocks against substantiating the claims. During the chat, a critic noted that “2600 has a history of condemning attacks, including when Anonymous ddosed mastercard and others for wikileaks.”
Adrian Lamo, the hacker who snitched on Chelsea Manning, had at one point been active in the 2600 scene, with access to an account on 2600’s mail/shell server. According to some, Lamo had not been sufficiently purged. Many were upset about these things, as well as about the Hackers on Planet Earth (HOPE) convention, organized by Goldstein and a large team, which featured Lamo on a panel.
I was particularity intrigued by what a figure named Anarchaos was writing in the chat room. He wasn’t anyone I had seen online before, and it would still be another few months before I would converse with him for the first time, under a different handle. Goldstein began questioning tactics like DDoSing and street-based black bloc organizing, and Anarchaos staunchly defended their legitimacy. “I’ve got personal and political reasons for taking direct action against the forces that oppress us. Don’t be thinking those that fight with force aren’t doing it with brains.” Anons on the channel admitted that “we are more than capable of higher sophisticated attacks but regardless, when we are in the trenches firing upon our enemies, we don’t need other so-called hackers to be undermining our efforts.” Later, someone added that “a diversity of tactics is the most effective way to win campaigns.”
What started as a fascinating conversation about diversity of tactics quickly burst into a flame fest. At a certain point, someone asked Goldstein whether he had ever met me (he had not). I used the attention suddenly directed my way to share with him my thoughts on the HOPE panel that included Adrian Lamo. I wrote that it was “mind blowing,” and that I was “glad you organized that.”
“You wouldn’t believe the pressure I was under NOT to do that,” replied Goldstein. Some in the chat room took the opportunity to affirm that they were still pissed: “Lamo should not be welcome at any hacker gathering and just another nail in the coffin for many people to write off 2600 as sellouts.”
The conversation briefly returned to whether 2600 could contribute to the voice project, before devolving into “lame-ass flaming,” as one participant put it. Goldstein decided to exit: “sorry to cause a bitter tone in here so I will split. But we’re open to dialogue.” The voice project launched soon after on a public IRC channel, without Goldstein’s help. Though the mission of the meeting had failed, it did confirm what I had suspected: the AntiSec team contained a number of hackers, like Anarchaos, who were active but hidden. Who were these people? Why had I never seen them before? The core LulzSec participants, like Topiary, tflow, and Sabu, were for the most part well-known figures. It was clear that Anonymous, already so elusive, was blanketed under even more layers of secrecy.
And, increasingly, I was also being swept into this orbit of secrecy. I had tried to keep my distance from channels where illegal activity was organized. When I talked to Anons privately, I frequently requested that they spare incriminating details (knowing that they might be itching to brag about some epic security compromise). I made it clear to everyone that my role as an anthropologist meant that I was often taking notes, saving some portion of logs, and otherwise gathering data. Even though I encrypted my data, I maintained no special privilege that would preclude me from being regarded as an accessory to crime. As a result, I was not invited to secret channels and I (mostly) avoided the boastful stories about illicit hacks. My attitude was also plainly honest, and I think this helped people understand just what it was I was up to—a rarity in a culture of mistrust, suspicion, rumors, and fear. But now things seemed to be changing. I was slipping into deeper, darker recesses of this labyrinth, given fleeting access to private conversations, and becoming increasingly worried that this could devolve into a problem.
Aldous Huxley once wrote: “To associate with other like-minded people in small, purposeful groups is for the great majority of men and women a source of profound psychological satisfaction. Exclusiveness will add to the pleasure of being several, but at one; and secrecy will intensify it almost to ecstasy.”13 For the hackers participating in Anonymous, secrecy was, without a doubt, a major source of what kept them coming back for more. Secrecy provided a sort of sustenance for this underground community. And while “ecstasy” might be too strong a word when applied to my case, I can’t deny it: acceptance into this esoteric society gave me a thrilling contact high.
As exciting as it initially was to stand in the shadows with Anonymous, by early August 2011, my mood had soured. The frenetic pace of Anonymous activity had mutated into something new through the sheer militancy of the operations. I began to wonder when the FBI or another government agency was going to nab more Anons, or even pay me a visit. AntiSec, like LulzSec, had settled into a rhythm of near-constant hacking, generating taunting releases that simply begged for a reaction from the state: #FuckFBIFridays, #ShootingSherrifsSaturday, #MilitaryMeltdownMonday.
AntiSec doxed sheriff’s offices, defaced and destroyed police organization websites like that of the California Statewide Law Enforcement Association, and leaked the personal information of New York police chiefs. In July alone they attacked the websites of seventy-seven different law enforcement agencies (all hosted on the same server). They dumped a gigabyte of data from Vanguard Defense Industries acquired by hacking the email account of one of its senior vice-presidents. They revealed to the world documents that they had “procured,” including a proposal to the FBI from defense contractor IRC Federal for a project called the “Special Identities Modernization (SIM) Project,” which aimed to identify people who “might” present a criminal or terrorist risk in the future. They claimed to have infiltrated various internal networks of the US Department of Energy, where they sent messages urging employees to work against the government rather than for it. They hacked the federal contractor ManTech International, publishing over four hundred megabytes of content that detailed its dealings with NATO and the US Army (alongside all its employees’ emails). They struck at the mega-security contractor Booz Allen Hamilton; while they were unable to obtain actual documents—though one of Booz Allen Hamilton’s employees at the time, Edward Snowden, eventually would—they managed to download ninety thousand military emails from the company’s site, which they threw up on the Pirate Bay with a long analysis noting “key facts” about the company, such as its funding breakdown. Things had taken a very serious turn.
During this surge of activity, arrests became more commonplace. By the end of July, fourteen Americans had been arrested for DDoSing PayPal, and British authorities had arrested two members of LulzSec: Topiary in Scotland and tflow in London (tflow’s name was not released at the time because he was still a minor). Right before Topiary’s arrest, he left behind an adage—it now stands alone on his retired Twitter account: “You cannot arrest an idea.”14
It was a hot summer. In this climate of menace and threat, I began to suffer weekly nightmares of G-men pounding on my door. I asked myself just what the hell I had gotten myself involved in, and I wasn’t the only one. During an interview, one Anon expressed surprise: “None of us knew we’d be here … locked up for decades, on the run, in exile, suicides mental illness ptsd [sic] etc etc.” Anons increasingly reached out to me with confessions of fear, fueling my own growing unease. On August 1, someone found me and wrote that “shit is getting EXTREMELY hot atm [at the moment] … for those who do AntiSec for instance.” The next day, another hacker told me, “I had helicopter land in a field next to me at 7 am this morning. My heart rate hit about 200, till I realized it was crop spraying.” Between the people freaking out to me in private, the litany of arrests, my life being put on hold as I poured increasing amounts of time into the research, the highly mediated text-based pseudonymous interactivity, and the growing tentacles of secrecy, I grew frustrated and burnt out. It was getting to me. I was worried about the future of Anonymous, about my future and the lives of those who had been arrested. Some hackers in AntiSec started to notice that I was down. Some contacted me privately, encouraging me not to quit. One told me that if I quit I would miss some really “special things.”
I didn’t even bother to ask what these things might be. The leaks and compromises were still going strong, but they had lost their luster. To me, #FuckFBIFridays and #MilitaryMeltdownMonday had started to become #FuckFBIFatigue and #MyMeltdownMondays. I was also frustrated that, while my access to AntiSec grew, more activity seemed to be emanating from other, small hacker teams that I remained largely in the dark about it. The days of large-scale Anonymous uprisings were being eclipsed. Anonymous had been exciting to me for a specific reason: it was the largest and most populist disruptive grassroots movement the Internet had, up to that time, fomented. But it felt, suddenly, like AnonOps/Anonymous was slipping into a more familiar state of hacker-vangaurdism. And it meant, from a purely logistical perspective, that Anonymous was becoming even harder to study.
In retrospect, there’s at least one concrete explanation for Anonymous’s growing fragmentation: direct government interference. Thanks to Edward Snowden’s NSA mega-leaks in 2013, we know that in the summer of 2011, Britain’s Government Communications Headquarters (GCHQ) targeted AnonOps’ communications infrastructure. A GCHQ special unit called the Joint Threat Research Intelligence Group (JTRIG)—which also engages in COINTELPRO-type meddling—launched DDoS attacks against Anonymous, calling it them “OpWealth” and “Rolling Thunder.”15
This was the first known instance of a Western government secretly using DDoS—criminalized in the UK and the US—as a tactic against its own citizens. GCHQ claimed that its operation was a success; the leaked slides boast that as a result of its DDoS of AnonOps’ IRC, “80% of those messaged where [sic] not in the IRC channels 1 month later.” By this time, the UK government had already arrested British participants for the same act. One of those arrested, Chris Weatherhead, aka “Nerdo,” was a central and much beloved AnonOps operator. Eventually, he would receive an eighteen-month sentence for his role in the DDoS campaign “Avenge Assange/Operation Payback.” He was not found guilty of engaging in an actual DDoS itself, but of aiding in the operation by running the IRC server. The British government, on the other hand, has faced no sanction for DDoSing activists. The law, clearly, is not applied equally. As Weatherhead put it on Twitter when he read the news: “My Government used a DDoS attack against servers I owned, and then convicted me of conducted DDoS attacks. Seriously what the fucking fuck?”16
This shotgun approach to justice sprays its punishment over thousands of individuals who are engaging in debate and protest, simply because a small handful of people in their midst have committed digital vandalism.
This attempted deterrence may have stalled Anonymous at large, but it did nothing to stop AntiSec. They were on a different IRC network. While some members did get arrested, and others left for a variety of reasons, the consensus was largely that, as one member of AntiSec told me, “there is no turning back.”
I had to take a break. I booked a trip to one of the most famous hacker conferences in the world, The Chaos Communication Camp, organized by the Chaos Computer Club every four years in Germany. I reasoned that some offline time spent with hackers I knew, with friends—or at least with people I could actually look at—might lessen the vertigo that had set in.
Yet after a string of days and nights at the hacker festival and an early morning flight from Germany, I arrived back in the United States more exhausted than before I had left. The Anonymous spirit, by contrast, seemed to have been refreshed. Making my way through baggage claim, I glimpsed a familiar image on a faraway TV screen—the Guy Fawkes mask. Jolted, I trotted over to the monitor. CNN was showing a tweet calling for “OpBART” (“BART” stands for Bay Area Rapid Transit). From the visual clues provided by CNN, I realized that this operation was not only big. It also seemed to fit the mold of the old-school, tumultuous, large-scale-uprising of the pre-AntiSec Anonymous. The 80 percent of users the GCHQ had supposedly blasted away with its DDoS were back, along with hundreds of newcomers.
OpBART’s point of origin can be pinpointed to July 3, 2011, when BART police fatally shot Charles Hill in the San Francisco Civic Center BART station. Though the man had been intoxicated and armed with a knife, killing him struck many as an excessive use of force. It was also a reminder of the general problem of police brutality. In 2009, cops had killed an African-American man, Oscar Grant III, at the Fruitvale BART Station in Oakland. He was shot in the back while they had him pinned to the ground. In response to the shooting of Hill, local organizers coordinated a protest on July 11. Roughly one hundred demonstrators disrupted BART service at the Civic Center BART station. Organizers called for another protest at the Civic Center BART station one month later. BART officials decided to block cellphone reception in stations to thwart the August demonstration. BART spokesperson Linton Johnson explained their rationale to CNN: “We made a gut-wrenching decision that was forced upon us by the protesters … They [the activists] made us choose between people’s ability to use their mobile phones [and] their constitutional right to get from point A to point B.”17
Last time I checked, the Constitution protects both free speech and freedom of association, but not freedom of transportation. Anonymous geeks, so well acquainted with constitutional rights, naturally got upset. Jackal, the main holder of the @YourAnonNews Twitter account, publicly inaugurated #OPBART with a string of scathing messages. He had over 300,000 followers, and soon after being featured on CNN, the account would amass another 200,000 (which also prompted the FBI to visit Jackal). Anonymous and other concerned citizens relied on the clever hashtag “#muBARTec” to connect this act of censorship to the wide-scale telecom blackout imposed by former Egyptian president Hosni Mubarak just a handful of months earlier, in January 2011.
Jackal was working with a small team. He maintained a semi-private nook, an IRC channel he called “the cabin,” that initially included only four individuals. Primarily conceived of as a social space, one of the early members appended the term “cr3w” onto the name, poking light fun at LulzSec and the other self-proclaimed “crews” mushrooming at the time. Operation BART, their very first op, accidentally transformed CabinCr3w from a social channel into a prolific and functioning team. In the coming months they would grow to roughly twenty participants. They would become known as specialists in open-source data mining—muckraking through databases provided by other hackers who would infiltrate servers in search of information (though some hackers from CabinCr3w, like Kahuna [John Anthony Borell III], and w0rmer [Higinio O. Ochoa III] also engaged in digital trespass and were subsequently arrested).
But in mid-August, as OpBART was just beginning, the team remained tiny. And because its labor force was small, participants had to work around the clock for the first three days. Utilizing Facebook, CabinCr3w connected with locals to organize street protests and banded together with the wider Anon community by reaching out to some established organizers. A public #opbart IRC channel on AnonOps’ server became a rallying point. Everyone went to work drafting propaganda material to advertise the protest planned for Monday, August 15. In a mode familiar from Operation Avenge Assange, the organizers acted as choreographers—to borrow Paolo Gerbaudo’s fitting term—who harnessed and directed a fireball of fury.18
Alongside the protest and propaganda, some individuals engaged in some rather dicey, although admittedly lulzy, behavior; it was these acts that attracted mainstream media attention.
For instance, someone claiming the mantle of Anonymous found a racy, semi-nude photo of BART’s Linton Johnson on his personal website. This photo was then republished on the “bartlulz” website—to considerable fanfare—along with this brazen rationalization: “if you are going to be a dick to the public, then I’m sure you don’t mind showing your dick to the public … Umad Bro? #Bartlulz.”19
But more than anything else, it was a string of hacks that attracted national media coverage, from CNN to Democracy Now!
First, there was a website defacement on August 14. The interlopers simply defaced myBART.org with an image of Guy Fawkes. This was followed almost immediately by an intrusion that exposed the private data of 2,500 BART customers. A day after the second protest at the Civic Center BART station, organized by Anonymous and local activists, there was another intrusion, on August 17, into a BART police union website. This resulted in the publishing on Pastebin of the home addresses, email addresses, and passwords of 102 BART police officers, among other employees.
The day I returned from Germany, Democracy Now! contacted me to inquire whether I could join them the next day to speak about OpBART. I dreaded the prospect of being asked about the blatant privacy violations committed by such hacks, and the gymnastics required to explain the use of such tactics by a collective that ostensibly fought to protect privacy. Thankfully, the next day I was joined on live TV by masked Anon activist Commander X, and it was he who asked to offer a rationale:
AMY GOODMAN: And your thoughts… on going after the actual passengers themselves, people who might not want that personal information out?
X: … How else do you get the world to respond and secure your information? How else do you get these companies and these big governments to keep your information, the information you give them voluntarily, safe? I think we got our message across, and I’ll bet you one thing: I’ll bet you they fix that.20
Commander X, who spoke through a voice distorter, was not responsible for the breach, but the alleged perpetrator and a minority of other Anonymous activists shared their rationale. At the time, I had no idea who was behind the hacks, nor how other Anons viewed this breach. But soon after the interview, I returned home to find out.
Although there was tremendous—almost unilateral—support among Anons for protesting BART’s act of censorship, the hacking and dumping of private customer data was one of the most internally divisive acts I had yet witnessed. Conversation on the channels, and even publicly over Twitter, was brimming with criticism.
Consider, for instance, what happened when Lamaline_5mg logged in to the public OpBART channel on August 17 and claimed responsibility for the BART police union website hack. She offered a link to the dox:
<Lamaline_5mg>: Hello y’all
<CrappyTIres>: Hi Lamaline_5mg
<Lamaline_5mg>: I have a small contribution.
<Lamaline_5mg>: http://pastebin.com/XX7DJBqw
<Lamaline_5mg>: A leak from http://bartpoa.com/ [BART Police Officers’ Association]
<Lamaline_5mg>: Enjoy, and share.
<CrappyTIres>: hmm
*CrappyTIres doesn’t like info leaks
<OpNoPro>: were those names ever shared before?
<Lamaline_5mg>: What?
<Lamaline_5mg>: I don’t know. I guess not.
<OpNoPro>: You dropped names and passwords
<OpNoPro>: We run a very clean operation here
<OpNoPro>: We are not interested in any thing like that
<OpNoPro>: Please refrain from dropping anybody’s private information anywhere on anonymous’s behalf… not interested in breaching somebody’s privacy… they have a right to it as much as you do
Not everyone agreed with OpNoPro. Others vocally supported the black hat ways of AnonOps:
<sharpie>: that’s his dump
<OpNoPro>: Do your jobs privately and nobody needs to know
<sharpie>: stfu
[…]
<Lamaline_5mg>: It’s not my fault for their crapy security.
<OpNoPro>: Take it easy sharp pen
<OpNoPro>: This is not a question for debate
<OpNoPro>: This is a question about keeping things separate
<sharpie>: people think this irc is a fucking church knitting group
<OpNoPro>: Please understand the situation
<sharpie>: yeah
<sharpie>: I do
<sharpie>: a lot more than you
<OpNoPro>: There are many portions to the IRC
*CrappyTIres looks for the knitting group
<OpNoPro>: Take it easy sharp pen
<OpNoPro>: Wake up
[…]
<sharpie>: take your moralfaggotry whitehat shit and shove it
<OpNoPro>: And if you ever see me in a knitting club that will be in your eyes
<OpNoPro>: You have no idea what my morals are
Sharpie concluded by echoing one of the most common rationales:
<sharpie>: how much publicity do you think “#opbart” would have had without db dumps?
And then Lamaline_5mg said that she was not even Anonymous—raising the ontological question of just what makes one Anonymous anyway. She showed up on the Anonymous IRC server, proffered some dox, and then proceeded to work with other Anons to craft a message to the press; if that doesn’t make one an Anon, then what does? Regardless, the distinction mattered little in relation to the more general ethical questions surrounding hacking and doxing. By now, thanks to AntiSec, these tactics were a common fixture in the Anonymous landscape and would only grow more controversial:
<Lamaline_5mg>: This is not anonymous.
<Lamaline_5mg>: Fuck you.
<w>: OpNoPro, like it or now, fractal chaos and tactics diversity is what is fueling global revolution
<AlbaandOmegle>: Anon is a shitstarter
<AlbaandOmegle>: because it works
<OpNoPro>: take the dumps somewhere else
<w>: OpNoPro, you cannot prevent people from using an operation name for doxing, ddosing and hacking
<w>: OpNoPro, even if that was the right choice, you simply can’t
<Lamaline_5mg>: I don’t use the operation name.
Versions of this conversation would be repeated at least a dozen times elsewhere over the next few days. My reading was that most participants on AnonOps opposed the privacy-violating dumps, but mainly supportive of the other illegal tactics, like the BART website defacement, the email and fax bombing, and the DDoS (regardless of the fact that it failed—BART had implemented good DDoS protection). A minority supported the doxing simply because it served the greater purpose of media attention, or was an example of the “fractal chaos” that partly defined Anonymous.
The doxing also marked the first time that suspicions of a “false flag operation” fully flared within Anonymous. A false flag operation is a secret intervention in which a government agent performs a controversial action on behalf of a political group to seed mistrust and controversy or provide justification for the government’s own escalated response.
Two days later, Lamaline_5mg published a statement on Pastebin that seemed to quell rumors of a false flag, though it did little to extinguish the controversy:
I find it shameful that the media do not condemn taking such drastic actions against a protest after the *killing* of an innocent citizen. He was not proven guilty, or do they actually judge people at their funeral? Implying this guy got a proper funeral.
I also find it disturbingly sad that the San Francisco Bay Area local media is being so supportive of the right to remain anonymous of the BART police personnel, when they didn’t give a shit about this man being killed.
Did they condemn the killing of this man?
All I did was give them (the cops) a taste of their own medicine, ie ‘Lamaline’ which is an (anal) analgesic… (Look it up)
It also means « The cunning », in french.21
In a subsequent interview with SF Weekly, Lamaline_5mg claimed to be French, female, and a preteen (the last two being unlikely). She said that the BART hack marked her very first intrusion.
In the midst of all this, a pastebin.com message titled “Anonymous is NOT unanimous” was picked up and read by many participants:
Anonymous has a perception problem. Most people think we’re a group of shadowy hackers. This is a fundamental flaw. Anonymous is *groups* of shadowy hackers, and herein lies the problem. Anonymous has done a lot of good in just the past 9 months. It has helped with other groups in providing aid to people on the ground in countries where “democracy” is a bad word.
The mainstream media needs to understand that Anonymous isn’t unanimous. I’ve yet to see wide scale reporting make this distinction. A destructive minority is getting a majority of the press, while those of us who toil in the shadow doing good work for people at home and abroad go unthanked.22
This statement captures Anonymous’s commitment to difference, plurality, and dissension—similar in form to the type of adversarial politics advocated by radical theorist Chantal Mouffe.23
Anons often disagree and engage in a strong war of words. But very little energy is spent on systematically trying to eliminate difference, or carving out some “middle ground” resolution. Instead, differences are loudly voiced, listened to, responded to, and reluctantly accepted; Anons widely acknowledge that nothing drastic or meaningful can be done to eliminate differences, and they carry on with their interventions or, if the disagreements are unbearable, break away to form a new node.
The OpBART hacking controversy eventually receded. But one controversy remained. As weeks turned into months, criticism of AntiSec’s defacements and hacks mounted, even as the group’s support base grew. Some Anons saw AntiSec as reckless, and many were suspicious of its motives. Rumors circulated that not only particular actions, but also the entirety of AntiSec might be a false flag operation.
AntiSec, perhaps unsurprisingly, was simultaneously respected, tolerated, and vilified. Many of AntiSec’s core members had been essential to past iterations of the Anonymous/ AnonOps/LulzSec constellation. Their significance coincided with the partial fading of WikiLeaks, which suffered from internal frictions and legal troubles. AntiSec, it was hoped, might expand to more directly challenge the powers wielded by corporations and governments—not simply by producing momentary spectacles, as is the case with DDoS attacks, but also by whistleblowing—locating and releasing hard evidence of malfeasance.
Despite constant hacks during the late summer and early fall of 2011, very little of real substance was uncovered. (Had Sabu not been an informant, it is likely that AntiSec would have delivered more. The FBI notified some companies of breaches, prompting the fast patching of holes, effectively closing doors that AntiSec had only just opened.) One Anon who had been centrally involved since the fall of 2010 quit in August 2011, largely in disgust over AntiSec. While LulzSec dumped plenty of data—such as usernames, email addresses, passwords, emails, and other documents—much of it was seen to lack political weight. And yet AntiSec managed to remain in the spotlight. People began to resent this. There were many small crews operating, most of them outside of the public eye. The possibility was raised that AntiSec had become counterproductive, funneling attention, labor, and resources into worthless activities. Another hacker who had been a core member of AnonOps IRC staff explained, “We got pissed off that AntiSec was thrown on us. We had no warning. And they’d been planning it for a while, coopting people from here.”
Worse, AntiSec began to raise hackles among some Anons for a time-honoured Anonymous taboo: fame-seeking. One Anon relayed this view on IRC in September 2011 in the course of resigning from the group (pseudonym has been changed):
<ha>: wtf happened to #antisec
<ha>: let me tell you a story
<ha>: gather round kids
<ha>: Once upon a time there was a team of status fag hackers, most of which where okay as people, we all have our flaws. They came to be known as lulzsec
<ha>: These hackers decided it would be a good idea to use there status fag powers to gather anons against the infosec industry.
<ha>: It was then someone decided to give monkies machine guns and taught them the weakness of sql tables. These monkies decided they wanted to look good for lulzsec and hacked every possible thing they could, releasing all the information they plundered reguardless to such things as consequence and public realtions.
<ha>: Private data leaked faster then WikiLeaks brand condom.
<ha>: They continued hacking away hoping to gain a pat on the back from Sabu.
<ha>: Then the summer vacation ended.
<ha>: They found themselves unable to continue there hackery as more pressing matters became apparent, such as who do i sit with during lunch and whats a cooler elective to take, french or band.
<ha>: Thus ends the saga of #antisec
Earlier in the summer, the AnonOps network had grown so critical of Barrett Brown that he decided to quit. He was adamant that he was no longer involved in Anonymous, focusing his energy on “Project PM,” a team wiki dedicated to documenting the inner workings of private contractors doing security work for the government. Later, Brown would assume the moniker of Anonymous again—to take on the Mexican drug cartels (a dumb and dangerous bluff). And he would also receive information for ProjectPM from AntiSec, when the group finally procured sensitive data from a security firm called Stratfor. But that was months away. Brown remained, at that time, a reminder that attention-seeking behavior was frowned on.
AntiSec’s attention-seeking was more ambivalent and complicated than it had been with Brown. Unlike Brown, AntiSec sought attention under a pseudo-anonymous mantle. And some Anons stood by the crews’ actions, holding out hope that their efforts would eventually produce some political, classified, or secret information impossible to procure legally.
A cohort of black hat hackers (unaffiliated with) Anonymous had had enough with AntiSec. A group of underground hackers going by the name BR1CKSQU4D, which they seem to have assumed only temporarily, released a document that included some purported doxes of Anonymous and AntiSec members. They opened by declaring:
! FUCK ANONYMOUS ! FUCK ANTISEC ! FUCK ANONYMOUS ! FUCK ANTISEC 24
Further along, they did not mince words:
And you wonder why the 90s groups you shout out (with kids and families) won’t come out of retirement to help you?
You have accomplished nothing except inflaming ‘cyber-war’ rhetoric and fueling legislation that will end up with hackers getting 50 years in prison.
The most retarded part is that you dont even realize you are the cause of the very thing you hate;
Every time you DDoS a company Prolexic or DOSarrest sign up a new customer.
Every time you SQL inject some irrelevant site a pentesting company gets a new contract.
Every time you declare cyberwar on the government federal contractors get drowned in grant money.
Other hackers and netizens also began accusing Anonymous of fortifying the cyberwar industrial complex. But it’s worth noting that long before Anonymous came to prominence, national governments around the world already aspired to control the Internet and were already developing statutes that eroded individual rights and privacies. Cybersecurity initiatives would be well funded with or without Anonymous. This is not to say that all the group’s actions are justified. Still, in the face of such a gargantuan surveillance state, what Anonymous has enabled is a flexible platform for citizens to express their dissent over long-entrenched trends.
But BR1CKSQU4D, wedded foremost to the black hat sensibility, ended the diatribe with a set of threats that harkened right back to the original AntiSec mindset:
If you support antisec in any way you will be targeted.
Journalists, musicians, laywers, webhosts, VPN providers, political commentators, profiteering businesses, you are all valid targets.
You stepped into OUR world if you don’t want to play the game get the fuck off the playing field.
[…]
We have <3 for the scene. Fuck the media.