Hacked and Vandalized, HBGary Pulls Out of RSA Security Conference

[saaya]

anons grow easily, all you need is a breed of intelligent homo sapiens sapiens, feed them with proper education and give them lots of freedom to grow and expand their minds
Then all they need to blossom is restrictions and arrogant authority, thats what really makes them grow and spread

i wouldn't want neither anon nor anybody else to get their hands on smth like this :x

i do... why? if anon has it, you cant control it... if you cant control it, nobody can abuse it... simple...
sure, some people will abuse it, but it wont be nearly as bad as having power concentrated in one place and then having it abused.
people always think anarchy is chaos, when its not at all... egypts uprising was a perfect example of self organizing structures in human society in an anarchistic environment...
sometimes its better if there is nobody in control, because then everybody is in control, and nobody can cause any big damage, while most people will work together and make something good out of it

i trust and believe in humans
i dont trust and believe in corporations and governments...

do you?

[RaZz!]

a[...]

i do... why? if anon has it, you cant control it... if you cant control it, nobody can abuse it... simple...

[...]

isn't it more like "if you can't control it, anybody can abuse it"?

i really have no idea what to think about anon. some people there might have their principles, but there are always black sheeps as well.

[saaya]

but thats the whole point... think of online security, perfect example...
if theres a known exploit, EVERYBODY can use it, which means everybody is aware of it and the consequences are known, and the issue usually gets fixed within a short time
which means everybody CAN abuse it, but since EVERYBODY can abuse it, everybody is aware of it and soon things are under control and balanced again...
its very uncommon that any of those exploits are actually used to cause big damages... very uncommon...

if there are exploits nobody knows about, those people that do know it have a LOT of power... think stuxnet...
they have enough power to manipulate the biggest corporations on the planet, and all the governments as well...

so yeah, id MUCH rather have some random people play some pranks or steal some money here and there than a single entity having this much control over all of us and abusing it!
and lets face it, people arent bad, its power than makes them bad... spreading power is the easiest way to balance things...
its UNCDOCUMENTED and UNKNOWN exploits that end up in the wrong hands that cause havoc every now and then...
those are a few bad people, and them running into those exploits is rather low...

now look at the government and corporations... they can find and even create exploits easily and frequently...
and who is in charge here?
look at how people get promoted an become higher ups in companies and governments...
we are pretty much breeding crooks with our current corporate and political environments...
people who are anti-social, egoistic, power hungry, have no conscience, break laws... those are the people that climb up the ladders quickly...
that doesnt mean all people in high ranks are corrupt and bad, but we make it very easy for those who are to get there...

so again, who do you want to be in the position to harm you?
some random guy who is just playing around and curious, and who tends to be very idealistic and positive?
or somebody in charge of a major corporation or government, who tends to be corrupted to the bone and would sell his own mom into slavery for the right price?


we live in the age of information...
information is everything... if you know the right things these days, you are more powerful than any government or corporation...
this makes secrets so valuable and powerful...
but if everybody knows something, it loses its power...
thats why i believe in free press, wikipedia, wikileaks, anon and other groups and organizations striving for true freedom of information

[NEOAethyr]

Lol, to think the thread I created about the news of stuxnet or whatever it's called was del'ed by the time I woke up, never saw any of the replies if there was any.

I'm all for uncensoring the net.
There's no reason for it.
Even in amerika we have this prob.
Though it's not as obvious as perhaps some other countries.
I have a plan for this in the future hehe..., but not right now.
I keep getting bugged about the new infrastructure though from some cousins of mine :\.

As for wikileaks, though some of there leaked info from cable trunk lines are legit, it's mostly garbage you can find if you look hard enough anyways.
I thought some of the fbi stuff they leaked was interesting, I had no idea there info on gangs are so lax.
I only got ahold of a few files, because they separate every single file into a sep torrent, that was freaking annoying, should be an all in 1 torrent :|.
(If it was an aio torrent I'de dl that stuff...)

I do believe this company deserved to get hacked for selling "snake oil" such as network security.
Freaking funny as heck that anyone could even sell such a thing as this.
And to think that some of this stuff happens automatically with usb sticks lmao, only an idiot would fall for an exploit like that.
Ehhh, wrong wording, 99% of the pop would fall for the auto install exploit from a read only rom bank, I hate those kind of usb sticks...

This is gonna get my post del'ed I just know it...
I know blueshirts still exist, but I wonder how big it is...

I should of probably simplified this post, to long :\.

[SMTB1963]

dont forget source code for stuxnet was also in the emails. now anon can use stuxnet in its attacks.

It's my understanding that anon released the entire e-mail archive on bittorrent, so now pretty much anyone has access to the stuxnet code - not just anon. But as Serra points out, stuxnet is so target-specific, that it's unlikely to pose a major threat to the broader infrastructure.

This whole anon/HBGary fracas brings to mind a couple of lines in the closing scenes of Eastwood's "Unforgiven":

Will Munny: Who's the fellow owns this hole?
[pause]

Will Munny: You, fat man. Speak up.

Skinny Dubois: Uh, I... I own this establishment. I bought the place from Greeley for a thousand dollars.
[Will levels the shotgun, and speaks to someone standing behind Skinny]

Will Munny: You better clear outta there.

Man: Yes, sir.
[scampers out of the way]

Little Bill Daggett: Just hold it right there. Hold it...!
[Will shoots Skinny. Screaming, the women scatter upstairs]

Little Bill Daggett: Well, sir, you are a cowardly son of a ! You just shot an unarmed man!

Will Munny: Well, he should have armed himself if he's going to decorate his saloon with my friend.

While I sympathize with HBGary employees whose livelihoods are now at risk, the leadership of that organization showed a stunning level of naiveté in this sordid affair. If you're going to take on the guys who successfully interrupted the on-line operations of some major corporations, you better make damn sure you're ready for the repercussions. They weren't, and now they're paying the price.

[Serra]

While I'm inclined to agree with your position at some level, the "Terrorist" label is being attached to so many activities these days (illegal or otherwise) that it's becoming meaningless. Under your broad definition, that chucklehead lawyer at ACS:Law who threatened people with lawsuits could be considered a terrorist of sorts.

This example is faulty. The lawyer is threatening LEGAL action, not ILLEGAL action. It is a kind of terror, but I would suppose that using legal methods disqualifies it from that moniker.

It is not terrorism against individuals, it is corporate terrorism... with "corporate" being the key word. This corporation may in fact be killed by this move, it's a tough blow against a security company that has cost them many key clients and all kinds of lasting PR damage. Statistically, they have about a 7% chance of surviving after 2 years, higher if they accept a dramatic size reduction. This is the corporate equivalent of being near a suicide bomber and ending up in the ICU with a brain condition which could deteriorate over a short period of time.

Lol, to think the thread I created about the news of stuxnet or whatever it's called was del'ed by the time I woke up, never saw any of the replies if there was any.

I do believe this company deserved to get hacked for selling "snake oil" such as network security.
Freaking funny as heck that anyone could even sell such a thing as this.
And to think that some of this stuff happens automatically with usb sticks lmao, only an idiot would fall for an exploit like that.
Ehhh, wrong wording, 99% of the pop would fall for the auto install exploit from a read only rom bank, I hate those kind of usb sticks...

I deleted your thread on Stuxnet because it was about a virus identified publicly about 8 months previously and was just a link to Wikipedia - eg. not news.

I enjoy your idea that selling network security is like selling snake oil. How do you feel about home alarms, fences, and door locks? Do you leave your door open when you leave because someone who was determined could break in even if it was closed and locked?

"Security" is a moving target, but a network with no security has a much larger target on it. High levels of security are in fact quite possible these days, but few companies see the value in investing in it as they would need to get there - every dollar they spend on security is a dollar which does not produce product for them or offer new services that CEO's can see and understand, and thus they are fairly tight-fisted on it. The fact that a large breach can sink the business entirely often falls by the wayside.

Worse, in many cases (eg. credit card companies) they actually make strategic decisions to not include security on the majority of their infrastructure because the money they would lose in even a series of fairly good sized breaches is overshadowed by the money they will make by pumping out the product that much sooner/faster. Screw the fact that hundreds or thousands of individuals will have their data exposed and be susceptible to identity theft or credit card fraud, those cases typically settle for a very small amount of money and few people ever pursue the offending company.

[NEOAethyr]

I see, I posted the stuxnet thread because I just learned about an episode of the colbert report yesterday on it, didn't watch it though.
Thought it was an interesting thing in some respect.

Anyways.
I think a router is enough for most things, it's enough to keep most external attacks at bay.
Someone knowledgeable in the field of windows tweaking could fix up holes.
A network manager should be checking the network activity and looking over active ports at least once a day.
And in a place such as a nuke site, they aught to be checking data on these usb sticks on a dedicated system.

A software firewall such as zone alarm could help if there was no one knowledgeable in the holes and backdoors of windows security.
That or a simple router like I said before.

Selling a service such as network security and actually being serious about it...
These people may know a little bit about how to do this, but probably not much more then your avg network admin :|.

That's why I think it's snake oil.
It's just someone going around state to state selling snake oil, making big investment money off scare tactics.

I suppose if security is such a big concern to a certain company...
I'm thinking they will believe there network admin is not up to the task (they should not of been hired then, it's there job to maintain the network and keep an eye on it).
They will probably look for a "professional".
And most of these so called professionals are likely just gonna rip you off with some sort of $100k software package that could be just as bad as a real security breach.

While I do believe it's possible for legit people to create a security company.
Overpriced and over advertised people in this trade are all likely just looking to steal your money and nothing more.

Just looking at this companies site, hbgary.
It really looks like bs to me.
I don't know the exact story on this thread topic lol, but if they were gloating about there product and services, it's no wonder they were hacked.

[twwen2]

but thats the whole point... think of online security, perfect example...
if theres a known exploit, EVERYBODY can use it, which means everybody is aware of it and the consequences are known, and the issue usually gets fixed within a short time
which means everybody CAN abuse it, but since EVERYBODY can abuse it, everybody is aware of it and soon things are under control and balanced again...
its very uncommon that any of those exploits are actually used to cause big damages... very uncommon...

I would agree to a point. What you said applies to the wider security (or security-aware) community for sure. Public disclosure of vulnerabilities and available exploits means that those of us in the know can proactively test for and remediate the issues.

However, I would question how many IT operations people are actually aware of the security space at all? In my work I come across organisations who are completely security-illiterate. Those people and the systems they manage now face a much larger threat space because every man and his dog can run a point-and-click exploit without really knowing how it works.

I do agree that the largest threats come from the un-known vulnerabilities and exploits that state-sponsored and organised hacking groups control.

[NEOAethyr]

I think the greatest threat in security is the os used and the cpu it's self.

I'm not talking about the noexecute thing.
I'm talking about smm and military loadall instruction, plus the newer instruction whatever it was called before smm.
But I'de only worry about that if I were the tops of security for a country...

The os however is giant backdoor for hackers.

Microsoft user rights mean nothing to me.
Microsoft firewall rules do not apply to me in any way.
Block access to internet physically or selectively with software other then microsofts or I'm gonna use it regardless of what my rights are supposed to be for that specific client.

A stock os, even if firewalled, if I'm doing an internal job, I can list up all the potential working exploits with a single port command.
And usually 100% of would be ready to go.
Externally the same thing, but if you're firewalled I can't get that info by asking the os.

Bah what am I doing...
Anyways it's the os that is the prob in the 1st place...

[Serra]

Anyways.
I think a router is enough for most things, it's enough to keep most external attacks at bay.
Someone knowledgeable in the field of windows tweaking could fix up holes.
A network manager should be checking the network activity and looking over active ports at least once a day.
And in a place such as a nuke site, they aught to be checking data on these usb sticks on a dedicated system.

A software firewall such as zone alarm could help if there was no one knowledgeable in the holes and backdoors of windows security.
That or a simple router like I said before.

Selling a service such as network security and actually being serious about it...
These people may know a little bit about how to do this, but probably not much more then your avg network admin :|.

That's why I think it's snake oil.

I'm going to hazard a guess here and say that you're probably not associated with an IT department. Your conceptions about this fall somewhere between highly dated and complete unawareness. Let me give you a small taste of what you can do with a network security budget.

- A large number of devices exist these days that can very accurately profile the average traffic on a corporate network that can automatically flag anomalous traffic using heuristics and alert administrators to viruses spreading between PC's. Variants of the above also exist that can automatically shut down network access to infected PC's. It's not an antivirus replacement, but is a great aid as of course most viruses are coded to disable or subvert antivirus programs.

- You can ensure that only authenticated, authorized users can connect to your network. This blocks off anyone from just walking up and plugging in. You can also leverage network intelligence to verify that their antivirus/firewall/antimalware/software profiles are installed, running, and up to date (and if they're not, force them to update before letting them on).

- Very, very few viruses/worms are programmed these days that do not connect back to a botnet somewhere. Using proper security equipment, an administrator can be alerted whenever an internal machine attempts to connect to a known botnet, and can have that PC disconnected from the network.

- A router does not typically provide any defense against scanning attacks or DoS/DDoS attacks. A proper setup would be able to detect scanning attacks (the precursor to launching an attack against a host that is exposed to the Internet, such as a server on a DMZ) and automatically stop responding to the scanning originator. For DoS/DDoS, equipment can be configured to spot users who are simply creating unused sessions or sending a flood of pointless packets (eg. a flood of ICMP pings), and trigger a request to the routing equipment at the ISP to have traffic from those sources black holed, so that it is cut off shortly after it effects the bandwidth of the company under attack.

[twwen2]

Just looking at this companies site, hbgary.
It really looks like bs to me.

Aaron Barr sounds like a complete Douche. However, HBGary (the parent company) actually sell/support a fantastic forensic analysis tool by the same name.

Some more good reading:
http://arstechnica.com/tech-policy/n...bgary-hack.ars

[STEvil]

This example is faulty. The lawyer is threatening LEGAL action, not ILLEGAL action. It is a kind of terror, but I would suppose that using legal methods disqualifies it from that moniker.

It is not terrorism against individuals, it is corporate terrorism... with "corporate" being the key word. This corporation may in fact be killed by this move, it's a tough blow against a security company that has cost them many key clients and all kinds of lasting PR damage. Statistically, they have about a 7% chance of surviving after 2 years, higher if they accept a dramatic size reduction. This is the corporate equivalent of being near a suicide bomber and ending up in the ICU with a brain condition which could deteriorate over a short period of time.




I deleted your thread on Stuxnet because it was about a virus identified publicly about 8 months previously and was just a link to Wikipedia - eg. not news.

I enjoy your idea that selling network security is like selling snake oil. How do you feel about home alarms, fences, and door locks? Do you leave your door open when you leave because someone who was determined could break in even if it was closed and locked?

"Security" is a moving target, but a network with no security has a much larger target on it. High levels of security are in fact quite possible these days, but few companies see the value in investing in it as they would need to get there - every dollar they spend on security is a dollar which does not produce product for them or offer new services that CEO's can see and understand, and thus they are fairly tight-fisted on it. The fact that a large breach can sink the business entirely often falls by the wayside.

Worse, in many cases (eg. credit card companies) they actually make strategic decisions to not include security on the majority of their infrastructure because the money they would lose in even a series of fairly good sized breaches is overshadowed by the money they will make by pumping out the product that much sooner/faster. Screw the fact that hundreds or thousands of individuals will have their data exposed and be susceptible to identity theft or credit card fraud, those cases typically settle for a very small amount of money and few people ever pursue the offending company.

I think the best label to be applied would be espionage artist. Their goal is more a smack in the face and a sneer.

Terrorists by and large are morons and not capable of higher level intelligence required to do much beyond blowing themselves or others up, in general.

[saaya]

I think the best label to be applied would be espionage artist. Their goal is more a smack in the face and a sneer.

Terrorists by and large are morons and not capable of higher level intelligence required to do much beyond blowing themselves or others up, in general.

What do you base this on?
Osama and most people involved in 9/11 are/were very intelligent and well educated.
Portraying terrorists as stupid dirty and poor may work well for governments to raise public support for war, but if you really want to know what's going on to stop this madness you can't underestimate terrorists like this.

Think of 9/11 alone, the CIA or MOSSAT couldn't have done a much better job...
And if they are oh so stupid how come half the western world is still guessing where Osama is hiding, and all their armies with a combined budget of god knows how many dozen billions struggle to beat them in a war covering over a dozen countries that's been ongoing for a decade already?

Cause most of them are morons that barely manage to push the button that blows them up?

[Iconyu]

What do you base this on?
Osama and most people involved in 9/11 are/were very intelligent and well educated.
Portraying terrorists as stupid dirty and poor may work well for governments to raise public support for war, but if you really want to know what's going on to stop this madness you can't underestimate terrorists like this.

Think of 9/11 alone, the CIA or MOSSAT couldn't have done a much better job...
And if they are oh so stupid how come half the western world is still guessing where Osama is hiding, and all their armies with a combined budget of god knows how many dozen billions struggle to beat them in a war covering over a dozen countries that's been ongoing for a decade already?

Cause most of them are morons that barely manage to push the button that blows them up?

To be fair 9/11 should never have happened, they had plans in place to avoid it and didn't follow protocol. So it wasn't as if 9/11 attack was particularly smart it was just that systems in place were never triggered, a humiliating failure of security. It would only be smart if they knew about these protocol's and decided getting shot down was also a win win.

And for people calling these acts terrorism, Anon can't be compared to terrorists as they don't create terror. Discomfort and loss of money are not acts of terror, to call it so would be immoral in my eyes as there are reasons in this world that make poor people travel to the other side of the world and strap bombs to themselves that a defaced website can never equal.

[zalbard]

What do you base this on?
Osama and most people involved in 9/11 are/were very intelligent and well educated.
Portraying terrorists as stupid dirty and poor may work well for governments to raise public support for war, but if you really want to know what's going on to stop this madness you can't underestimate terrorists like this.

I think this is going well off-topic...
But not all terrorists are the same (lol).
They form organizations which have leaders (tacticians, intelligence centers, etc.) who tell others what to do and hitmans who are not necessarily extremely smart but are good at combat. At least that's my impression...

[STEvil]

What do you base this on?
Osama and most people involved in 9/11 are/were very intelligent and well educated.
Portraying terrorists as stupid dirty and poor may work well for governments to raise public support for war, but if you really want to know what's going on to stop this madness you can't underestimate terrorists like this.

Think of 9/11 alone, the CIA or MOSSAT couldn't have done a much better job...
And if they are oh so stupid how come half the western world is still guessing where Osama is hiding, and all their armies with a combined budget of god knows how many dozen billions struggle to beat them in a war covering over a dozen countries that's been ongoing for a decade already?

Cause most of them are morons that barely manage to push the button that blows them up?

I base it on the fact that there are so few successful attempts.

[SMTB1963]

This example is faulty. The lawyer is threatening LEGAL action, not ILLEGAL action. It is a kind of terror, but I would suppose that using legal methods disqualifies it from that moniker.

So...my other example about scaring the neighbor's kids fits your definition of terrorism then?!?

Just to be clear, AC:Law sent fraudulent letters to innocent people threatening them with lawsuits if they didn't pay up. A British Lord likened AC:Law's activities to blackmail. Last time I checked, fraud/extortion/blackmail are illegal. While AC:Law has yet to be charged with any crime, they are currently under investigation - so the story is far from over. IMO, AC:Law used criminal activities to instill fear in their victims in order to further its agenda. So under your definition of terrorism (even your amended one), AC:Law = terrorists.

This is the corporate equivalent of being near a suicide bomber and ending up in the ICU with a brain condition which could deteriorate over a short period of time.

Given the information that's come out, it looks to me like HBGary was already suffering from a fatal brain condition prior to anon appearing on the scene.

Since you've now cranked up the vitriol to the point where anon = suicide bombers, I'll stop trying to persuade you of the inherent folly in using such loaded language when trying to elicit rational discussion.

I think this is going well off-topic...

Yeah, I thought this thread was going to be about hacking/internet security. Somehow it's all about terrorists now...how did that hap...oh right...the word "terrorist" appears twice in the first post.

[NEOAethyr]

Haven't you seen the news?
Anon = terrorist in some of the retarded american minds...


I don't usually watch the news unless I run into it online when researching ww2 lmao...
Weird how things happen like that...
So I found out about the above yesterday morning...

[445533]

Just to be clear, AC:Law sent fraudulent letters to innocent people threatening them with lawsuits if they didn't pay up. A British Lord likened AC:Law's activities to blackmail. Last time I checked, fraud/extortion/blackmail are illegal. While AC:Law has yet to be charged with any crime, they are currently under investigation - so the story is far from over. IMO, AC:Law used criminal activities to instill fear in their victims in order to further its agenda. So under your definition of terrorism (even your amended one), AC:Law = terrorists.

A man with a BB gun shooting squirrels. Cruelty to animals is illegal, so are BB guns in most states. Using illegal weapons this man caused fear, panic and death.

A man with a BB gun shooting squirrels is a terrorist.


A man yelling at a woman who's car he hit. Hitting other people's cars is illegal and there are tickets and punishments for such offenses. The man yelling at the other driver who's car he hit caused emotional pain and fear. Also caused emotional fear an pain in bystanders. Yelling is also considered verbal assault, which is illegal. Therefore he is a terrorist.

Given the information that's come out, it looks to me like HBGary was already suffering from a fatal brain condition prior to anon appearing on the scene.

Everyone knows that the government and corporations have every right to hire shady companies like HBGary to ruin people's lives, hack into facilities, spread misinformation and possibly get someone killed. That's patriotic.

If you do it, you're an enemy to the state. There's no double standard. Nothing to see here. Move along.

[Serra]

So...my other example about scaring the neighbor's kids fits your definition of terrorism then?!?

By not acknowledging a point made in jest, I'm inherently flawed in my reasoning? And later in this post you claim that I cannot have a rational discussion? Fine then, I'll respond in detail. I will have to move this thread to do so, but alright, it's off-topic already anyway.

To respond to your question, no. Scaring children is not likely illegal. If you walked around doing it I'm sure they could find a minor offense of some type to charge you with, but I can't imagine it's actually illegal. Especially if you jump out of bushes on YOUR yard. If it is in your area and you made a campaign of it with the express point of getting them not to go on your lawn and ensured that they knew they would be subject to continuing "terror" if they went on it again, then yes, you would be a terrorist.

You not liking the definition of "terrorist" doesn't mean it isn't accurate.

Just to be clear, AC:Law sent fraudulent letters to innocent people threatening them with lawsuits if they didn't pay up. A British Lord likened AC:Law's activities to blackmail. Last time I checked, fraud/extortion/blackmail are illegal. While AC:Law has yet to be charged with any crime, they are currently under investigation - so the story is far from over. IMO, AC:Law used criminal activities to instill fear in their victims in order to further its agenda. So under your definition of terrorism (even your amended one), AC:Law = terrorists.

I will admit up-front that I am not familiar with the details of this particular case - I didn't do more than give the link the slightest skim. This is definitely a gray area however. There would be significant question as to whether what they did was in fact illegal (threatening people with their death = obvious fear tactic... threatening them with a legal proceeding which they could win and countersue in? Less obvious).

A deeper reading of the link doesn't reveal the company simply mass-mailing threatening letters to people - it's more like they sent them to people which their computer system told them they should, which was probably pretty accurate, by-and-large. That would imply that they are pursuing legal actions, albeit in a sloppy manner.

Given the information that's come out, it looks to me like HBGary was already suffering from a fatal brain condition prior to anon appearing on the scene.

They definitely were a bit too arrogant, no question there. It doesn't mean they were actually bad at what they did, however - I have no comment on that one way or another.

Since you've now cranked up the vitriol to the point where anon = suicide bombers, I'll stop trying to persuade you of the inherent folly in using such loaded language when trying to elicit rational discussion.

The fact is that corporate terrorism is a form of terrorism. No people have to die for something to be terrorism, if it's corporate terrorism. You seemed to require an analogy to the "traditional" type of terrorism; I supplied one.

A man with a BB gun shooting squirrels. Cruelty to animals is illegal, so are BB guns in most states. Using illegal weapons this man caused fear, panic and death.

A man with a BB gun shooting squirrels is a terrorist.

It's doubtful that the man is trying to push an agenda against the squirrels; it's also doubtful that they would have any knowledge of it even if he did. This scenario would be like trying to accuse a person with severe mental deficiencies as being a criminal for taking something that did not belong to him; he can't actually be considered a "thief" if he is not mentally able to understand that what he did was wrong/against the rules, and he would be let go or remanded to custody for his care. A similar mechanism would take place here which would deny the possibility of this being a terrorist act.

Also, death is not required for terrorism - that's a common misconception.

A man yelling at a woman who's car he hit. Hitting other people's cars is illegal and there are tickets and punishments for such offenses. The man yelling at the other driver who's car he hit caused emotional pain and fear. Also caused emotional fear an pain in bystanders. Yelling is also considered verbal assault, which is illegal. Therefore he is a terrorist.

What is the position that he is trying to get across? This is another severely faulty argument made in an attempt to lampoon the fact that many acts could, in fact, be considered terrorism. You may argue here that the man hit her INTENTIONALLY with the point being that he wanted her to get out of his way because all people should get out of his way; that might pass mustard. The "verbal assault" part is, unfortunately, likely not salvageable.

A more accurate example for the point you seem to be trying to make might be kids vandalizing buildings with paint suggesting that people of a minority should leave or face getting hurt. No-one is necessarily injured in this, the paint could be easily washed away, but it may instill fear in people who can understand it and it's meaning, and the act has a clear position.

Everyone knows that the government and corporations have every right to hire shady companies like HBGary to ruin people's lives, hack into facilities, spread misinformation and possibly get someone killed. That's patriotic.

If you do it, you're an enemy to the state. There's no double standard. Nothing to see here. Move along.

In the United States it is illegal to hire a company to "hack" into anything; that would make the person hiring them an accomplice to computer fraud and abuse. I am also unsure how you mean "ruin peoples lives" - perhaps you could expand on that for me if you have some additional information on what they were doing (I'm sure there were some follow-up links I haven't read).

Please note:
I do NOT condone what HBGary was discussing doing; I think that purposefully spreading misinformation (which gets someone killed how? real documents, sure, but fake ones?) is at best morally wrong, if not wrong by the definition of the law. I am not by any means defending them; in fact, I would say that I would suggest to clients not to use them - and as a network security professional who does suggest outside companies for some jobs, you can expect a direct, negative impact to their bottom line because of this.

[445533]

The HBGary saga on ArsTechnica.

HBGary did everything from espionage (for pay) to writing backdoors and rootkits for the US government. Also, targeting journalists who were critical of them like Glenn Greenwald.

http://arstechnica.com/tech-policy/n...government.ars

and

http://www.thetechherald.com/article...eporter?page=2

We demonize HBGary for a reason. They are 'above' the law and above justice because of their government connections.

[SMTB1963]

By not acknowledging a point made in jest, I'm inherently flawed in my reasoning?

Naw, I was jesting again. Should've made that clear. My bad.

And later in this post you claim that I cannot have a rational discussion?

I made no such claim. Quite the contrary, you appear to be perfectly capable of rational discussion - which is why I bothered to engage with you on your choice of words in this thread. Believe me, I don't waste my time trying to persuade irrational people to change their views these days.