Attacks/Breaches
1/14/2013
02:29 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Anonymous Hacks MIT In Aaron Swartz Tribute

Hacktivist group leaves defaced Web page calling for reform of computer crime and intellectual property laws.

In the wake of the suicide of noted developer Aaron Swartz, who faced hacking charges many believed were excessive, hacking group Anonymous defaced a Massachusetts Institute of Technology website to denounce the charges against him and urge computer crime law reform and more support for open access initiatives.

The hacktivist group quoted Swartz's call for open access in the message left on MIT's website: "There is no justice in following unjust laws. It's time to come into the light and, in the grand tradition of civil disobedience, declare our opposition to this private theft of public culture."

A spokeswoman for MIT confirmed that the university had been subjected to a denial of service attack on Sunday, but didn't immediately answer questions about how two of its servers -- rledev.mit.edu and cogen.mit.edu -- had been compromised.

[ Should DDoS attacks be protected under the First Amendment? Anonymous thinks so. Read more at Anonymous Says DDoS Attacks Like Free Speech. ]

Anonymous characterized its actions as a "little tribute" to Swartz.

Swartz, 26, was found dead on Friday in his Brooklyn, N.Y. apartment, having apparently hung himself. The co-creator of the RSS 1.0 specification, he also helped establish Reddit after his startup Infogami merged with the popular online discussion site. He was widely respected in the Internet community as an advocate for open access to information.

At the time of this death, Swartz faced the prospect of up to 35 years in jail. He was being tried following his 2011 arrest for "computer intrusion, fraud, and data theft" downloading and sharing academic journals from MIT and JSTOR, a non-profit academic archive.

JSTOR reportedly asked the U.S. government not to prosecute Swartz. MIT reportedly failed to do so. On Sunday, MIT president L. Rafael Reif sent an email offering condolences and asking for an internal investigation of Swartz's actions and of MIT's role and decisions following Swartz's activities on the university's network.

Swartz's online supporters have characterized the charges brought against Swartz as "complete garbage."

Swartz's family has responded similarly. "Aaron’s death is not simply a personal tragedy," his family said in a statement. "It is the product of a criminal justice system rife with intimidation and prosecutorial overreach. Decisions made by officials in the Massachusetts U.S. Attorney’s office and at MIT contributed to his death."

The Justice Department has reportedly withdrawn the charges against Swartz, a standard practice following the death of a defendant. The U.S. Attorney's Office in Massachusetts did not immediately respond to a request for comment.

Recent breaches have tarnished digital certificates, the Web security technology. The new, all-digital Digital Certificates issue of Dark Reading gives five reasons to keep it going. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.