#Antisec ~ Ghost HISTORY: The Anti Security Movement or popularly written as Anti-sec is a popular movemen t opposed to the computer

security industry. It attempts to censor the publicati on of information relating to but not limited to: software vulnerabilities, expl oits, exploitation techniques, hacking tools, attacking public outlets and distr ibution points of that information. Movement followers have cited websites such as SecurityFocus, Securiteam, Packet StormSecurity, and milw0rm to be targets of their cause, as well as mailing list s like full-disclosure, vuln-dev, vendor-sec and bugtraq, as well as public forums and IRC channels. The start of most public attacks in the name of the anti-security movement start ed in around 1999 and 2000. The anti-security movement as it is understood today w as coined by the following document which was initially an index on the anti.sec urity.is website. The purpose of this movement is to encourage a new policy of anti-disclosure amo ng the computer and network security communities. The goal is not to ultimately discourage the publication of all security-related news and developments, but ra ther, to stop the disclosure of all unknown or non-public exploits and vulnerabi lities. In essence, this would put a stop to the publication of all private mate rials that could allow script kiddies from compromising systems via unknown meth ods. The open-source movement has been an invaluable tool in the computer world, and we are all indebted to it. Open-source is a wonderful concept which should and w ill exist forever, as educational, scientific, and end-user software should be f ree and available to everybody. Exploits, on the other hand, do not fall into this broad category. Just like mun itions, which span from cryptographic algorithms to hand guns to missiles, and m ay not be spread without the control of export restrictions, exploits should not be released to a mass public of millions of Internet users. A digital holocaust occurs each time an exploit appears on Bugtraq, and kids across the world downl oad it and target unprepared system administrators. Quite frankly, the integrity of systems world wide will be ensured to a much greater extent when exploits ar e kept private, and not published. A common misconception is that if groups or individuals keep exploits and securi ty secrets to themselves, they will become the dominators of the illegal scene, as countless insecure systems will be solely at their mercy. This is far from the truth. Forums for information trade, such as Bugtraq, Packetstorm, www.hack.co.z a, and vuln-dev have done much more to harm the underground and net than they ha ve done to help them. What casual browsers of these sites and mailing lists fail to realize is that so me of the more prominent groups do not publish their findings immediately, but o nly as a last resort in the case that their code is leaked or has become obsolet e. This is why production dates in header files often precede release dates by a matter of months or even years. ANTI-SEC HACKTIVIST GROUPS: el8: ~el8 was one of the first anti-security hacktivist groups. The group waged war o n the security industry with their popular assault known as pr0j3kt m4yh3m. pr0j3k t m4yh3m was announced in the third issue of ~el8. The idea of the project was t o eliminate all public outlets of security news and exploits. Some of ~el8s more notable targets included Theo de Raadt, K2, Mixter, Ryan Russel (Blue Boar), Chr is McNab (so1o), jobe, rloxley, pm, aempirei, broncbuster, lcamtuf, and OpenBSDs CVS repository. The group published four electronic zines which can be found here :- http://web. textfiles.com/ezines/EL8/

pHC: pHC called themselves proud supporters of pr0j3kt m4yh3m. This group also waged wa r against the security industry and continued to update their website with news, missions, and hack logs. dikline: dikline kept a website which had an index of websites and people attacked by the group or submitted to them. Some of the more notable dikline targets were rave, rosiello, unl0ck, nocturnal, r0t0r, silent, gotfault, and skew/tal0n. giest: In August 2008, mails were sent through the full-disclosure mailing list from a person/group known as giest. Other targets include mwcollect.org in which the group released a tar.gz contain ing listens of their honeypot networks. ZF0 (Zer0 For Owned): In July 2009, Kevin Mitnicks website was targeted by anonymous hackers displaying gay pornography with the text all a board the mantrain by ZF0 (Zer0 For Owned).[1 3]. Anti-Sec Group A group known as the AntiSec Group enters the scene by attacking groups/communitie s such as a Astalavista[1], popular security professional nowayout[14], a security auditing company named SSANZ and the popular image hosting website ImageShack. ANTI-SEC GROUP: Anti-Sec guys are apparently wholly against the idea of full disclosure. Whats that , you ask? According to the rogue group, its the security industry practice of ma king publicly available all security vulnerabilities in order to, as in the exam ple above, enrich itself by selling yet more security software, firewalls, ad na useum. But, so the gripe by Anti-Sec goes, by making public this security vulner ability information, genuine hackers can use it to further their malicious ways, t hereby causing all us grief and to, well, buy more security and anti-virus softw are. Itd be like the United States government publishing top secret security vuln erabilities at nuclear power plants, thereby practically forcing us to buy their nuclear-proof spacesuits. Thats a far-fetched analogy, but you get the gist. So the Anti-Sec Movement proposes indeed, they promise to hack any and all such alleged perpetrators with its perceived impunity, ostensibly in order to stop th e perps from full disclosure. Following is a part of the Anti-Sec message:Check list / Goals: Take down every public forum, group, or website that helps in promoting exploits and tools or have show-off sections. Publish exploits rigged with /bin/rm to whitehats, let them rm their own boxes f or you. Spread the anti-security movement. [ Rules of Engagement: Dont get too cocky. Dont underestimate anyone. Also: F**k full-disclosure ~ F**k the security industry ~ Keep 0days private ~ Hack everyone you can and then hack some more Blend in.

Get trusted. Trust no one. Own everyone. Disclose nothing. Destroy everything. Take back the scene. Never sell out, never surrender. Get in as anonymous, Leave with no trace. Manifesto of group anti-sec : Were a movement dedicated to the eradication of full-disclosure. We wanted to give everyone an image of what were all about. Full-disclosure is the disclosure of exploits publicly anywhere. The security industry uses full-disclosure to profit and develop scare-tactics to convince people into buying their firewalls, anti-virus software, and auditing services. Meanwhile, script kiddies copy and paste these exploits and compile them, ready to strike any and all vulnerable servers they can get a hold of. If whitehats were truly about security this stuff would not be published, not even exploits with silly edits to make them slightly unusable. As an added bonus, if publication wasnt enough, these exploits are mirrored and distributed widely across the Internet with a nice little advertisement embedded in them for the crew or website which first exposed the vulnerability to the public. Its about money. While the world is difficult to change, and money will certainly continue to be a very important in the eyes of many, our battle is that of the removal of full-disclosure for the purpose of making it harder for the security industry to exploit its consequences. It is our goal that, through mayhem and the destruction of all exploitive and detrimental communities, companies, and individuals, full-disclosure will be abandoned and the security industry will be forced to reform. How do we plan to achieve this? Through the full and unrelenting, unmerciful elimination of all supporters of full-disclosure and the security industry in its present form. If you own a security blog, an exploit publication website or you distribute any exploits you are a target and you will be rmd. Only a matter of time. This isnt like before. This time everyone and everything is getting owned.

Signed: The Anti-sec Movement No images were harmed in the making of this image. The Anti-sec movements manifesto Appeared on hacked ImageShack.us . END OF GROUP ANTI-SEC: In the starting Of 2010 The group Anti-Sec got hacked And exposed .The Owner rom e0 also got exposed and now many of its member are now in jail. More info: http://www.anti-sec.com http://pastebin.com/f12f6f9c0 http://pastebin.mozilla.org/694145 http://stashbox.org/755566/antisec.txt REFRENCES: wikipedia.org anti-sec.com