Over the course of the past week, over 150,000 printers suddenly became active without their owners’ knowledge and began printing strange messages (among them “YOUR PRINTER HAS BEEN PWND’D”) as well as images of robots.
The stunt was instigated by a hacker going by the name “stackoverflowin.” The purpose of the mass hack was benign, a way of telling under-informed users that their printers are vulnerable to attack and that it might be time to take steps to prevent that. The vulnerability takes the form of leaving port 9100 open to external connections.
Some of the messages referenced Russian President Vladimir Putin’s much-publicized hacks on U.S. political figures during the 2016 election. Among them were the following:
stackoverflowin has returned to his glory, your printer is part of a botnet, the god has returned, everyone likes a meme, fix your bullsh*t.
stackoverflowin the hacker god has returned, your printer is part of a flaming botnet, operating on putin’s forehead utilising BTI’s (break the internet) complete infrastructure.
stackoverflowin/stack the almighty, hacker god has returned to his throne, as the greatest memegod. Your printer is part of a flaming botnet.
As stated in the messages, stackoverflowin used a “flaming botnet,” meaning a form of hack that forces a computer to forward transmissions to another computer without the owner’s knowledge.
Last week Jens Müller, Juraj Somorovsky, and Vladislav Mladenov went public with an advisory message about printers’ vulnerability to hacks, listing the many models that were affected. It seems that virtually all well-known printer brands are vulnerable, including HP, Epson, Canon, Afico, Konica Minolta, Brother, Samsung, and Oki.
Hippies from Hell is a 53-minute documentary on the pre-World Wide Web generation of hackers in Holland directed by journalist Ine Poppe. The documentary shows Poppe learning about hacker culture from her 15-year-old son Zoro. The movie covers the group’s ideals and interest in subverting the official corporate computing ideology of the 1980s.
At the center of the group was a magazine called Hack-Tic, whose heyday was about 1989-1993; after that the action drifted to online message boards and listservs. It was kind of a Dutch version of 2600; both magazines identified old-school hacking of telephone systems as part of their origin stories. According to the movie, these Dutch hackers were instrumental in wresting control of the Internet out of the hands of large institutions who wanted to keep it for themselves.
The documentary focuses on “Net activists, hardware artists, security experts, puzzlers, and the members of TOOOL, the Dutch lockpicking foundation.” Among the prominent hackers in the group are Zoro, Carla van Rijsbergen, Patrice Riemens, RGB, Walter Belgers, Sharon Vlaming. To a surprising extent, given the well-documented sexism in Silicon Valley that has been making headlines recently, a high percentage of the innovative computer experts depicted in the movie are women. As someone says, “There’s a remarkable amount of women [in the scene].... some of them are good programmers, some of them have nothing to do with IT and aren’t regarded with contempt.”
To an unusual extent, the Hippies from Hell were and are interested in analog solutions to some extent. One fellow boasts about the strip of green plastic that restores the authentic look to an old arcade version of Space Invaders. Mathilde Mupe once contrived a kind of nature computer; her idea was to “take a terminal and rebuild a keyboard from pebbles” and “built a little altar with plants and grass ... by hitting the stones you could get on the Net.” Viewers will also be treated to riveting lockpicking competitions and “Powerpong,” an attempt to create a semi-analog version of Pong in which the power is generated through pedaling and the handlebars control the Pong paddles.
Probably the most striking and memorable sequence involves—I swear to God this is true—a nudist lockpicking workshop run by Germans.
Apparently, Anonymous have released a video promising they’ll “erase” the New York Stock Exchange from the Internet next week at 3:30 p.m. on October 10th. The proposed mass DDOS attack refers to itself as being part of a “new civil rights movement”:
Citizens of the World,
We are Anonymous.
For too long, the crimes of Wall Street bankers, CEOs, and a corrupt political system have created economic injustices that has gone unchallenged. A new civil rights movement has begun.
Today, the brave citizens of New York are standing up to these atrocities, a voice of reason in an ever-failing society. Over the past few days, thousands of people have chosen to take a stand against these injustices. The 1% has abused the freedom they have been given. We are taking to the streets to show the wealthy elite that we, the 99%, are no longer going to grease the gears of this abhorrent system.
The lifeblood of the country is the working class, without it our people and our economy will crumble. Those who sustain present-day colonialism are the enablers of modern-day fascism. Our government has granted hefty tax exemptions to the rich at the cost of our social services. We as taxpayers have served as the multi-billion dollar credit line to the companies and banks that continue to systematically abuse us.
We are here to say that we do matter. We will not be manipulated, threatened, or toyed with by the wealthy. No longer can you acquire profit and political power to our detriment.
These few people are running the world, and they are running it into the ground.
Political power cannot be traded or bought; it must be earned and agreed upon by the governed. This is our chance to show them that the people will not allow this to continue.
We are forced out of our homes. We are denied medical care. We suffer from poverty and pollution. We work long hours just to stay afloat, while the 1% reap benefits we can only imagine. Our sworn enemy is the corrupted corporation. –We are the 99%.
You have complained that something needs to be done. You now have an opportunity to make a difference.
Join the protests. Organize your own. Watch online. Be a part of the movement.
This is our movement. This is your moment.
Together, make history.
Vox Populi, Vox Anon.
The Voice of The People is the Voice of Anonymous.
The voice of the weak that are unable to speak. The voice of those strong who are enslaved.
We are your voice. We are the 99%.
We do not forgive corruption. We do not forget mistreatment.
Wall Street, Expect us.
The video contains instructions of how to join in on the mass DDOS attack on the NYSE website and URLs where certain software required to participate can be obtained
I think this sounds cool and all, but all things in cyberspace being equal, and with Anonymous being, um, anonymous, how would or could the public ever know that this is really a message from Anonymous. Right? Right (That’s sort of the point, I suppose).
This message was posted on Pastebin soon after the tape was released and went viral:
Citizens of the world
We are Anonymous! Recently something very disturbing has come to our attention. You must take all notices and information claiming to be ‘Anonymous’ with a grain of salt. Consider EVERYTHING.
Operation Invade Wall Street is bullshit! It is a fake planted operation by law enforcement and cyber crime agencies in order to get you to undermine the Occupy Wall Street movement. It proposes you use depreciated tools that have known flaws such as LOIC.
Anonymous would never tell you to use LOIC - Not after the arrests and failures of Operation Payback.
Anonymous wouldn’t attack NYSE on a HOLIDAY - It is debatable if Anonymous would ever even attack NYSE.
Be wary friends!
Keep your wits about you. If you’re a computer whiz, don’t let your “revolutionary” enthusiasm or a hot head get you into deep trouble. Make sure you know WHAT you are doing and WHO you are doing it WITH. As we saw with last week’s “Radiohead are coming!” rumor, there’s going to be quite a bit of disinformation being spread by both sides and for various reasons. The idea that this could be a law enforcement scheme to snare “anti-social” hackers should give pause to anyone considering taking part. To be clear, I’m not saying that I have any inside information, because I don’t. Certainly not trying to be a party pooper, either. However, I do feel that something rings true in the supposed Anonymous disavowal.