I guess today is a bad day to be an affiliate of LulzSec (http://gizmodo.com/5890825/lulzsec-leader-betrays-all-of-anonymous).

The name Sabu should be familiar: as part of LulzSec, a potent offshoot of Anonymous, he masterminded legendary attacks against the CIA, FBI, Sony, and numerous other corporate and government targets. He was their Captain Hook. That was before. Fox News reports the shadowy hack deity is not only confirmed to be unemployed 28-year-old New Yorker Hector Xavier Monsegur, but that Sabu has been "collaborating with the government for months," leading to a string of arrests around the world today. It's unclear how many will be dragged down with Sabu's nine months of federal collaborating, but it's safe to assume whatever vestiges of LulzSec remained are toast—we'll know for sure when all of the indictments are unsealed. [...]

I've talked to Sabu multiple times, and on each occasion he's seemed more and more distant, to the point where it was hard to get in touch with him at all. Now, says the FBI, it's because he was busy ratting out his cadre.
So what is the Org's take? Righteous takedown of criminal group? Edgy protesters getting smacked, which they knew was a possibility? Freedom fighters, um, fighting for freedom and free stuff? What's the temperature on LulzSec?

There is no honor among thieves.

LulzSec did some good, they did some bad. If I remember correctly, they were the ones that showed how ignorant Sony was at protecting customers credit card information.

Not surprised this happened because they were a bigger threat than the wider Anonymous group ever was.

"This just pisses me off. I can understand his position in terms of his kids. I wouldn't want my kids to see me in federal prison either, but Anonymous was fighting to uncover the injustice that the government has put on us all. He was the modern day Robin Hood. "--commenter

:laugh4:

I got a few chuckles at Sony's expense, but when you mess with the feds (and happen to live in the US) this was always going to be the foregone conclusion. They should have just stuck with embarrassing corporate trolls. :shrug:

...if you're willing to turn on your own then you're the lowest scum...

He did the smart thing, not to mention right thing. "His own" were a bunch of idiots with too much time on their hands. They didn't fight shoulder-to-shoulder or even break bread with one another. Chances are, they never even met in person. Of course he'd sell them out, he'd be an idiot not to.

Anyone else had a look at the places some of the hackers were from? From the BBC (http://www.bbc.co.uk/news/technology-17270822)


Jake Davis, 19, from Lerwick, Shetland Islands
....
Donncha O'Cearrbhail, 19, from Birr, Ireland

So the FBI milked their suspect for information for this somewhat sizeable case to end up at places like the freaking Shetland Islands (http://maps.google.com/maps?q=Lerwick,+Shetland+Islands,+United+Kingdom&hl=en&ll=60.149281,-1.158886&spn=0.046396,0.169086&sll=37.0625,-95.677068&sspn=37.735377,86.572266&oq=lerwick,+sh&hnear=Lerwick,+Shetland+Islands,+United+Kingdom&t=h&z=13&layer=c&cbll=60.149365,-1.158635&panoid=JaF1cRGW_b-wR0bVI8IyRg&cbp=12,239.21,,0,8.77) and Birr (http://maps.google.no/maps?q=Birr,+Ireland&hl=no&ll=53.084143,-7.918202&spn=0.056399,0.169086&sll=61.143235,9.09668&sspn=11.55664,43.286133&oq=birr,+ire&hnear=Birr,+County+Offaly,+Irland&t=h&z=13&layer=c&cbll=53.084143,-7.918202&panoid=5KzqliCaY-HZ5KysFTOngw&cbp=12,68.16,,0,6.3). According to Wikipedia, that last place has a population of 5,818; a rural Irish town. It is like the Internet is truly global and stuff. :hippie:


This is the most likely ending to all those that play too big. The attacker might have the advantage of surprise, but that does not mean he will get away with it. The Internet is no real exception. Should be something to think of for many hacker wannabes.

I have respect for those that choose a path outside the law, and are willing to accept the consequences. Especially when making a political point that is really quite valid.

I have zero respect for someone who uses other peoples' noble (and illegal) goals to operate outside the law for pleasure and giggles only to rat out all the people that care when he gets caught.

I have no respect for either the former or the latter. I just understand that the rat was given a chance to avoid doing time as a prison senorita and he took the chance. That was smart. Let his henchmen do the hard time, that's how usually things play out in life anyway.

LulzSec did some good, they did some bad. If I remember correctly, they were the ones that showed how ignorant Sony was at protecting customers credit card information.

Not surprised this happened because they were a bigger threat than the wider Anonymous group ever was.

They hacked the Bethsoft forums and then someone sold my email address to spammers.

Think about it, if they were really just hackers out for a laugh they wouldn't post the stuff on line, they'd drop it outside Sony's office in an unmarked bag.

As to Anonymous, they aren't what you think they are.


"This just pisses me off. I can understand his position in terms of his kids. I wouldn't want my kids to see me in federal prison either, but Anonymous was fighting to uncover the injustice that the government has put on us all. He was the modern day Robin Hood. "--commenter

:laugh4:

Robin Hood turned Kingshilling too.:shrug:


I can appreciate what Anonymous does. I might even support it, if it wasn't for the fact that they're harder to pin down than a UFO conspiracy. I enjoy watching the after-math of their operations, but I do wonder what will happen when they get out of hand (and you know they will, because it happens to all groups that think they can operate outside of the law). The idea that we've reached a period in human history where oppression and tyranny have taken new forms that require new methods of promoting consciousness and political awareness is something that I agree with Anonymous on.

No honor among thieves indeed, though... I don't care if you're a cop, a crook, or a devil-worshipping cannibalistic cultist, if you're willing to turn on your own then you're the lowest scum.

Take another look at Anonymous GC, those attacks are perpetrated by a very small number of people, hell they caught "Kirsty" a few months back and it turned out the account was actually used by two different teenage boys. All these guys are about is getting you on their botnet. I wonder how much money they make off it.

They hacked the Bethsoft forums and then someone sold my email address to spammers.
As I said, they did a lot of bad.



Think about it, if they were really just hackers out for a laugh they wouldn't post the stuff on line, they'd drop it outside Sony's office in an unmarked bag.
Excuse me if I am using these terms incorrectly, but if they were "blackhats" wouldn't they have kept all the credit card info for themselves and not have told Sony or the public about it? Does the fact they told everyone make them "whitehats"? I am under the impression that blackhats are jerks and whitehats help keep things safe by exposing laziness.



As to Anonymous, they aren't what you think they are.
You shouldn't say that bro. Anonymous can be anyone. Whose to say I wasn't interested when they were exposing Scientology?

I guess today is a bad day to be an affiliate of LulzSec (http://gizmodo.com/5890825/lulzsec-leader-betrays-all-of-anonymous).

The name Sabu should be familiar: as part of LulzSec, a potent offshoot of Anonymous, he masterminded legendary attacks against the CIA, FBI, Sony, and numerous other corporate and government targets. He was their Captain Hook. That was before. Fox News reports the shadowy hack deity is not only confirmed to be unemployed 28-year-old New Yorker Hector Xavier Monsegur, but that Sabu has been "collaborating with the government for months," leading to a string of arrests around the world today. It's unclear how many will be dragged down with Sabu's nine months of federal collaborating, but it's safe to assume whatever vestiges of LulzSec remained are toast—we'll know for sure when all of the indictments are unsealed. [...]

I've talked to Sabu multiple times, and on each occasion he's seemed more and more distant, to the point where it was hard to get in touch with him at all. Now, says the FBI, it's because he was busy ratting out his cadre.
So what is the Org's take? Righteous takedown of criminal group? Edgy protesters getting smacked, which they knew was a possibility? Freedom fighters, um, fighting for freedom and free stuff? What's the temperature on LulzSec?

No honor among thieves is about right. However, I love these groups and support freeing up all information, everywhere. It's always a bummer when the lights turn on and off.

It's always a bummer when the lights turn on and off.
Well that is how binary works.

Some information is valuable for its accuracy and its rarity.

Other information is valuable for its network.

http://2.bp.blogspot.com/_dk7R1zZIAEg/TNLteyaDrrI/AAAAAAAAATM/5vwrKQeveX4/s1600/sabu522.JPG
The real Sabu is dissapoint!
the news that this moron was using his namesake comes as a bad surprise for the Homicidal, Genocidal, Suicidal, Death-Defying Maniac

Apparently there are two Irish lads involved with this they have been named in the courts in America (http://www.independent.ie/national-news/award-winning-trinity-student-is-worlds-top-hacker-claims-the-fbi-3041639.html)

Robin Hood turned Kingshilling too.:shrug:
Robin Hood was one of many leaders of gangs of wandering plunderers who made sport of villagers but what made his story is that eventually he got himself pardoned and went on crusade. Some of his brothers didn't make it that far 'cause they were killed when they assaulted an abbey IIRC.

As for Lulzsec or whatever they called themselves, bunch of idiots the lot of them. If they wanted to do good or enjoyed the sport they could turn their energies towards whitehat activities. Then again, I suppose that is harder than finding a SQL injection vulnerability and abusing it.

Apparently there are two Irish lads involved with this they have been named in the courts in America (http://www.independent.ie/national-news/award-winning-trinity-student-is-worlds-top-hacker-claims-the-fbi-3041639.html)

So he was arrested in Dublin then? That's lame, he should have been apprehended in Birr.

So he was arrested in Dublin then? That's lame, he should have been apprehended in Birr.

Well Trinity college is in Dublin where he is supposedly doing medicinal chemistry so I suppose thats why he was arrested in Dublin.

He has been let go after some questioning, but a file will likely be going to the director of public prosecutions fairly soon I imagine.

No doubt he will be lucky if he only gets 4 or 5 yrs in jail in America could be 10 or 15 years, what a waste of talent he was obviously extremely bright student.

...No doubt he will be lucky if he only gets 4 or 5 yrs in jail...

That would be bad. We need to make an example out of these guys and give them 20+ years in the clink. That'll do wonders to sober up the online criminals.

History shows that over tough justice can have a negative effect on crime rates. If you are going to be hanged for stealing a loaf of bread you might as well kill all the witnesses too.

Proportional response and then using the talents of these people is better for all concerned.

That would be bad. We need to make an example out of these guys and give them 20+ years in the clink. That'll do wonders to sober up the online criminals.


These are mostly teenagers who think there so smart they will never get caught, massive sentences will do :daisy: to stop this type of behaviour.

If you ask me give em 5yrs in a prison somewhere an force them to help kids with maths or computers in there schools for free.

These are mostly teenagers who think there so smart they will never get caught, massive sentences will do :daisy: to stop this type of behaviour.

If you ask me give em 5yrs in a prison somewhere an force them to help kids with maths or computers in there schools for free.

As you say, prison is a waste of time. They are no threat to society, so why make society pay thousands of dollars? They are clearly bright, with a lot of time on their hands, possibly also because they are socially retards. Making them "pay their debt" by training others is a win-win for everyone - they might even get a decent job working for a Blue-chip company by working on the other side of the fence. Or lock 'em up so they can get gang raped in the showers for a decade or so - the approach that has worked so well for the war on drugs, the war on terror. Now - the war on geeks!

~:smoking:

Robin Hood was one of many leaders of gangs of wandering plunderers who made sport of villagers but what made his story is that eventually he got himself pardoned and went on crusade. Some of his brothers didn't make it that far 'cause they were killed when they assaulted an abbey IIRC.

I have never heard that, and I consider myself fairly knowledgable on the Hood. Where is this coming from?


As for Lulzsec or whatever they called themselves, bunch of idiots the lot of them. If they wanted to do good or enjoyed the sport they could turn their energies towards whitehat activities. Then again, I suppose that is harder than finding a SQL injection vulnerability and abusing it.

It seems like the character involved are misanthropic, the chaos is what they enjoy about what they do. Hunting Cyber criminals, or even doing DDoS on the Taliban wouldn't do it for them - you have people like the Jester for that, and the character seems completely different. For one thing, Jester at least presents himself as a loner, not a collective, and doesn't seek external validation for his actions from the pack.

These are mostly teenagers who think there so smart they will never get caught, massive sentences will do :daisy: to stop this type of behaviour.
.
If you ask me give em 5yrs in a prison somewhere an force them to help kids with maths or computers in there schools for free.

I would give them 20 years suspended and ban them from owning a computer during that time.

I would give them 20 years suspended and ban them from owning a computer during that time.

I would still prefer we got summit good out of it, makie them do some good with maybe a year in an open prison just to drive it home.

In this day and age banning them from using a or owning a pc is probably not sustainable, the lines have blured so much lately on what is a pc it's probably not enforceable.

...I would give them 20 years suspended and ban them from owning a computer during that time.

These guys have caused billions of dollars in damage. They should rot in jail for at least 20 years.

These guys have caused billions of dollars in damage. They should rot in jail for at least 20 years.

Billions come on not a hope of that maybe they think they did, Your coming at this from the viewpoint of Fox news and conservmedia and it's obsession with wikileaks etc etc. Putting a fool of a teenager in jail for 20yrs is neither useful nor probably even legal, most of these lads have never broken the law before which usually means lighter sentencing.

And also they are often minors requiring less stringent jail time 20 yrs is to put it mildly an overreaction, PVC is right suspend the sentence and at the same time make em do service to the community that helps mitigate the damage.

This does not mean they wont see jail I am sure the Irish lads will be remanded to most likely to castlerea prison (http://www.irishprisons.ie/prisons-castlerea.htm) rather than serve jail time in America for a short while and then be given some form of restricted parole.

Billions come on not a hope of that maybe they think they did, Your coming at this from the viewpoint of Fox news and conservmedia and it's obsession with wikileaks etc etc. Putting a fool of a teenager in jail for 20yrs is neither useful nor probably even legal, most of these lads have never broken the law before which usually means lighter sentencing.

And also they are often minors requiring less stringent jail time 20 yrs is to put it mildly an overreaction, PVC is right suspend the sentence and at the same time make em do service to the community that helps mitigate the damage.

This is precisely the reason why internet crime has become so prolific: we do not take it seriously enough. They must be punished to the fullest extent of the law.

These guys have caused billions of dollars in damage. They should rot in jail for at least 20 years.

Are we going to apply the same logic to politicians and bankers? I realise that for them, billions is on the low side.

~:smoking:

This is precisely the reason why internet crime has become so prolific: we do not take it seriously enough. They must be punished to the fullest extent of the law.

Seeing as the FBI investigated them and charged them in an America court and various other police around the world helped including our own I think it's safe to say it's taken seriously.

The problem taken seriously all right RVG it's just often downright impossible to make a case or even find the person.

...it's just often downright impossible to make a case or even find the person...

Which makes it even more important to punish to the max those whom we do catch. Fear is a great prevention mechanism: it won't stop the crime entirely, but it will prevent countless would-be-criminals from ever acting on their urges.

Which makes it even more important to punish to the max those whom we do catch. Fear is a great prevention mechanism: it won't stop the crime entirely, but it will prevent countless would-be-criminals from ever acting on their urges.
The anonymity of the internet is such that the fear is reduced, as shown by the growth of piracy. Further, I think most people who have these talents would be willing to risk it in order to feel like part of a group of peers, such as Anonymous. The 'thousands' of people who you are refering to, despite being hyperbole, are not the really dangerous ones - the five or six guys who won't be suceptible to your fear tactics are the ones who are going to do your (again hyperbolic) billions of dollars of damage.

...the five or six guys who won't be suceptible to your fear tactics are the ones who are going to do your (again hyperbolic) billions of dollars of damage.

Better five or six than fifty or sixty.

Better five or six than fifty or sixty.
The numbers were just examples - the people with these talents are going to find outlets for them. You aren't goin to deter the people who you actually want to deter, instead you are going to deter the people who just want to poke around a file system of their work intranet or something equivalent that is utterly harmless.

Which makes it even more important to punish to the max those whom we do catch. Fear is a great prevention mechanism: it won't stop the crime entirely, but it will prevent countless would-be-criminals from ever acting on their urges.

It's never prevented crime before even for capital offences, I doubt it would work this time either.

These are mostly young often immature and sometimes even minors we should be helping them rvg, if we can get them to see that what they did is wrong there on a good road. They are young enough and smart enough that they can be turned around and made help society instead of causing these nuisances.

...instead you are going to deter the people who just want to poke around a file system of their work intranet or something equivalent that is utterly harmless.

And that is exactly what I'm after: crush them in their infancy. Many criminals started with harmless "poking around".

And that is exactly what I'm after: crush them in their infancy. Many criminals started with harmless "poking around".
And you said it yourself, it isn't going to stamp it out. These people enjoy the rush of accessing things that they aren't supposed to and that is going to overwrite whatever minimal fear comes from a handful of people being caught. Because that is what it comes down to - "They slipped up and were caught. But I'll be more careful, I'll be fine. That sort of stuff just doesn't happen to people like me."

And that is exactly what I'm after: crush them in their infancy. Many criminals started with harmless "poking around".

This is daft RVG it will never work in the slightest, these young people do not actually believe what they did was wrong. They use the same lines we all use for Pirate Bay and free downloading etc etc, however unlike some ghetto/council estate punk with a bit of work it would be easy turn these lads around.

And that is exactly what I'm after: crush them in their infancy. Many criminals started with harmless "poking around".

And after you've killed off all curiosity in children, I imagine you'll import a load of Korean and Indian IT specialists to do the high tech jobs?

~:smoking:

And you said it yourself, it isn't going to stamp it out. These people enjoy the rush of accessing things that they aren't supposed to and that is going to overwrite whatever minimal fear comes from a handful of people being caught. Because that is what it comes down to - "They slipped up and were caught. But I'll be more careful, I'll be fine. That sort of stuff just doesn't happen to people like me."

Just because we can't catch and punish everyone doesn't mean that we should stop adequately punishing those whom we do catch. Singapore has the right idea with executing drug traffickers.

Are we going to apply the same logic to politicians and bankers? I realise that for them, billions is on the low side.

~:smoking:

If these child hackers can provide a benefit to society than yes. They don't produce anything or provide any service.

...these young people do not actually believe what they did was wrong...

Doing a couple of decades in the clink will correct that.


And after you've killed off all curiosity in children, I imagine you'll import a load of Korean and Indian IT specialists to do the high tech jobs?

Sure, why not? They tend to have exemplary work ethic.

someone please show me where these lost billions are

someone please show me where these lost billions are

Nobody can find them. That's why they're lost. :shrug:

someone please show me where these lost billions are

Revenue losses.

Europe's youngest app designer expelled after hacking school computer system (http://www.independent.ie/lifestyle/education/latest-news/europes-youngest-app-designer-expelled-after-hacking-school-computer-system-3044596.html)

I suppose going by previous statements in this thread this wee 14yr old ladeen should get 20yrs in Wakefield in order to crush his obvious evil hacking tendencies.

Revenue losses.

Those etheric losses that are based mainly on conjecture - if a 14 year old has a copy of Adobe Photoshop CS4, Adobe views themselves as having "lost" c. £1000 to piracy. The "logic" is that if he'd not downloaded it he'd have gone and purchased a copy, not he'd have downloaded the GIMP.

~:smoking:

I suppose going by previous statements in this thread this wee 14yr old ladeen should get 20yrs in Wakefield in order to crush his obvious evil hacking tendencies.

Hell yeah. Perhaps not 20 years since no monetary damage was done, but a punishment is definitely needed.


Those etheric losses that are based mainly on conjecture - if a 14 year old has a copy of Adobe Photoshop CS4, Adobe views themselves as having "lost" c. £1000 to piracy. The "logic" is that if he'd not downloaded it he'd have gone and purchased a copy, not he'd have downloaded the GIMP.

~:smoking:

No, the losses come from the fact that the targeted companies had their business disrupted.

I would still prefer we got summit good out of it, makie them do some good with maybe a year in an open prison just to drive it home.

In this day and age banning them from using a or owning a pc is probably not sustainable, the lines have blured so much lately on what is a pc it's probably not enforceable.

I don't see why they can't be banned from owning a PC and at the same time made to work for special branch. The thing these hackers value most is their online reputation, their real life anonymity and their freedom from authority.

So, take away their PC's, make them work for the government and release regular reports to the press praising their role in combating cyber crime.

Either they'll reform, or they'll be in living hell - depending on what kind of person they are.

Are we going to apply the same logic to politicians and bankers? I realise that for them, billions is on the low side.

~:smoking:

Not quite. You see it's alright if you actually cause billions of damage. Then you're just a Neocon/job creator. If you don't actually cause any noteworthy monetary damage at all, you're an anarchist and must be locked away for life.

Seriously though, what's the point of sentencing someone to XX years in the slammer for the digital equivalent of "redecorating" the exterior of your shed?

one of them out-smarts his captors and sets back cyber-security in an epic fashion.


Well not so much a set back in terms of (poor) security as a really big heist: Gonzalez.

No, the losses come from the fact that the targeted companies had their business disrupted.

Business risk, says I. Should've applied proper configs, shouldn't they?

If the power grid goes down and your company suffers from the "disruption" then that's your problem, too. Should own a couple of 10kVAC diesels if you can't have that. Again, business risk.

Business risk, says I. Should've applied proper configs, shouldn't they?

If the power grid goes down and your company suffers from the "disruption" then that's your problem, too. Should own a couple of 10kVAC diesels if you can't have that. Again, business risk.

It does not excuse the hackers. A crime is a crime.

It does not excuse the hackers. A crime is a crime.
Yes, it is.

You were saying something about lost billions?

lol, that'll work right up until one of them out-smarts his captors and sets back cyber-security in an epic fashion.

Oh really? Then why does the FBI do just this with juvanile Fraudsters, a la "Catch me if you can".


These folks fall into two kinds of camps: People with no grasp on responsibility and a desire to cause trouble, and people following an ideal zealously. The former is no good to anyone, and the latter can only be dealt with harshly (not because their ideal is no good, but because they knew the consequences of going against the law and it is the only fair outcome). Neither one is suitable for government work.

Your first group describes every teenager at some point or another. Think about it, you are looking at maladjusted juvaniles, probably with no social life outside the internet. You take them, you bring them in to the organisation, give them a career path and you send them after the dark net.

Nothing's going to put a hacker off fighting big corporations or governments by having the government send them after kiddy fiddlers and serial rapists.

Man wants a mission? Give him a mission.

Yes, it is.

You were saying something about lost billions?
No, it does not. They caused the loss of money. If it was my money I'd flay them alive.

No, it does not. They caused the loss of money. If it was my money I'd flay them alive.

I believe the expression is "what is this I don't even". I'm not sure what you're understanding of DDOS or site defacement entails, but in my mind this is roughly in the order of (a) "Knock, Knock, Ginger" and (b) vandalism. Naughty, yes, out of bounds, yes, monstrously evil causing billions worth of "damages"? In your dreams.

Now this is quite distinct from leaking login details/credit card details and so on. That's simply not on, whichever way you look at it. However, the simple fact that they were even able to access those details constitutes a failure on the part of the business owners towards their customers. This may not be entirely obvious in the land of whish-it-was-two factor authentication, but the security of your customer's sensitive data is your responsibility and you don't get to play the poor victim card when everything goes to hell in a handbasket on account of shoddy security practices. I mean, SQL injections in 2012... So what about the perps then: tresspass & theft, and that's it. Add identity theft/fraud in the case of social engineering; add the usual sale & receiving of stolen goods if the perpetrators tried to make money off their exploits.

Now when it comes to DDOS this is simply how the Internet works: peak loads are to be expected. (Slashdot, reddit, or customer demand (http://www.theregister.co.uk/2012/02/29/raspberrypi_mania/).) Either you take time to set up appropriate counter measures (not that hard, well trodden path by now) or you grin and bear it.

For the record, I quite agree that just because the businesses failed to maintain or audit their sites properly doesn't grant the Lulzsec types a pass on their misdeeds. It's just that "billions of damages" is utterly preposterous and any such demands for "compensation" should be rejected on the grounds of being straight out of fantasy land.

Arguably, systemic failure to properly audit & administrate their systems is a much graver "offence"/dereliction of duty on the part of business owners towards their customers. My reasoning for this is based on notions about (lack of) professional competence. Consider it the digital equivalent of dumping chemical waste products straight into the local river rather than disposing of it properly.

I believe the expression is "what is this I don't even". I'm not sure what you're understanding of DDOS or site defacement entails, but in my mind this is roughly in the order of (a) "Knock, Knock, Ginger" and (b) vandalism. Naughty, yes, out of bounds, yes, monstrously evil causing billions worth of "damages"? In your dreams.

Now this is quite distinct from leaking login details/credit card details and so on. That's simply not on, whichever way you look at it. However, the simple fact that they were even able to access those details constitutes a failure on the part of the business owners towards their customers. This may not be entirely obvious in the land of whish-it-was-two factor authentication, but the security of your customer's sensitive data is your responsibility and you don't get to play the poor victim card when everything goes to hell in a handbasket on account of shoddy security practices. I mean, SQL injections in 2012... So what about the perps then: tresspass & theft, and that's it. Add identity theft/fraud in the case of social engineering; add the usual sale & receiving of stolen goods if the perpetrators tried to make money off their exploits.

Now when it comes to DDOS this is simply how the Internet works: peak loads are to be expected. (Slashdot, reddit, or customer demand (http://www.theregister.co.uk/2012/02/29/raspberrypi_mania/).) Either you take time to set up appropriate counter measures (not that hard, well trodden path by now) or you grin and bear it.

For the record, I quite agree that just because the businesses failed to maintain or audit their sites properly doesn't grant the Lulzsec types a pass on their misdeeds. It's just that "billions of damages" is utterly preposterous and any such demands for "compensation" should be rejected on the grounds of being straight out of fantasy land.

Arguably, systemic failure to properly audit & administrate their systems is a much graver "offence"/dereliction of duty on the part of business owners towards their customers. My reasoning for this is based on notions about (lack of) professional competence. Consider it the digital equivalent of dumping chemical waste products straight into the local river rather than disposing of it properly.

I guess we'll just have to agree to disagree on this issue.

No, it does not. They caused the loss of money. If it was my money I'd flay them alive.

https://i.imgur.com/IUSQi.jpg