More Talks with Anti-Jihadi Hacker The Jester
By Anthony M. Freed, Director of Business Development, Infosec Island Network
Anti-jihadi hactivist The Jester (th3j35t3r), the self-proclaimed Nicest Hacker in the World, has returned for part two of our conversation concerning his campaign of intermittent disruption of militant pro-jihad websites.
Part one, Q&A With anti-Jihadi Hacker The Jester, elicited both ire and accolades for the cyber-vigilante in nearly equal volume, revealing just how polarizing the issues surrounding ownership, permissions and access have become in this age of information.
The majority of The Jester’s admonishers appealed to the rule of law, and punctuated their argument with absolutisms – an action is either right or it is wrong – and accessing someone else’s hardware is wrong, no matter the reasons.
Those who voiced support for The Jester’s exploits generally believe there is, always has been and always will be, a role for vigilantism where the lawless operate with little fear of reprisal, and beyond the corrective reach of a civilized society.
The Jester’s arguments in his own defense attempt to portray his activities as akin to something like spray painting “DRUG DEALER” in big red letters across the front of a crack house.
The pros: Disrupts the drug dealing, if only temporarily; brings the attention of the community and the authorities; and is a major pain in the rear for known bad guys.
The cons: It’s still vandalism; the house may belong to the dealer’s landlord; it’s still an uptick in crime for the neighborhood.
No, not ideal – but ideally no one would sell drugs – so there we are.
The following are some more insights into The Jester’s motivations and methods, in The Jester’s own words:
Q: Tell us about your first target - how did you decide?
A: The first target was selected after I read an article that talked about how the jihadists are using the web more and more for recruiting and coordinating homegrown terror cells. I decided to develop a method of hitting them down, not permanently, but enough to make things unreliable. It’s the unreliability and disruption that hits the co-ordination hardest.
Q: Did you plan on doing more, or did the attacks just evolve one by one?
A: I didn’t really plan on doing more. But I tweeted it and then received, well, requests, people asking me to hit specific al-Qaeda and jihadi sites, so I would take a look, and if the site displayed signs of recruitment or co-ordination (freedom of speech is obviously another matter) I played a hit on it. It has grown from there, and allowed me to refine the method to make it more effective.
Q: Do you plan on recruiting more hackers to your cause?
Well I did have ideas about an anonymous network of volunteers, nobody knowing the identity of any other member, but that would mean I have to release this technology and method to unknowns. How can I be sure I am not giving handing the bad guys a big gun to shoot us with? I am only hitting jihadi stuff, imagine if the tools were used against say eight of the world’s major financial institutions, a single person on a single machine could easily takedown eight sites simultaneously. So I have no plans to involve others at this time.
Q: How long will you go on?
As long as my nerves will hold out. It’s a serious situation I find myself in, the bad guys want to slice my head off on YouTube with a rusty blade, and the good guys want to lock me up in an orange jumpsuit… along with the bad guys.
Q: Do you have anything big planned soon?
I am currently working on cleaning things up, the method I am using involves much shell-hopping, and so I am creating a shiny new GUI version. Here’s an exclusive, the final software solution will be known as Project ‘XerXeS’ as in the guy that took on the Spartans. I will be sending you a video of it in action once it’s finished. It’s functional right now (obviously) but looks a bit shabby.
Q: Do you have a message for your admirers?
Thanks for all the support by way of comments and messages. Don’t try this at home kids! (lol).
Q: How about a message for your detractors?
They are entitled to their opinion, they have the freedom to voice it, and they have that freedom because people fought and continue to fight for it - both abroad and at home. And they should make no mistake, the war on terror is right on our doorsteps from the homegrown threats, and these threats are perpetuated via online channels.
Q: What’s your biggest accomplishment in your opinion?
I suppose it’s always nice when an ISP hosting one of these jihadi sites takes it down, due to pressure from its own customers. This is what I do – create pressure. You can ask an ISP nicely to perform a takedown, but mostly they don’t, that’s where I seem to fit in.
Conslusion
Now a question for the readers: What do you think? Is The Jester to be characterized as the cliché outlaw hero who dishes out his own personal brand of justice on the bad guys?
Or is he – as some critics have labeled him – just a miscreant with script-kiddy tactics, meddling where he has no business to meddle?
Submit your comments or questions for The Jester below, and stay tuned for more installments of my IM chats on Information-Security-Resources.com, now part of the Infosec Island Network.
About Infosec Island
Infosec Island is a new type of online community designed specifically for IT professionals at small-to-medium businesses and other organizations who manage security, risk and compliance.
Unlike other infosec portals, it combines the benefits of IT security portals and social networking into a single, vendor-neutral community.
Infosec Island members improve their organization’s security, save time and reduce their costs by taking advantage of a unique set of benefits, including infosec news and information, built-in social networking capabilities, relevant content based on personalized organizational views, free security tools and premium Web-based security services.
Infosec Island is the first secure infosec community featuring not only SSL-based security, but additional options for higher security levels.
* * *
Stay Informed With ISR News Alerts:
* * *
Follow us on Twitter
* * *
Anthony is a researcher, analyst and freelance writer living in beautiful Eugene, Oregon. Anthony founded Information-Security-Resources.com in 2008, and merged forces with the Infosec Island Network in January of 2010. Infosec Island is committed to serving the needs of SMBs and mid-market enterprises across many industries, as well as nonprofits, government agencies, educational organizations, and the infosec community at large. Contact Anthony at afreed@wireheadsecurity.com regarding all aspects of business development, client and community relations. Many opportunities are currently available for business and strategic alignment at Infosec Island.
The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com
Filed under: Anthony M. Freed, Breach, Cloud computing, D&O Liability, FEATURE ARTICLE, Financial, Government, Infosec Island Network, Insider Threat, Military, PCI, Richard Stiennon, Sarbanes-Oxley, The Jester, Trefis, Uncategorized, Webcast, due diligence, hackers, healthcare, identity-theft, malware, national security, privacy, virtualization
Comments
3 Comments on More Talks with Anti-Jihadi Hacker The Jester
-
JT on
Thu, 4th Feb 2010 8:21 pm
-
Ed Oppenheimver on
Tue, 16th Feb 2010 2:35 pm
-
ADMIN on
Tue, 23rd Feb 2010 8:42 am
Read parts 1 & 2 and I’ve been following Jester on Twitter for a few weeks and thinking about what this means to me.
While I don’t condemn his actions, I don’t think this is a worthwhile approach in the counter-terrorism effort.
Jester’s comments regarding COIN caught my attention and I think I disagree…the goal of counterinsurgency is not to drive them into the shadows. The shadows is where they want to be. In classic insurgencies, the insurgent always lived in the shadows…the insurgent lets his enemy have the city while he holds the countryside. Now it’s difficult to translate that lesson of classic insurgency into the modern war that is occurring on the internet. The problem is that there are no real cities and countryside on the internet. The insurgent can go anywhere with his message.
The insurgents goal is to eliminate the Army’s will to fight. They achieve their goal by protracting the war and winning the popular support. In this war, the insurgents gain popular support through the sites that Jester attacks.
Jester also says that he is interfering with their ability to coordinate operations by attacking these sites. I’m not prepared to argue that point with anything more than commenting that there are multiple means to communicate clandestinely via the internet…disrupting one means cannot possibly have much of an effect regardless of how many people join Jesters war.
The counter-insurgent’s goal is also to eliminate the enemy’s will to fight however, the method they need to use is different. The counter-insurgent must eliminate the insurgents will to fight by removing his popular support and killing or capturing his key leadership.
Jester is working to suppress the enemy’s message, which is a valid target. By suppressing the message of the insurgent, Jester is interfering with the enemy’s effort to gain the popular support of the people. Consequently, the insurgents should lose their will to fight.
But I just don’t think it’s possible for the government (or Jester) to completely eliminate the insurgents message from the internet. As I mentioned earlier in this long-winded post, there are multiple ways to disseminate the message via the internet. Remember, the Taliban recruited fighters with books, cassettes and pamphlets in the 1980’s.
With that said, I believe what is needed is a different approach. We need to counter the insurgents message with a more powerful message that persuades the popular support to abandon the insurgency and assist in restoring law and order and rebuilding their countries.
In closing (finally) I salute Jester for his service (I served also) and appreciate the fact that he is raising awareness of what goes on around us. I do not condemn his actions, but I believe there is a better way to fight this war. I think his skills could be better put to use in “outing” those who are underground and lie about who they are.
The Jester, his critics, and his supporters are missing the big picture. Figure the CIA also is looking at the same sites and sending their people to sign up. This causes mistrust of those recruited by their recruiters and the seeds of suspicion will erode organizations from the inside. If you disrupt these sites then recruiting will go underground and while casting a smaller net, increase the reliability of those recruited, and reduces the chance for US agents to penetrate these organizations.
Infosec Island has gained exclusive access to a video demonstration of the XerXeS DoS attack as it is unleashed on a Taliban website, and carried out by infamous patriot hacker The Jester (th3j35t3r). The video release follows an earlier announcement that The Jester has been working to improve and automate aspects of the attack method, which unlike a DDoS attack, requires only one low spec machine to implement…
https://www.infosecisland.com/blogview/2990-Exclusive-Video-of-XerXeS-DoS-Attack.html
Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!
