LulzSec Interview: the full transcript

Saturday 23 July 2011


Last week, hacker collective LulzSec returned with a bang, attacking a series of websites owned by Rupert Murdoch's News International in apparent response to the ongoing phone hacking scandal.

For 50 days between May and June, the tight-knit, six-strong group made headlines across the world, rising to almost instant notoriety after perpetrating a series of audacious cyber attacks on high-profile government and corporate websites, before abruptly announcing that they would disband. Among just a few of LulzSec's targets: Sony, the US Senate, the CIA, the FBI and even the UK's Serious Organised Crime Agency.

The authorities continue to try to track them down, and on Tuesday 20 suspected hackers were arrested in the UK, US and Netherlands as part of an ongoing international investigation. In a joint statement with an affiliated network of hackers known as Anonymous, LulzSec responded to the authorities directly. "We are not scared any more," they wrote. "Your threats to arrest us are meaningless as you cannot arrest an idea."

Earlier this month, two weeks after they had announced their apparent split, I managed to track down "Topiary", a founding member of LulzSec and self described "captain of the Lulz Boat". The interview was long - almost three hours - and covered lots of ground. But a great deal of what Topiary told me never made it in to the final write up, published by the Guardian, due principally to restrictions of space.

It was troublesome, deciding what to include and what to omit; the entirety of the interview was valuable. So rather than let the sections that were not printed disappear into the ether, the most sensible thing to do, I felt, was to have the full transcript published here in its entirety.

In the sections that were until now unpublished, Topiary explains how he first became involved in hacktivism and pays credit to his fellow hackers. He details the basis for extortion claims levelled against LulzSec by one US security company; reveals that he recently engaged in a bout of philanthropy, donating thousands of dollars to organisations including WikiLeaks; and also takes time to talk politics - blasting the US government, who he says are "scared of an uprising"... (click read more below for the full interview.)

The Fall of Murdoch

Friday 15 July 2011


The fall of Rupert Murdoch has taken place not because of government ministers, the police, or other such figures in authority positions. It resulted as a consequence, quite astonishingly, of relentless muckraking on the part of excellent journalists who smelled a rat and followed its trail.

It is a truly fascinating moment – a watershed of some kind. We are now witnessing the same politicians who have cowered in Murdoch’s dark shadow for decades clamber over eachother to fire criticism in his direction. There is an undeniable stench about it – and perhaps just as the rotten core of News International has been exposed, so too has the spinelessness of the Westminster establishment.

No matter how it happened, however, the important thing is that it has happened. No longer will Murdoch be able to wield his all-pervasive influence on British politics. There will be no more backdoor meetings, friendly lunches and lavish parties: those days are over.

So the key question is now, where next? The investigation in to the full extent of the phone hacking – and its culture – could take months, more likely years. Over 3000 suspected victims have still to be contacted and there can be no doubt some of the worst revelations are yet to come.

Though amid the heightened climate of hysteria, it is important to keep a cool head. There must be a reasoned debate about how journalism, particularly tabloid journalism, can move forward after this ugly chapter. George Monbiot’s proposed introduction of a Hippocratic Oath for Journalists is a strong starting point.

There is a definite danger that politicians – with the broad support of the wider public – will attempt to impose new regulatory powers upon the press. This is a cause for concern. It is not in dispute that the self-regulating Press Complaints Commission (PCC) failed spectacularly on a number of levels throughout the duration of the hacking saga. (In a 2009 report, for instance, the PCC found "no new evidence to suggest that the practice of phone message tapping was undertaken by others beyond Goodman and Mulcaire" and dismissed the Guardian's coverage as "dramatic".) But it is not a given that the PCC should be scrapped altogether, as many, including prime minister David Cameron, have suggested.

Wholesale statutory regulation would dangerously inhibit freedom of the press, and we must remember that the print media is already bound by many laws (the Data Protection Act, the Human Rights Act, Defamation law etc.). It was a toxic, profit-crazed, scoop-obsessed culture at the News of the World that resulted in endemic phone hacking – not a lack of strong legislation.

This is where the discussion should begin. It is a bonus that after so many years there now seems to be, suddenly and without precedent, a broad consensus on the need for some kind of media reform. Every party and almost every politician is for once in agreement: as Murdoch’s empire crashes to the ground, it's time to build something new from the rubble.


This article originally appeared as part of openDemocracy's forum on the fall of Murdoch: http://www.opendemocracy.net/ourkingdom/james-curran-nick-couldry-ryan-gallagher-suzanne-moore-julian-sayarer/ourkingdom-forum-fa

Why LulzSec went on the Attack


Its audacity was brazen and apparently fearless. Among its high-profile victims were Sony, the CIA, the FBI, the US Senate and even the UK's Serious Organised Crime Agency. Exposing frailties in government and corporate networks, the group leaked hundreds of thousands of hacked passwords, and in the process garnered more than a quarter of a million followers on Twitter. But after just 50 days, on 25 June, LulzSec suddenly said it was disbanding.

Just hours before this announcement, the Guardian had published leaked internet chat logs revealing the inner workings of the group, which appeared to consist of six to eight members. The logs showed that authorities were often hot on their heels, and that after an attack on an FBI-affiliated website two hackers had quit LulzSec as they were "not up for the heat". As media attention mounted, Ryan Cleary, an Essex-based 19-year-old suspected of affiliation to LulzSec, was arrested in a joint UK-US "e-crime" investigation. Had the pressure simply got too much to handle?

To find out, the Guardian tracked down one of LulzSec's founding members, "Topiary". A key figure in the tight-knit group, he was revealed in the logs to have managed LulzSec's Twitter account and to have written their press releases. After verifying his identity by asking him to send a direct message from the account – "This is the captain of the Lulz Boat," he confirmed – we began a long conversation by Skype.

"I know people won't believe this, but we genuinely ended it [LulzSec] because it was classy," he says. "The leaks we promised happened . . . 50 days were reached, we just about hit 275,000 Twitter followers, things were on a high, so we redirected our fans to [hacker collective] Anonymous and [hacking movement] AntiSec and wrapped it up neatly . . . A high note, a classy ending, a big bang, then a sail into the distance."

LulzSec's jovial public image undoubtedly helped it achieve unusual popularity within a short time. Its stated aim was to provide "high-quality entertainment at your expense," and the word "Lulz" is itself internet slang for laughs. The group's popularity spiked after it planted a fake story on US news outlet PBS.com in protest over what it claimed was a misrepresentative WikiLeaks documentary made by the broadcaster. The story falsely reported that rapper Tupac Shakur, who was killed in a shooting 15 years ago, had been found alive and well in New Zealand.

"What we did was different from other hacking groups," says Topiary. "We had an active Twitter (controlled by me), cute cats in deface messages, and a generally playful, cartoon-like aura to our operations. We knew when to start, we knew when to stop, and most of all we knew how to have fun."

But the group's mission, Topiary explains, was not calculated. Almost everything LulzSec did – from choosing its name to its next target – happened spontaneously. "We made it up as we went along. We were originally @LulzLeaks on twitter, but I forgot the password so we became @LulzSec. My first name was The Lulz Train, then The Lulz Cannon, then The Lulz Boat. I had no idea what The Love Boat was, it was a complete accident . . . I wrote every press release in Notepad without planning. That's what made us unique, we just came out and made stuff up out of nowhere . . . We released when it felt right, we tweeted what felt right, we wrote what we felt needed to be wrote. We weren't burdened by plans or board meetings, we just did it."

The leaked chat logs also revealed the hackers appeared to revel in the international attention they received. However, Topiary says it wasn't that LulzSec was media-hungry, but that the media was LulzSec-hungry.

"We didn't contact a single media outlet for at least the first 40 days, they just kept reporting on our humble tweets," he says, though he admits the attention "gave us more reasons to leak more. It was a thrill, sure, and it did play a role. We enjoyed occasionally confusing and pranking media with weird tweets, or giving exclusives to certain journalists to piss off other certain journalists. It was another aspect of the situation that helped us leverage the entertainment."

Yet although many of LulzSec's attacks were perpetrated "for the lulz", the group was accused of attempted extortion by one US security company, Unveillance – a charge Topiary staunchly denies. It was also criticised after it hacked and dumped thousands of Sony Pictures Europe customers' usernames and passwords online, some of which were reportedly later used in scams by fraudsters. But Topiary is unapologetic.

"It's Sony's fault for not defending – and encrypting – its customers' data," he says. "Similarly, in a perfect world, we'd have dumped said data and nothing would have happened. These scams simply prove that other people (our fans/spectators) are more evil than us."

Towards the end of LulzSec's reign, it seemed to gravitate towards more overtly political causes. It occasionally compared itself to WikiLeaks in tweets, and its penultimate leak was a joint effort with Anonymous to expose Arizona police as "racist and corrupt", and to "sabotage their efforts to terrorise communities fighting an unjust 'war on drugs'."

Anonymous is well known for its acts of political "hacktivism". On Monday it reportedly threatened to attack the Metropolitan police over News International's phone hacking and the possible extradition to Sweden of WikiLeaks founder Julian Assange. Earlier this year the group claimed responsibility for a series of Distributed Denial of Service (DDoS) attacks on government websites in Tunisia, Iran, Egypt and Bahrain, and in 2008 it attacked the Church of Scientology after it allegedly attempted to suppress a leaked video interview with actor and scientologist Tom Cruise. Topiary has been heavily involved with Anonymous in the past, occasionally acting as its spokesman in televised interviews.

"Anonymous has been a great way for the younger generations to get involved through methods they understand, like utilising the internet," he says. "My main goal with Anonymous was to spread the word of revolution to those who might be seeking something new."

How does he define revolution? "Revolution is kicking the Tunisian government in the teeth by rendering their malicious Javascript embedments inert, allowing Tunisian citizens to surf Facebook without fear of password sniffing. Revolution is a horde of activists holding up Anonymous masks and thanking us for assisting their hard work by obliterating their government's ministry, stock and finance websites, replacing them with inspiring words. Revolution, to me, is bringing down the big guy while not forgetting to stand up for the little guy."

Though Topiary will not disclose his age, he describes himself as a teenager and "an internet denizen with a passion for change". He believes he is part of a generational shift in the way technology – specifically the internet – is increasingly being used as a tool to influence the world. The actions of Anonymous in particular, he says, have brought attention to the idea that actions taken online can have a major impact in real life – "linking the two realities". But he also recognises that the actions of Anonymous, LulzSec and other affiliated hackers can be used by governments as justification for greater control of the internet. So how does he balance his actions with that knowledge?

"It only results in greater government control if we remain apathetic and let it happen," he says. "The goal with Anonymous is to brutally cut down the middle of that decision and shout 'NO' to laws we don't agree with. Laws are to be respected when they're fair, not obeyed without question."

For now, however, Topiary is taking a break from law-breaking. He says he will continue operating on the margins of Anonymous, but will not engage in any more hacking. Instead, he intends to create art, video and graphics for the group to help with a new public relations project, to be titled Voice.

"I've been at this non-stop for a while, it's a big time-sink," he says. "Some people can handle it for years on end, and I respect those people. I just needed some air and a new page in the Anonymous/LulzSec era."

After the arrest of Cleary last month, suspected US hackers believed to be affiliated with LulzSec had their homes raided in Ohio and Iowa. In the past, hackers have been offered immunity from prosecution if they cooperate with the authorities. But, if caught, Topiary says he would "never snitch" on other hackers and that he would "pretty much" rather go to jail than work for the government in any capacity.

"Not sure I'd have a place in government security, unless they enjoy bizarre tweets," he says. "But again, no, I wouldn't accept a job that would fight against the things I've fought for. As for the authorities, well, if they have their claws in, they have their claws in, there's not much I can do about it. But I can only hope that they haven't pinned any of us, especially my friends from LulzSec."

This article originally appeared at: http://www.guardian.co.uk/technology/2011/jul/14/why-lulzsec-decided-to-disband