PDA

View Full Version : Economics ANONYMOUS: BERNANKE IS NEXT


teedubya
06-13-2011, 05:43 PM
At least SOME Americans are awake, since 97% of you fucks are asleep.

Anonymous has set its sights on Ben Bernanke.

The most well-known hacker group, Anonymous, uploaded a video message to youtube yesterday calling for Fed Reserve Chairman Ben Bernanke to resign, among other things. It's embedded below.

The video begins with Bernanke saying he is 100% confident of his ability to control the income disparity in the U.S. -- the largest of any industrialized country in the world -- on 60 Minutes.

Then it says:
"Democrats have failed us, Republicans have failed us... It is time for us to stand up for ourselves... We must fight back against the organized criminal class... We must launch "operation Empire State rebellion. The operation will commence on June 14th...Operation Empire State Rebellion Engaged."
Anonymous first called for Bernanke to resign on March 12. (http://www.youtube.com/watch?v=7D6neBzTnOQ)

The group's latest Youtube video has this description: In this new video release, "as a first step," Anonymous has called for public protests beginning on June 14th, continuing "until Federal Reserve Chairman Ben Bernanke steps down." To make their case, they have presented a list of recent scandalous Federal Reserve actions.

The group also provided a Google Map guide to a series of protests (http://maps.google.com/maps/ms?hl=en&ie=UTF8&msa=0&msid=215659122039078971677.0004a3a944bafe3a247b7&ll=41.508577,-98.261719&spn=49.644969,70.136719&z=3&source=embed), aimed to "* End the campaign finance and lobbying racket* Break up the Fed & Too Big to Fail banks* Enforce RICO laws against organized criminal class* Order Ben Bernanke to step down."

Details of Flag Day rebellion are described on the Google Map site as such:
This Flag Day, Tuesday June 14th, we will launch a non-violent social movement with this list of demands:

* End the campaign finance and lobbying racket
*Break up the Fed & Too Big to Fail banks
* Enforce RICO laws against organized criminal class
* Order Ben Bernanke to step down

The Banks - #BofA #Citibank #Chase #WF #Ally
Tweet: See FLAG DAY http://bit.ly/mdtXF3 #OpESR
Click on the $ on the map for rally info: #NYC #DC #Chicago #SF #STL #OKC #Flint #WI #Monterey

Here is more information about the Flag Day protest > (http://ampedstatus.org/june-14th-economic-rebellion-update-%E2%80%93-this-is-what-decentralized-resistance-looks-like/)

The movement has also been referred to as, "CTRL+ALT_BERNANKE."
Here is the Anonymous video message:

<iframe width="640" height="510" src="http://www.youtube.com/embed/XySGw-g2tyk" frameborder="0" allowfullscreen></iframe>

The video was published the same day that the "major IMF hacker breach (http://www.businessinsider.com/inside-the-imf-hack-who-the-hackers-were-and-what-they-took-2011-6)" was reported by the New York Times. Anonymous previously warned that it would attack the IMF back on June 1st.

However the IMF says the hack took place before the IMF chief, DSK, was arrested for attempted rape on May 15. Someone familiar with the matter says that a foreign government was behind the attack.

Read more: http://www.businessinsider.com/anonymous-bernanke-is-next-june-14-2011-6

Dave Lane
06-13-2011, 05:54 PM
I'm going to go with no that wasn't anonymous and two if you listen to almost every one in this forum the rich need tax relief now. Not tomorrow now. They are in great need and its our job as Americans to cut benefits to the poor so they can have the tax relief they so richly deserve.

Shaid
06-13-2011, 06:04 PM
I'm going to go with no that wasn't anonymous and two if you listen to almost every one in this forum the rich need tax relief now. Not tomorrow now. They are in great need and its our job as Americans to cut benefits to the poor so they can have the tax relief they so richly deserve.

LMAO

teedubya
06-13-2011, 06:05 PM
General Electric paid ZERO taxes last year. One of the largest corporations in the world.

The "Rich" corporations need to pay more...

http://abcnews.go.com/Politics/general-electric-paid-federal-taxes-2010/story?id=13224558

For those unaccustomed to the loopholes and shelters of the corporate tax code, GE's success at avoiding taxes is nothing short of extraordinary. The company, led by Immelt, earned $14.2 billion in profits in 2010, but it paid not a penny in taxes because the bulk of those profits, some $9 billion, were offshore. In fact, GE got a $3.2 billion tax benefit.

CrazyPhuD
06-13-2011, 06:44 PM
Heh go for it anonymous...you're playing an extraordinarily dangerous game and it's becoming increasingly evident you don't quite understand the magnitude of what you are getting into. Right now they are little more than a nuance and a novelty. But getting political with your views is a very dangerous game. Not because you are getting political, but because if someone acts against say the fed or major banks as an attempt to 'help' your cause, the hammer will come down extremely hard on you. You get classified as a domestic terrorist group(which is what will happen if you attack the fed and what is likely to happen if you attack a bank). Then you'll have 18 months or less of life left before you are gone. Epically dumb move.

Detoxing
06-13-2011, 06:48 PM
Heh go for it anonymous...you're playing an extraordinarily dangerous game and it's becoming increasingly evident you don't quite understand the magnitude of what you are getting into. Right now they are little more than a nuance and a novelty. But getting political with your views is a very dangerous game. Not because you are getting political, but because if someone acts against say the fed or major banks as an attempt to 'help' your cause, the hammer will come down extremely hard on you. You get classified as a domestic terrorist group(which is what will happen if you attack the fed and what is likely to happen if you attack a bank). Then you'll have 18 months or less of life left before you are gone. Epically dumb move.

So what you're saying is...DO IT!

petegz28
06-13-2011, 06:55 PM
General Electric paid ZERO taxes last year. One of the largest corporations in the world.

The "Rich" corporations need to pay more...

http://abcnews.go.com/Politics/general-electric-paid-federal-taxes-2010/story?id=13224558

For those unaccustomed to the loopholes and shelters of the corporate tax code, GE's success at avoiding taxes is nothing short of extraordinary. The company, led by Immelt, earned $14.2 billion in profits in 2010, but it paid not a penny in taxes because the bulk of those profits, some $9 billion, were offshore. In fact, GE got a $3.2 billion tax benefit.

You do realize that corporate taxes are a myth, correct? You do realize they are factored into the price in which the consumer pays for the product, correct?

RaiderH8r
06-13-2011, 07:13 PM
General Electric paid ZERO taxes last year. One of the largest corporations in the world.

The "Rich" corporations need to pay more...

http://abcnews.go.com/Politics/general-electric-paid-federal-taxes-2010/story?id=13224558

For those unaccustomed to the loopholes and shelters of the corporate tax code, GE's success at avoiding taxes is nothing short of extraordinary. The company, led by Immelt, earned $14.2 billion in profits in 2010, but it paid not a penny in taxes because the bulk of those profits, some $9 billion, were offshore. In fact, GE got a $3.2 billion tax benefit.

That's because GE took a $30 Billion dollar loss over a few years and they get to carry those losses forward against future profits. I hate to defend Barry O's butt buddy Immelt but you are perpetuating a gross falsehood and it needs to be corrected.

Taco John
06-14-2011, 01:37 AM
Heh go for it anonymous...you're playing an extraordinarily dangerous game and it's becoming increasingly evident you don't quite understand the magnitude of what you are getting into. Right now they are little more than a nuance and a novelty. But getting political with your views is a very dangerous game. Not because you are getting political, but because if someone acts against say the fed or major banks as an attempt to 'help' your cause, the hammer will come down extremely hard on you. You get classified as a domestic terrorist group(which is what will happen if you attack the fed and what is likely to happen if you attack a bank). Then you'll have 18 months or less of life left before you are gone. Epically dumb move.

I agree with what you're saying, but the political theatre playing in front of the American people will be that the US Government came down harder on political activists than those performing financial malfeasance. I'm curious how that dynamic would play out in the media.

CrazyPhuD
06-14-2011, 01:50 AM
I agree with what you're saying, but the political theatre playing in front of the American people will be that the US Government came down harder on political activists than those performing financial malfeasance. I'm curious how that dynamic would play out in the media.

The problem is once they go out to disrupt the banking system it stops being an activist and starts being a crime....much like things like the ELF. It's not a huge leap to go from disruption to real damage. Once they've crossed that line they have to be dealt with The problem is most of the anonymous people think they are top tier hackers. Their own arrogance is going to get them caught because they think they can't be touched. The problem is there are resources in place than can isolate and track them if they really want to be used, but there is always a price to using those resources.

While the banking system has it's own corruption issues there is still a general confidence about them, if they disrupt the banking system to any real degree the public will turn on their antics very quickly.

Jenson71
06-14-2011, 03:49 PM
You do realize that corporate taxes are a myth, correct? You do realize they are factored into the price in which the consumer pays for the product, correct?

So in other words, they aren't a myth.

Simplex3
06-14-2011, 06:01 PM
Don't fool yourself. You can't shut down Anonymous for the same reason you can't shut down Al Qaeda. It isn't a formal structure, it's a bunch of independent people acting on their own behalf.

Add to that the fact that this "group" is International and the US authorities have a problem. What if none of the hackers are US citizens? Or even in the US? What about the ones in non-extradition countries? And do you really think they're going to launch their attacks from their personal computer hooked up to their ISP at their house? You think they won't be on a public wifi somewhere, or hacked into some random guy's house?

Oh, the feds will arrest a couple of guys, call them "Anonymous", and then throw the book at them. But it won't change anything.

vailpass
06-14-2011, 06:02 PM
You mess with the bull you get the horns.

Simplex3
06-14-2011, 06:05 PM
You mess with the bull you get the horns.

Not if the bull is in a pen and you're shooting it from 300 yards away.

CrazyPhuD
06-14-2011, 08:27 PM
Don't fool yourself. You can't shut down Anonymous for the same reason you can't shut down Al Qaeda. It isn't a formal structure, it's a bunch of independent people acting on their own behalf.

Add to that the fact that this "group" is International and the US authorities have a problem. What if none of the hackers are US citizens? Or even in the US? What about the ones in non-extradition countries? And do you really think they're going to launch their attacks from their personal computer hooked up to their ISP at their house? You think they won't be on a public wifi somewhere, or hacked into some random guy's house?

Oh, the feds will arrest a couple of guys, call them "Anonymous", and then throw the book at them. But it won't change anything.

Heh no offense but the difference between al-queda and anonymous is fairly significant. Part of the reason that al-queda can stay protected is exactly because they stay off the grid. People believe there is a level of anonymity on the internet. The simple reality is there is not, not even one bit.

Here's a question? Do you think that going to an internet Cafe or a neighbors open wifi provides any real security? I'll give you a hint, it doesn't not one bit, not unless you are effectively switching internet cafes every time you access the internet. Not only that you have to be switching cities every time. If you want to stay safe you need to always be moving and the farther you move the safer you are. If you develop any pattern at all you'll get tracked and found.

Even if you are successful at constantly moving and avoiding being in any one place at any time, that still may not protect you, because with enough resources, all they have to do is create a tracking virus that propagates throughout the network looking for specific machine signatures, but taking no negative action. Think stuxnet but set to look for an find a specific machine signature. Now not only do you need to to be constantly moving, but you also need to be constantly changing your hardware and/or attack style because if you don't they can track you by finding you hardware or characteristics. Even when you replace machines you better not have any consistent hardware patterns or trends or you better steal all of your hardware.

In short if they want to find you, you will be found, about the only thing that might protect you is if you are a state sponsored hacker. Even then it will be iffy. As for extradition treaties again, the only states where that might be relevant is russia and or china. Everyone else will give you up without even thinking about it from either economic rewards or because they are an ally. Even in places that you can't get extradited do you think that protects you that much? If you're a PITA and can be tracked, you'll just disappear.

The only question is the amount of resources it takes to find you, not the question of whether you can be found. Right now they are a nuisance so it's not worth the resources to really track them down. But become a threat and the value of spending the resources goes up. You also don't need to take out all of anonymous, you only need to take out the command and control network plus likely no more than the top 1% of hackers. Most hackers aren't very good, the good ones are the only ones you really need to worry about and those are pretty few and far between.

Simplex3
06-14-2011, 11:29 PM
Heh no offense but the difference between al-queda and anonymous is fairly significant. Part of the reason that al-queda can stay protected is exactly because they stay off the grid. People believe there is a level of anonymity on the internet. The simple reality is there is not, not even one bit.

There isn't for you. There is for even average hackers.

Here's a question? Do you think that going to an internet Cafe or a neighbors open wifi provides any real security? I'll give you a hint, it doesn't not one bit, not unless you are effectively switching internet cafes every time you access the internet. Not only that you have to be switching cities every time. If you want to stay safe you need to always be moving and the farther you move the safer you are. If you develop any pattern at all you'll get tracked and found.

But didn't you just say you can't be anonymous on the Internet? Now you can, but you have to move?

Oh, and you don't have to move. If I control 1,000 people I can hit you 1,000 times and never expose any of them.

Even if you are successful at constantly moving and avoiding being in any one place at any time, that still may not protect you, because with enough resources, all they have to do is create a tracking virus that propagates throughout the network looking for specific machine signatures, but taking no negative action. Think stuxnet but set to look for an find a specific machine signature. Now not only do you need to to be constantly moving, but you also need to be constantly changing your hardware and/or attack style because if you don't they can track you by finding you hardware or characteristics. Even when you replace machines you better not have any consistent hardware patterns or trends or you better steal all of your hardware.

You should probably stop watching CSI now. Stuxnet took years and years to develop and had a very specific target. Part of why it worked was precisely because it never called home. It would be of no value for finding a hacker. As for these mythical machine signatures:

LMAO

Commodity hardware isn't traceable like that. Any uniquely identifiable numbers on a piece of hardware, which there rarely are, can be forged and/or disabled outright.

In short if they want to find you, you will be found, about the only thing that might protect you is if you are a state sponsored hacker. Even then it will be iffy. As for extradition treaties again, the only states where that might be relevant is russia and or china. Everyone else will give you up without even thinking about it from either economic rewards or because they are an ally. Even in places that you can't get extradited do you think that protects you that much? If you're a PITA and can be tracked, you'll just disappear.

The only question is the amount of resources it takes to find you, not the question of whether you can be found. Right now they are a nuisance so it's not worth the resources to really track them down. But become a threat and the value of spending the resources goes up. You also don't need to take out all of anonymous, you only need to take out the command and control network plus likely no more than the top 1% of hackers. Most hackers aren't very good, the good ones are the only ones you really need to worry about and those are pretty few and far between.

The command and control network? You mean the Internet? Yeah, if you took that out you'd stop them. Along with the economy, of course.

Again, you're thinking single hacker spending months or years hammering a single target. That's not what is going to be happening. It's going to be thousands of hackers, each with their own vectors, from dozens of countries, funneled through tens if not hundreds of thousands of zombies in botnets. They'll each head out to a local Starbucks or library, connect through some machine in South Korea they've exploited, which will connect to some other machine in Eastern Europe they've exploited, which will run the attack. If it works, great. Damage done. If not, they'll disconnect and never go back to any of those machines.

Also don't forget that there are massive botnets that can flood the servers with traffic from all over the world. If you think the government knows all and can trace all then explain why the large spam botnets are still in business and why their owners have never been brought to justice.

Will the feds arrest someone? Yeah. They'll nail a small handful of script kiddies who were stupid enough to run their game from mom and dad's house. But they aren't going to get anyone of value. You're dreaming to think otherwise.

But let's assume they do get one high value target. Do you have any idea how many average to above average hackers are in Anonymous? It's more than one.

Fishpicker
06-15-2011, 12:30 AM
<iframe width="480" height="390" src="http://www.youtube.com/embed/Px1t1-a9uxk" frameborder="0" allowfullscreen></iframe>

The Government and the alphabet agencies have been playing catch up since 2001. While they may have improved their Cyber warfare capabilities, I still doubt that the government could do much about an attack by Anonymous or LulzSec.

I think that's why the Government was pushing for an internet kill switch.

BryanBusby
06-15-2011, 01:47 AM
Heh no offense but the difference between al-queda and anonymous is fairly significant. Part of the reason that al-queda can stay protected is exactly because they stay off the grid. People believe there is a level of anonymity on the internet. The simple reality is there is not, not even one bit.

Here's a question? Do you think that going to an internet Cafe or a neighbors open wifi provides any real security? I'll give you a hint, it doesn't not one bit, not unless you are effectively switching internet cafes every time you access the internet. Not only that you have to be switching cities every time. If you want to stay safe you need to always be moving and the farther you move the safer you are. If you develop any pattern at all you'll get tracked and found.

Even if you are successful at constantly moving and avoiding being in any one place at any time, that still may not protect you, because with enough resources, all they have to do is create a tracking virus that propagates throughout the network looking for specific machine signatures, but taking no negative action. Think stuxnet but set to look for an find a specific machine signature. Now not only do you need to to be constantly moving, but you also need to be constantly changing your hardware and/or attack style because if you don't they can track you by finding you hardware or characteristics. Even when you replace machines you better not have any consistent hardware patterns or trends or you better steal all of your hardware.

In short if they want to find you, you will be found, about the only thing that might protect you is if you are a state sponsored hacker. Even then it will be iffy. As for extradition treaties again, the only states where that might be relevant is russia and or china. Everyone else will give you up without even thinking about it from either economic rewards or because they are an ally. Even in places that you can't get extradited do you think that protects you that much? If you're a PITA and can be tracked, you'll just disappear.

The only question is the amount of resources it takes to find you, not the question of whether you can be found. Right now they are a nuisance so it's not worth the resources to really track them down. But become a threat and the value of spending the resources goes up. You also don't need to take out all of anonymous, you only need to take out the command and control network plus likely no more than the top 1% of hackers. Most hackers aren't very good, the good ones are the only ones you really need to worry about and those are pretty few and far between.

Man, if only they made these things called proxies.

vailpass
06-15-2011, 09:40 AM
Not if the bull is in a pen and you're shooting it from 300 yards away.

300 yards is nothing if the guys with the big guns are aiming at you.

Simplex3
06-15-2011, 10:11 AM
300 yards is nothing if the guys with the big guns are aiming at you.

When did bulls become guys with guns?

History is littered with examples of large entities and armies losing to guerrilla-style forces. The French lost in Vietnam, the Russians lost to the Afghans, even Egypt is an example. 100 tanks and a battleship won't do you any good if you can't find a target.

Not to mention the fact that, in all likelihood, the hack has already occurred. It would be stupid for Anonymous to tip their hand ahead of time.

Ask HBGary Federal how many guys from Anonymous have been arrested.

Brock
06-15-2011, 10:13 AM
So in other words, they aren't a myth.

They're not a myth, they're just misnamed.

CrazyPhuD
06-15-2011, 05:12 PM
There isn't for you. There is for even average hackers.

But didn't you just say you can't be anonymous on the Internet? Now you can, but you have to move?

Oh, and you don't have to move. If I control 1,000 people I can hit you 1,000 times and never expose any of them.

You should probably stop watching CSI now. Stuxnet took years and years to develop and had a very specific target. Part of why it worked was precisely because it never called home. It would be of no value for finding a hacker. As for these mythical machine signatures:

LMAO

Commodity hardware isn't traceable like that. Any uniquely identifiable numbers on a piece of hardware, which there rarely are, can be forged and/or disabled outright.

The command and control network? You mean the Internet? Yeah, if you took that out you'd stop them. Along with the economy, of course.

Again, you're thinking single hacker spending months or years hammering a single target. That's not what is going to be happening. It's going to be thousands of hackers, each with their own vectors, from dozens of countries, funneled through tens if not hundreds of thousands of zombies in botnets. They'll each head out to a local Starbucks or library, connect through some machine in South Korea they've exploited, which will connect to some other machine in Eastern Europe they've exploited, which will run the attack. If it works, great. Damage done. If not, they'll disconnect and never go back to any of those machines.

Also don't forget that there are massive botnets that can flood the servers with traffic from all over the world. If you think the government knows all and can trace all then explain why the large spam botnets are still in business and why their owners have never been brought to justice.

Will the feds arrest someone? Yeah. They'll nail a small handful of script kiddies who were stupid enough to run their game from mom and dad's house. But they aren't going to get anyone of value. You're dreaming to think otherwise.

But let's assume they do get one high value target. Do you have any idea how many average to above average hackers are in Anonymous? It's more than one.

Sorry chief as much as I may like to get in and internet 'who's dick is bigger when it comes to computer systems knowledge' I just don't have the time.

Sorry for my delay here but work has precluded things.

When it comes to the issue of anonymity online you'll find that the level of protections you have vary quite substantially depending upon the threat level you are facing. If you're talking about most small to midlevel players(i.e. companies to small nations), things like proxies are a perfectly fine solution and will generally provide enough protection that you are less likely to get caught.

But when you deal with major governmental entities with effectively unlimited budgets, proxies become next to useless. First compromising them is trivial. You can go from simple approaches such as posing as a hardware vendor that offers said proxy company an amazing deal on new servers, which just happen to come already precompromised. This could happen with any number of types of hardware from storage servers, to servers, to even the networking equipment in their racks. From the proxies point of view they are both unlikely to notice and unlikely to care because the governmental entity most likely will never care about what you use a proxy for even if it's downloading child porn. They are there for national security interests and if you're not doing something against national security they are unlikely to really care. The old, 'they have bigger fish to fry' issue.

But even then it's not clear that they even have compromise directly the proxies themselves. I don't know if you remember back in the days when the Echelon discussions were more rampant. But if you recall there was quite the uproar over ATT's alleged assistance to the NSA to monitor ALL internet traffic on it's backbone's.

http://en.wikipedia.org/wiki/Hepting_vs._AT%26T

One other nasty bit about proxies, they are completely ineffective if I control the network going into them and the network coming out of them. Even encrypting the traffic does not guarantee that I cannot correlate timing information and sizing to packets to gather loose associations(and that's not even taken into account the possibility that the encryption has been broken).

At any rate I think it's safe to assume that the NSA has full taps on every major backbone in the USA, also likely to have taps to the fiber cables between continents, in addition to having taps in most if not all smallish 'friendly' companies. Afterall it is cheap to bribe some of these countries. The only countries where it is fairly safe they don't have access to internal taps would be china and russia.

While it may sound hard to have all these locations tapped, consider that is the same organization that has been tapping underseas cables at deep depths for years.

http://cryptome.org/nsa-fibertap.htm

Building a copy of the existing US data network and routing it to Ft. Meade wouldn't be that hard, it would cost what 10-50 billion? Fairly small change. The bigger issue is being able to process all the data you get. But you could do that reasonably efficiently, for instance unless you have reason to believe that stenography will be actively used, you can safely bypass all video and picture data for processing later.

The movies place this nice show of 'tracing' someone online needing to be online for a certain amount of time to jump through all the proxies to find the source. The problem is, that limitation doesn't exist if you can log all of the traffic going into and out of a majority of the nodes. It may take time, but if they have the data they will eventually be able to correlate the traffic and find the source IP location. That is why I made the comment that you better be moving all the time and have no habits, because since the capability exists and is well within the means of someone like the NSA, you should not assume they can't back trace through your proxies to find your source ip where you issued the commands to your botnet or to your college to coordinate the attack. The only way to be sure you're safe is to always keep moving.

One may propose a 'better' proxy system that uses something more private like the Tor network.

http://en.wikipedia.org/wiki/Tor_(anonymity_network)

Even something like this isn't likely to be sufficient versus the full resources of someone like the NSA. Because again, if you can monitor the end points it does not matter. Also if you compromise enough nodes on the network you can also monitor the traffic. And finally you're assuming the encryption is still secure, which may not be a valid assumption when dealing with the resources of someone like the NSA.

Heh when it comes to device signatures you might be surprised what you could find out about a system even with only black box testing. Some of the signatures are very easy to track. The easiest being a MAC address, if you are on a local network with someone you can track that machine. While you can definitely forge a mac address, that doesn't buy you as much as you might think. You see MAC addresses have the first 1/2(I believe) as a vendor specific ID. It has to have this because the MAC needs to be globally unique. While you can change your MAC address, if you do it randomly you'll stand out because you are likely to have a MAC address that belongs to some vendor that just doesn't make sense for where you are. Which would stand out as a red flag of something not being right. That combined with other information may help them to correlate your location.

But even without access to something as easy a MAC address it is still possible to build a signature of a machine based upon how it responds to certain traffic. Each machine because of it's hardware configuration and software setup will respond differently, the question is if your measurement device has the proper resolution to tell the difference. At the LAN level very likely, at the level above it, it depends.

DO you know why I mentioned stuxnet? The level of technical sophistication there is very high. Far higher than any published hack anywhere else. You talk about 4 zero day vulnerabilities in windows. That's fairly unprecedented and I'm fairly confident they have far more in store. Remember the NSA has full access to the source code of the entirety of the windows operating system. Finding bugs, security weaknesses, etc, using formal verification processes on the raw source code is substantially than on black box testing of the same systems.

But back to stuxnet for a second, what makes that particularity challenging is both the type of hardware involved and the fact that the expected network to be attacked is not one that would be expected to be ever attached to the internet, so it had to piggy back on USB flash drives and then propagate through the networks via LAN RPC.

To assume that it would be beyond the capabilities of the same organization to devise a self replicating virus exploiting several zero day exploits to place tracking software using either stenography or hidden channels to communicate to the outside world on a large portion of machines out there. Having a 1000 machines to launch a 1000 attacks sounds nice, unless I've already propagated tracking software to those 1000 machines and the minute you log on to those machines I've already started the traceback operation. Then having all those different machine loses alot of it's value.

This should actually be a significantly easier problem than the one the stuxnet was designed to solve simply because the hacker is already sure to be connected to the internet. That inherently exposes him. The only secure network is one that isn't ever attached to the internet(well ok more formally the only secure network is one that is never used).

However consider this little nugget too....from the wiki article on stuxnet.

The malware has both user-mode and kernel-mode rootkit capability under Windows,[33] and its device drivers have been digitally signed with the private keys of two certificates that were stolen from separate companies, JMicron and Realtek, that are both located at Hsinchu Science Park in Taiwan.[24][31] The driver signing helped it install kernel-mode rootkit drivers successfully and therefore remain undetected for a relatively long period of time.[34] Both compromised certificates have been revoked by VeriSign.

So on the surface it sounds bad, afterall stealing private keys is a fairly huge issue. BUT it could actually be much worse than this. Most public key cryptography is based upon fairly hard mathematical problem and not being able to solve them in sufficient time. RSA for instance is based upon the difficulty of factoring multiples of prime numbers. The reason why this is important is that if you break the mathematics behind the public key scheme you break the entire scheme. People place alot of trust in encryption and against your average opponent it is likely to be good enough. Against an entity with some of the best mathematicians in the world and a relatively unlimited budget, I'm not so sure.

Consider the worst case explanation for that, what if they have broken the public key cryptography that is used by verisign. One cannot discount that possibility. The only provably secure encryption system is the one-time-pad(with a truely random sequence). But it is extraordinarily expensive to implement. I believe it is only used for very high level diplomatic communications.

In short be careful about underestimating the capabilities of the NSA. You may think they are lacking in certain capabilities, and the truth is it's entirely possible that they might be. BUT also recognize that if they have very strong capabilities in an area they will want you to think they are weak and inept. They don't want to show what they can or cannot do because allows one to defend against them. It's somewhat like the old Sun-Tzu philosophy's make them think you are weak where you are strong and strong where you are weak. Because of the security surrounding them, it will be very difficult to understand their true capabilities. You can assume they will be less competent and maybe you'll be right, but maybe that will make you sloppy which will get you caught. If you assume they are more competent then you are less likely to be caught, but you must be ever vigilant. If it's my life on the line(either actual death or very long unpleasant prison), you can be sure I'm going to be more than a bit paranoid.

The final bit as to why haven't they broken up the spam networks or the bot nets. Fundamentally the big question is....why would they care? They aren't the FBI, they couldn't care less about crime, they are worried about national security and the spam networks aren't a national security issue. There are two reasons to not touch them. One if they break them up they then demonstrate capability, when you do that, you give people and idea of what to defend against for future events. Better to not let them know you are capable of something until you really need to use it. Secondly what if the NSA has compromised the bot networks. To some degree this would be a hackers nightmare because that would allow the NSA to monitor the entire network covertly and they know the strengths and weaknesses. If they were to bust it up, it would just come back but likely with better security. It is far better tactics to let it live in it's less secure form that you know rather than risk having it come back in a more secure form you may not be able to shut down when you absolutely have to.

In short the overall message is that I would be very careful in underestimating the capabilities of the NSA. This isn't the FBI, that has to obey laws and has a public budget that you can see how much they spend on what. This is an organization that has existed for 50+ that are some of the worlds leading experts on cryptography and signals intercept. They also likely have the most powerful computers in the world by at least a generation or two. They have the money to spend and they have never been shy doing so.

In most cases they have bigger fish to fry dealing with other national spy agencies, but to think that they couldn't turn there not considerable resources against someone like anonymous if they prove to be a threat to national security by making a real attack on the banking system? That's a dangerous assumption to make. To me I see the situation for hackers now is somewhat like the early days of online poker(or home poker). You can be 'good', but mostly you're playing against the fish of the world so you have a somewhat inflated view of your skills(which is perfectly normal, no one has challenged you). But like in poker the world becomes a very different place when you go to say the WSOP and now instead of playing among a world of fish you are now playing amongst a bunch of pros. You've been used to always being the shark, but now you may find that you're the fish.

CrazyPhuD
06-15-2011, 05:18 PM
The Government and the alphabet agencies have been playing catch up since 2001. While they may have improved their Cyber warfare capabilities, I still doubt that the government could do much about an attack by Anonymous or LulzSec.

I think that's why the Government was pushing for an internet kill switch.

While I could have made this point part of the other comment that one was WAY too long as is! :D

So I'll ask a simple question, who do you think is better. Anonymous(or LulzSec) or the chinese state sponsored hackers that are likely the ones behind the RSA break in that allowed them to compromise lockheeds unsecured network(the classified network is almost certainly physically separated).

While there is no doubt that Anonymous et al, has a certain capabilities, I'm going to go with the chinese on this one, and be certain, the NSA and the government get attacked by the chinese on a daily if not hourly basis. Attacking government institutions is a fairly different proposition than attacking a company. Companies probably only face a few serious hack attempts a year. Governments have to face them all the time. That will naturally build stronger security policies.

That doesn't mean they will be fullproof. If you come at a problem from a radically different way you may get through because no one every thought to do it that way. BUT they will be much more hardened than your average company. They have been hardened for 10s of years and have significant experience in both attack and defense.

Simplex3
06-15-2011, 05:47 PM
Sorry chief as much as I may like to get in and internet 'who's dick is bigger when it comes to computer systems knowledge' I just don't have the time.

Sorry for my delay here but work has precluded things.

When it comes to the issue of anonymity online you'll find that the level of protections you have vary quite substantially depending upon the threat level you are facing. If you're talking about most small to midlevel players(i.e. companies to small nations), things like proxies...

Let's first establish this: I didn't say anything about using public proxies. Only a tool would think that makes them anonymous.

The only other point you made that needs addressing is your belief that the NSA can store all traffic generated on the Internet for some period of time long enough to diagnose and decrypt it, which is crap. The Internet is approaching a zetabyte of information a year. It would take such massive sums of money to buy the storage for even a month of Internet traffic that you couldn't possibly hide that even in the budget of the US. Not to mention the physical space, power requirements, cooling, etc. It may be possible for them to have a rolling capture and store maybe a few hours, maybe a few days, but if they don't find out for a week after the hack that it has occurred then it's all over.

I don't discount the NSA's abilities. But just like counter-terrorism, the NSA has to be right every time and the hacker only has to be right once.

Simplex3
06-15-2011, 06:01 PM
Also to address the "don't disclose your capabilities unless you have to" argument, which I agree they will consider:

Saving Bernake's ass isn't going to be worth disclosing their capabilities. All Anonymous is talking about doing is the same thing they did to HBGary: deface the web site and steal documents. If all they do is steal and release documents that prove the POTUS, Congress, and the Fed conspired to bail out Wall Street fatcats and international banks at the cost of the American people because they could gin up a false emergency then the NSA is going to have a hard time getting the public up in arms to do in the guys who outted them.

[edit] Hell, in that case the NSA needs to be going after members of our government.

Fishpicker
06-15-2011, 06:21 PM
hey CrazyPhud:
whats the over/under for LulzSec being apprehended since they took down the CIA website today?

Jaric
06-15-2011, 06:27 PM
hey CrazyPhud:
whats the over/under for LulzSec being apprehended since they took down the CIA website today?

That's gotta be embarrassing.

CrazyPhuD
06-15-2011, 06:42 PM
Also to address the "don't disclose your capabilities unless you have to" argument, which I agree they will consider:

Saving Bernake's ass isn't going to be worth disclosing their capabilities. All Anonymous is talking about doing is the same thing they did to HBGary: deface the web site and steal documents. If all they do is steal and release documents that prove the POTUS, Congress, and the Fed conspired to bail out Wall Street fatcats and international banks at the cost of the American people because they could gin up a false emergency then the NSA is going to have a hard time getting the public up in arms to do in the guys who outted them.

[edit] Hell, in that case the NSA needs to be going after members of our government.

So if that's all they do then likely they will not cross into the realm of national security issues...it's an embarrassment rather than a disruption(unless said information allows someone to mount a disruptive attach then the line blurs again). But if they or someone on their team goes rouge and attempts to disrupts operations of the bank that is a different issue. That's the side they wouldn't be careful to play on. The problem for them though, is that they may not know until it's too late if they cross that line. Why? It's doubtful the government would pick up the people one at a time. That would tip their hand to those that are left, if they can identify them, they will do so for as many of the 'upper' people they can then attempt to sweep them all at the same time to reduce the chance of any one alerting another. So the risk is, you may feel totally safe...right until you're not. If it were me and I were a hactivist I would try to make sure I am conservative on where that line is. Even if you break in you want to evaluate the value of exposing that information versus the value of becoming a real target.

ClevelandBronco
06-15-2011, 06:44 PM
Heh no offense but the difference between al-queda and anonymous is fairly significant. Part of the reason that al-queda can stay protected is exactly because they stay off the grid. People believe there is a level of anonymity on the internet. The simple reality is there is not, not even one bit.

Here's a question? Do you think that going to an internet Cafe or a neighbors open wifi provides any real security? I'll give you a hint, it doesn't not one bit, not unless you are effectively switching internet cafes every time you access the internet. Not only that you have to be switching cities every time. If you want to stay safe you need to always be moving and the farther you move the safer you are. If you develop any pattern at all you'll get tracked and found.

Even if you are successful at constantly moving and avoiding being in any one place at any time, that still may not protect you, because with enough resources, all they have to do is create a tracking virus that propagates throughout the network looking for specific machine signatures, but taking no negative action. Think stuxnet but set to look for an find a specific machine signature. Now not only do you need to to be constantly moving, but you also need to be constantly changing your hardware and/or attack style because if you don't they can track you by finding you hardware or characteristics. Even when you replace machines you better not have any consistent hardware patterns or trends or you better steal all of your hardware.

In short if they want to find you, you will be found, about the only thing that might protect you is if you are a state sponsored hacker. Even then it will be iffy. As for extradition treaties again, the only states where that might be relevant is russia and or china. Everyone else will give you up without even thinking about it from either economic rewards or because they are an ally. Even in places that you can't get extradited do you think that protects you that much? If you're a PITA and can be tracked, you'll just disappear.

The only question is the amount of resources it takes to find you, not the question of whether you can be found. Right now they are a nuisance so it's not worth the resources to really track them down. But become a threat and the value of spending the resources goes up. You also don't need to take out all of anonymous, you only need to take out the command and control network plus likely no more than the top 1% of hackers. Most hackers aren't very good, the good ones are the only ones you really need to worry about and those are pretty few and far between.

It's all becoming clear. Midnight Vulture is Anonymous.

CrazyPhuD
06-15-2011, 06:53 PM
hey CrazyPhud:
whats the over/under for LulzSec being apprehended since they took down the CIA website today?

Does it matter at all to anyone? Really? The CIA website is a portal for information to you, it's not likely an operational capability. In fact there are advantages to having this happen for the CIA, as I mentioned above, you would actually want people to think you're weak when in fact you're strong. So provided they aren't doing any real damage how much does the CIA lose? If you think they are weak then that can be an advantage to them.

Plus there is secondary strategy. One thing about intelligence that has practiced in the real world is the power of misinformation. One could argue that misinformation is infact more powerful than information because it allows you to control what information someone gets.

There's also another security concept here that actually plays into go electron security. One form of it is the honey pot. What I do in the honey pot scenario is that I put out an attractive target and I let you get in. I do this for two reasons, one is to evaluate your capabilities and two is to pass misinformation. One about what my capabilities are and two about any information you find in the honeypot. I control that information.

That's the biggest challenge with fighting this 'war' you will likely never know if you really succeeded or if you were given information they wanted you to have.

Part of strong internet security(or security in general) is to not only have strong defenses but intentional weaknesses. You have areas that are intentionally weak so that you know if someone penetrates them they are definitely attacking you and you sand box them to limit your access. The problem with making everything really strong is that there will always be a weakness and if it's always strong then they will bounce off of it until they find a crack. With intentional weaknesses you give them known cracks sooner. You are hoping they don't realize they've been tricked and waste time in a 'compromised' site you control.

That's all part of any good layered defense. In computers or real life you want strong defenses but you also want booby traps. The best traps are those that seem the most real. The trick will be in telling what is what.

Does this mean they can't get in? Of course not, but it's always hard to say...is this information or is the the information they wanted me to know. That is one of the big challenges with any intelligence game.

CrazyPhuD
06-15-2011, 07:03 PM
Let's first establish this: I didn't say anything about using public proxies. Only a tool would think that makes them anonymous.

The only other point you made that needs addressing is your belief that the NSA can store all traffic generated on the Internet for some period of time long enough to diagnose and decrypt it, which is crap. The Internet is approaching a zetabyte of information a year. It would take such massive sums of money to buy the storage for even a month of Internet traffic that you couldn't possibly hide that even in the budget of the US. Not to mention the physical space, power requirements, cooling, etc. It may be possible for them to have a rolling capture and store maybe a few hours, maybe a few days, but if they don't find out for a week after the hack that it has occurred then it's all over.

I don't discount the NSA's abilities. But just like counter-terrorism, the NSA has to be right every time and the hacker only has to be right once.

So by nature I'm a crypto hobbyist but I actually have done storage/compression and info theory for real in the past. Storing the data won't actually be that hard. What will be the challenge is accessing that data in a reasonable timeframe/format. You can actually simplify the problem quite a bit and probably get still good data. In some cases it may matter less what someone is saying rather than who they are saying it with. Call it the security version of google page rank. The level of interest in the information and the amount of processing to be done on it is partially dictated by who is talking to that computer.

Page rank is based upon this relationship philosophy where whoever links to you affects how high you are in the rankings. The more credible sites that reference you the more 'credible' you are.

Same can be said for processing data. I believe this type of behavior was done in the old days for phone intercepts so one should expect it to be done for computer intercepts. It always used to be the government would spend the most resources listening to the phone calls of known terrorists, then they would spend lessor resources on those who call the terrorists and the even less on those who call those who call the terrorists. In short probably most effort is spent listing to kevin bacon in a twisted version of 6 degrees of separation.

But you could argue the method could be applied to the internet. You know the botnet machines, you can find who the botnet machines talk to and so forth. While you can avoid being noticed here, if they have enough access to the network you'll have to be very vigilant to not show up as a correlation.

If they can figure out which machines they want to listen to then they can focus on processing that information first. You'll probably filter out 99.9% of the information to be processed by relationships while still having a fairly good hit rate for detecting conversations you want to here. At any rate they've had 50+ years of doing this for phones. I'm sure there statisticians have come up with very creative and precise correlation formulas. The problem is bigger than the phone problem, but you also have quite a bit more hardware to process with.

Fishpicker
06-15-2011, 07:13 PM
Does it matter at all to anyone? Really? The CIA website is a portal for information to you, it's not likely an operational capability. In fact there are advantages to having this happen for the CIA, as I mentioned above, you would actually want people to think you're weak when in fact you're strong. So provided they aren't doing any real damage how much does the CIA lose? If you think they are weak then that can be an advantage to them.

Plus there is secondary strategy. One thing about intelligence that has practiced in the real world is the power of misinformation. One could argue that misinformation is infact more powerful than information because it allows you to control what information someone gets.

There's also another security concept here that actually plays into go electron security. One form of it is the honey pot. What I do in the honey pot scenario is that I put out an attractive target and I let you get in. I do this for two reasons, one is to evaluate your capabilities and two is to pass misinformation. One about what my capabilities are and two about any information you find in the honeypot. I control that information.

That's the biggest challenge with fighting this 'war' you will likely never know if you really succeeded or if you were given information they wanted you to have.

Part of strong internet security(or security in general) is to not only have strong defenses but intentional weaknesses. You have areas that are intentionally weak so that you know if someone penetrates them they are definitely attacking you and you sand box them to limit your access. The problem with making everything really strong is that there will always be a weakness and if it's always strong then they will bounce off of it until they find a crack. With intentional weaknesses you give them known cracks sooner. You are hoping they don't realize they've been tricked and waste time in a 'compromised' site you control.

That's all part of any good layered defense. In computers or real life you want strong defenses but you also want booby traps. The best traps are those that seem the most real. The trick will be in telling what is what.

Does this mean they can't get in? Of course not, but it's always hard to say...is this information or is the the information they wanted me to know. That is one of the big challenges with any intelligence game.

http://img535.imageshack.us/img535/197/mostinterestingmanc.jpg (http://imageshack.us/photo/my-images/535/mostinterestingmanc.jpg/)

petegz28
06-15-2011, 07:18 PM
So in other words, they aren't a myth.

for all intents and purposes they are indeed a myth. They are nothing more than additional taxes directly paid by the taxpayer hidden under a cloud title "corporate taxes" and protected by ignorance of the average person.

If people ever stopped to think about how a business works they would quickly realize that every time they call for higher "corporate taxes" they cry for higher prices. Politicians have done an amazing job at exploiting that ignorance.

Chocolate Hog
06-15-2011, 07:21 PM
Why don't they take down sites that people actually visit? Like Facebook?

CrazyPhuD
06-15-2011, 07:33 PM
Why don't they take down sites that people actually visit? Like Facebook?

Honestly it's likely because of the architecture of those websites. They're already designed for massive load so DDOS is unlikely to be affective against them, plus they run hundreds of websevers likely with N different version of the facebook/etc software running at the same time. It's a lot harder to break into multiple webservers than it is to break into one.

For those sites compromised, they are likely either single webservers or a small number all running the same software so the hack against one will likely work against the other. It's quite a bit easier to deface lower traffic websites.

Chocolate Hog
06-15-2011, 07:58 PM
Honestly it's likely because of the architecture of those websites. They're already designed for massive load so DDOS is unlikely to be affective against them, plus they run hundreds of websevers likely with N different version of the facebook/etc software running at the same time. It's a lot harder to break into multiple webservers than it is to break into one.

For those sites compromised, they are likely either single webservers or a small number all running the same software so the hack against one will likely work against the other. It's quite a bit easier to deface lower traffic websites.

Whats the difference between Facebooks network and PS3? You'd think Ps3 would run on a quite a few?

Simplex3
06-15-2011, 08:29 PM
The PS3 network probably runs on less hardware than you think. Facebook on the other hand is probably much larger than you think.

Why one target over another? Why not. Facebook will probably get theirs soon enough.

Simplex3
06-15-2011, 08:51 PM
I should probably clarify: When Facebook gets theirs it won't be because someone takes them down. It will be someone circumventing their security and taking over dozens of high profile Facebook accounts, or they'll get in and delete several thousand accounts, or something like that.

Thinking about the high profile targets on the web:

1. Google and its services: Too distributed to attack directly and have a major effect. You'd really need to find a way do infect the build system of a product and manage to wait long enough for it to push to a large percentage of the servers for that product. Juice isn't worth the squeeze.

2. Facebook: See above.

3. Twitter: Who would notice, it crashes all by itself all the time.

4. Bing: Same as Google.

?

Saulbadguy
06-15-2011, 09:01 PM
major league baseball

BryanBusby
06-16-2011, 01:48 AM
Why don't they take down sites that people actually visit? Like Facebook?

Why would they? Facebook gets them mega publicity and they have nothing to do with the government or the financial industry.

Does it matter at all to anyone? Really? The CIA website is a portal for information to you, it's not likely an operational capability. In fact there are advantages to having this happen for the CIA, as I mentioned above, you would actually want people to think you're weak when in fact you're strong. So provided they aren't doing any real damage how much does the CIA lose? If you think they are weak then that can be an advantage to them.

Plus there is secondary strategy. One thing about intelligence that has practiced in the real world is the power of misinformation. One could argue that misinformation is infact more powerful than information because it allows you to control what information someone gets.

There's also another security concept here that actually plays into go electron security. One form of it is the honey pot. What I do in the honey pot scenario is that I put out an attractive target and I let you get in. I do this for two reasons, one is to evaluate your capabilities and two is to pass misinformation. One about what my capabilities are and two about any information you find in the honeypot. I control that information.

That's the biggest challenge with fighting this 'war' you will likely never know if you really succeeded or if you were given information they wanted you to have.

Part of strong internet security(or security in general) is to not only have strong defenses but intentional weaknesses. You have areas that are intentionally weak so that you know if someone penetrates them they are definitely attacking you and you sand box them to limit your access. The problem with making everything really strong is that there will always be a weakness and if it's always strong then they will bounce off of it until they find a crack. With intentional weaknesses you give them known cracks sooner. You are hoping they don't realize they've been tricked and waste time in a 'compromised' site you control.

That's all part of any good layered defense. In computers or real life you want strong defenses but you also want booby traps. The best traps are those that seem the most real. The trick will be in telling what is what.

Does this mean they can't get in? Of course not, but it's always hard to say...is this information or is the the information they wanted me to know. That is one of the big challenges with any intelligence game.

What the fuck is this shit? There is no secret game or a honey pot. The government got caught with their pants around their ankles and basement dwellers got some laughs. That's all there is to it.

What likely happened was someone at the IT department noticed a lot of incoming packets at once, figured out what was happening quickly and simply took things offline for the time being.

Now if you want some entertainment, follow this. http://twitter.com/#!/th3j35t3r

Some nerdshoe saber rattling has been going on.

teedubya
06-16-2011, 02:47 AM
Ask HBGary Federal how many guys from Anonymous have been arrested.

heh

Jenson71
06-16-2011, 04:24 PM
for all intents and purposes they are indeed a myth. They are nothing more than additional taxes directly paid by the taxpayer hidden under a cloud title "corporate taxes" and protected by ignorance of the average person.

If people ever stopped to think about how a business works they would quickly realize that every time they call for higher "corporate taxes" they cry for higher prices. Politicians have done an amazing job at exploiting that ignorance.

A business attempts to spread the costs of taxation onto the consumers, or the taxpayers, as you point out. But the consumers don't have to purchase that product if they feel the price is too high. A tax is mandatory. Purchasing something from a corporation is not. So it's not really a tax at all.

Brock
06-16-2011, 04:29 PM
A business attempts to spread the costs of taxation onto the consumers, or the taxpayers, as you point out. But the consumers don't have to purchase that product if they feel the price is too high. A tax is mandatory. Purchasing something from a corporation is not. So it's not really a tax at all.

Sure, nobody HAS to buy food, or gasoline, or clothing, etc.

Jenson71
06-16-2011, 04:34 PM
Sure, nobody HAS to buy food, or gasoline, or clothing, etc.

It's not like companies aren't competing with each other anymore just because they have a corporate tax.

Brock
06-16-2011, 04:35 PM
It's not like companies aren't competing with each other anymore just because they have a corporate tax.

No matter if they're competing with each other or not, if you tax them all, the prices go up. They're not paying tax, the consumer is.

Jenson71
06-16-2011, 04:37 PM
No matter if they're competing with each other or not, if you tax them all, the prices go up. They're not paying tax, the consumer is.

I take it your solution is no taxes on businesses?

Brock
06-16-2011, 04:40 PM
I take it your solution is no taxes on businesses?

My solution to what?

Simplex3
06-16-2011, 05:19 PM
No matter if they're competing with each other or not, if you tax them all, the prices go up. They're not paying tax, the consumer is.

Corporate taxes are always paid by the consumer, employees, and shareholders. Which, in the end, are all PEOPLE.

Jenson71
06-16-2011, 05:32 PM
My solution to what?

To the question of whether taxes on businesses are appropriate.

FD
06-16-2011, 05:59 PM
There is some serious misunderstanding of corporate tax incidence going on in this thread. Corporate income tax is not a sales tax, which can be passed on partially to consumers in the form of higher prices, its a tax on profits. When the tax on profits changes, this doesn't change the profit maximizing price or output level, so there is no immediate change in either of these.

In my opinion, the ideal corporate tax rate is probably 0%, but not because it gets passed on to consumers (at least not in a static sense). That's just incorrect.

Brock
06-16-2011, 06:05 PM
To the question of whether taxes on businesses are appropriate.

Appropriate isn't a word I'd use to describe them, but what I'm saying is, whether they are or not, they're a business cost that is amortized into the cost of each and every item sold. They also cause employment to be less than it could be.

Brock
06-16-2011, 06:07 PM
In my opinion, the ideal corporate tax rate is probably 0%, but not because it gets passed on to consumers (at least not in a static sense). That's just incorrect.

It is definitely figured into the price of any item. The profit margin is the profit margin, no matter what.

FD
06-16-2011, 06:15 PM
It is definitely figured into the price of any item. The profit margin is the profit margin, no matter what.

It affects prices the same way any tax on capital, for instance the capital gains tax or estate tax, does, but not in any special way. I think some people are arguing that corporate income taxes increase prices in a more immediate way, which isn't true.

Simplex3
06-16-2011, 08:13 PM
It affects prices the same way any tax on capital, for instance the capital gains tax or estate tax, does, but not in any special way. I think some people are arguing that corporate income taxes increase prices in a more immediate way, which isn't true.

When my corporate taxes go up I raise my rates to my customers immediately.

FD
06-16-2011, 09:21 PM
When my corporate taxes go up I raise my rates to my customers immediately.

Then you're prices were too low before.

Simplex3
06-16-2011, 09:23 PM
Then you're prices were too low before.

No, I explain why they're going up. I sell services, though, not products, so I'm sure it's a bit different.

Brock
06-16-2011, 09:24 PM
It affects prices the same way any tax on capital, for instance the capital gains tax or estate tax, does, but not in any special way. I think some people are arguing that corporate income taxes increase prices in a more immediate way, which isn't true.

No, no. You're wrong. A company knows ahead of time what their tax rate is going to be and estimates their profit at any given price. The price is set by many factors, and the taxes they're going to have to pay is one of them. I don't know what you mean by "any special way". It's no more special than rent, materials, utilities, and manpower. It's a cost, period.

petegz28
06-16-2011, 09:27 PM
A business attempts to spread the costs of taxation onto the consumers, or the taxpayers, as you point out. But the consumers don't have to purchase that product if they feel the price is too high. A tax is mandatory. Purchasing something from a corporation is not. So it's not really a tax at all.


Well, that is good economics there. I mean, people don't buy things because prices are too high and companies go out of buisness and the jobs along with it.

that's a sure-fire plan on making us a competetive economic power if I ever heard one.

FD
06-16-2011, 09:40 PM
No, no. You're wrong. A company knows ahead of time what their tax rate is going to be and estimates their profit at any given price. The price is set by many factors, and the taxes they're going to have to pay is one of them. I don't know what you mean by "any special way". It's no more special than rent, materials, utilities, and manpower. It's a cost, period.

Income taxes aren't like other costs, they are a tax on profits. They don't increase the cost of inputs, labor, etc. The price/output that maximizes profits is based on the company's costs of production and their marginal revenue, neither of which depend on the share of profits taken by the government.

Companies choose their prices to maximize profits, why would that fact change if they keep 100% of the profits or only 10%?

petegz28
06-16-2011, 09:44 PM
No, no. You're wrong. A company knows ahead of time what their tax rate is going to be and estimates their profit at any given price. The price is set by many factors, and the taxes they're going to have to pay is one of them. I don't know what you mean by "any special way". It's no more special than rent, materials, utilities, and manpower. It's a cost, period.

This is exactly right. Businesses figure the cost of taxes into their sales price. It isn't rocket science. If I know I am going to pay 35% on every $ of profit and I need X percent of profit to grow and be successfull I am going to factor in that 35% "cost" into my final sales price. Taxes are definitely viewed as a cost to a company.

If I need 30% profit per unit to maintain business and my cost basis (not including taxes) is .50 per unit I am not going to sell my product or service for .65. Simply due to the fact that 35% of my 30% is going to taxes. I am going to sell my product for .70 to achieve the net 30% I need in profit.

petegz28
06-16-2011, 09:47 PM
Income taxes aren't like other costs, they are a tax on profits. They don't increase the cost of inputs, labor, etc. The price/output that maximizes profits is based on the company's costs of production and their marginal revenue, neither of which depend on the share of profits taken by the government.

Companies choose their prices to maximize profits, why would that fact change if they keep 100% of the profits or only 10%?

Disagree 100%. Profits are what make a company grow. The less profit you have the less you get to reinvest into the company. It's simple.

If I want to grow at X% annually and that means I need Y% in profit then I need to net Y% in profit after taxes, not before.

If I can get some of that via cost reductions then great. Having said that, taxes are a cost. I still have to pay the taxes. They come out of my profit. You can only cut your labor, material and other costs by so much before you have to raise prices to achieve a set profit target.

FD
06-16-2011, 09:54 PM
Disagree 100%. Profits are what make a company grow. The less profit you have the less you get to reinvest into the company. It's simple.

If I want to grow at X% annually and that means I need Y% in profit then I need to net Y% in profit after taxes, not before.

If I can get some of that via cost reductions then great. Having said that, taxes are a cost. I still have to pay the taxes. They come out of my profit. You can only cut your labor, material and other costs by so much before you have to raise prices to achieve a set profit target.

In your hypothetical the company has a set profit target, but in reality the target profit is the highest number possible. The company chooses its prices to maximize profit, and the tax rate on those profits does not affect that.

That said, if its true that a company needs a certain level of profits to grow, then by taxing profits at a higher rate they may not be able to, or even go out of business. This is why corporate income taxes are bad, because they lower the return on capital and discourage investment, which has negative effects on all aspects of society in the long run, but its just not true that companies are able to immediately pass them on to consumers.

petegz28
06-16-2011, 10:03 PM
In your hypothetical the company has a set profit target, but in reality the target profit is the highest number possible. The company chooses its prices to maximize profit, and the tax rate on those profits does not affect that.

That said, if its true that a company needs a certain level of profits to grow, then by taxing profits at a higher rate they may not be able to, or even go out of business. This is why corporate income taxes are bad, because they lower the return on capital and discourage investment, which has negative effects on all aspects of society in the long run, but its just not true that companies are able to immediately pass them on to consumers.

What do you mean "if it's true that a company needs a certain level of profits to grow"?

Call me silly but I don't know of any unprofitable companies that grow and last without turning a profit.

You just made my point though, taxes reduce the return on capital. Return on capital being profit. Profit being the engine that fuels lasting growth.

And any profit made is taxed when it is paid out to shareholders. So it's a double wammy for the Fed Gov. They tax a company on their gross profits then tax the net profits paid out to individuals in the form of dividends or bonuses or whathave you. So they are taxing taxed monies.

petegz28
06-16-2011, 10:10 PM
The whole deal is nothing but a scam...

The Fed prints a $ backed by nothing but faith...

The Fed charges interest to a bank to borrow the money they printed..

The bank lends the money at a higher rate of interest to the retail borrower...

the bank pays taxes on the profits it makes from lending to the borrower...

The bank's sharholders pay taxes on the dividends they receive from the already taxed profits...

The borrower uses the money to start a business...

The borrower pays taxes on the profits of the company...

The shareholders pay taxes on the dividend they receive from the already taxed profits...

That's a pretty sweet gig if you are the Fed and the Fed Gov.

FD
06-16-2011, 10:13 PM
What do you mean "if it's true that a company needs a certain level of profits to grow"?

Call me silly but I don't know of any unprofitable companies that grow and last without turning a profit.

You just made my point though, taxes reduce the return on capital. Return on capital being profit. Profit being the engine that fuels lasting growth.

And any profit made is taxed when it is paid out to shareholders. So it's a double wammy for the Fed Gov. They tax a company on their gross profits then tax the net profits paid out to individuals in the form of dividends or bonuses or whathave you. So they are taxing taxed monies.

No need to tell me, you wont find a harsher critic of corporate taxes than me. They lower economic growth, lower wages, and shift capital inefficiently into low tax jurisdictions.

I was just correcting the people in this thread who thought that, if corporate taxes were raised, companies would or could pass them on to consumers. Its just not true. Consumers would suffer many years later as the effects of lower investment accumulated, but thats a different story then some were making.

petegz28
06-16-2011, 10:19 PM
No need to tell me, you wont find a harsher critic of corporate taxes than me. They lower economic growth, lower wages, and shift capital inefficiently into low tax jurisdictions.

I was just correcting the people in this thread who thought that, if corporate taxes were raised, companies would or could pass them on to consumers. Its just not true. Consumers would suffer many years later as the effects of lower investment accumulated, but thats a different story then some were making.

Well I disagree to an extent that their wouldn't be immediate price increases. They may not be immediate but I don't think they wait quite as long as you say either. I'd say it depends on the individual company. Some will have to raise prices sooer than others.

Jenson71
06-16-2011, 10:51 PM
Well, that is good economics there. I mean, people don't buy things because prices are too high and companies go out of buisness and the jobs along with it.

that's a sure-fire plan on making us a competetive economic power if I ever heard one.

I'm not sure what you're going on about. When prices are too high, I've been taught that a hand that nobody sees but everyone feels reaches into the system.

Chocolate Hog
06-16-2011, 11:24 PM
I'm not sure what you're going on about. When prices are too high, I've been taught that a hand that nobody sees but everyone feels reaches into the system.

They do until government gets involved.

pr_capone
06-16-2011, 11:48 PM
Here's a question? Do you think that going to an internet Cafe or a neighbors open wifi provides any real security? I'll give you a hint, it doesn't not one bit, not unless you are effectively switching internet cafes every time you access the internet. Not only that you have to be switching cities every time. If you want to stay safe you need to always be moving and the farther you move the safer you are. If you develop any pattern at all you'll get tracked and found.

I, someone who has not actively participated in that kind of activity in (enter the proper number of years to match the statute of limitations), can create a connection that bounces off half the world before it leads to me. One does not need to physically relocate to different parts of the world in order to avoid detection.

Even if you are successful at constantly moving and avoiding being in any one place at any time, that still may not protect you, because with enough resources, all they have to do is create a tracking virus that propagates throughout the network looking for specific machine signatures, but taking no negative action. Think stuxnet but set to look for an find a specific machine signature. Now not only do you need to to be constantly moving, but you also need to be constantly changing your hardware and/or attack style because if you don't they can track you by finding you hardware or characteristics. Even when you replace machines you better not have any consistent hardware patterns or trends or you better steal all of your hardware.

Track hardware signatures?!?!?! If you mean a mac address, do you realize how incredibly easy it is to spoof a new one?

And what network exactly are they gonna dump this virus into? The internet? Or do you think that Anon has some sort of internal network set up?

In short if they want to find you, you will be found, about the only thing that might protect you is if you are a state sponsored hacker. Even then it will be iffy. As for extradition treaties again, the only states where that might be relevant is russia and or china. Everyone else will give you up without even thinking about it from either economic rewards or because they are an ally. Even in places that you can't get extradited do you think that protects you that much? If you're a PITA and can be tracked, you'll just disappear.

:spock:

The only question is the amount of resources it takes to find you, not the question of whether you can be found. Right now they are a nuisance so it's not worth the resources to really track them down. But become a threat and the value of spending the resources goes up. You also don't need to take out all of anonymous, you only need to take out the command and control network plus likely no more than the top 1% of hackers. Most hackers aren't very good, the good ones are the only ones you really need to worry about and those are pretty few and far between.

http://i.imgur.com/sXtpE.jpg

CrazyPhuD
06-17-2011, 04:23 AM
I, someone who has not actively participated in that kind of activity in (enter the proper number of years to match the statute of limitations), can create a connection that bounces off half the world before it leads to me. One does not need to physically relocate to different parts of the world in order to avoid detection.



Track hardware signatures?!?!?! If you mean a mac address, do you realize how incredibly easy it is to spoof a new one?

And what network exactly are they gonna dump this virus into? The internet? Or do you think that Anon has some sort of internal network set up?


Well while I am sure reading is not one of your particular strong points, you would find many of the responses above. You would be unwise to underestimate the potential threat the NSA can bring to the table if they so choose. Just because you don't believe things are possible does not mean that they aren't. Most everything I've mentioned isn't rocket science, the big issue is being able to filter all of the data you get and having the resources to get the data. The NSA is not lacking in resources, and from some of the former math wonks and statisticians I've met, these guys are no slacks. I know some pretty high caliber security researchers and they have some wild ways to attack 'secure' and anonymous networks and can track some of what is believed untraceable. Resources are usually what they lack from practicality sake. Again not something the NSA lacks. Economics says the real pros are going to be where the money is, which means most of your 'elite' hackers will either be organized crime, intelligence services, foreign companies or straight mercs.

But hey feel free to disbelieve if you want I'm sure you done you're fair share of hacking in the 'day'. Hey you may even have your own captain crunch whistle. But all that's good for now is an A+ cert with a couple gold stars on it. But I think this is about all for this thread for me. Ive wasted enough time and have far more things to do.