Apparently the masses are spreading the word, in what looks like a people's movement against corruption. CBS8 reported a mysterious serial graffiti that appeared on the boardwalk near Mission Beach, San Diego. The crude stencil graffiti read #ANtiSec, The Anti-Sec Revolution and AntiSec! along with a LulzSec Mascot.
Hardly a day has passed since LulzSec announced Operation Anti Security. To increase efforts, we are now teaming up with the Anonymous collective and all affiliated battleships, they had written in a post uploaded on Pastebin.
The post continued: Welcome to Operation Anti-Security (#AntiSec) - we encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word AntiSec on any government website defacement or physical graffiti art, the post read. LulzSec encouraged people to spread the word of AntiSec far and wide, for it will be remembered.
The latest news from Lulzboat is that they have taken down yet another government website. Serious Organised Crime Agency (SOCA), a non-departmental public body of the Government of the United Kingdom and a national law enforcement agency in the United Kingdom, has been attacked and is yet to be back online.
Immediately after the SOCA security breach, twelve hours ago, LulzSec tweeted: Tango down - soca.gov.uk - in the name of #AntiSec
They continued: Later we'll unleash fire on multiple targets. That last one is down depending on which area you're from. Lulz Cannon is being upgraded.
Apparently LulzSec's partner is the Operation Anti-Security, Anonymous has also been making progress but no clear information is available yet. LulzSec tweeted: We hear our #Anonymous brothers are making progress with #AntiSec, we also have reports of many rogue hacker groups joining in. :D
LulzSec thanked the supporters who have assisted in leaks. They said Like @WikiLeaks, our sources remain anonymous. Leak payloads are being decided now.
Our next step is to categorize and format leaked items we acquire and release them in #AntiSec payloads on our website and The Pirate Bay, LulzSec wrote on Twitter moments ago.
Reactions from people across the web have been varied. A user wrote that DDoS attacks from LulzSec don't account to security breaches, simply because there is no breaking in involved. Everyone is vulnerable to saturation attacks. Everyone. Claiming that the CIA should be embarrassed because someone with more bandwidth than they had took them down is like saying a person should be embarrassed because they got beat up by five larger individuals. Sometimes, there is nothing you can do other than accept the fundamental laws of physics.
A netizen under the name Security Curmudgeon wrote in support of LulzSec: Parameter tampering should not exist in any application, especially banking, yet it does. Citi is a company that spends a ridiculous amount of money on third-party auditing of their applications, yet this somehow slipped through the cracks. How long must we stand on soapboxes and demand better security? How long must we play the responsible disclosure game to vendors that don't learn from their mistakes? At what point can researchers finally be absolved of the responsibility and burden of caring about security when the vendor doesn't?
Brian Honan of Security Watch wrote: If you were to equate this to real life it would be similar to someone breaking into your house and leaving a note on your kitchen table to tell you that the lock on your front door was weak and while they are at it, taking some private information and posting it on a notice board for everyone to see.