The most interesting thing to me was the evidence posted that other hackers had already penetrated these systems, which I guess goes without saying when you have little to no security in place.<p>Many many years ago when I was younger and playing with buffer overflows and learning shellcode, I'm not saying that I'm proud of this either, but in my journeys I had breached a couple of online retailers, had full access to their databases and internal networks.. of course I alerted them via anonymous e-mails, but what always struck me was the amount of times that I encountered files from 'hackers' just saying that they were here or what have you. Many of them just placing files because they couldn't transverse the NAT, and others who had uploaded ftp scripts but had typos in them so the scripts didn't get deleted like they had planned. Evidence of crimes and theft laying all over the internal network for months or years, and nobody finding it.<p>At some point it's hard not to side with people like ghostshell, because when you're supposed to be responsible for important information, but have seemingly no interest in protecting it, at some point the system is bound to fall apart.<p>I'm reminded of something I read posted by l0pht, way back when, and they just said how much better they were than everyone else because they had jobs at burger king and were dedicated to spending all of their time penetrating networks while their opponents were a bunch of overpaid nobodies who hated their jobs and overall really didn't care, and that they would always win.<p>I think that still holds true today.
Wouldn't a better "protest" have been to delete all the databases. That would harm the people responsible for the problem in the first place.
What happened to hacker ethics? Screw over 39 million people to protest the sorry state of the security of a service they have been using?<p>Back in the good old days one would have secured the systems instead of harming the victims again.<p>GhostShell, please stay away from IoT or connected medical devices, I'm afraid you'll kill people just to make a point every security professional already understands.
Here's another classic team GhostShell zine<p><a href="http://pastebin.com/raw/tEX6yGX6" rel="nofollow">http://pastebin.com/raw/tEX6yGX6</a>
> The size of the downloadable cache alone puts it at one of the largest breaches this year -- but it could have been far larger, given time and resources.<p>> "The worst part is that this is barely a fraction of what I could get my hands on," the hacker said.<p>So why didn't GhostShell release everything he could get his hands on?