Is This The Girl That Hacked HBGary?

This could very likely be a carefully (and cleverly constructed) identity.<p>This girl might not exist; but because we all really really want a <i>16 year old girl</i> to be the hacker the discrepancies are glossed over (the art of a good lie is not giving too much detail and letting other people's imagination fill the gaps).<p>On the other hand the personality strikes me strongly as female, so if it is an facade it is a very well constructed one, which the imposter empathises with.<p>But, on the whole, the setup "feels" wrong (and I tend to trust my instincts in such matters).

My bs meter was high for a number of reasons. This paragraph was the most notable:<p>"Meanwhile she refuses to be chained to her computer, limiting herself to a few hours a night online. She rarely visits online forums "they’re boring"and a few days a week takes a course in college to further her goal of being a teacher. She lives in an English-speaking country not the U.K.but won’t say more about it"<p>So the previous paragraph stated she was "memorizing Windows Opcodes and scouring source code for exploitable bugs", but then suddenly she only spends a few hours online? Not likely. Most hardcore hackers I know don't just drop off the radar. The hunt to break into systems is like a drug. I have yet to read about, or know any hacker who simply spends a few hours online a day. At the speed internet security moves, this person's knowledge would be useless inside of 6 months.<p>Also, how does this person maintain her expert hacker knowledge with a few cursory hours a day on the internet? Literally impossible. Add in the admission she deletes all her emails and wipes all her drives clean? Really? Does this person memorize every line of code she uses then?<p>My conclusion? A carefully crafted profile of an Anon personality. Although I have no doubt this person probably exists, it certainly is not a 16 year old girl, and a majority of the information in the article is total BS. When you apply some very basic logic, the story just falls apart.

<i>Dad allegedly showed her how to find bugs in C source code and exploit them. It was all harmless and Kayla had only been using the Internet to talk to friends on MSN. But she began looking into hacking, and learned scripting languages like Perl...</i><p>I've always known C was just a gateway to the dangerous stuff.

<i>Each night she wipes every one of her web accounts and deletes every email in her inbox. She has no physical hard drive and boots her computer from a microSD card. “I could hide this card anywhere or chew into a million pieces in a few seconds,” she says by e-mail. She keeps her operating system on a USB stick and uses a virtual machine (VM) to carry out her online shenanigans.</i><p>And people call <i>me</i> paranoid. :)

Wait, Forbes actually linked to <a href="http://encyclopediadramatica.com/Lulz" rel="nofollow">http://encyclopediadramatica.com/Lulz</a> ? HAH.

Is the phrase "Windows Opcodes" (from the article) a subtle troll on the part of "k" or a journalistic goof? I'm no programmer by any stretch, but that phrase jumped out at me as phony. I know there are system calls for operating systems, and opcodes are processor instructions, so this use of the term raised my b.s. meter a notch.

I'm not particularly close to this issue, but the sexism I'm seeing here is pretty astounding. If this were a 16 year old guy, no one would bat an eyelid. Seriously.<p>Look at Mafiaboy back in 2000 -- he took down Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN. I'm not even sure that he was 16 yet (I don't have his age offhand).<p>Is this a crazy and possibly fake story? Of course. Does that mean that it can't be true? Not by a long shot.<p>I work in information security, and at 16 knew a hell of a lot about SQL injection, buffer overflows, cross site scripting and oodles of other vulnerability classes. This girl didn't work alone, but part of a hacker group -- to me, it seems totally feasible.<p>I'm not saying that we should take every word an anonymous "16 year old girl" says on the Internet as absolute fact, but discounting this attack because it seems like a girl couldn't pull it off seems sexist and wrong. Again, if this were some pimply-faced male high schooler, no one would bat an eye.

Using the quotes from the article, however too few words to analyze properly, so inconclusive, but still...<p>From <a href="http://www.hackerfactor.com/GenderGuesser.php" rel="nofollow">http://www.hackerfactor.com/GenderGuesser.php</a><p>Genre: Informal Female = 171 Male = 182 Difference = 11; 51.55% Verdict: Weak MALE<p>Weak emphasis could indicate European.<p>From <a href="http://bookblog.net/gender/analysis.php" rel="nofollow">http://bookblog.net/gender/analysis.php</a><p>Female Score: 94 Male Score: 133<p>The Gender Genie thinks the author of this passage is: male!

This is Anonymous we're talking about. Isn't "16 year old girl" a well-known colloquialism on 4chan, normally used to convey the stereotype of a middle-aged, balding geek still living in his parent's basement who likes to use fake online personas? Forbes got trolled in a monumental fashion.

Whoever it is, they are a genius of deception. Check this out: <a href="http://pastebin.com/tSiQevxe" rel="nofollow">http://pastebin.com/tSiQevxe</a><p>Kayla first asks for root password using two passwords that she already has but might not necessarily be the root one. She also already knows that remote root isn't allowed. This way:<p>1) She'd get the root password e-mailed to her if it wasn't one of those two. "No, it's not those, it's '&#60;password&#62;'."<p>2) She sets up her point of entry.<p>Great stuff.

so she goes to extraordinary lengths to coverup her online activity, but grants an interview to a national news outlet where she divulges a large part of her personal history?<p>obvious troll is obvious

This story reminds me Hit-Girl and Big Daddy from Kick-Ass movie.

If the government is going after these people it should be for one reason only - to hire them. Maybe with this kind of talent working together we could find out where rogues like OBL are hiding.

I think the reason people keep saying she is fake is because they don't want to believe someone so young is capable of doing what she did. I've spoken to her via email and she said she doesn't care what people think about her, shes going to do what she does regardless and she has my full support.<p>Maybe instead of asking questions about her here, you ask her like i did?<p>kayla@anonleaks.ch<p>If she really is who she said she is that's one smart kid!

Soon you are not going to know if anyone that you interact with online is who they say they are. The Pentagon has awarded a contract to a Silicon Valley company to develop software that creates fake personas that can then influence the "conversation" by spreading US propaganda. Each operator will be able to create up to 10 "personas". A friend just sent me a link about the Pentagon's decidedly Orwellian "sock puppet" software:<p><a href="http://www.guardian.co.uk/technology/2011/mar/17/us-spy-operation-social-networks" rel="nofollow">http://www.guardian.co.uk/technology/2011/mar/17/us-spy-oper...</a>

&#62;By the time Kayla was 14 she could fully program C and x86 assembly.<p>FML, I have a CS degree and still can't program ASM.

If you're going to pick a fake identity would you pick one that would get you attention like this? Seems like a fake identity but not sure it's the best one.

&#62; In December 2008, she wrought havoc on one of the most famous forums of all, 4chan’s notorious /b/ channel, finding and exploited an SQL injection bug on its content management system, hacking in and causing mayhem on the forum for a few hours.<p>I don't remember any such exploit. You could produce that image by posting a lot.

Forbes is being trolled.

Since the girl is a person and not a thing, it should be "... girl <i>who</i> hacked hbgary". r11t copied the mistake from Forbes-- How do national magazines make grammatical errors like this? Don't these people have editors who at least earned a passing grade in middle school English?

Ways they track you:<p>1. Using same computer that connects via phone, wireless, etc and than using any email service. 2. Machine characteristics since they cannot get the machine ID they go for the next best digital finger print ..ie operator grammar/typos..cpu speed, ram size, etc. 3. Websites have visitor logs..the track back to you eventually gets fleshed out.<p>I think the Forbes article writer got played..

If this is true lol, it makes me feel small haha. Kudos to omg@ Kayla (if she exists lol) = D lol hehe rofl omg