“Good drama must be drastic”23
It was Super Bowl Sunday, February 6, 2011. Millions of Americans were glued to the tube watching overgrown bulky men pounce on each other for the purpose of kicking a ball through two goal posts. Aaron Barr might well have been one of those Americans, but any such plans were overshadowed; he had been brutally hacked. His Twitter account, hijacked, spewed forth the most abject racist and degrading statements possible in 140 characters, along with his social security number and home address. Countless unflattering photo-shopped images of Barr were circulated. His emails, including personal ones replete with embarrassing details of marital troubles, were posted on the Pirate Bay.
In the midst of it all, he logged onto the AnonOps IRC server and was invited to a dedicated #ophbgary channel. Barr accepted:
CogAnon ([email protected]) has joined #ophbgary
: Ohai CogAnon
: Enjoying the Superbowl, I hope?
This brief visit on Sunday, February 6, was the preamble to a more epic conversation that would take place later that same day. The chat that followed has become one of the most viewed IRC logs in history. IRC represents a zone of freedom and autonomy on an Internet dominated by private interests. When you gather dozens, sometimes hundreds, of people together and give them license to say whatever they want as whoever they claim to be, it is only natural that humor, wit, drama, and some chaos will follow. If the world’s a stage—and all the geeks, hackers, and sleazy InfoSec hacks are merely players—then what does that make the Internet? A play within a play, written in real time, with each player contributing line by line? They have their exits and their entrances but nothing is known in advance. The output even looks like a screenplay. The difference is that it is populist, participatory, and improvisational in character with real-world stakes and implications.
Act One
The play we are about to watch owes its existence in part to Barrett Brown. Late Sunday evening he bought good tidings in #ophbgary—a channel whose purpose was to discuss and celebrate the hack:
Sabu pitched the following suggestion:
At this point, it was public knowledge that Anonymous had been on a hacking spree against HBGary Federal and HBGary. Sabu’s suggestion seemed like a taunt, not a real request. After all that had unfolded, it didn’t seem plausible that Penny Leavy, the president of HBGary, would plunge into the epicenter of the rat’s nest currently at work clawing her company apart. But that is exactly what she did. Sabu initiated the exchange by reminding her of the uncomfortable facts:
She rose to Aaron Barr’s defense:
According to the leaked emails, there were no plans to reach out to law enforcement, much less sell the data to them. However, recall that Anonymous read an email exchange where Barr had claimed point blank to his programmer, “I will sell.” Anonymous devised an on-the-fly-IRC financial plan of its own, a Robin Hood–esque blackmail proposal:
Meanwhile, in Brown’s abode, the phone rang. On the other end of the line was none other than Barr. They proceeded to have a courteous eleven-minute exchange (Brown recorded the conversation and subsequently uploaded it online). There was some uncertainty regarding just what it was HBGary intended to do with the data. Barr, whose voice bore no trace of sourness, fear, or even anger, confidently introduced himself: “I am a federal contractor working mostly in the security space.” Anticipating a question about motives, Barr claimed point blank, “I never planned to sell the data to the FBI.” Again, the emails support Barr on this point—there is no evidence that he had contacted the FBI. But he was certainly seeking to profit in some manner by gathering these correlated names and “outing” Anons, as he put it—presumably any number of embattled organizations would be interested in ascertaining the identity of their assailants. Regardless of the eventual outcome, the mere existence of such a file was received as an ominous threat by the Anonymous community at large.
To Brown, Barr presented a very different rationale, claiming his overarching agenda was to demonstrate the weaknesses of social media and expose the hierarchy behind the hive. “There is definitely a structure,” he said. Brown assented to some degree—“I agree a few dozen people set the pace”—but he noted that many of the names were wrong. “I never purported it was 100 percent accurate,” Barr insisted, even in his conversation with the Financial Times. “The reporter writes what he wants to write.” Barr reminded Brown that he was still planning to meet with the FBI the following morning, noting that “It is going to be out of my hands.”
Leaked emails indicate that Barr and his colleagues had, indeed, given great thought—just that day—to the question of releasing the names to the FBI. Ted Vera, the president and COO of HBGary Federal, finished off the chain in favor of withholding:
You could end up accusing a wrong person. Or you could further enrage the group. Or you could be wrong, and it blows up in your face, and HBGary’s face, publicly. The hint of you having their true names is enough. No need to release names publicly. You meet with FBI tomorrow. I doubt they’ll share much, but they may informally or inadvertently vet some of your findings.
; Anonymous, on the other hand, had no qualms and released the document listing all the names.
As he had done with Leavy, Brown tried to lure Barr online. “They would like you to come. I will try to keep things productive,” Brown told him. Barr, having already logged on earlier in the day, resisted, and so Brown, in his Texan drawl, switched strategies. “I understand you have had a rough day,” Brown said. “You have been picked on. Again, it was not my doing—though I can’t say I disapproved of it, because we are here to protect ourselves and our interests here.” By the end of the phone conversation, it remained unclear whether Barr was convinced to return for a second round.
Off the phone and back on IRC, Brown, an avid gamer, proclaimed that he was done with “this silliness” and announced his intention to “play some Fallout: New Vegas.” But first, as Anonymous made successive demands, Brown offered a characteristic gesture of empathy toward Leavy:
Act Two
As Penny exited the stage, Greg Hoglund entered, physically replacing her at the computer:
Penny is now known as greg
: epic success
Before Anons resumed their interrogation, they paused for a self-congratulatory moment:
<`k>: Greg have you ever heard of ssh keys? [ssh keys referring to encryption technology]
: that’s a good one
: :)
: what a security company you are
There was a noticeable pause as Greg looked at the paste site, where a log of the leak was detailed. He quickly apprehended the full seriousness of the situation:
<`k>: greg we got everything
“We got everything.” Had this play been staged, Hoglund would have, at this point, probably embarked on a soliloquy bemoaning his fate—or, at minimum, conveyed some degree of facial horror. Hoglund must have realized his options were limited. But if you can’t trick the tricksters, one can always appeal to reason … maybe?
Would his honest appeal work? With the reappearance of another lead, we are ushered into the play’s final act.
Act Three
CogAnon entered the room.
Hoglund took a moment to dissociate himself from Barr:
<`k>: hahaha they’re all here
Thanks to the emails, we know Hoglund’s claims here are mostly hot air—Barr was a respected, central member of the HBGary management team:
From: Greg Hoglund
To: [email protected]
Subject: Welcome Aaron Barr and Ted Vera to the HBGary management team!
Date: 2009-11-23
I am extremely excited to announce that Aaron Barr and Ted Vera have joined the HBGary team! Ted and Aaron will operate and lead HBGary Federal, a wholly owned subsidiary of HBGary, with a focus on contracting in the government space. They are very experienced and most recently built a $10 million/year business at Northrop Grumman. Both have won and lead multi-million dollar development projects and managed substantial teams. We have known Aaron and Ted for more than 5 years. These two are A+ players in the DoD contracting space and are able to “walk the halls” in customer spaces. Some very big players made offers to Ted and Aaron last week, and instead they chose HBGary. This reflects extremely well on our company. “A” players attract “A” players. Aaron will take position as CEO of HBGary Federal, and will be operating out of the DC area. Ted will take position as President and COO of HBGary Federal, and will be operating out of Colorado Springs. Welcome aboard!—Greg Hoglund
CEO, HBGary, Inc.
Hoglund then changed tack, appealing to Anonymous’s supposed sense of self-preservation:
[…]
Brown, taking a break from his game, issued a reminder:
BarrettBrown: he’s still meeting with FBI at 11 tomorrow, remember c0s: That is the thing that bothers me the most.
Sabu: he literally picked out random people from facebook and connected it to irc nicks
BarrettBrown: and will no doubt discuss me personally
As anger erupted around him, Barr still did not concede:
With so much said, Barr had had enough:
One of the benefits of watching an Internet play is that no one knows what will happen next, and you can talk as much as you want without disturbing anyone. By now, it was well known that I was the resident anthropologist. An Anon sent me a private message asking me to reflect on the moment:
Hacker, Hoaxer, Whistleblower, Spy Page 22