Hello! You must login or signup first!

Goatse_security_logo

Submission   42,296

About

GNAA [1] (Gay N****r Association of America) is an online trolling collective known for attacking bloggers, Internet celebrities and prominent websites. Several members of the group later founded the hacker collective Goatse Security which gained notoriety for its involvement in an AT&T data breach that exposed personally identifiable information of 114,000 iPad users.

Online History

The Wikipedia entry[2] claims that the GNAA was founded in 2002 and was named after the 1992 Danish satirical blaxploitation film Gayn****s from Outer Space. The organization was founded with the intention to “sow disruption on the Internet,” according to the book Blog Theory: Feedback and Capture in the Circuits of Drive[3] by Jodi Dean.

TM CINIAA

On June 26th, 2004, the Apple product news blog MacRumors[11] published a post including faked screenshots of the upcoming Mac OS X 10.4 (Tiger) operating system, which were submitted by two members of the GNAA identifying themselves as "Gary Niger" and "Ron Delsner." On August 12th, 2005, Wired[12] published an article titled "Max Hacks Allow OS X on PCs," reporting that hackers had managed to create a version of Mac OS X for PC processors. The following month, the GNAA released an ISO image claiming to be a version of the operating system and on June 15th, the tech news blog Gizmodo[13] published an article revealing the file caused a machine to boot to a picture from the Goatse.cx shock site.

Goatse Security

The Goatse Security, sometimes known as GoatSec, is a hacker group that specializes in publicizing security flaws discovered by its members, including Andrew "Weev" Auernheimer. The group, which derived its name from the Goatse.cx shock site, gained much notoriety in June 2010 for its involvement in a high profile AT&T data breach in which they obtained personal ID information of 114,000 iPad users.

GONTSE SECURITY GAPNG HoLES EXPOSED TH

Highlights

Tumblr Dashboard Hack

On December 3rd, 2012, GNAA reportedly discovered a way to spam its worm-ridden blog post targeting Tumblr users and "emo kids" across the microblogging service Tumblr, infecting thousands of accounts for individual bloggers as well as news publications. According to the Daily Dot's exchange with a member of the group who identified himself as “Leon Kaiser” and the group’s “head of public relations," the malicious post may have affected as many as 6,000 unique accounts on the site in the span of few hours since its launch in the morning.

Dearest Tumblr' users We hae taken the liberty of upgrading your (rather tasteless, we must say) blog to our premier GNAA Deluxe Gary Niger (pictured to the left) Signed Edition! This is in response to the seemingly pandemic growth and world-wide propagation of the most F------ WORTHLESS, CONTRIVED, BOURGEOISIE, SELF CONGRATULATING AND DECADENT B------- THE INTERNET EVER HAD THE MISFORTUNE OF FACILITATING. However, we do not believe you are beyond redemption! All you have to do is DRINK BLEACH AND DIE YOU EMO, SELF-INSISTING, SELF-DEPRECATING, SELF-INDULGENT EMPTY HUSKS OF HUMAN BEINGS. REPEAT AFTER ME: I WISH I WAS PROFOUND, BUTIM NOT! I WISH I WAS ORIGINAL, BUTIMNOT! I WISH MYIMPENDING DEATH WAS OF ANY CONSEQUENCE, BUTIT IS MOST CERTAINLYNOT! Your last chance for redemption hinges upon your death; your death which was most fortunately prescribed by your most unfortunate birth. Fret not, dear emo, your death will be regarded as a sacrifice to humanity; to die a martyr is a glorious death, and will likely be your highest contribution to society SHOUTZ: LITERALKA - DOLPHIN/DZL - BERRY/BRR- RORY -INFID3L INCOG P.S. Attempting to delete these posts will delete your tumblr account ;] But, by all means, go ahead! CINIAA

Targeting the site's prominent youth and teenage userbase, the lengthy message spawned a copy of the post on any user's dashboard when clicked upon and warned the reader against removing the post. As the post continued to spread on the site, many users began advising those with infected accounts that they can easily remove the worm by ignoring the warning and deleting the said post from the dashboard.

Goatse Security Hacks

Web Browser Exploits

On January 30th, 2010, the tech news blog Softpedia[4] published a post titled "Firefox Bug Used to Harass Entire IRC Network," which reported that the GNAA had written a script exploiting a vulnerability in the Firefox web browser which would cause visitors to spam the Freenode Internet Relay Chat (IRC) server. On March 23rd, Goatse Security member Andrew Auernheimer posted information on how to perform a Safari browser exploit to the Internet culture database Encyclopedia Dramatica,[6] which would allow the user to access blocked ports by adding the number 65,536 to the port number. Apple patched the glitch in the desktop version of the browser but did not update mobile versions, which could allow hackers to cause harm to Apple's mobile devices according to Goatse Security.[7]

2010: AT&T Data Breach

On June 9th, 2010, Gawker[5] published an article titled "Apple's Worst Security Breach: 114,000 iPad Owners Exposed," which reported that the information of CEOs, military officials and politicians had been leaked due to a vulnerability in the AT&T network. The article went on to reveal that iPad subscriber data had been obtained by Goatse Security on AT&T's website, which was accessible to anyone on the Internet prior to the group's exploit. To obtain the emails, Goatse Security used a PHP-based "brute force" script to send HTTP requests with a valid subscriber identity module to the AT&T website, which would in turn reveal the email address associated with the ID. The leak sparked a debate about the proper way to disclose security flaws, which was reported by The Wall Street Journal[8] in an article titled "Computer Experts Face Backlash" on June 14th. The article quoted former Electronic Frontier Foundation Civil Liberties Director Jennifer Granick, who defended Goatse Securities tactics:

"I don't have a problem with what they did. No one was put at a risk as a result of it"

The same day, Tech Crunch[9] founder Michael Arrington announced that the tech news blog would be giving the group a Crunchie award for public service for exposing that AT&T security flaw. On June 15th, Cnet[10] announced that Goatse Security member Andrew Auernheimer had been detained after the FBI invaded his home and found illegal drugs. On November 20th, 2012, Auernheimer was found guilty of conspiracy to access a computer without authorization and identity fraud.

Search Interest

External References



Share Pin

Recent Images 4 total


Recent Videos 0 total

There are no recent videos.




Load 25 Comments
GNAA / Goatse Security

GNAA / Goatse Security

Updated Sep 30, 2024 at 12:29PM EDT by Don.

Added Nov 28, 2012 at 07:02PM EST by Don.

PROTIP: Press 'i' to view the image gallery, 'v' to view the video gallery, or 'r' to view a random entry.

This submission is currently being researched & evaluated!

You can help confirm this entry by contributing facts, media, and other evidence of notability and mutation.

About

GNAA [1] (Gay N****r Association of America) is an online trolling collective known for attacking bloggers, Internet celebrities and prominent websites. Several members of the group later founded the hacker collective Goatse Security which gained notoriety for its involvement in an AT&T data breach that exposed personally identifiable information of 114,000 iPad users.

Online History

The Wikipedia entry[2] claims that the GNAA was founded in 2002 and was named after the 1992 Danish satirical blaxploitation film Gayn****s from Outer Space. The organization was founded with the intention to “sow disruption on the Internet,” according to the book Blog Theory: Feedback and Capture in the Circuits of Drive[3] by Jodi Dean.


TM CINIAA

On June 26th, 2004, the Apple product news blog MacRumors[11] published a post including faked screenshots of the upcoming Mac OS X 10.4 (Tiger) operating system, which were submitted by two members of the GNAA identifying themselves as "Gary Niger" and "Ron Delsner." On August 12th, 2005, Wired[12] published an article titled "Max Hacks Allow OS X on PCs," reporting that hackers had managed to create a version of Mac OS X for PC processors. The following month, the GNAA released an ISO image claiming to be a version of the operating system and on June 15th, the tech news blog Gizmodo[13] published an article revealing the file caused a machine to boot to a picture from the Goatse.cx shock site.

Goatse Security

The Goatse Security, sometimes known as GoatSec, is a hacker group that specializes in publicizing security flaws discovered by its members, including Andrew "Weev" Auernheimer. The group, which derived its name from the Goatse.cx shock site, gained much notoriety in June 2010 for its involvement in a high profile AT&T data breach in which they obtained personal ID information of 114,000 iPad users.


GONTSE SECURITY GAPNG HoLES EXPOSED TH

Highlights

Tumblr Dashboard Hack

On December 3rd, 2012, GNAA reportedly discovered a way to spam its worm-ridden blog post targeting Tumblr users and "emo kids" across the microblogging service Tumblr, infecting thousands of accounts for individual bloggers as well as news publications. According to the Daily Dot's exchange with a member of the group who identified himself as “Leon Kaiser” and the group’s “head of public relations," the malicious post may have affected as many as 6,000 unique accounts on the site in the span of few hours since its launch in the morning.


Dearest Tumblr' users We hae taken the liberty of upgrading your (rather tasteless, we must say) blog to our premier GNAA Deluxe Gary Niger (pictured to the left) Signed Edition! This is in response to the seemingly pandemic growth and world-wide propagation of the most F------ WORTHLESS, CONTRIVED, BOURGEOISIE, SELF CONGRATULATING AND DECADENT B------- THE INTERNET EVER HAD THE MISFORTUNE OF FACILITATING. However, we do not believe you are beyond redemption! All you have to do is DRINK BLEACH AND DIE YOU EMO, SELF-INSISTING, SELF-DEPRECATING, SELF-INDULGENT EMPTY HUSKS OF HUMAN BEINGS. REPEAT AFTER ME: I WISH I WAS PROFOUND, BUTIM NOT! I WISH I WAS ORIGINAL, BUTIMNOT! I WISH MYIMPENDING DEATH WAS OF ANY CONSEQUENCE, BUTIT IS MOST CERTAINLYNOT! Your last chance for redemption hinges upon your death; your death which was most fortunately prescribed by your most unfortunate birth. Fret not, dear emo, your death will be regarded as a sacrifice to humanity; to die a martyr is a glorious death, and will likely be your highest contribution to society SHOUTZ: LITERALKA - DOLPHIN/DZL - BERRY/BRR- RORY -INFID3L INCOG P.S. Attempting to delete these posts will delete your tumblr account ;] But, by all means, go ahead! CINIAA

Targeting the site's prominent youth and teenage userbase, the lengthy message spawned a copy of the post on any user's dashboard when clicked upon and warned the reader against removing the post. As the post continued to spread on the site, many users began advising those with infected accounts that they can easily remove the worm by ignoring the warning and deleting the said post from the dashboard.

Goatse Security Hacks

Web Browser Exploits

On January 30th, 2010, the tech news blog Softpedia[4] published a post titled "Firefox Bug Used to Harass Entire IRC Network," which reported that the GNAA had written a script exploiting a vulnerability in the Firefox web browser which would cause visitors to spam the Freenode Internet Relay Chat (IRC) server. On March 23rd, Goatse Security member Andrew Auernheimer posted information on how to perform a Safari browser exploit to the Internet culture database Encyclopedia Dramatica,[6] which would allow the user to access blocked ports by adding the number 65,536 to the port number. Apple patched the glitch in the desktop version of the browser but did not update mobile versions, which could allow hackers to cause harm to Apple's mobile devices according to Goatse Security.[7]



2010: AT&T Data Breach

On June 9th, 2010, Gawker[5] published an article titled "Apple's Worst Security Breach: 114,000 iPad Owners Exposed," which reported that the information of CEOs, military officials and politicians had been leaked due to a vulnerability in the AT&T network. The article went on to reveal that iPad subscriber data had been obtained by Goatse Security on AT&T's website, which was accessible to anyone on the Internet prior to the group's exploit. To obtain the emails, Goatse Security used a PHP-based "brute force" script to send HTTP requests with a valid subscriber identity module to the AT&T website, which would in turn reveal the email address associated with the ID. The leak sparked a debate about the proper way to disclose security flaws, which was reported by The Wall Street Journal[8] in an article titled "Computer Experts Face Backlash" on June 14th. The article quoted former Electronic Frontier Foundation Civil Liberties Director Jennifer Granick, who defended Goatse Securities tactics:

"I don't have a problem with what they did. No one was put at a risk as a result of it"

The same day, Tech Crunch[9] founder Michael Arrington announced that the tech news blog would be giving the group a Crunchie award for public service for exposing that AT&T security flaw. On June 15th, Cnet[10] announced that Goatse Security member Andrew Auernheimer had been detained after the FBI invaded his home and found illegal drugs. On November 20th, 2012, Auernheimer was found guilty of conspiracy to access a computer without authorization and identity fraud.

Search Interest

External References

Recent Videos

There are no videos currently available.

Recent Images 4 total


Top Comments

Zer0
Zer0

>GNAA was founded in 2002 and was named after the 1992 Danish satirical blaxploitation film Gayniggers from Outer Space. The organization was founded to troll prominent websites and Internet personalities, with the intention to “sow disruption on the Internet,”
…So they are an organization based around trolling?
And I thought I had too much free time.

+26

+ Add a Comment

Comments (25)


Display Comments

Add a Comment