Anonymous and SG Govt

Here is some of my personal comments on the current Anonymous activities against the SINGAPORE GOVERNMENT.

Read this:
http://sg.news.yahoo.com/anonymous-threatens-singapore-government-in-youtube-video-091443515.html

Watch this:

INTRODUCTIONS:
The Anonymous hacktivist group, in a few campaigns of their own, have threatened the SINGAPORE GOVERNMENT (instead of Singaporeans) and managed to infiltrate the servers belonging to the SINGAPORE GOVERNMENT (SG Govt). The Prime Minister's Office web servers were not spared when the SG Govt threatened to capture members of the Anonymous who are responsible for attacking the servers of  the SG Govt. SG Govt loyalist and news agencies under the direct command of the SG Govt attempts to misrepresent these events as a direct cyber attack against Singapore and her citizens in an attempt to enrage the Singapore citizens into denouncing the Anonymous hacktivist group. IDENTIFYING ANONYMOUS: Before anyone can attempt to identify the members of the Anonymous hacktivist group, a brief understanding on what the Anonymous group is and how it operates is the key to attempting to identify possible Anonymous members. Anonymous is a loose collective of hacktivist that does not have a central command structure. They have their own sub-groups and territories but most of them are loosely associated that uses the power of the loose collective of hacktivist to execute and coordinate their operations. Since they are a loose group with no central command, it is very hard to identify them. The only way to identify members of the Anonymous whom have attacked the SG Govt's servers is either they betray their comrade's identity or they reveal their own identity consciously or accidentally. CYBERWAR: Some people will consider the attacks by Anonymous as a cyberwar against Singapore or the SG Govt but let me assure anyone reading, a cyberwar defined by Security Experts like Bruce Schneier defines cyberwar as multiple countries engaging each other in warfare using electronic means during wartime events. So, for those who love to promote such hacktivist events as cyberwar, you are trying real hard to deceive the public and love promoting FUD (Fear, Uncertainty and Doubt). Shame on those who blame this event as a cyberwar attempt.
TECHNICALITIES: Technology plays a big part in this event. The SG Govt use a mix of Java technology, Microsoft's .NET technology and Microsoft's IIS servers. It is not difficult to identify the technologies used by observing the page types (.JSP, .JSPX, .ASP, .ASPX, .do) and from the HTTP headers when interacting with their servers. Java have been known to have a whole sleuth of zero-day holes and critical bugs that have not been fixed yet. Some of the Java bugs that are critical have not been fixed for ages. The .NET technology has their own critical bugs but they are not as well known as the problems found in Java technology. Microsoft Server technologies like the Microsoft IIS have always been shunned by security conscious users due to the fact that Microsoft (it's Operating System and technologies) have lots of bugs that have not been fully addressed and fixed. Although the Linux OS and other Open Source alternatives do have their bugs and issues, they have a tendency of being patched at a faster rate due to their Open Source nature where anyone can grab the codes and inspect them with ease without the hassles of restrictive corporate licenses and procedures and push out patches at a faster rate than their Closed Source Microsoft competitors.
One of the issues with tracking down the Anonymous attackers are the anonymity of the Tor network they use as part of their tools. The Tor network routes communications within it's own virtual private network making them anonymous as Tor is designed to use encryption and plausible deniability technologies when handling communications. That means, anyone can be accused of being the source of any communications due to the anonymous and plausible deniable technology within Tor. The problem is not with the Tor network but the intentions and actions of the user. A knife blade can be used for cooking or can be used to murder someone, similarly, technology is neither good nor bad and simply pointing fingers at Tor being an evil tool and to deny it's use is simply childish as the attempt to ban something will make people more willing to rise up and invent tools to circumvent restrictions. In a way, the advance methods used to hide identity on the Internet by the Anonymous members during their exploits against the SG Govt servers may pose a huge issue to tracking them and correctly identifying them.
Other tools like securely erasing and manipulating of evidences after exploiting servers may also pose additional challenges when trying to unmask the identities of the Anonymous attackers.
THE ANONYMOUS CONCEPT: The concept behind Anonymous is cyber hacktivism. They see themselves as the Robin Hoods of the Internet which stands up against "Badly Behaved" Governements, Organisations and Individuals. Their strong self-justification attitude gave rise to such a movement.
The many attempts to crush the Anonymous as a whole have failed despite the incarceration of some individual members of the Anonymous group.
Governments around the World have made attempts to restrict freedom on the Internet with policies that mostly make no sense whatsoever other than to comfort themselves and allow them to retain their powers for a longer period. Out of such frustrations, groups of annoyed netizens who are computer savy have appeared to attempt to 'wrangle freedom back' from 'oppressive regimes'.
Such concepts are the motivation behind cyber hacktivism which uses the Internet and technology to make their voices heard.
There are people whom have enlarged and badly bloated egos and have been assaulted by these hacktivist for some reasons and have attempted to snuff them out with limited success as these activities due to the concept of hacktivism.
SUMMING UP: Below is one sentence to sum up the entire event....
Bad technologies being used and thus exploited but still remain shameless in pointing fingers.
To put it simply, the fault lies in bad IT and Computer Security governance of the SG Govt servers and instead of learning from their mistakes and publicly apologise for their in-apt and quickly remedy their situations, they point fingers at their attackers. They never realized that the biggest present their attackers gave them was a lesson on how to fix their ailing IT and Computer Security systems and to prevent future failures.