Back in 2011 I was arrested for my involvement in the hacker groups known as Anonymous, Lulz Security (LulzSec) and Operation Anti Security (#Antisec). I have recently been released from prison after serving 10 months of a 30 month sentence.

[HISTORY]

I have been released from prison on Home Detention Curfew and I am bound by the restrictions contained within this Serious Crime Prevention Order (SCPO) an order which I intend to fight as soon as I save money for legal.

There are somethings that I cannot and will not talk about on here.

No names! Keep it legal!

Ask me anything (except names)!

TWITTER: @APT1337 ASK.FM: http://ask.fm/APTL337

Donations go towards fighting the man (legally). BTC: 1HXc1XzGYBsnDmmrLYku7bbV5n2b873Bwz LTC: Le35o31LoSYia6h5xCFPqgJUbSeAxjVkXp

PROOF? On the 28/03/2014 I posted a picture of my self to prove I was the person controlling the twitter account @APT1337 https://twitter.com/search?q=Ryan%20%20Ackroyd%20free&src=typd

ALSO: https://twitter.com/APT1337/status/451815498670690304

Comments: 259 • Responses: 98  • Date: 

GabrielBonilla14 karma

Are you proud of the sacrifices you made in your lifetime?

APT133714 karma

Yes I am, I never look back I just move forward in to the future hoping to find peace and happiness.

petermal6713 karma

What was it like being raided?

APT133748 karma

GAME OVER PLEASE INSERT COINS

Brumhartt14 karma

That is seriously the best answer you could have given. I like it.

APT133710 karma

Haha thanks.

me_tarzan_you_jane9 karma

Did you meet anyone interesting in prison?

APT133715 karma

There's some funny characters in prison I can tell you that, made friends for life. Most of the people in there were in there for fraud, drugs, gang stuff. I never met any famous prisoners if that's what you mean? Then again everyone's story in prison is interesting.

taH_pagh_taHbe8 karma

How did you get started 'hacking'?

What were your most common techniques for accessing website databases (I understand if you cant answer this one)?

What do you recommend for someone that's interested in hacking(in terms of learning it)?

How did the feds find out who you were?

APT13377 karma

I first started back in 1998 I mostly used to hack PC games, hex editing, binary reverse engineering stuff. Then I learned how to use C and assembly and it just went from there.

Hacking is the art of reverse engineering, before you can reverse engineer something you need to have an in depth knowledge of it.

Learn to build before you break, but do it legally!

donutbagel2 karma

[deleted]

APT13378 karma

I hacked Command and Conquer Red Alert 2 the most, instant, infinite cash etc... One single president IFV would take out all or most of the other guys base/army, good times.

SynbiosVyse1 karma

I used to be an admin and release a few tutorials over at gamehacking.com (CES); I was also involved with gamethreat.com.

Did you have another alias that you used while you were in the game hacking scene that I may have heard? It's been well over 10 years since those days but figured I would ask anyway.

APT13372 karma

I can't remember the name I signed up with, something childish... The game was awesome most people made mod maps back in those days with slightly more gems and crates at their end of the map hahaha. Back then lots of people used to hack PC games, it was mostly hackers playing other hackers hahaha.

NEW CONSTRUCTION OPTIONS

I've been tempted to get it and install it, I bet people still play it.

gerryhanes8 karma

Do you like sporks?

APT13379 karma

Yes, I do, do you?

phyber_optix18 karma

Hey man we are asking YOU the questions here. Leave the interrogations to us the professionals.

APT133710 karma

Ok bro.

ProfessorLX8 karma

[deleted]

APT133714 karma

Basically it prevents me from using encryption that allows hidden volumes, virtual machines and I cannot delete my internet history. It lasts for 5 years and each breach of the order can be punishable up to 5 years.

It's not a case of them being fair or unfair.

I can't go too in to detail about it if I want to take it back to court, I just want to challenge it, plus I like to keep my cards close to my chest.

ProfessorLX3 karma

[deleted]

APT133721 karma

I don't think so, I'd have to check the src of firefox to determine if it deletes the history in private mode or if it simply does not record it in anyway. The order says "Not to delete".

SixFootJockey8 karma

I like the cut of your jib.

APT13371 karma

Thanks.

cheezburga2 karma

so if you just image a fresh install of your variety of os(debian?) everyday would that break your parole?

APT13372 karma

I could just boot live OS and not be in breach.

cheezburga1 karma

is that what you do?

APT13372 karma

I used to, remember slax?

Notorious_Junk7 karma

What are your thoughts on mass surveillance? Any advice for the masses?

APT133713 karma

It's been going on longer than you or I have existed. Strong encryption is the key.

TwelveBore6 karma

Ever considered a job with the NSA? GCHQ?

APT133711 karma

I don't think I would pass the security clearance now anyways. I am x military though so who knows.

Notorious_Junk4 karma

Do you have any regrets about your involvement with those groups?

Snowden, hero or villain? Why?

APT133720 karma

There's no point regretting anything because you cannot undo the past. I heard about Snowden in prison, came on the news but I only know what the news has been telling me. I will look more in to it, he's got balls I can tell you that and I admire a good set of balls.

president202411 karma

Really? Good set of balls? Are we not doing phrasing anymore?

APT13372 karma

Yes really.

Spictacular3 karma

  1. Where does/did LulzSec congregate?

  2. What is the education background of a typical member, or from where did you learn to do what you can do?

APT13375 karma

We had our own private IRCD and encrypted silc servers, also channels on public servers. I am completely self taught, I have been at it since 1998.

BFG_90003 karma

Ex Army eh?
Signals? or Tech in REME?

APT13374 karma

I was in the Infantry.

FOTBWN3 karma

So how were you ID'd for arrest?

APT13375 karma

I fucked up, I've already explained it on here, lurk moar.

FOTBWN17 karma

Get caught less.

APT13376 karma

GOOD ONE BRO.

somewatcomplete3 karma

Just curious, do you think big brother is reading this ama real time or at all?

APT133715 karma

They will be on this like flies round shit.

ShitfacePhil3 karma

[deleted]

APT133728 karma

You don't learn how to program, you learn how use a programming language, programming is what you do with that information. Read lots of examples of source code, see if you can work out whats going on. Don't just copy/paste the examples, write them word for word no matter how long they are. Not only will it help understand what it is doing better you may also learn a few tricks.

[deleted]8 karma

Excellent point. May I use your quote here^ with my engineering technology students?

APT13379 karma

Sure why not.

ShitfacePhil2 karma

[deleted]

APT13372 karma

No problem.

Castl32 karma

Hey its Kayla!

APT13370 karma

Hahaha

Castl31 karma

Hey thanks for the advice in the thread . I'll definitely use that on my quest to getting my Computer science thread and furthering my programming language knowledge !

APT13373 karma

No problem.

mmacpuguy2 karma

...meanwhile, while you were in prison our gov't set up a fake twitter type service in Cuba with the intent of helping topple the Cuban gov't. -_-

APT13373 karma

I'd like to see how you have come to this conclusion? Or is it official and that is it's official purpose?

Nexusmaxis2 karma

You should try this at /r/netsec

They would probably have a few more knowledgeable comments and questions.

APT13373 karma

Possibly, no way to link them over? I'll admit it, this is the first time I've ever used or been to reddit.

Nexusmaxis1 karma

Yea, go to /r/netsec and create a new post, and make it a link (to the url of this thread). Make the title basically the same, but bring up the fact that it's an xpost.

APT13372 karma

Done, thanks.

APT13370 karma

Thanks, I'll do this after I've made a coffee!

APT13372 karma

Doesn't seem like any of them took the bait!

Zetsubouromance2 karma

What's your opinion on the book by Parmy Olson? I think I recall she said she talked to you by chat, but how accurate was what eventually made it into the book?

APT13374 karma

I lost the book before I could read it all so I don't know...

lshic2 karma

how came you guys got the cia down?

APT13373 karma

It was hit with a 100,000 node botnet.

GoodFightSon2 karma

What are your political views?

APT13373 karma

I don't really have any political views, however I would like to see the rest of the world get a chance to sample democracy and be free from oppressive dictatorships (no naming names).

[deleted]2 karma

[deleted]

APT13374 karma

It was a big botnet but I am unsure of it's actual size it did not belong to me and no I did not have access to it. To have 800k bots on at one time means you'd have to infect more than a million computers, an 800k peak botnet would be big.

Rehn2 karma

What is the best way to protect your digital identity, and secure your privacy?

Since you have experience exploiting these vulnerabilities, what do you suggest to prevent it?

APT13378 karma

Strong encryption, limit the amount of personal information you place on the internet, don't draw attention, only use a sandboxed browser and tunnel your HTTPS through SSH using the highest of encryption, PGP mail for every mail, don't store encryption keys on your computer, full disk encryption and/or hidden OS, use different emails for your banking, paypal etc, Mak3p4$5w0rdZ!nCr3d!b4LlYsTr0nG, uninstall flash use http://youtube.com/tv instead etc, etc...

Rehn1 karma

Thanks for your answer. I am not worried about personal use, I am more worried about enterprise and or security systems. preventing people from hacking my companies website, and social media accounts. I have to keep in compliance with the financial standards, so we use PGP, and Erado, for archiving and encryption. It is just nice to get the perspective what is an easy target, what would you consider a difficult target not worth pursuing?

APT13372 karma

I could write a book to answer this...

Security isn't something you can just apply it's an on going process and in most cases you are relying on products sold to you on a trust basis. You're told that Antivirus software will stop you getting a virus but what you're not told is that Antivirus software only protects you against what is known, takes less than an hour to write a new piece of malware or backdoor that your AV will never detect.

People put too much faith in to security systems without understanding how they work, their capabilities or limitations.

There's no need to be "pentested" it's a right con, they only test you against old exploits, if you update regular then you're already safe.

Use 2 factor authentication and/or strong password policy, prevent users creating the own password (they will only make them simpler)

Just make your data worthless to a hacker by encrypting it.

oldsmell2 karma

Is Milhouse a meme?

APT13373 karma

Milhouse was the best meme!!

TheCrakkFox2 karma

Are you still in touch with Jason? Saw he went to prison recently, I actually went to HS with him.

APT13373 karma

How long did he get?

Notorious_Junk2 karma

Any advice for aspiring hacktivists?

APT133711 karma

Trust no one.

randomupvoteuser2 karma

Kayla, I just want to say thank you.

APT13371 karma

haha no problem.

Belgiumball2 karma

[deleted]

APT13372 karma

Wesley Bailey

No idea who that is..

Belgiumball5 karma

[deleted]

APT13374 karma

Ahh Wesley = Laurelai, yes that is true. (Don't know about the firing though)(I know she got a visit from the FBI, what they discussed I have no idea but there might be some truth in this, why not just ask her?)

Mr_Monster2 karma

Advanced Persistent Threat Elite

Nice.

Thoughts on DDoS as an "attack" vs. our generation's "sit-in."

APT13370 karma

There's a difference between a group of people using their own machines to protest something by overloading a server with traffic and ddosing the admin of a server with a botnet while you root him.

But I do believe it should be a legitimate form of protest, no different to blocking doors or doing a sit in.

upban1 karma

Is human body very good build pc with very cheap soft?If it's so easy to exploit:(

APT13371 karma

No it's a design prone to failure.

razer7001 karma

I look up to you on how you managed to convince everyone you're a girl, smart and funny thing at the same time. Really I look up to you like a celebrity, hah.

If you could go back in time, before the creation of Lulzsec, what would you do differently? Also, was Lulzsec's missions worth the prison time? Where did you learn social engineering, and hacking?

APT13372 karma

Maintaining a strong persona such as kayla and doing what I did wasn't easy. If I could go back in time I wouldn't change anything, I'd just keep going back in time to relive it over and over again. Nothing is worth prison time, it's a waste of life however I did manage to get some qualifications out of it. Not many people can say they left prison with a diploma for the thing they went in for.

I learned to do what I do from programming, it is simply reverse engineering.

[deleted]1 karma

[deleted]

APT13372 karma

I honestly believe they are state sponsored (possibly not from the beginning) but I do believe they are the people Assad is turning to. As for their methods I don't even know what methods they are using, I'll read in to it though, I'm fresh out of prison and most of what they have done was done while I had no internet access. I've been banned from the internet since 2011.

[deleted]1 karma

[deleted]

APT13371 karma

Humans are the easiest thing to exploit.

VELOCIRAPTOR_ANUS1 karma

When do you think the govt will evolve enough to have guys like you helping to grow our society? Right now it seeks to hunt you down....terrible waste of resources imo

APT13371 karma

It is, there's a lot of talent rotting away in the prison system.

VELOCIRAPTOR_ANUS1 karma

Administrations that in one breath expresses the need for engineers of digital space and then issues the order to capture the very people with such talents.

Edit: its been many administrations haha :*(

APT13373 karma

And many more to come!

VELOCIRAPTOR_ANUS2 karma

Its wishful thinking but i hope that the economic imperative will win out as we progress to what can be depicted best by the Type I civilization coined by popular theoretical physicist Michio Kaku

APT13372 karma

Things need to change, that's for sure.

lshic1 karma

did you have internet in jail?

APT13370 karma

No they do not allow internet in UK prisons.

oldsmell2 karma

Do you think access to the internet should be a human right? When will it be?

APT13373 karma

Yes it should be and I am sure it is already so!

an0bist1 karma

At first welcome back. So here an total haxor/lulz/past unrelated question what kind of music do you like?

APT13377 karma

I like Hard Dance music, Hard Trance/Hard House.

Castl31 karma

Fuck yeah! Trance and House all the way.

APT13371 karma

I used to have a set of Technics 1210 Mk2 and mix like mad when I was younger, still got some of the vinyl haha.

Castl31 karma

Who is your favorite Trance artist? Ever been to any festivals?

APT13372 karma

Tidy boys, nothing but. Their events are awesome, youtube "Tidy weekender"

Castl31 karma

That looks awesome, hopefully one day I can check that out. Take a listen to "ASOT 650 utrecht by Dash Berlin" pretty good hr set.

APT13371 karma

Thanks!

himynameisbilly1 karma

Isn't the true "lulzy" part of this that you guys bugged some people and mocked their security and then ended up getting busted and going to prison while the companies you annoyed made their security better? That's pretty lulzy to me.

APT13374 karma

What I find lulzy is the fact they were all vulnerable to webapp vulnerabilites and don't use PGP.

lshic1 karma

what do you think about bitcoin? where will it be in 10 years?

APT13378 karma

I think it's great, scrypt coin too! I think they will get heavily regulated soon though. I had 78 bitcoins backed up on a SDHC before I was sent to prison. Back then they were worth ~$40 each. Come out of jail and I can't find that shit anywhere lol.

The only problem is even if I do find it, it's encrypted with keys that are on the computer the police confiscated and I can't get back.

I know right?

lshic4 karma

sue them

they stole you $ 78k

APT13373 karma

It's killing me!

pentangleit1 karma

If they've not destroyed your computer or had a seize order against it then you can get back things like that. Ask your lawyer.

APT13374 karma

They seized it in court, I can however apply "for a copy of evidence" under UK law and they would have to give me a copy of the HDD.

pentangleit3 karma

Do this. Those bitcoins won't last.

APT13373 karma

How long untill they are orphaned? It's been ~3 years already.

pentangleit2 karma

No idea. I meant they won't last as a concept (especially not at that value).

APT13373 karma

Wow, only just seen it but they peaked at ~$1000? Feels bad man.

pentangleit1 karma

Exactly - since then the Chinese and Russians have banned it, and you can only consider it's a downward spiral from there.

APT13374 karma

I wonder how long it will last here in the west, I'm surprised it hasn't already been regulated the tax man must be pissed!

I think there are also more constructive uses for mining, I mentioned this on twitter also. See there are a lot of cancer researchers and scientists that have HUGE amounts of data that needs to be mined to help cure diseases and solve the worlds problems.

The world hash rate for crypto coins is more powerful than most of the worlds super computers combined. Cancer researchers should give coins for mining cancer research data instead of wasting time generating meaningless hashes.

Thunderfire1 karma

[deleted]

APT13376 karma

Nothing is worth going to prison for. Yeah they are happy I am back and I am happy to see them again. It was ~100GBP for my parents to come and visit me in prison, I was a long way from home. I told them not to waste their money because the visit only lasts 2 hours.

I am x military I am used to being away from home for long periods of time. It also makes time fly faster when you're not constantly reminded about home. If you don't know what you are missing then you don't miss much.

The_Dunt_Cestroyer1 karma

Was prison anything like you had expected it to be?

APT13373 karma

Better than I thought it would be, I had most prison movies flashing in my head on the way there from court but it's nothing like that.

YakshaNZ2 karma

Could you elaborate more on what it's like please?

How did you pass the time?

Did you personally encounter much violence in the prison? Or is it easy enough to stay away from it if you don't rock the boat or whatever?

APT13374 karma

Well, most of the prison movies I have seen all show people stood at the bars, big guys growling "mmmm fresh meat" and everyone getting stabbed up every 2 minuets. When you've never been to prison before you can't help but think back to every movie you've seen about prison.

I was a bit scared at first, didn't know what to expect...

Once I got to prison I realized it's nothing like the movies. Because it was all over the news when I was sentenced everyone in the jail knew who I was and what I was in for. I've made some good friends out it, people I am going to meet again once they are free.

I used to pass the time playing chess with my cell mate or by watching all crazy people in there.

No one was ever violent towards me, you don't give any attitude you don't get any attitude. I did see some people get fucked up in there, mostly starts over something really silly, like a game of pool.

OrangePimpinPylon1 karma

Do you ever think about trying to get hired for security for websites or for government computers or something along those lines?

APT13371 karma

Again it's probably a trust issue...

Kalieat1 karma

Do you like Wheatus?

APT13371 karma

No, Wheatus sucks.

Kalieat1 karma

how do they ?

APT13371 karma

Well I just like to suck wheats thats all

pentangleit1 karma

What do you think your job prospects are now with the conviction hanging over your head?

APT13376 karma

Not too good! I'm on my arse at the minuet, I'll do any job!

CalebEast4 karma

...Any job? ( ͡° ͜ʖ ͡°)

APT13372 karma

Allmost...

pentangleit3 karma

Good luck fella.

APT13372 karma

Thanks!

randomupvoteuser1 karma

Write a book.

APT13371 karma

Is it really needed?

randomupvoteuser3 karma

Not needed per se. But you can tell an autobiographical perspective that nobody else can. The story lulz & Anon supporters would want to hear. Obviously not a 'tell all' but a 'tell most'?

APT13371 karma

Yeah I get what you mean.

jenbanim1 karma

What sort of people did you meet in association with the hacking groups? What kind of people are hackers?

APT13371 karma

Out of everyone I have met there are only a small handful of people that I would put in to the "reverse engineer/hacker" bracket. Lots of people who know how to use exploits, not many who know how and why they work or are able to write their own, truly is a dieing art.

labrev1 karma

This is probably the longest I've ever seen someone take questions in an AMA. Thank you for dedicating so much time to answering people's questions.

I wish I had something more profound to ask you, but this is really all I've got for now:

How did it feel being able to get behind a computer for a first time in 2+ years? Did you build a rig to re-live the novelty or do anything particularly special? Porn, me thinks

APT13373 karma

No problem I enjoy answering questions and I will be here until the questions dry up.

I was able to use computers in prison. I was given a job as a class room assistant helping teach people about computers, basic things. I also managed to complete a number of computer related qualifications and gained a diploma.

Seeing the internet after 2+ years was kind of strange though. The internet looks a lot different now compared to how it did in 2011. To be honest I don't like it, it has that "iphone look" to it all, big buttons and lots of unneeded JS.

I also forgot how addictive the internet is!

I wish I could build a rig I just do not have the money to do so. Hopefully soon I will find a nice job and maybe then I will build one.

VitterfolkPale1 karma

Not a question, but a story you might enjoy.

To set the stage, when Defcon 19 started, only Topiary was thought to have gotten popped. Someone had a brilliant idea and made invitations for an official Lulzsec party. The invitations were laser engraved tinted acrylic, probably about 1/16" thick. They looked very legit, and included a phone number to call Saturday night where you would supposedly be told where the party was. Opsec and all that.

Suffice it to say, there was no party. The number was forwarded to various places at different times. The invitations were specifically targeted at press. In fact, that was the whole point. To troll all of the journalists into chasing their own tails on Saturday night, rather than hitting the actual parties going on. Everyone who knew about it was also spreading the rumor (to journalists) that Sabu was actually at Defcon and would be at the Lulzsec party.

Having a random journalist mention the rumors to me and bragging about their invite made my day, and it wouldn't have been possible without you guys.

APT13371 karma

As much as I boycot Defcon and other Hacker cons I can dig a good troll.

citizenkane861 karma

Was there a time before you were caught that you were worried or thought the authorities might have a clue as to your real identity?

APT13373 karma

I knew I was going to get caught, I fucked up.

Alsway72 karma

Can you elaborate on this?

APT13379 karma

I've copy/pasted this from ask.fm

How did you get caught

I was going to leave the internet (before LulzSec) so I decided to write a script to login to the [email protected] account and post random sentences. At the time it wasn't written to pass though a proxy, it was going on a hacked box so there was no need to proxy it. Windows decided to freeze so I did what everyone else does when the computer freezes CLICK FUCKING EVERYWHERE AND BASH THE KEYBOARD. Sadly I accidentally executed the script which logged in to the [email protected] account leaving my real IP in twatters logs.

Lachtan3 karma

Jesus fuck, that's unlucky!

What did you do next, after you realized that you fuck up bad?

You knew they will be coming, have you prepared?

Did you have a backup plan?

Did you have a gun?

APT13372 karma

You could describe the whole LulzSec affair as a bunch of hackers going for bust.

There was no backup plan but I realized the mistake early and acted accordingly! No I do not own guns, they're a lot more restricted here in the UK.

brony66660 karma

What do you think - in Wrestlemania '98, did Mike Tyson get punched in the cock?

APT13372 karma

Never watched it back then, I hope so!