I haven’t said anything about Lulzsec publicly yet and I don’t really have a good reason for the lack of comment. I have been watching their activities with great amusement. On Saturday I saw they released a large list of routers IP addresses and the username and passwords. The passwords looked like they were set to default values. This actually made me laugh out loud and I had two thoughts. First and foremost how was this allowed to happen if you are doing regular security checks? The second thought is who will take the blame for this from the offending company?
First off I've heard a lot of people say that Lulzsec did security a favor by really showing the need for security. I disagree completely. I think Lulzsec has show how ineffective the security community and marketplace really is. These were not mom and pop targets that got hit but instead were several mega corporations that spend more money on security than most people will make in a lifetime. The spending did not stop the compromise and posting of their sensitive data so what good is it?