• United States




Open letter to Anonymous group: Right fight, wrong approach

Mar 29, 20116 mins
CybercrimeData and Information SecurityEncryption

Roger A. Grimes urges members of Anonymous to eschew illegal practices in their fight for social justice

The online social activist group Anonymous continues to make headlines. The collective has successfully attacked a variety of different organizations, such as HBGary and Bank of America, and exposed their private and confidential information. Following is an open letter to the members of Anonymous.

[ Master your security with InfoWorld’s interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld’s Security Central newsletter. | Get a dose of daily computer security news by following Roger Grimes on Twitter.]

Dear Anonymous members:

I’ve read the headlines and articles concerning your group’s activities and have sat uncomfortably impressed. It’s like hearing that some criminals pulled off a huge multi-million-dollar bank heist without shooting anyone. Your actions are notable for their audaciousness and scope, but illegal nevertheless.

Although I’m sure some of the “facts” are misconstrued or wrong, the basic idea of what your latest activities are trying to accomplish lately is coming through loud and clear: You want to punish those who harm your friends and advocacies, level the playing field a bit, and perhaps even give opponents a reason to pause as they consider additional tactics. On some level I can respect that. I can’t help feeling a small amount of admiration when you revealed that your adversaries were possibly considering likely illegal tactics to fight you.

I, too, am a passionate supporter of human rights, free speech, and justice. Much in this world upsets me, and I frequently post my grievances and opinions in public forums. I’ve actively rallied online for many causes. I know the difference between receiving a placating form letter back in reply versus a thoughtful response. I know what it’s like to be ignored, and I know what it’s like to think about crossing the line between legal and illegal responses in the name of a just social cause.

About two decades ago, I contemplated the risk of going to jail over an issue I strongly believed in. At the time, Phil Zimmerman, creator of the encryption program PGP was facing possible treason charges because his software contained what the U.S. government considered overly strong encryption that could easily be used by foreign nations. I was so upset that Zimmerman could go to jail for providing such a wonderful program that I came up with an incredible scheme: I created a website where anyone could enter his or her email address and send a copy of PGP to a randomly selected foreign email address while carbon copying the White House at the same time.

In my plan, I figured the United States would have to arrest hundreds of thousands of us for crimes greater than the one for which Zimmerman was being considered. He only wrote the program, but we would be illegally distributing it. I contacted Newsweek for the publicity and the magazine readily agreed to participate. I told my wife (we had two young children) what I was planning to do and how I risked being prosecuted and going to prison. She wasn’t happy, but she saw that she couldn’t stop me.

When I reached the final step before the website was to go live, with Newsweek also on the phone, I called Phil Zimmerman to tell him of my support for him and my plans. To my utter astonishment, he told me I didn’t understand the consequences of what I was planning. He said he didn’t support my actions and hung up the phone.

Two decades on, I haven’t talked with Phil Zimmerman, but I want to thank him for keeping a young, overly emotional kid from having a prison record (assuming that would have been the outcome). I’m still a passionate advocate for many causes, but my activities are limited to the legal avenues.

I’ve spent my entire career fighting online criminals, and I’ll likely retire that way. I make a good living fighting the good fight, but I still commit occasional mistakes. I’m imperfect, and I have regrets. I’m thankful that I can say I’ve never done anything illegal online or hacked anyone who didn’t give me the legitimate authorization to do so. I’m glad that when a potential employer asks if I’ve ever been arrested that the answer is no. Most prospective employers don’t want to hear a long, drawn-out excuse about how social justice pushed you to obtain a felony conviction.

Anonymous members, if you continue doing illegal hacking, in all likelihood some of you will be caught and arrested. Perhaps the wheels of justice make that a given already. Many of your names are already known by several people in positions of authority, and no doubt your online activities are being tracked. Although you probably think the feds are clueless idiots, they merely move slowly. It takes time to get court orders and to collect evidence in a way that holds up to judicial scrutiny.

I respectfully ask that members of Anonymous refrain from illegal activities. You have a stronger chance of changing society forever by leaving behind the veil of anonymity and working within the constraints of the laws, even if you don’t always agree with the rules and the unfair balance of power.

When you engage in illegal activities, you lose a lot of your most powerful defenders and supporters. The rule of law creates a baseline civility necessary for progress. Cross that line one too many times and you risk being marginalized simply as a common criminal. More important, you can’t do any good if you’re sitting in a prison cell caged like an animal — and this is likely to happen to at least a few members of your group. When the headlines are gone, some of you will probably be sitting behind bars with only a very few people to ever visit. You’ve caught the public attention you wanted. That attention, and the embarrassment it has caused to powerful entities, will likely also undo Anonymous.

There is more power in lawful and peaceful disagreement. Think of the figures that will go down in history as strongest and most influential resistance movement leaders we know: Gandhi, Martin Luther King, Jr., and more.

Many of the members of your group appear to be bright and well meaning, but the ends do not justify the means. Illegality is illegality no matter why it is committed. Instead I hope that you’ll take your knowledge and talents and focus them on positive and legal avenues. I can imagine all the energy and passion put toward helping others, without risk of imprisonment.

You may be offended by my letter, but I hope it reaches you in the same way Phil Zimmerman reached me before I made a mistake that could have abruptly ruined my life.


Roger A. Grimes

This story, “Open letter to Anonymous group: Right fight, wrong approach,” was originally published at Keep up on the latest developments in network security and read more of Roger Grimes’ Security Adviser blog at For the latest business technology news, follow on Twitter.


Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist and is the author of Cryptography Apocalypse.

More from this author