Soy Chicano Forums

Go Back   Soy Chicano Forums > Current Events > What's in the News

What's in the News Have a discussion about something going on in the News

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 01-02-2015
grape ape's Avatar
grape ape grape ape is offline
Estudiante
 
Join Date: Aug 2013
Location: east coast, but born in calli.
Posts: 769
Default A Lot of Smart People Think North Korea Didn't Hack Sony

Sam Biddle 12/22/14 12:10pm

The evidence linking agents of the Democratic People's Republic of Korea to the recent digital implosion of Sony remains vague. And even though the feds are squarely blaming North Korea, many security experts aren't buying it.

Long before the FBI made it official, North Korean blame for the attack against Sony was taken as a given. Even if the best reason to credit Kim Jong-Un's goons was because it just sort of feels right and Hey, that movie is about North Korea, most people following the story—both in and out of the media—ran with the story. It happens to be a very politically convenient story, featuring the world's favorite cartoon henchman at the lead.

But independent, skeptical security experts have been poking holes in this theory for days now. Evidence provided by the FBI last week in an official accusation against the North Korean government was really more of a reference to evidence—all we got were bullet points, most of them rehashing earlier clues. It still doesn't seem like enough to definitively pin the attacks to North Korea.

Security consultant Dan Tentler didn't take long to brush off the FBI's points:

A Lot of Smart People Think North Korea Didn't Hack SonyExpand

But the weightiest rebuttal of the case against North Korea has come from renowned hacker, DEFCON organizer, and CloudFlare researcher Marc Rogers, who makes a compelling case of his own. Highlights below:

The broken English looks deliberately bad and doesn't exhibit any of the classic comprehension mistakes you actually expect to see in "Konglish". i.e it reads to me like an English speaker pretending to be bad at writing English.

[...]

It's clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony's internal architecture and access to key passwords. While it's plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam's razor suggests the simpler explanation of an insider. It also fits with the pure revenge tact that this started out as.

Furthermore, "The attackers only latched onto "The Interview" after the media did – the film was never mentioned by GOP right at the start of their campaign. It was only after a few people started speculating in the media that this and the communication from DPRK "might be linked" that suddenly it became linked."

Even after the FBI officially named North Korea as orchestrators, Rodgers remains entirely unconvinced by their case:
Why I *still* dont think it's likely that North Korea hacked Sony.

So the FBI has come out and said it. North Korea was behind the Sony hack. With some pretty… Read more marcrogers.​org

What the FBI is essentially saying here is that some of the IP addresses found while analyzing the malware samples and the logs of the attack have been used in the past by North Korea. To me, this piece of evidence is perhaps the least convincing of all. IP addresses are often quite nebulous things. They are addresses of machines connected to the Internet. They are neither good, nor bad.

The IP address is never what is interesting. It's what's running on the system that has that IP address that is interesting. Furthermore, to imply that some addresses are permanent fixtures used by North Korean hackers implies a fundamental misunderstanding of how the internet works and in particular how hackers operate.

[...]

So where does that leave us? Well essentially it leaves us exactly where we were when we started. We don't have any solid evidence that implicates North Korea, while at the same time we don't have enough evidence to rule North Korea out. However, when you take into consideration the fact that the attackers, GOP, have now released a message saying that Sony can show "the Interview" after all, I find myself returning to my earlier instincts – this is the work of someone or someones with a grudge against Sony and the whole "Interview" angle was just a mixture of opportunity and "lulz".

Rodgers recommends a more technical refutation of the FBI's evidence by a peer of his—worth reading if you dig nuts and bolts.

Kim Zetter of Wired also has a fantastic article on North Korean skepticism. She makes a very, very strong case (emphasis is her own):
The Evidence That North Korea Hacked Sony Is Flimsy | WIRED

Today Sony canceled the premiere of “The Interview” and its entire Christmas-Day release of the… Read more wired.​com

But in their initial public statement, whoever hacked Sony made no mention of North Korea or the film. And in an email sent to Sony by the hackers, found in documents they leaked, there is also no mention of North Korea or the film. The email was sent to Sony executives on Nov. 21, a few days before the hack went public. Addressed to Sony Pictures CEO Michael Lynton, Chairwoman Amy Pascal and other executives, it appears to be an attempt at extortion, not an expression of political outrage or a threat of war.

"[M]onetary compensation we want," the email read. "Pay the damage, or Sony Pictures will be bombarded as a whole. You know us very well. We never wait long. You'd better behave wisely."

Harvard Law professor and security expert Jack Goldsmith is skeptical of the FBI's case so far:

First, the "evidence" is of the most conclusory nature – it is really just unconfirmed statements by the USG. Second, on its face the evidence shows only that this attack has characteristics of prior attacks attributed to North Korea. We know nothing about the attribution veracity of those prior attacks. Much more importantly, it is at least possible that some other nation is spoofing a North Korean attack. For if the United States knows the characteristics or signatures of prior North Korean attacks, then so too might some third country that could use these characteristics or signatures – "specific lines of code, encryption algorithms, data deletion methods, and compromised networks," and similarities in the "infrastructure" and "tools" of prior attacks – to spoof the North Koreans in the Sony hack.

Third, the most significant line in the FBI statement is this: "While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following." Let us assume that the United States has a lot of other evidence, including human or electronic intelligence from inside Korea, that corroborates its attribution conclusion. This might give the USG confidence in the attribution and might support the legality of a proportionate response. But if protection of "sources and methods" prevents the United States from publicly revealing a lot more evidence, including intelligence beyond mere similar characteristics to past attacks, then there is no reason the rest of the world will or, frankly, should believe that a response on North Korea is justified. (Compare Adlai Stevenson and Colin Powell before the United Nations.)


http://gawker.com/a-lot-of-smart-peo...ony-1672899940
Reply With Quote
  #2  
Old 01-03-2015
SJ's Avatar
SJ SJ is offline
Site Admin
Presidente
 
Join Date: Mar 2003
Location: L.A.
Posts: 18,480
Send a message via Yahoo to SJ
Default Re: A Lot of Smart People Think North Korea Didn't Hack Sony

of course. i got in trouble when i tried to discuss this on facebook. it's all rediculous when it comes down to it.
Reply With Quote
  #3  
Old 01-03-2015
grape ape's Avatar
grape ape grape ape is offline
Estudiante
 
Join Date: Aug 2013
Location: east coast, but born in calli.
Posts: 769
Default Re: A Lot of Smart People Think North Korea Didn't Hack Sony

i dont think it had anything to do with nations at all.
Reply With Quote
  #4  
Old 01-06-2015
GrimmStabnandez's Avatar
GrimmStabnandez GrimmStabnandez is offline
Travieso
 
Join Date: Jan 2013
Posts: 465
Default Re: A Lot of Smart People Think North Korea Didn't Hack Sony

it wasn't them it was some ex Sony employees, lolz
__________________
Violence has its own economy. Therefore be thoughtful and precise in your investment.
Reply With Quote
  #5  
Old 01-06-2015
tecpaocelotl's Avatar
tecpaocelotl tecpaocelotl is offline
The one and only
Presidente
 
Join Date: Jul 2003
Location: Cali
Posts: 27,690
Send a message via AIM to tecpaocelotl Send a message via MSN to tecpaocelotl Send a message via Yahoo to tecpaocelotl Send a message via Skype™ to tecpaocelotl
Default Re: A Lot of Smart People Think North Korea Didn't Hack Sony

Quote:
Originally Posted by GrimmStabnandez View Post
it wasn't them it was some ex Sony employees, lolz
That I can believe.
__________________
"Don't Demonstrate, Infiltrate! From within you can help those without." -Jorge Le Rand

"Tehan tohtocazqueh to tamatcayotl can cachi chicahuac." - David Vazquez
Reply With Quote
  #6  
Old 01-07-2015
Dissonant's Avatar
Dissonant Dissonant is offline
Gunner
 
Join Date: Nov 2007
Location: Hibernation
Posts: 1,939
Default Re: A Lot of Smart People Think North Korea Didn't Hack Sony

Or it was a set up most likely by affiliates of the movie producers to promote the movie. Which was not comical at all, sadly not even patriotic to boot.
Reply With Quote
Reply

Tags
hack , korea , north , sony

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -7. The time now is 12:50 PM.


All the comments are property of their posters. Images, logo, content and design are © copyright by SoyChicano.com. All Rights Reserved.