- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Sony attacked Sony
Posted on 12/19/14 at 10:22 am
Posted on 12/19/14 at 10:22 am
Point-by-point breakdown of hacking event and analysis on why this isn't North Korea but rather someone with insider knowledge.
Sony Attack Breakdown article
Sony Attack Breakdown article
quote:
The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea. Not least because they don’t speak traditional “Korean” in North Korea, they speak their own dialect and traditional Korean is forbidden. This is one of the key things that has made communication with North Korean refugees difficult. I would find the presence of Chinese far more plausible.
This change in language is also most pronounced when it comes to special words, such as technical terms. That’s possibly because in South Korea, many of these terms are “borrowed” from other languages, including English. For example, the Korean word for “Hellicopter” is: ???? or hellikobteo. The North Koreans, on the other hand, use a literal translation of “vehicle that goes straight up after takeoff”. This is because such borrowed words are discouraged, if not outright forbidden, in North Korea – https://pinyin.info/news/2005/ban-loan-words-says-north-korea/
Lets not forget also that it is *trivial* to change the language/locale of a computer before compiling code on it.
quote:
It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider. It also fits with the pure revenge tact that this started out as.
Whoever did this is in it for revenge. The info and access they had could have easily been used to cash out, yet, instead, they are making every effort to burn Sony down. Just think what they could have done with passwords to all of Sony’s financial accounts? With the competitive intelligence in their business documents? From simple theft, to the sale of intellectual property, or even extortion – the attackers had many ways to become rich. Yet, instead, they chose to dump the data, rendering it useless. Likewise, I find it hard to believe that a “Nation State” which lives by propaganda would be so willing to just throw away such an unprecedented level of access to the beating heart of Hollywood itself.
quote:
Finally, blaming North Korea is the easy way out for a number of folks, including the security vendors and Sony management who are under the microscope for this. Let’s face it – most of today’s so-called “cutting edge” security defenses are either so specific, or so brittle, that they really don’t offer much meaningful protection against a sophisticated attacker or group of attackers. That doesn’t mean that we should let them off and give up every time someone plays the “APT” or “Sophisticated Attacker” card though. This is a significant area of weakness in the security industry – the truth is we are TERRIBLE at protecting against bespoke, unique attacks, let alone true zero days. There is some promising technology out there, but it’s clear that it just isn’t ready yet.
Who do I think is behind this? My money is on a disgruntled (possibly ex) employee of Sony.
10
Posted on 12/19/14 at 10:23 am to mizzoukills
Posted on 12/19/14 at 10:25 am to mizzoukills
You've just reaffirmed my opinion of people from Missouri on this board.
Posted on 12/19/14 at 10:25 am to mizzoukills
ORRRRRRRRRRRRRR
>>
>>
Posted on 12/19/14 at 10:30 am to mizzoukills
I'm not reading the whole thing but the three quoted issues are beyond ridiculous modes of thinking. Stupid is being generous.
Posted on 12/19/14 at 10:31 am to Sid in Lakeshore
quote:This.
the three quoted issues are beyond ridiculous modes of thinking. Stupid is being generous.
Posted on 12/19/14 at 10:39 am to mizzoukills
quote:
Occam’s razor suggests
That this is a conspiracy rather than North Korea? I don't think you understand that whole razor thing.
I'll admit, it's tough to think that the guy who poorly photoshopped his military would be capable of a sophisticated hacking job.
BTW, who is Marc Rogers?
Posted on 12/19/14 at 10:46 am to mizzoukills
quote:
It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords.
a.) Word Salad. The writer is combining a number of concepts that sound convincing but don't really make sense or make up a complete solution/explanation.
b.) I guess "Marc's Security Ramblings" has access to the source code to find these hard coded paths?
The perpetrator would have sent compiled (that is machine readable) code that Sony's servers could understand and execute. They wouldn't have sent the source code. That is only of use to programmers....and you would never give it to your target.
c.) If the theft was initially enabled by malware that discovered paths/architecture/file structure (phase 1) they could have then written additional malware (phase 2) that would know the paths and potentially passwords from phase 1 which could have been hard-coded.
So yeah...no.
Posted on 12/19/14 at 10:55 am to mizzoukills
quote:
Occam’s Principle of Limited Imagination
Posted on 12/19/14 at 10:59 am to mizzoukills
quote:I don't doubt this, and it would be my first guess, but I don't think the reasons listed are enough evidence.
Sony attacked Sony
quote:Is there a "local" Korean locale and language code available on the PC? If not, what locale and language would they set their PC's to?
The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea. Not least because they don’t speak traditional “Korean” in North Korea, they speak their own dialect and traditional Korean is forbidden.
Posted on 12/19/14 at 11:00 am to mizzoukills
BTW, it would be possible for someone to make it appear that N. Korea was behind the attacks...so this scenario is possible. But the explanation in the article is nonsense.
Posted on 12/19/14 at 11:04 am to mmcgrath
quote:
Is there a "local" Korean locale and language code available on the PC? If not, what locale and language would they set their PC's to?
English.
Isn't it much more likely that the attackers were Western educated? Or at least trained outside of Best Korea? I'm guessing NKSU is lacking in it's Computer Science department.
Posted on 12/19/14 at 11:06 am to a want
I've seen reports that Chinese based servers were used.
Posted on 12/19/14 at 11:07 am to a want
quote:
BTW, it would be possible for someone to make it appear that N. Korea was behind the attacks...so this scenario is possible.
Yes - that would be called a "false flag" operation - the most famous (I believe) is Operation Canned Goods.
quote:
But the explanation in the article is nonsense.
Completely agree. The OP suggests that Occam's Razor somehow suggests a hyper-complex conspiracy from within Sony for byzantine personal reasons, rather than the obvious - N. Korean hackers were ordered by their leader to quash the relase of a film "by any means necessary", which is precisely the anaylsis towards which you'd expect Occam's Razor to lead.
Posted on 12/19/14 at 11:14 am to Ace Midnight
The OP is applying Occam's Razor in a different direction
north korea is so lacking in technology and infrastructure, they couldn't just log on and do this. Therefore, it must be someone else with the access, infrastructure and knowledge to do this.
when in all probability, it was NK agents operating in China, Japan or South Korea...most likely China...people really don't know how crazy they are...kidnapping foreigners on their own soil, digging tunnels underneath the DMZ, etc.
they're bat shite.
regardless, it doesn't fricking matter who it is, it just makes it more insulting that it's north korea. This is a victory against the first amendment. Whether it's some 8 year old Japanese kid or kim jong un himself.
north korea is so lacking in technology and infrastructure, they couldn't just log on and do this. Therefore, it must be someone else with the access, infrastructure and knowledge to do this.
when in all probability, it was NK agents operating in China, Japan or South Korea...most likely China...people really don't know how crazy they are...kidnapping foreigners on their own soil, digging tunnels underneath the DMZ, etc.
they're bat shite.
regardless, it doesn't fricking matter who it is, it just makes it more insulting that it's north korea. This is a victory against the first amendment. Whether it's some 8 year old Japanese kid or kim jong un himself.
Posted on 12/19/14 at 11:17 am to DelU249
quote:Released 14 minutes ago....
The FBI has concluded that the North Korean government is responsible for the Sony cyberattack, based on an investigation conducted in collaboration with other government agencies and departments.
"Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart. North Korea's actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior," the FBI said in a release.
Posted on 12/19/14 at 11:29 am to LSURussian
quote:
North Korea's actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior," the FBI said in a release.
Sounds like there will be a retaliation.
Posted on 12/19/14 at 11:37 am to a want
quote:
Sounds like there will be a retaliation.
You know there is going to be a strongly worded letter of disappointment sent over BHO's signature.
Bleeve dat.
Probably going to CC the U.N. on that bad boy, too.
This post was edited on 12/19/14 at 11:38 am
Posted on 12/19/14 at 11:45 am to Ace Midnight
quote:
ou know there is going to be a strongly worded letter of disappointment sent over BHO's signature.
Oh. Is this from the Russia fiasco where Putin pwned Obama who responded with economic sanctions as opposed to militarily.... oh wait....
Posted on 12/19/14 at 11:57 am to a want
quote:
Is this from the Russia fiasco where Putin pwned Obama who responded with economic sanctions as opposed to militarily
I'm not sure which "sanctions" you're referencing - the sanctions that didn't get Russia out of the Crimea OR Eastern Ukraine, or the newly approved sanctions that Obama says he's not going to enforce?
Page 1 of 2
Back to top
Follow TigerDroppings for LSU Football News