> I am a Hacker and I am the opposite to all that you are. In my realm, we
are all alike. We exist without skin color, without nationality, and without
political agenda. We are slaves to nobody.
Classic elitist take ignoring that this this space where "all are alike" can only work for certain kinds of people.
Your quote it is out of context, they are talking to North Korea's -sociopathic- government accomplice:
<< Kimsuky, you are not a hacker. You are driven by financial greed, to enrich
your leaders, and to fulfill their political agenda. You steal from others
and favour your own. You value yourself above the others: You are morally
perverted. >>
North Korean citizens are kidnapped by a dictatorship. They are talking to someone who supports crimes against humanity.
I would go as far as to say slaves of a dictatorship. Most likely threathened with death, including the hackers' entire family, if they dont follow the line. Considering these factors, how much do you think they actually "support crimes against humanity"? North Koreans filter their students very early on to find the smart ones and teach them hacking in specialized military camps. Whoever this hacker is, he probably has been handpicked and groomed for the job hes doing.
How is this any different from say a Pentagon or IDF employee who is involved (by some degree) in the documented mass murder of civilians? Their livelihoods are also on the line.
Are they off the hook because they "choose" to participate in mass murder?
Youre gonna pretend theres no difference between your entire bloodline (literally) or your salary being on the line? If you work at the Pentagon and see mass murder of civilians you have the option to stop going to work. A north korean hacker does not have that option.
You may be assuming a fair bit. Just because it is evidently true that there is a difference, to the parent, depending on their philosophical bent, it is not impossible that it is the outcome alone that determines level of willingness to accept level of.. dunno what is a good word here.. responsibility. In other words, from where they come from, all other factors are not relevant. I don't subscribe to this particular view of the world, but it helps to be able to understand others.
I get that a pure consequentialist can flatten every distinction, but in the real world we still distinguish between
(a) ‘I’ll kill your entire bloodline if you stop typing’ and
(b) ‘You can resign and face a résumé gap.’
Until we’re ready to treat a bank-teller under duress the same as an armed robber, that difference has to matter.
I don’t necessarily agree with you but I’m not sure why you are being downvoted into oblivion.
Tangentially, my problem with this phrase post is that I am struggling to get past all the obvious falsehoods when it comes to the non technical part of the writing.
It starts off the bat with using terminology like “Advanced Persistent Threat” and conflates what it already identified as a North Korean group as Chinese in this sentence
> It shows a glimpse how openly "Kimsuky" cooperates
with other Chinese APTs and shares their tools and techniques.
And then gives some flowery speech about how the Koreans are bad and political but this author who opposes them is good and not political.
This reads to me like the ravings of some crazy person with advanced skills who thinks everyone else is the crazy one while wearing a tinfoil hat, or a federal group leaking a no longer useful technical hack surrounded in language pushing propaganda
I’ve heard that in North Korea it is difficult for ordinary people to learn or own a computer. It is assumed that a small number of elite operatives are selected and trained to carry out such tasks, and it is somewhat surprising that they possess the latest technology and conduct hacking.
If anything the hackers in north korea are probably world class if the government is getting their students into focused training programs early in their schooling. Western nations have nothing equivalent due to schooling being generalist and undergrad and grad school not really introducing you to the sort of work you'd actually do on the job as a hacker. 22 year old western hacker for a 3 letter agency is going to have maybe a 6 month softball tangentially related internship of experience under their belt while the north korean might have years and years by that point.
> 22 year old western hacker for a 3 letter agency is going to have maybe a 6 month softball tangentially related internship of experience under their belt while the north korean might have years and years by that point.
I was with you right up until this bit
The agencies concerned tend to recruit people that have demonstrated ability in that field, and they've usually got it with "self-directed" training :)
State sponsored thieves are not a talent pool that anyone wants in a trusted position.
The fact is there were only around 40 unique hacks ever invented, and people simply adapt these into new zero day exploits. Notably, this is now mostly a fully automated process.
If people want in, they will get in eventually. =3
It is complicated, but Moral Development theory does cover the phenomena of why some won't understand until they personally grow through the stages of development.
Reading up on it made me realize that a certain well known orange person is really on Stage 2 of moral development. That explains a lot.
But also gives hope. I mean, it’s rare that adults fail to advance from pre-conventional phases, so it must be super rare to have such a confluence of factors that puts someone like that in the given job.
No need for insults, I found it fun. ROTs are easy to detect because they usually still have word-length chunks, and common repeating symbols. In this case the '6's ('e's). This is something a language oriented AI is going to be very good at detecting. It's great demo of why hashing is so important.
If you don't see repeating symbols, it could be a running key, like a Vigenèr cipher.
It was a simple way to highlight impulsive behavior common in modern users, and the trivial encoding function should be obvious to those who are minimally empathetic. Ask the LLM handler if being lied to makes people feel worse than getting robbed... then consider if you would hire such individuals.
If you are ever unsure of someones motives, than politely ask for context. Have a wonderful day =3
What is the impulsive behavior? Do you have a zero day in some ROT-47 decoder? Or perhaps a zero day in the file command in case a user creates a file containing the string and runs the command on it? Or is the string both a valid ROT-47 string and a valid executable on some platform?
> If you are ever unsure of someones motives, than politely ask for context.
I always understood that these hacks are one of the main ways for North Korea to actually earn money in other currencies, as they’ve been barred from trading with pretty much the entire world.
North Korean teams tend to perform very well in coding contests, so it’s a safe bet that North Korea is quite good at nurturing a small slice of elite computing talent.
> somewhat surprising that they possess the latest technology and conduct hacking.
Why does this surprise you? As you said, selecting capable people is not a problem. And then these capable people get the best possible motivation. I would say it is expected to get qualified hackers in such conditions, who are proficient in all latest technologies.
I know some people in the US government who definitely need a hardware key to access computing resources including email. They work for the Dept of the Interior on science stuff, nothing related to national security or otherwise sensitive info.
They mentioned this was a pain in the ass, and a very weird restriction since technically any member of the public can ask for a copy of their emails via FOIA.
This is interesting due to the tying of DPRK and PRC. It seems hard to say how much coordination there is between the two, but whatever it is, it appears to be greater than zero. While not necessarily surprising, I wonder if this public attribution will make it harder for the PRC to deny involvement with both the DPRK's efforts and their own.
Regardless of how unhappy Beijing may be with things Pyongyang does, North Korea is of such obvious strategic importance to China that they are unlikely to ever waver in their support of the regime or even try to hide it.
China kept backing Khmer Rouge despite the millions dead and even invaded Vietnam to protect them. Amoral, self interested actor at best. There's nothing North Korea could do to their own people to change the support.
In fairness, the US kept indirectly funding the Khmer Rouge even after evidence of their atrocities came to light for their own strategic geopolitical reasons.
The realpolitic of international relations very often follows the words of the British prime minister, Lord Palmerston: "We have no eternal allies, and we have no perpetual enemies. Our interests are eternal and perpetual, and those interests it is our duty to follow."
Sure. If Smedley Butler has been less disillusioned by his work history and successfully carried forward the business plot it’s pretty easy to imagine.
What do you mean? Some US companies did business with Nazi Germany, famously IBM and of course Ford, and of course there were nazi sympathizers in the US, but to my knowledge the US never supported Germany at that time.
I mean the US had no problems selling Nazi Germany arms at the start of the war. The US only really took a side after Germany told the US to stop also supplying war materials to their enemies, which Germany viewed as merely prolonging the war and deaths, and when the US ignored them because they were making too much money Germany stopped buying and doubled down on blockading material support to allies.
China did not, and still doesn't, want US troops at its border. That's why it originally intervened and why it supports North Korea. At the time there was also a further risk that the US might invade China.
That doesn't have to be the result of it. A more humane regime in NK doesn't mean reunification has to happen. And, part of the reason those US forces are in South Korea is the threat of the North. By threatening US involvement in case of an attack.
I mean, same could be said about South Korea. It would instantly drag their GDP per capita down by more than half, and that's not even counting how much money would need to be spent to re-develop NK.
If both counties sustain their current trajectories, in 50 years it will be NK re-populating and re-developing SK. And the "if" here is mainly about NK, chances of SK getting out of the death spiral are very thin.
I recently read/watched videos about the "population time bomb" in South Korea and how it's almost irreversible now. It really surprised me, it's one of those things that's hard to visualize. And it's not even long term!
Apparently, due to cultural, political and economical issues, South Korea cannot/won't do this. I suppose it theoretically could, but in practice it would mean it would cease to exist as it is now.
Due to the scale of their population collapse, the influx of immigrants would have to be massive. Which country does that? It would completely overtake its native ethnic population... which unlike a country built on immigration like the US, is surprisingly homogeneous.
I'm no expert, I encourage you to read on the matter. It apparently truly is something that cannot be stopped now. It surprised me as much as it (apparently) does you.
By the way, countries that are better off, like the US, are largely helped by immigration indeed. Which is why anti-immigration policies would be like shooting themselves in the foot.
> Apparently, due to cultural, political and economical issues, South Korea cannot/won't do this.
Because it's not a problem yet. What's going to stop them from doing it when the birth rate becomes a problem? Almost nothing.
> Due to the scale of their population collapse, the influx of immigrants would have to be massive.
Not really. You are mistakenly extrapolating the situation in the Western world, where purposefully brought in almost only criminals and freeloaders, to Korea. If you organize immigration of labor, then not so many immigrants will be needed
> I suppose it theoretically could, but in practice it would mean it would cease to exist as it is now.
But it's going to cease to exist as it is anyway. One way or another. And the people that remain will not be staring at a wall waiting for it to end. Also, young people seem to have a radically different mindset there, which is what tends to happen when they see their parents screwing everything up.
Maybe the culture isn't there yet but it will be. Having said that, I would never be happy to live in a country with strict moral codes like Japan or South Korea. But I'm sure many people would be. In particular conservatives tend to love these societies, you often hear comments like "this is what we should do here in the US".
I'm a raging pro-lgbt polyamorous kinky progressive so for me it would be the wrong place. But there are lots of people that would love this kind of thing.
> But there are lots of people that would love this kind of thing.
Doesn’t the fact that the people in said culture have decided it’s no longer worth reproducing, en masse, because of how their life is, imply that a lot of people wouldn’t actually like that kind of thing?
I just think life finds a way. Societies don't just disappear. They just change. There's too much value in Korea to just give up.
Will it disappear as we know it? Yes. But that is true everywhere. The America as you knew it in 2010 is also gone forever (and not for the better, unfortunately with its current politics). Same in Europe where the nazis are trying to take over. Change is a constant.
Life doesn't always find a way. Mass extinctions are a thing. Even human cultures & ethnic groups have disappeared without a trace.
The South Korean population time bomb is a completely different thing to America in the 2010 changing.
Have you read what people who study demographics currently believe about South Korea. An informed opinion is really needed to discuss this, this is not about "feelings".
Genuine question that I'm trying to learn about - the industrialisation of Japan and South Korea led to huge wealth creation and increases in quality of living. I know some of that is stagnating now and especially in South Korea things are difficult, but why isn't North Korea ever spoken of in those terms rather than always the GDP hit to South Korea?
Nearly every authoritarian country starts with people promising good things. A lot also start with rebels fighting against a group that led a massacre. They're underdog groups with popular support.
Then those underdogs take over. They become paranoid about the possibility of being killed themselves, so they repeat the massacres they fought against. A lot of people who supported the new regime think it's just a few remaining enemies being taken out. It won't happen to them. Then the government starts laying out methods to solidify their control. The list of things seen as traitorous and against national interests grows. It becomes a frog in a boiling pot situation. By the time people realize they might be a target, the system is too complicated and widespread to take down alone, and a new generation of youths have been raised knowing only the current system. And to those youths, things are stable. The most terrifying thing to people raised in stability is the idea of losing that stability. So keeping your head down and following the law is much better than absolutely anything else.
And with the absolute control of information that NK has, a significant portion of people really don't even know a better world exists out there. And they're terrified of anyone that even talks about shaking things up.
It looks like a liberal fantasy. The truth is that along the rivers that run on the border with China there are posts with machine gunners every 100 meters. Brainwashing is obviously nearly zero-effective, since they have to resort to machine guns.
In the initial era of the split between North and South Korea, South Korea both was run by a bunch of people who had a history of outright killing leftists, and the United States was involved in similar actions.
The lack of serious offramps to reunification, along with not as huge a delta in quality of life between north and south for a long time (aid from other countries sure helps!), allowed the DPRK to establish itself as its own nation.
Now there is the surveillance state apparatus allowing the DPRK to exist in its current form in perpetuity. And even if tomorrow they showed up and said "let's unify Korea", South Korea (even ignoring all the ideological reasons it might not want to) would likely be unwilling to absorb an extremely poor country and pay for it (see the painful experience of Germany's unification).
There is probably no off ramp that exists unless people are willing to let the elite walk away clean from the situation in one way or another, and it seems hard to imagine such a future.
And if you are a north korean elite and you are allowed to travel to northern china, you will see a place where things are running more smoothly, but you're still going to see places with massive amounts of internal controls and restrictions. So who's offering the upside to some regime change here?
It's my understanding there were plenty of USSR nostalgics in the east given how long it took for the free market to "trickle down" and the east to catch up economically. They never did catch up all the way anyway.
Yes, they won control of an entire state and almost won another.
People vote far right because they're fed up with the status quo, and perceive the far right can't be that much worse when everything is already so bad. Politicians who are not far right would do well to take this into account in their politics. Sadly, they don't, and history repeats.
For the first couple decades while it was ahead of South Korea economically (in large part due to support from China/USSR) it was not that bad but during that time the system of absolute control by the Kim family was setup and once it was up it is too late to really do anything due to how absolute/brutal the control is (you say anything wrong and you and your whole extended family end up in a prison/death camp)
Basically people are willing to put up with a lot if their lives are getting better (economic growth). Problem with that is what kind of system of control an authoritarian government can setup in that period of growth.
What's surprising about this? It's not dissimilar to how the US behaves towards their less than savory strategic allies (or, historically, towards dictatorships as long as they were US-aligned).
I don't think Chinese support for NK has ever been a secret anymore than the the US support for South Korea has. And it's in China's backyardd so they've got way more of an excuse.
And if you think that doesn't matter, look at the Monroe Doctrine [1].
Taken further, the so-called Cuban Missile Crisis should really be called the Turkey Missile Crisis. The US (through NATO) placed Jupiter nuclear MRBMs in Turkey, only hunddreds of miles from Moscow. The USSR responded by doing the exact same thing, by placing nuclear weapons in Cuba. And the US almost started World War 3 over it.
It was the USSR who stepped back from the brink and, as a result of a secret agreement, the Jupiter MRBMs were quietly removed from Turkey [2].
> The USSR responded by doing the exact same thing
This paints it as tit for tat, but to advert invasion the Cubans asked for the missiles over a year later than the missiles were placed in Turkey. The resolution combined these separate issues.
The topic is cybercrime and espionage, not nuclear brinksmanship or colonialism. Whatever parallels can be drawn don't seem to be very relevant, so the comment comes off as an attempt to deflect criticism.
Maybe it wasn’t clear, but I think the comment is explaining the importance for superpowers of keeping their immediate surroundings politically aligned - china wants NK on their side for the same reason neither the US or the URSS wanted nukes on their doorstep.
I do wonder what's the state of history education today when one only learns a basic history event today, and through a layman's forum post which is surely going to have all the complete perspective as opposed to setting out an explicit agenda.
You can’t separate colonialism and imperialism from Korea. As if any of us know what Korea would be doing if the west didn’t invade then sanction among other things.
The causality between missiles in Turkey causing the Cuban Missile Crisis is unsubstantiated by historical facts from the Soviets own perspectives.
It's more that Cuba requested nukes first, the USSR opportunistically took, then they to resolve the crisis they took that opportunity to remove Turkish missiles. It wasn't really a tit for tat on part of the USSR's intentions, Cuba was the primary agent here.
Not that it really mattered later on once ICBMs are developed.
From Khrushchev's own words (27 October 1962) [1]:
> Your missiles are located in Britain, are located in Italy, and are aimed against us. Your missiles are located in Turkey.
> You are disturbed over Cuba. You say that this disturbs you because it is 90 miles by sea from the coast of the United States of America. But Turkey adjoins us; our sentries patrol back and forth and see each other. Do you consider, then, that you have the right to demand security for your own country and the removal of the weapons you call offensive, but do not accord the same right to us? You have placed destructive missile weapons, which you call offensive, in Turkey, literally next to us. How then can recognition of our equal military capacities be reconciled with such unequal relations between our great states? This is irreconcilable.
According to General Boris Surikov [2]:
> 'Khrushchev and his Defence Minister, Rodion Malinovsky, were at Khrushchev's estate on the Black Sea. They went for a walk and Malinovsky pointed in the direction of Turkey and said: 'That's where the American rockets are pointing at us. They need only 10 minutes to reach our cities, but our rockets need 25 minutes to reach America.' Khrushchev thought for a while and then said: 'Why don't we instal our rockets in Cuba and point them at the Americans? Then we'll need only 10 minutes, too.'
This article goes on to quote the Soviet Ambassador to Cuba, Alexander Alexeyev, who was a direct witness and a go-between between Khrushchev and Castro:
> 'On 14 May 1962 I was called to a meeting of the Defence Council at the Kremlin. Khrushchev said, in effect: 'Comrades, I think it would be a good idea to instal rockets in Cuba. Do it clandestinely. I don't want it known in the US until November (after the mid-term Congressional elections). Alexander Alexeyev, how will Fidel react when we present him with our decision?'
That dosen't refute anything from his own words as a justification as opposed to his primary goal to provide Cuba with defence here to deter a US invasion. As others have pointed out, the USSR was annoyed by these placements in Italy and Turkey earlier, but they did not declare war or start a crisis over it beforehand. It's more that Turkey was a bargaining chip here.
>>Our aim has been and is to help Cuba, and no one can dispute the humanity of our motives, which are oriented toward enabling Cuba to live peacefully and develop in the way its people desire.
You need to place here in context that the Jupiter missiles in Turkey were already obselete but the US had the overwhelming advantage in a nuclear strike with their Atlas ICBMs in USA at the time, relying more on a fleet of intercontinental bombers that could targeted by NORAD.
Removing nukes for Turkey did little to change the strategic calculus, but it did heavily deprive the USSR of an opportunity to change that calculus with Cuban nukes at the time, which was a major factor in Kruschev's later removal from power.
> ... the US preying on its neighbors the way Russia and China are currently doing
Well, that's a matter of perspective isn't it? Cuba, Guatemala, Nicaragua, Colombia, Panama, Puerto Rico, Chile, El Salvador, Venezuela, the list goes on. There's a Wikipedia page dedicated to all the US backed coups since 1945 [1] it happens so often.
We've had a post-WW2 history of deposing democratically elected countries (in the Americas and elsewhere) to suit the interests of Western corporations. Who exactly are we protecting?
> ... it was a policy aimed at keeping wars between European colonial powers away from the newly independent countries in the Americas
Where is Moscow?
> ... people in the Americas shouldn't have to die in wars just because one European king insulted another.
Ok, but what about American belligerence? Pinochet and Noriega spring to mind.
Aso, I reject the contention that colonial wars were the product of European kings insulting one another. The interests were and always have been material. Even the Crusades (which were sold on Christian conflict with Islam) were fundamentally materialist in origin.
You better edit the Wikipedia article to remove the propaganda. According to that, since Roosevelt the Monroe doctrine has been repurposed for hegemony in the Western Hemisphere:
It is clear through any remotely honest reading of history that hemispheric hegemony was the whole point since Monroe. If you go back and read the speeches and literature from ~200 years ago from the time of Monroe it is pretty explicitly stated.
> For starters, this propaganda often mischaracterizes the Monroe Doctrine as the US preying on its neighbors the way Russia and China are currently doing, when in fact it was a policy aimed at keeping wars between European colonial powers away from the newly independent countries in the Americas.
...so we can freely do as we please. Of course we've been preying on our neighbors. We've been invading and deposing all across the Americas to force alignment with our interests for well over a century now. We even have terrorist training camps hosted on our soil: https://en.wikipedia.org/wiki/Western_Hemisphere_Institute_f...
What, do you think that our invading Grenada, or Panama, is somehow in their interests? It's a flagrant violation of international law and sovereignty. To imagine that this is somehow an abnormal deviation from our "protection" of our neighbors is... well, I honestly didn't realize anyone thought that way anymore.
Look I can understand not thinking america is "evil" or entirely machiavellian, but it seems just as absurd to take any noble intentions we claim to have at face value. The monroe doctrine is as good an example of this as any.
92% of Panamans supported the invasion to despose Noreiga and actually would have preferred the US do it earlier back during his second coup.
Truth be speaking, I would where you are getting your history, if not just from skewed leftist internet Podcasters. Not mentioning the larger context of the Cold War and the opinions of the people on the ground does look more like lying by omission.
I read history books like anyone else, the cold war was just straight retarded, and we trained Noriega (at the very school I already linked to). Furthermore just because I want someone to invade and liberate us doesn't mean it's not a violation of international law and sovereignty.
That's not an opinion that most will agree with, certainly from the USSR and the USA's own perspectives. I do wonder the kind of grades one would get if they wrote that down in a history class in any nation. And the more you understand history, both US and the USSR's actions do make perfect sense given their local contexts that most would be making the same decisions in the same position.
>I want someone to invade and liberate us doesn't mean it's not a violation of international law and sovereignty.
I tend to think more about what is the best course of action that benefits the people on the ground and the long term. The idea of sancrosanctity of "sovereignity" is better understood as a social construct to justify oppressive power structures, as it's reflection in reality is highly contentious. The same with International Law, you are taking a literalist position when International Law is better understood as gentlemen's agreements, which is irrelevant in the context of the ontological conflict between two sides that supercedes the notion of law in the first place.
There's been a lot of revisionist history with the World War 2 and the Cold War that really understates the USSR's instrumental role in defeating Germany.
Fascism was popular in the US. Henry Ford shared his thoughts by publishing The International Jew [1]. Hitler was a fan. Ford was mentioned by name in Mein Kampf. We had the Business Plot [2] in 1933. There was a Nazi rally at Madison Square Garden in 1939. The German American Bund was present until 1941.
On the other side of the Atlantic, Stalin had initially sought an anti-German alliance with Britain and France but was rebuffed, leading to the deal with Hitler.
The US had ~400,000 casulaties in the European campaign and none really until D-Day in 1944. The USSR lost somewhere between 26 and 30 million people in WW2, something only really revealed by a 1959 census. Had Germany defeated the USSR and taken MOscow in 1941-1942, we would live in a very different world.
The result of World War 2 was that Hitler lost but the fascists won. Under the guise of fighting Communism (eg the Truamn Doctrine, leading to the Korean and Vietnam wars). NATO was an imperial project. Charles De Gaulle (in the 1960s) went so far as to say Western Europe was in danger of becoming a US protectorate.
We all know about Operation Paper Clip (I hope) but less known is how Nazis found their way into NATO. Adolf Heusinger went from Hitler's Chief of the German High Command to Chairman of the NATO Military Committee. And he wasn't the only one [3].
So when that commenter called the Cold War "retarded", I suspect they're referring to how the US took up Nazi Germany's fight against Communism.
The whole Red Scare was terrible for average American citizens. It was used to dismantle the labor movement and unions and ultimately led to Nixon, Reagan and Clinton and the destruction of real wages and living conditions.
> The dump also revealed reliance on GitHub repositories known for offensive tooling. TitanLdr, minbeacon, Blacklotus, and CobaltStrike-Auto-Keystore were all cloned or referenced in command logs.
What's the rationale for allowing the development of offensive tooling on github? Is this a free-speech thing, or are these repositories relevant for scientific research in some way?
They are heavily used in penetrationtests and red teaming engagements. Banning such tools from the public just mystifies attackers ways to defenders, while not in any way hindering serious malicious actors. We had that discussion back in the 90s and early 2000s.
Agreed. Plus it's not always a clear line between offensive and legitimate usage. For many years nmap was banned on most corporate networks, but it's an invaluable tool for legitimate use too, despite being useful for offensive cases as well
It's mainly beside nmap detection is a feature of most IDS so it's bound to raise some red flags.
Same with even doing packet sniffing. It can be detected when using wireshark because it does reverse DNS lookups for each ip it sees in its default configuration.
I had legit reasons for it at work so I always mentioned it to the network guys before ding stuff like this. We also had a firewalled lab network. We did get some pushback once when some scans leaked out to the office network. But it was their fault for having the firewall open.
I ran 'neoprint.php' on myself at Facebook in 2007 and immediately got a stern email about it... It was some script that collected info for responding to law enforcement requests. But after chastising me, the email said "I was gratified that you ran it on yourself". (as opposed to snooping on someone else!)
It was just a summer internship and FB was like 'only' 80 engineers back then. But they still took it seriously.
I think that's a little different. It sounds like neoprint.php is an internal Facebook tool for looking up data on Facebook users. So improper usage of it is a privacy problem for users. It's something misbehaving employees might run against celbrities, exes, etc. (e.g. https://www.gawkerarchives.com/5637234/gcreep-google-enginee... )
Otoh nmap isn't a privacy problem for users of Facebook (or any other tech company).
+1. If I can't run nap or netcat, or have to justify it each time, I can't do my job. Better off elsewhere.
I've departed early at least twice over this. Draconian IT serves nobody. Been doing this long enough I deliberately poke any new employer; see what's in store.
Nobody cares, though. EDR appliances sell without careful administration. The industry will outlive us all.
While that may be true, it’s less true for things like cobalt strike. I’m not saying that banning tooling would be a good thing, but it’s a bad argument to compare Nmap to remote access tools.
I don't disagree, but GP is asking about all offensive tools, not just Cobalt strike. IMHO a platform like GitHub should not be picking and choosing which projects are offensive enough to remove. Yes, there are some tools that are pretty clearly more offensive than others, but creating a policy would not be clear-cut
Cobalt strike is just an automated script kiddie really. It's a way for red teamers to catch low hanging fruit. And because of that, there's not so much low hanging fruit anyway.
> GitHub now has a license from OFAC to provide cloud services to developers located or otherwise resident in Iran. This includes all public and private services for individuals and organizations, both free and paid.
> GitHub cloud services, both free and paid, are also generally available to developers located in Cuba.
Do you have any reason to suspect GitHub isn't blocking those countries? How long do you think an offensive-security sponsor/passport-issuing nation might take to get around GitHub IP-blocks?
Right exactly. The only way IP blocks work is if there's no vulnerable machines to take over anywhere. That is - it basically doesn't work for any motivated attacker.
You could hypothetically make it work, but it would mean an extremely different Internet and device landscape than exists today. (And even then I doubt it stops a nation-state level attacker, they can always use old fashioned espionage to get someone in meat space and get around any technical barrier)
No, OP loves to claim almost daily how nearly everything is illegal in Germany, and never provides any sources or court cases when asked for proof, just "google it yourself" or "the German criminal code".
Surely then it's the 'use', not the 'possession' that's a criminal offence? Or is it still a criminal offence to possess it, but you're fine as long as no one finds out? Because that doesn't stop it being a criminal offence.
My basic understanding is that a 'dual use' tool is moreso based on intent; using the same analogy as when this came up on HN over a decade ago [0], a good kitchen knife can be at least as dangerous as a lot of explicitly 'banned' knives but because it has a non-illegal use it doesn't fall into the same category as, say, a DDOS tool. And AFAIK there hasn't (yet) been a case where NMAP has gotten someone in Germany in trouble with the law for possessing or using within their local subnet.
This might be akin to lockpicks in the United States. Not illegal in and of themselves, but if you are possessing them with intent, it's a different matter.
It's "whoever prepares for the commission of a [hacking] offence by acquiring computer programs for the commission of the offence" and it's been interpreted that downloading nmap can be preparing for an offence, therefore punishable. Giving copies to others (e.g. running a Debian mirror) is also likely illegal, but I doubt anyone's been charged for that yet.
Police can always fabricate intent (this is not specific to Germany - they can just say you told them you were going to hack someone, or your actions or body language obviously showed it) and then in practice it's up to you to show an alternative interpretation of facts. If you're studying computer security, that might get you off - but who better than a computer security student to do actual hacking?
Hard disagree, I think there is very important context missing here, notably:
> 2. computer programs for the purpose of the commission of such an offence
Big huge emphasis on "for the purpose of", meaning there must be clear intent to cause harm or break the law, especially for a criminal case. This assumes the purpose of the program is not inherently for hacking/criminal purposes, which I do not believe would be hard to argue that nmap is not designed as a "hacking tool".
In the US you’re allowed to have pretty much whatever code you want on your computer, obviously excepting binary representations of illegal photo/video content.
How do they even enforce it? Or is it just an extra law to throw at someone already convicted of something?
Well we are heading in that direction anyway. With software platforms getting more locked down. Having a rooted phone now is already enough to get banned from bank apps because you're not in the comfortable fluffy death grip of Google.
Sometimes sending a message is part of the point. And you still have plausible deniability anyway "it was a false flag booo".
The Russians do this a lot. This kind of attack that they want everyone to know they are being without telling you they are behind it and denying it in all colours.
There's always a risk of openness creating copycats, but there's also the fact that informed decisions can now be made by people who need to mitigate against these malicious actors.
There's no way to only give the information to one group without the other group getting their hands on it.
There's levels between not sharing it with anybody, and dumping it up on the public web for everyone to see. There are private disclosure lists they could have used, if they wanted to.
interesting stuff but the china angle is a bit overstated with option A/B.
it could simply be the guy maintains presence there because he has access. NK has no public internet so he might simply enjoy internet access -_- rather than neccesarily be either pretending to be chinese or working for them...
So this is interesting from a technical perspective. Some of this infrastructure is used by pen testers and the likes, which just goes to show that there is no such thing as a defensive weapon. I'll let you ponder why that might be pertinent.
Unfortunately, it quickly turns into a discussion of how bad NK and China are and how China shouldn't support NK (because, again, they're bad).
I'll offer two words to expose the hypocrisy of this: Stuxnet, Pegasus.
This is some clickbait. At least to me. I've recently read an article that when Kim Jong Un takes dump he does it in a N.Korea secret service owned toilet that is being dragged always with him. Hence "Kim dump" sounds really... Physical...
I believe these are the hackers responsible for this leak: https://phrack.org/issues/72/7_md#article
> I am a Hacker and I am the opposite to all that you are. In my realm, we are all alike. We exist without skin color, without nationality, and without political agenda. We are slaves to nobody.
Classic elitist take ignoring that this this space where "all are alike" can only work for certain kinds of people.
On the Internet, nobody knows you’re a dog. Unless you make it your whole personality telling everybody that you are a dog. Maybe stop doing that.
No tolerance for the intolerant.
Your quote it is out of context, they are talking to North Korea's -sociopathic- government accomplice:
North Korean citizens are kidnapped by a dictatorship. They are talking to someone who supports crimes against humanity.I would go as far as to say slaves of a dictatorship. Most likely threathened with death, including the hackers' entire family, if they dont follow the line. Considering these factors, how much do you think they actually "support crimes against humanity"? North Koreans filter their students very early on to find the smart ones and teach them hacking in specialized military camps. Whoever this hacker is, he probably has been handpicked and groomed for the job hes doing.
How is this any different from say a Pentagon or IDF employee who is involved (by some degree) in the documented mass murder of civilians? Their livelihoods are also on the line.
Are they off the hook because they "choose" to participate in mass murder?
Youre gonna pretend theres no difference between your entire bloodline (literally) or your salary being on the line? If you work at the Pentagon and see mass murder of civilians you have the option to stop going to work. A north korean hacker does not have that option.
You may be assuming a fair bit. Just because it is evidently true that there is a difference, to the parent, depending on their philosophical bent, it is not impossible that it is the outcome alone that determines level of willingness to accept level of.. dunno what is a good word here.. responsibility. In other words, from where they come from, all other factors are not relevant. I don't subscribe to this particular view of the world, but it helps to be able to understand others.
I get that a pure consequentialist can flatten every distinction, but in the real world we still distinguish between (a) ‘I’ll kill your entire bloodline if you stop typing’ and (b) ‘You can resign and face a résumé gap.’ Until we’re ready to treat a bank-teller under duress the same as an armed robber, that difference has to matter.
[dead]
I don’t necessarily agree with you but I’m not sure why you are being downvoted into oblivion.
Tangentially, my problem with this phrase post is that I am struggling to get past all the obvious falsehoods when it comes to the non technical part of the writing.
It starts off the bat with using terminology like “Advanced Persistent Threat” and conflates what it already identified as a North Korean group as Chinese in this sentence
> It shows a glimpse how openly "Kimsuky" cooperates with other Chinese APTs and shares their tools and techniques.
And then gives some flowery speech about how the Koreans are bad and political but this author who opposes them is good and not political.
This reads to me like the ravings of some crazy person with advanced skills who thinks everyone else is the crazy one while wearing a tinfoil hat, or a federal group leaking a no longer useful technical hack surrounded in language pushing propaganda
To quote the movie Hackers:
"Cool? It's not cool. It's commie bullshit!"
Brian: We are all different! Guy: I'm not!
its always just some cheesy hacker words put to seem mysterious or whatever -_-.
we are legion, we are one etc. anything like that fall apart quickly if you attach identity to something doesnt it.
i guess by being anonymous online some forget they are not anonymous irl. a lot of being alone with the terminal ^^>
gotta read between all the fluff tho.
I’ve heard that in North Korea it is difficult for ordinary people to learn or own a computer. It is assumed that a small number of elite operatives are selected and trained to carry out such tasks, and it is somewhat surprising that they possess the latest technology and conduct hacking.
If anything the hackers in north korea are probably world class if the government is getting their students into focused training programs early in their schooling. Western nations have nothing equivalent due to schooling being generalist and undergrad and grad school not really introducing you to the sort of work you'd actually do on the job as a hacker. 22 year old western hacker for a 3 letter agency is going to have maybe a 6 month softball tangentially related internship of experience under their belt while the north korean might have years and years by that point.
> 22 year old western hacker for a 3 letter agency is going to have maybe a 6 month softball tangentially related internship of experience under their belt while the north korean might have years and years by that point.
I was with you right up until this bit
The agencies concerned tend to recruit people that have demonstrated ability in that field, and they've usually got it with "self-directed" training :)
State sponsored thieves are not a talent pool that anyone wants in a trusted position.
The fact is there were only around 40 unique hacks ever invented, and people simply adapt these into new zero day exploits. Notably, this is now mostly a fully automated process.
If people want in, they will get in eventually. =3
x C62=:K6 J@F 2C6 AC66>AE:G6=J 5:D28C66:?8 H:E9 E96 DFCAC:D:?8=J =@H 6DE:>2E6 @7 6IA=@:E E2I@?@>J[ 3FE 9F>2? DE2E:DE:42= 3692G:@C :D 2=D@ ?@E 2D 4@>A=6I 2D >2?J 36=:6G6]
> State sponsored thieves are not a talent pool that anyone wants in a trusted position
Why? They’re intelligent, crafty and able to make trade-offs.
Empirically, ex-spies have a solid history in reaching commanding positions in politics and business.
> Empirically, ex-spies have a solid history in reaching commanding positions in politics and business.
But it's not because someone wants them there. It's because they can demand the position they want.
It is complicated, but Moral Development theory does cover the phenomena of why some won't understand until they personally grow through the stages of development.
Have a great day. =3
https://en.wikipedia.org/wiki/Lawrence_Kohlberg's_stages_of_...
Reading up on it made me realize that a certain well known orange person is really on Stage 2 of moral development. That explains a lot.
But also gives hope. I mean, it’s rare that adults fail to advance from pre-conventional phases, so it must be super rare to have such a confluence of factors that puts someone like that in the given job.
ChatGPT decoded the ROT47 text immediately from a simple prompt: "Decode this string sent by some random pompous guy on Hacker News: [raw string]".
If robots want in, they will get in eventually too, apparently.
No need for insults, I found it fun. ROTs are easy to detect because they usually still have word-length chunks, and common repeating symbols. In this case the '6's ('e's). This is something a language oriented AI is going to be very good at detecting. It's great demo of why hashing is so important.
If you don't see repeating symbols, it could be a running key, like a Vigenèr cipher.
It was a simple way to highlight impulsive behavior common in modern users, and the trivial encoding function should be obvious to those who are minimally empathetic. Ask the LLM handler if being lied to makes people feel worse than getting robbed... then consider if you would hire such individuals.
If you are ever unsure of someones motives, than politely ask for context. Have a wonderful day =3
https://en.wikipedia.org/wiki/List_of_cognitive_biases#Causa...
What is the impulsive behavior? Do you have a zero day in some ROT-47 decoder? Or perhaps a zero day in the file command in case a user creates a file containing the string and runs the command on it? Or is the string both a valid ROT-47 string and a valid executable on some platform?
> If you are ever unsure of someones motives, than politely ask for context.
Asking for context.
In general, the point was predicting statistical behavior is easy in large enough populations, and finding utility in that fact is trivial.
Exploits are boring, and thus have questionable utility in a proper business context. Don't worry about it... =3
I always understood that these hacks are one of the main ways for North Korea to actually earn money in other currencies, as they’ve been barred from trading with pretty much the entire world.
North Korean teams tend to perform very well in coding contests, so it’s a safe bet that North Korea is quite good at nurturing a small slice of elite computing talent.
They just identify talented individuals and send them to schools in China or elsewhere to learn the latest tech.
source? interesting if true.
> somewhat surprising that they possess the latest technology and conduct hacking.
Why does this surprise you? As you said, selecting capable people is not a problem. And then these capable people get the best possible motivation. I would say it is expected to get qualified hackers in such conditions, who are proficient in all latest technologies.
Why everyone working with the government doesn't use hardware keys without passwords so that fishing is useless?
Surely people can still phish for the user to insert their hardware key to approve something malicious?
Hardware keys (unlike humans) usually check page URL and do not send the data stored by another domain.
What is phishing resistant MFA? - https://www.sans.org/blog/what-is-phishing-resistant-mfa
I know some people in the US government who definitely need a hardware key to access computing resources including email. They work for the Dept of the Interior on science stuff, nothing related to national security or otherwise sensitive info.
They mentioned this was a pain in the ass, and a very weird restriction since technically any member of the public can ask for a copy of their emails via FOIA.
Because hardware keys are so 2000 - we have apps now. With Play Protect Premium Enterprise to make sure the phone is secure. /s
This is interesting due to the tying of DPRK and PRC. It seems hard to say how much coordination there is between the two, but whatever it is, it appears to be greater than zero. While not necessarily surprising, I wonder if this public attribution will make it harder for the PRC to deny involvement with both the DPRK's efforts and their own.
Regardless of how unhappy Beijing may be with things Pyongyang does, North Korea is of such obvious strategic importance to China that they are unlikely to ever waver in their support of the regime or even try to hide it.
China kept backing Khmer Rouge despite the millions dead and even invaded Vietnam to protect them. Amoral, self interested actor at best. There's nothing North Korea could do to their own people to change the support.
In fairness, the US kept indirectly funding the Khmer Rouge even after evidence of their atrocities came to light for their own strategic geopolitical reasons.
The realpolitic of international relations very often follows the words of the British prime minister, Lord Palmerston: "We have no eternal allies, and we have no perpetual enemies. Our interests are eternal and perpetual, and those interests it is our duty to follow."
So there is a universe out there where the US would have supported/allied with Nazi Germany had it been convenient?
Sure. If Smedley Butler has been less disillusioned by his work history and successfully carried forward the business plot it’s pretty easy to imagine.
Yes, this one.
What do you mean? Some US companies did business with Nazi Germany, famously IBM and of course Ford, and of course there were nazi sympathizers in the US, but to my knowledge the US never supported Germany at that time.
Hardly difficult to imagine when you look at when WW2 began vs when the US became involved, and why.
I mean the US had no problems selling Nazi Germany arms at the start of the war. The US only really took a side after Germany told the US to stop also supplying war materials to their enemies, which Germany viewed as merely prolonging the war and deaths, and when the US ignored them because they were making too much money Germany stopped buying and doubled down on blockading material support to allies.
>I mean the US had no problems selling Nazi Germany arms at the start of the war.
This claim doesn't appear to be true: https://www.reddit.com/r/AskHistorians/comments/1k6yi1z/comm...
Anything happens to North Korea and all those starving people flood into China. I think that’s why China supports North Korea.
China did not, and still doesn't, want US troops at its border. That's why it originally intervened and why it supports North Korea. At the time there was also a further risk that the US might invade China.
That doesn't have to be the result of it. A more humane regime in NK doesn't mean reunification has to happen. And, part of the reason those US forces are in South Korea is the threat of the North. By threatening US involvement in case of an attack.
I mean, same could be said about South Korea. It would instantly drag their GDP per capita down by more than half, and that's not even counting how much money would need to be spent to re-develop NK.
If both counties sustain their current trajectories, in 50 years it will be NK re-populating and re-developing SK. And the "if" here is mainly about NK, chances of SK getting out of the death spiral are very thin.
I recently read/watched videos about the "population time bomb" in South Korea and how it's almost irreversible now. It really surprised me, it's one of those things that's hard to visualize. And it's not even long term!
They can always allow more immigration. National populations don't grow only by births.
Apparently, due to cultural, political and economical issues, South Korea cannot/won't do this. I suppose it theoretically could, but in practice it would mean it would cease to exist as it is now.
Due to the scale of their population collapse, the influx of immigrants would have to be massive. Which country does that? It would completely overtake its native ethnic population... which unlike a country built on immigration like the US, is surprisingly homogeneous.
I'm no expert, I encourage you to read on the matter. It apparently truly is something that cannot be stopped now. It surprised me as much as it (apparently) does you.
By the way, countries that are better off, like the US, are largely helped by immigration indeed. Which is why anti-immigration policies would be like shooting themselves in the foot.
> Apparently, due to cultural, political and economical issues, South Korea cannot/won't do this.
Because it's not a problem yet. What's going to stop them from doing it when the birth rate becomes a problem? Almost nothing.
> Due to the scale of their population collapse, the influx of immigrants would have to be massive.
Not really. You are mistakenly extrapolating the situation in the Western world, where purposefully brought in almost only criminals and freeloaders, to Korea. If you organize immigration of labor, then not so many immigrants will be needed
> I suppose it theoretically could, but in practice it would mean it would cease to exist as it is now.
But it's going to cease to exist as it is anyway. One way or another. And the people that remain will not be staring at a wall waiting for it to end. Also, young people seem to have a radically different mindset there, which is what tends to happen when they see their parents screwing everything up.
Maybe the culture isn't there yet but it will be. Having said that, I would never be happy to live in a country with strict moral codes like Japan or South Korea. But I'm sure many people would be. In particular conservatives tend to love these societies, you often hear comments like "this is what we should do here in the US".
I'm a raging pro-lgbt polyamorous kinky progressive so for me it would be the wrong place. But there are lots of people that would love this kind of thing.
> But there are lots of people that would love this kind of thing.
Doesn’t the fact that the people in said culture have decided it’s no longer worth reproducing, en masse, because of how their life is, imply that a lot of people wouldn’t actually like that kind of thing?
I mean, I don't know what to tell you. You seem to be reacting in disbelief, "this cannot be true".
But reality shows it is happening, it is accelerating, and young people are part of the problem.
It's a real thing, and the consensus seems to be it's irreversible, however bizarre it may seem to us.
I just think life finds a way. Societies don't just disappear. They just change. There's too much value in Korea to just give up.
Will it disappear as we know it? Yes. But that is true everywhere. The America as you knew it in 2010 is also gone forever (and not for the better, unfortunately with its current politics). Same in Europe where the nazis are trying to take over. Change is a constant.
Life finds a way, just not necessarily your life or your kids'
Life doesn't always find a way. Mass extinctions are a thing. Even human cultures & ethnic groups have disappeared without a trace.
The South Korean population time bomb is a completely different thing to America in the 2010 changing.
Have you read what people who study demographics currently believe about South Korea. An informed opinion is really needed to discuss this, this is not about "feelings".
Genuine question that I'm trying to learn about - the industrialisation of Japan and South Korea led to huge wealth creation and increases in quality of living. I know some of that is stagnating now and especially in South Korea things are difficult, but why isn't North Korea ever spoken of in those terms rather than always the GDP hit to South Korea?
How did they manage to brain control millions of people like that? I mean it’s so ludicrous to an outsider.
Nearly every authoritarian country starts with people promising good things. A lot also start with rebels fighting against a group that led a massacre. They're underdog groups with popular support.
Then those underdogs take over. They become paranoid about the possibility of being killed themselves, so they repeat the massacres they fought against. A lot of people who supported the new regime think it's just a few remaining enemies being taken out. It won't happen to them. Then the government starts laying out methods to solidify their control. The list of things seen as traitorous and against national interests grows. It becomes a frog in a boiling pot situation. By the time people realize they might be a target, the system is too complicated and widespread to take down alone, and a new generation of youths have been raised knowing only the current system. And to those youths, things are stable. The most terrifying thing to people raised in stability is the idea of losing that stability. So keeping your head down and following the law is much better than absolutely anything else.
And with the absolute control of information that NK has, a significant portion of people really don't even know a better world exists out there. And they're terrified of anyone that even talks about shaking things up.
It looks like a liberal fantasy. The truth is that along the rivers that run on the border with China there are posts with machine gunners every 100 meters. Brainwashing is obviously nearly zero-effective, since they have to resort to machine guns.
Not limited to non-Western countries btw. We are also vulnerable.
In the initial era of the split between North and South Korea, South Korea both was run by a bunch of people who had a history of outright killing leftists, and the United States was involved in similar actions.
The lack of serious offramps to reunification, along with not as huge a delta in quality of life between north and south for a long time (aid from other countries sure helps!), allowed the DPRK to establish itself as its own nation.
Now there is the surveillance state apparatus allowing the DPRK to exist in its current form in perpetuity. And even if tomorrow they showed up and said "let's unify Korea", South Korea (even ignoring all the ideological reasons it might not want to) would likely be unwilling to absorb an extremely poor country and pay for it (see the painful experience of Germany's unification).
There is probably no off ramp that exists unless people are willing to let the elite walk away clean from the situation in one way or another, and it seems hard to imagine such a future.
And if you are a north korean elite and you are allowed to travel to northern china, you will see a place where things are running more smoothly, but you're still going to see places with massive amounts of internal controls and restrictions. So who's offering the upside to some regime change here?
> see the painful experience of Germany's unification
I had thought that Germans from both sides were overwhelmingly supportive of re-unification, even if it would cause short-term pain??
It's my understanding there were plenty of USSR nostalgics in the east given how long it took for the free market to "trickle down" and the east to catch up economically. They never did catch up all the way anyway.
Today the areas that were previous controlled by East Germany overwhelmingly vote for right wing parties though.
I believe the AfD political party in Germany won significant support in those areas of Germany that were once behind the Iron Curtain.
Yes, they won control of an entire state and almost won another.
People vote far right because they're fed up with the status quo, and perceive the far right can't be that much worse when everything is already so bad. Politicians who are not far right would do well to take this into account in their politics. Sadly, they don't, and history repeats.
For the first couple decades while it was ahead of South Korea economically (in large part due to support from China/USSR) it was not that bad but during that time the system of absolute control by the Kim family was setup and once it was up it is too late to really do anything due to how absolute/brutal the control is (you say anything wrong and you and your whole extended family end up in a prison/death camp)
Basically people are willing to put up with a lot if their lives are getting better (economic growth). Problem with that is what kind of system of control an authoritarian government can setup in that period of growth.
Empiricism in the face of a totalitarian regime is difficult.
Less of brain control, and more like slaughter of anyone who disagrees or rolls their eyes. Read accounts of those who escaped
It's funny to say that because we're living in a bubble too.
What's surprising about this? It's not dissimilar to how the US behaves towards their less than savory strategic allies (or, historically, towards dictatorships as long as they were US-aligned).
Not saying it should be surprising. Just trying to answer the question.
Exactly. It's the equivalent of something like western Five / Nine / Fourteen Eyes, that also share intelligence within the alliance.
I don’t see any smoking gun here that would prevent the PRC from denying its involvement in these hacking efforts.
Russia too after the public hand holding last week.
I don't think Chinese support for NK has ever been a secret anymore than the the US support for South Korea has. And it's in China's backyardd so they've got way more of an excuse.
And if you think that doesn't matter, look at the Monroe Doctrine [1].
Taken further, the so-called Cuban Missile Crisis should really be called the Turkey Missile Crisis. The US (through NATO) placed Jupiter nuclear MRBMs in Turkey, only hunddreds of miles from Moscow. The USSR responded by doing the exact same thing, by placing nuclear weapons in Cuba. And the US almost started World War 3 over it.
It was the USSR who stepped back from the brink and, as a result of a secret agreement, the Jupiter MRBMs were quietly removed from Turkey [2].
[1]: https://en.wikipedia.org/wiki/Monroe_Doctrine
[2]: https://www.wilsoncenter.org/blog-post/jupiter-missiles-and-...
> The USSR responded by doing the exact same thing
This paints it as tit for tat, but to advert invasion the Cubans asked for the missiles over a year later than the missiles were placed in Turkey. The resolution combined these separate issues.
Why is this comment downvoted? You have the right to see China, USSR and NK as immoral regimes but there's nothing non-factual here.
The topic is cybercrime and espionage, not nuclear brinksmanship or colonialism. Whatever parallels can be drawn don't seem to be very relevant, so the comment comes off as an attempt to deflect criticism.
Maybe it wasn’t clear, but I think the comment is explaining the importance for superpowers of keeping their immediate surroundings politically aligned - china wants NK on their side for the same reason neither the US or the URSS wanted nukes on their doorstep.
It was still a fascinating aside, and it's not like HN stays on topic in a thread. I learned something today.
I do wonder what's the state of history education today when one only learns a basic history event today, and through a layman's forum post which is surely going to have all the complete perspective as opposed to setting out an explicit agenda.
> The topic is cybercrime and espionage, not nuclear brinksmanship or colonialism.
Those are all closely related topics in geopolitics.
You can’t separate colonialism and imperialism from Korea. As if any of us know what Korea would be doing if the west didn’t invade then sanction among other things.
North Korea invaded South Korea after US pressured South Korea to disarm. North Korea was the imperialist actor here.
The causality between missiles in Turkey causing the Cuban Missile Crisis is unsubstantiated by historical facts from the Soviets own perspectives.
It's more that Cuba requested nukes first, the USSR opportunistically took, then they to resolve the crisis they took that opportunity to remove Turkish missiles. It wasn't really a tit for tat on part of the USSR's intentions, Cuba was the primary agent here.
Not that it really mattered later on once ICBMs are developed.
From Khrushchev's own words (27 October 1962) [1]:
> Your missiles are located in Britain, are located in Italy, and are aimed against us. Your missiles are located in Turkey.
> You are disturbed over Cuba. You say that this disturbs you because it is 90 miles by sea from the coast of the United States of America. But Turkey adjoins us; our sentries patrol back and forth and see each other. Do you consider, then, that you have the right to demand security for your own country and the removal of the weapons you call offensive, but do not accord the same right to us? You have placed destructive missile weapons, which you call offensive, in Turkey, literally next to us. How then can recognition of our equal military capacities be reconciled with such unequal relations between our great states? This is irreconcilable.
According to General Boris Surikov [2]:
> 'Khrushchev and his Defence Minister, Rodion Malinovsky, were at Khrushchev's estate on the Black Sea. They went for a walk and Malinovsky pointed in the direction of Turkey and said: 'That's where the American rockets are pointing at us. They need only 10 minutes to reach our cities, but our rockets need 25 minutes to reach America.' Khrushchev thought for a while and then said: 'Why don't we instal our rockets in Cuba and point them at the Americans? Then we'll need only 10 minutes, too.'
This article goes on to quote the Soviet Ambassador to Cuba, Alexander Alexeyev, who was a direct witness and a go-between between Khrushchev and Castro:
> 'On 14 May 1962 I was called to a meeting of the Defence Council at the Kremlin. Khrushchev said, in effect: 'Comrades, I think it would be a good idea to instal rockets in Cuba. Do it clandestinely. I don't want it known in the US until November (after the mid-term Congressional elections). Alexander Alexeyev, how will Fidel react when we present him with our decision?'
[1]: https://microsites.jfklibrary.org/cmc/oct27/doc4.html
[2]: https://www.independent.co.uk/voices/the-cuban-missile-crisi...
>From Khrushchev's own words (27 October 1962):
That dosen't refute anything from his own words as a justification as opposed to his primary goal to provide Cuba with defence here to deter a US invasion. As others have pointed out, the USSR was annoyed by these placements in Italy and Turkey earlier, but they did not declare war or start a crisis over it beforehand. It's more that Turkey was a bargaining chip here.
>>Our aim has been and is to help Cuba, and no one can dispute the humanity of our motives, which are oriented toward enabling Cuba to live peacefully and develop in the way its people desire.
You need to place here in context that the Jupiter missiles in Turkey were already obselete but the US had the overwhelming advantage in a nuclear strike with their Atlas ICBMs in USA at the time, relying more on a fleet of intercontinental bombers that could targeted by NORAD.
Removing nukes for Turkey did little to change the strategic calculus, but it did heavily deprive the USSR of an opportunity to change that calculus with Cuban nukes at the time, which was a major factor in Kruschev's later removal from power.
[flagged]
> ... the US preying on its neighbors the way Russia and China are currently doing
Well, that's a matter of perspective isn't it? Cuba, Guatemala, Nicaragua, Colombia, Panama, Puerto Rico, Chile, El Salvador, Venezuela, the list goes on. There's a Wikipedia page dedicated to all the US backed coups since 1945 [1] it happens so often.
We've had a post-WW2 history of deposing democratically elected countries (in the Americas and elsewhere) to suit the interests of Western corporations. Who exactly are we protecting?
> ... it was a policy aimed at keeping wars between European colonial powers away from the newly independent countries in the Americas
Where is Moscow?
> ... people in the Americas shouldn't have to die in wars just because one European king insulted another.
Ok, but what about American belligerence? Pinochet and Noriega spring to mind.
Aso, I reject the contention that colonial wars were the product of European kings insulting one another. The interests were and always have been material. Even the Crusades (which were sold on Christian conflict with Islam) were fundamentally materialist in origin.
[1]: https://en.wikipedia.org/wiki/United_States_involvement_in_r...
You better edit the Wikipedia article to remove the propaganda. According to that, since Roosevelt the Monroe doctrine has been repurposed for hegemony in the Western Hemisphere:
Starting at https://en.wikipedia.org/wiki/Monroe_Doctrine#Roosevelt_Coro... and further.
It is clear through any remotely honest reading of history that hemispheric hegemony was the whole point since Monroe. If you go back and read the speeches and literature from ~200 years ago from the time of Monroe it is pretty explicitly stated.
> For starters, this propaganda often mischaracterizes the Monroe Doctrine as the US preying on its neighbors the way Russia and China are currently doing, when in fact it was a policy aimed at keeping wars between European colonial powers away from the newly independent countries in the Americas.
...so we can freely do as we please. Of course we've been preying on our neighbors. We've been invading and deposing all across the Americas to force alignment with our interests for well over a century now. We even have terrorist training camps hosted on our soil: https://en.wikipedia.org/wiki/Western_Hemisphere_Institute_f...
What, do you think that our invading Grenada, or Panama, is somehow in their interests? It's a flagrant violation of international law and sovereignty. To imagine that this is somehow an abnormal deviation from our "protection" of our neighbors is... well, I honestly didn't realize anyone thought that way anymore.
Furthermore, we didn't enforce this doctrine when France invaded (https://en.wikipedia.org/wiki/Capture_of_Saint_Pierre_and_Mi...), nor in the Falklands war.
Look I can understand not thinking america is "evil" or entirely machiavellian, but it seems just as absurd to take any noble intentions we claim to have at face value. The monroe doctrine is as good an example of this as any.
>Panama
92% of Panamans supported the invasion to despose Noreiga and actually would have preferred the US do it earlier back during his second coup.
Truth be speaking, I would where you are getting your history, if not just from skewed leftist internet Podcasters. Not mentioning the larger context of the Cold War and the opinions of the people on the ground does look more like lying by omission.
I read history books like anyone else, the cold war was just straight retarded, and we trained Noriega (at the very school I already linked to). Furthermore just because I want someone to invade and liberate us doesn't mean it's not a violation of international law and sovereignty.
>The cold war was just straight retarded
That's not an opinion that most will agree with, certainly from the USSR and the USA's own perspectives. I do wonder the kind of grades one would get if they wrote that down in a history class in any nation. And the more you understand history, both US and the USSR's actions do make perfect sense given their local contexts that most would be making the same decisions in the same position.
>I want someone to invade and liberate us doesn't mean it's not a violation of international law and sovereignty.
I tend to think more about what is the best course of action that benefits the people on the ground and the long term. The idea of sancrosanctity of "sovereignity" is better understood as a social construct to justify oppressive power structures, as it's reflection in reality is highly contentious. The same with International Law, you are taking a literalist position when International Law is better understood as gentlemen's agreements, which is irrelevant in the context of the ontological conflict between two sides that supercedes the notion of law in the first place.
There's been a lot of revisionist history with the World War 2 and the Cold War that really understates the USSR's instrumental role in defeating Germany.
Fascism was popular in the US. Henry Ford shared his thoughts by publishing The International Jew [1]. Hitler was a fan. Ford was mentioned by name in Mein Kampf. We had the Business Plot [2] in 1933. There was a Nazi rally at Madison Square Garden in 1939. The German American Bund was present until 1941.
On the other side of the Atlantic, Stalin had initially sought an anti-German alliance with Britain and France but was rebuffed, leading to the deal with Hitler.
The US had ~400,000 casulaties in the European campaign and none really until D-Day in 1944. The USSR lost somewhere between 26 and 30 million people in WW2, something only really revealed by a 1959 census. Had Germany defeated the USSR and taken MOscow in 1941-1942, we would live in a very different world.
The result of World War 2 was that Hitler lost but the fascists won. Under the guise of fighting Communism (eg the Truamn Doctrine, leading to the Korean and Vietnam wars). NATO was an imperial project. Charles De Gaulle (in the 1960s) went so far as to say Western Europe was in danger of becoming a US protectorate.
We all know about Operation Paper Clip (I hope) but less known is how Nazis found their way into NATO. Adolf Heusinger went from Hitler's Chief of the German High Command to Chairman of the NATO Military Committee. And he wasn't the only one [3].
So when that commenter called the Cold War "retarded", I suspect they're referring to how the US took up Nazi Germany's fight against Communism.
The whole Red Scare was terrible for average American citizens. It was used to dismantle the labor movement and unions and ultimately led to Nixon, Reagan and Clinton and the destruction of real wages and living conditions.
[1]: https://en.wikipedia.org/wiki/The_International_Jew
[2]: https://en.wikipedia.org/wiki/Business_Plot
[3]: https://www.historynet.com/these-nato-generals-had-unusual-b...
in intelligence and cybersecurity community this are well known fact
after all chinese is the first one that has official military cyber unit (first in the world)
north korean following suit for monetary reason and have as far as Property (Hotel etc) on china mainland to run the operation from there
as for china??? they basically have an "laundry" business that can take dollar from korea in trade of supplies
> Attribution Scenarios: Option A: DPRK Operator Embedded in PRC
> Use of Korean language, OCR targeting of Korean documents, and focus on GPKI systems strongly suggest North Korean origin.
I'm don't follow how needing OCR to read Korean documents points to them being North Korean?
Could also point in the opposite direction of them needing to copy the text for translation.
Their shell history shows them using OCR tools. AFAIK it doesn't show them using translation tools.
Fair, and appears I missed the first part "Use of Korean language".
The OCR still tells us more about the target than the actor, but I guess they are suggesting the choice of target itself is the indicator.
[dead]
[dead]
> The dump also revealed reliance on GitHub repositories known for offensive tooling. TitanLdr, minbeacon, Blacklotus, and CobaltStrike-Auto-Keystore were all cloned or referenced in command logs.
What's the rationale for allowing the development of offensive tooling on github? Is this a free-speech thing, or are these repositories relevant for scientific research in some way?
They are heavily used in penetrationtests and red teaming engagements. Banning such tools from the public just mystifies attackers ways to defenders, while not in any way hindering serious malicious actors. We had that discussion back in the 90s and early 2000s.
Agreed. Plus it's not always a clear line between offensive and legitimate usage. For many years nmap was banned on most corporate networks, but it's an invaluable tool for legitimate use too, despite being useful for offensive cases as well
It's mainly beside nmap detection is a feature of most IDS so it's bound to raise some red flags.
Same with even doing packet sniffing. It can be detected when using wireshark because it does reverse DNS lookups for each ip it sees in its default configuration.
I had legit reasons for it at work so I always mentioned it to the network guys before ding stuff like this. We also had a firewalled lab network. We did get some pushback once when some scans leaked out to the office network. But it was their fault for having the firewall open.
one time i ran nmap against my dev box at facebook. i was definitely worried someone was going to give me a stern talking to.
I ran 'neoprint.php' on myself at Facebook in 2007 and immediately got a stern email about it... It was some script that collected info for responding to law enforcement requests. But after chastising me, the email said "I was gratified that you ran it on yourself". (as opposed to snooping on someone else!)
It was just a summer internship and FB was like 'only' 80 engineers back then. But they still took it seriously.
I think that's a little different. It sounds like neoprint.php is an internal Facebook tool for looking up data on Facebook users. So improper usage of it is a privacy problem for users. It's something misbehaving employees might run against celbrities, exes, etc. (e.g. https://www.gawkerarchives.com/5637234/gcreep-google-enginee... )
Otoh nmap isn't a privacy problem for users of Facebook (or any other tech company).
I use nmap routinely at work to see what’s on a subnet, has anything new appeared, or where it should not be.
+1. If I can't run nap or netcat, or have to justify it each time, I can't do my job. Better off elsewhere.
I've departed early at least twice over this. Draconian IT serves nobody. Been doing this long enough I deliberately poke any new employer; see what's in store.
Nobody cares, though. EDR appliances sell without careful administration. The industry will outlive us all.
While that may be true, it’s less true for things like cobalt strike. I’m not saying that banning tooling would be a good thing, but it’s a bad argument to compare Nmap to remote access tools.
I don't disagree, but GP is asking about all offensive tools, not just Cobalt strike. IMHO a platform like GitHub should not be picking and choosing which projects are offensive enough to remove. Yes, there are some tools that are pretty clearly more offensive than others, but creating a policy would not be clear-cut
Cobalt strike is just an automated script kiddie really. It's a way for red teamers to catch low hanging fruit. And because of that, there's not so much low hanging fruit anyway.
I think they get heavily used by security researchers, and other people that do regular Penetration Testing.
Isn't Github supposed to be blocking sanctioned countries, like Iran, and North Korea?
https://docs.github.com/en/site-policy/other-site-policies/g...
About Iran & GitHub:
https://docs.github.com/en/site-policy/other-site-policies/g...
Do you have any reason to suspect GitHub isn't blocking those countries? How long do you think an offensive-security sponsor/passport-issuing nation might take to get around GitHub IP-blocks?
Right exactly. The only way IP blocks work is if there's no vulnerable machines to take over anywhere. That is - it basically doesn't work for any motivated attacker.
You could hypothetically make it work, but it would mean an extremely different Internet and device landscape than exists today. (And even then I doubt it stops a nation-state level attacker, they can always use old fashioned espionage to get someone in meat space and get around any technical barrier)
What alternative do you suggest?
[flagged]
Wait, installing nmap on your laptop from a Linux distribution's repositories is a crime in Germany?
No, OP loves to claim almost daily how nearly everything is illegal in Germany, and never provides any sources or court cases when asked for proof, just "google it yourself" or "the German criminal code".
Not really, so long as you don't use it for anything 'bad'. i.e. if you're just running against your local network, who's gonna report it?
Surely then it's the 'use', not the 'possession' that's a criminal offence? Or is it still a criminal offence to possess it, but you're fine as long as no one finds out? Because that doesn't stop it being a criminal offence.
My basic understanding is that a 'dual use' tool is moreso based on intent; using the same analogy as when this came up on HN over a decade ago [0], a good kitchen knife can be at least as dangerous as a lot of explicitly 'banned' knives but because it has a non-illegal use it doesn't fall into the same category as, say, a DDOS tool. And AFAIK there hasn't (yet) been a case where NMAP has gotten someone in Germany in trouble with the law for possessing or using within their local subnet.
[0] - https://news.ycombinator.com/item?id=3797151
This might be akin to lockpicks in the United States. Not illegal in and of themselves, but if you are possessing them with intent, it's a different matter.
And the police can always fabricate intent.
It's "whoever prepares for the commission of a [hacking] offence by acquiring computer programs for the commission of the offence" and it's been interpreted that downloading nmap can be preparing for an offence, therefore punishable. Giving copies to others (e.g. running a Debian mirror) is also likely illegal, but I doubt anyone's been charged for that yet.
https://www.gesetze-im-internet.de/englisch_stgb/englisch_st...
>Not sure about US law, but in Germany, creating or possessing a hacking tool (including things like nmap) is a criminal offence.
Surely that must be wrong, are security certs not a thing in Germany?
Unfortunately that's true: https://www.gesetze-im-internet.de/englisch_stgb/englisch_st...
Ugh. It does look like the wording gives some room though?
As in, it requires “preparing the commission of an offense”. Does acquiring the tool for other uses like learning or professional training help?
Or even better, shouldn’t lack of proof that the user had malicious intent be enough?
Police can always fabricate intent (this is not specific to Germany - they can just say you told them you were going to hack someone, or your actions or body language obviously showed it) and then in practice it's up to you to show an alternative interpretation of facts. If you're studying computer security, that might get you off - but who better than a computer security student to do actual hacking?
Hard disagree, I think there is very important context missing here, notably:
> 2. computer programs for the purpose of the commission of such an offence
Big huge emphasis on "for the purpose of", meaning there must be clear intent to cause harm or break the law, especially for a criminal case. This assumes the purpose of the program is not inherently for hacking/criminal purposes, which I do not believe would be hard to argue that nmap is not designed as a "hacking tool".
Germany appears to have a similar standard to US criminal cases where you are presumed innocent until proven guilty "beyond a reasonable doubt": https://law.stackexchange.com/questions/40966/innocent-until...
In the US you’re allowed to have pretty much whatever code you want on your computer, obviously excepting binary representations of illegal photo/video content.
How do they even enforce it? Or is it just an extra law to throw at someone already convicted of something?
That is fucking insane.
Basically Linux itself would be classified as a "hacking tool".
Well we are heading in that direction anyway. With software platforms getting more locked down. Having a rooted phone now is already enough to get banned from bank apps because you're not in the comfortable fluffy death grip of Google.
[dead]
> The leaked dataset attributed to the “Kim” operator offers a uniquely operational perspective into North Korean-aligned cyber operations.
It's puzzling why the NORC hackers didn't use a nearest neighbor hack rather than leaving a trail of bread crumbs all the way back to Pyongyang ;)
Sometimes sending a message is part of the point. And you still have plausible deniability anyway "it was a false flag booo".
The Russians do this a lot. This kind of attack that they want everyone to know they are being without telling you they are behind it and denying it in all colours.
That's a fairly detailed analysis of an APT workflow.
Now, non-APT actors, if they wanted to up their level of sophistication, might replicate some of these workflows for their own nefarious activities.
There's always a risk of openness creating copycats, but there's also the fact that informed decisions can now be made by people who need to mitigate against these malicious actors.
There's no way to only give the information to one group without the other group getting their hands on it.
There's levels between not sharing it with anybody, and dumping it up on the public web for everyone to see. There are private disclosure lists they could have used, if they wanted to.
interesting stuff but the china angle is a bit overstated with option A/B.
it could simply be the guy maintains presence there because he has access. NK has no public internet so he might simply enjoy internet access -_- rather than neccesarily be either pretending to be chinese or working for them...
So this is interesting from a technical perspective. Some of this infrastructure is used by pen testers and the likes, which just goes to show that there is no such thing as a defensive weapon. I'll let you ponder why that might be pertinent.
Unfortunately, it quickly turns into a discussion of how bad NK and China are and how China shouldn't support NK (because, again, they're bad).
I'll offer two words to expose the hypocrisy of this: Stuxnet, Pegasus.
[dead]
[dead]
This is some clickbait. At least to me. I've recently read an article that when Kim Jong Un takes dump he does it in a N.Korea secret service owned toilet that is being dragged always with him. Hence "Kim dump" sounds really... Physical...