Now this would make for a great movie (certainly better than “The Interview”). Here’s the plot. A reportedly awful movie is produced by Sony with little expected success. Then the company is hacked with threats not to release the movie. All fingers are pointed at North Korea, including statements from the White House and the FBI. There are widespread reports of the U.S. shutting down the North Korean Internet in retaliation. However, the real culprits are actually laid-off Sony staff. In the meantime, the suppressed movie racks in millions as viewers (including my kids last night) rush to see the forbidden movie. Now that’s a movie plot. It is not clear however if it should be fiction or non-fiction. Media is reporting that experts believe that North Korea was in fact innocent of the hacking and that the culprits were former employees of that other hermit kingdom, Sony.
Politico is reporting that a security firm has briefed the FBI on its belief that laid-off Sony staff hacked the system. The cyber intelligence company Norse have said their own investigation into the data on the Sony attack conflicts with a North Korean hack theory. While the FBI is standing by its conclusion that it was North Korea, other experts are not so sure.
Regardless of the ultimate conclusion, experts have questioned the quick conclusion of the FBI, which seemed eager to point to North Korea. The question is whether this conclusion was based on concrete evidence linking the regime or assumptions that are now being challenged. One expert is quoted as saying that, when the FBI announced its conclusions, it was far too early to make a firm decision. Others have said that the evidence suggests Russian rather than Korean hackers. The most common complaint among experts is that they are seeing the same base code evidence and that the evidence is “circumstantial at best.”
Nevertheless, the FBI cites undisclosed evidence and analysis for its conclusions:
“The FBI has concluded the Government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment. Attribution to North Korea is based on intelligence from the FBI, the U.S. intelligence community, DHS, foreign partners and the private sector. There is no credible information to indicate that any other individual is responsible for this cyber incident.”
Of course, the best movie theory would be a conspiracy of Sony itself to pump up interest in a really bad film — using the Dear Leader as both the subject and the foil for driving people to see the movie. Any way this goes, it makes for one great whodunnit doesn’t it?
Source: Politico
That is to say: Sony aint going nowhere. HANDS DOWN one of the BEST companies in the world that actually UNDERSTANDS how this funky world works and how to contribute to it in really it’s own funky and OUTSTANDING ways!
HappyPappies…for the past year or so I have used “Vipre” A/V software. Based upon several sites’ rating of them. It seems to work well, and is relatively inexpensive, with notifications etc. (plus quarantine or outright elimination) for every incident of potential malware, even in emails…and removes the blatant ones in emails before I even see them in my Outlook mail handler (necessary because I still consult now and then with the Army folks) ….and my browsers IE and Opera. Most recent “miss” was yesterday in a purported eBay email….that asked things eBay never asks in an email and requested I change my password for my bank account via a link they provided. Say the f’ing what? Nope. Not happening. Hope they don’t hold their breath, blue lips and all that..actually I hope they do 🙂 A phishing piece it is, and a nasty one. I am always willing to look at newer, mo’ better, faster, more diligent A/V ware. However I find that some common sense is my best protection at many times. As I said earlier, you and Darren are way past me in all of this…you say “Quantum” and I think of Murry Gel-Mann’s book the “Quark and the Jaguar.” One of the Illuminati I am not…
Between Darren and HappyPappies…I’ve decided I know zilch. On the topic of “mbam” (the executable for Malwarebytes software) I must say I deleted every trace of Malwarebytes over a year ago, for the reason HappyPappies cited…it began to conflict with my other A/V software…although initially, a few years ago, it worked reasonably well. Once I converted to Win 7 Pro OS it went haywire…for reasons I do not know. I dislike any malware software that cannot be “turned off” when necessary….such as when running diagnostic software programs.
Aridog – It was exiting like I said, to be able to work this out. It’s only because I cleaned the baggage out of my head I was able to do so. My mind really doesn’t ever stop you know… I don’t think Darren’s does either but he is calmer than I am by far.
I use the AVAST suite because you don’t need anything else and you can turn it off anytime for as long as you want by a right click on the icon on the task bar. Usually if you are running diagnostic you would set it to reboot and it has a setting for that. AVAST also has a Boot scan that cleans everything out before you start and no one else has that feature and it’s a free program. I like it. I don’t use anything else but the Windows Firewall because you have to pay for Avast’s. It does not conflict. If you want to pay 20 dollars extra a month they have a privacy suite for your bank transactions and a personal firewall and a magnetic sweep for particles. I just don’t like to get too many things going. This would be okay though
http://www.avast.com/en-us/lp-ppc-win-03?cha=ppc&sen=google&ste=avast%20free%20antivirus&var=51837313216&omcid=EN-US_Search_Brand_Free&gclid=CjwKEAiAoJmlBRCxjKeizPHVs1ESJAC6cxjUNoOh5gA8EIvz4LiijRr4sREJPCvhnANGFVgmhqG92xoCaCjw_wcB
@Darren Smith – There is some progress being made on extremely secure modes of data transfer involving quantum physics in which the system can determine if eavesdropping is occurring because at this level the information cannot be observed without changing it, thus the change becomes evident and means can be made instantly to halt the breech. This is a form of Observer Effect.
I just found this — Because when I find something interesting I can’t let it go lol – I know this can’t be solved with bits and bytes – Performance – performance metrics are not free and at some point, the CPU must be spent to gather and store them. This causes overhead, which can negatively effect the performance of the target of measurement. This is called the Observer Effect. (It is ofter confused with Heisenberg’s Uncertainty Principle, which describes the limit of precision at which pairs the physical properties, such as the position and the momentum may be known.)
Issues – The temptation is to assume that the software vendor has provided metrics that are well chosen, that are bug free, and provide complete visibility. In reality, metrics can be confusing, complicated, unreliable, inaccurate and even plain wrong (due to bugs). Sometimes a metric was correct on one software version but did not get updated to reflect the addition of a new code or code paths.
In other words – it’s a different Observers effect I think and this is why your computer had to update all the time. Because of this uncertainty they compare to quantum physics but isn’t.
https://books.google.com/books?id=xQdvAQAAQBAJ&pg=PA27&lpg=PA27&dq=observer+effect+and+bits+and+bytes&source=bl&ots=hmMgpCcrmK&sig=PGpDpzdfIOdRd6QhkmPQn5Wh5UE&hl=en&sa=X&ei=rPWkVLKAN42HyASn7YCYAw&ved=0CC8Q6AEwAg#v=onepage&q=observer%20effect%20and%20bits%20and%20bytes&f=false
HappyPappies
Yes, I am familiar with the topic of debugging and performance metrics used during software development can hide certain conditions or bugs by their integration with the software. It is a strong thing to consider when doing this.
There are two strategies involving this. One is to compile software having hooks and “asserts” that are designed to flag when certain errors or bug conditions take place. This type of “build” is called a “debug” or “checked” compiling of the software. The other kind is one without the hooks called a “retail” or “free” build that simulates the current software compiled in the manner that it will be sold to the public, though it is still under development. Another subtype has markers set to measure performance during load/stress testing and performance modeling.
The debug build is absolutely essential during software development and most of the testing and work is done under this mode. It points out errors very well. But, this tends to significantly slow down the processing and performance and conditions such as Race Conditions or unintended dependencies can be masked because the software is acting in a lockstep manner or that it can hide timing problems because a process is slowed to a degree that allows it to perform correctly but will not in a retail build. Performance mode provides great ability to look into the software and the computer it is hosted on and see where contentions and bottlenecks are but in doing this you run into the same problem as described in the debug build but to a lesser degree. Running performance tests under debug builds is generally not something to rely on as the results can be wildly inaccurate, however stress tests under debug builds are very useful because the intention is to break the software under heavy load and the debug mode becomes necessary however I would generally do not recommend that this be done in general with certain debuggers such as kernel debuggers but can under some conditions.
With regard to software patches or updates that is a great problem for software companies because during the development cycle it is a common occurrence during iteration of new “builds” on the way to releasing the software to the public but it is fatal in the consumer world. There are so many flavors of a particular software product that one version, say a Hebrew version of a windows program gets busted during an update but all western European versions don’t. The reason? Hebrew reads from right to left and this might introduce a bug if it is not tested for before the update is released to the public. So the company has to test under each language type, with all operating systems supported, and many others.
Further complicating the matter is interoperability bugs. These are ones where say a system works fine until it has some other piece of software or hardware installed or running on it. That can increase the matrix in orders of magnitude. Foreseeing these types of problems is a career in itself sometimes. It is impossible to have all software configurations tested before releasing the update or patch so the company needs to rely on understanding what can happen after the patch is introduced and making plans to anticipate future problems. This is one of the reasons for automated software testing because this type of testing is good at running massive numbers of tests based upon historical experience, however there is a problem with relying on automation in that it is retrospective and doesn’t consider new possibilities that were not written into the automation’s test cases.
Darren Smith – thank you for taking the time to share that information with me. I will post it on my Facebook page along with the comment I made before as it is relevant to some PC problems also. As you must know, our PC’s must constantly update for the same reasons.
I was told to use mbam with my AVAST and things just weren’t going well in my browser so I went in the properties as I didn’t have it downloaded anymore and it was as you have here, “Further complicating the matter is interoperability bugs. These are ones where say a system works fine until it has some other piece of software or hardware installed or running on it. That can increase the matrix in orders of magnitude.”
What had happened was since the program had once been active, it had crossed over and was hooked into my AVAST and I needed to deinstall and there was no deinstall without reinstall and there was NO WAY I was going to do that so I went on line and got help with mbam malware bytes which I think is a terrible program. I downloaded an program and removed the problem.
But it took me all evenng to fiind the right things.
I remember when I was a blithering idiot about these things and I just don’t know what changed besides me. 🙂
You have a happy new year!!!!!
BarkingDog…you’d have my vote…if I had one in Ferguson.
This dog is thinking of running for Mayor of the City of Ferguson. Only if the present Mayor does not run again. My half blind guy for whom I am guide dog is considering buying a house on South Clay in Ferguson. It is not far from the Ferguson Library. I would not run as Republican or Democrat but as DogRepubliCrat. “Four legs good, two legs baaad!” is my campaign slogan.
When I was a swimmer on the Ferguson Swim Team there at Wabash Pool at Wabash Park, my best event was the breast stroke. This has served me well in the years since. I have a sense that it is the sort of thing one learns in Ferguson which passes on to others. My first girlfriend in high school is still raving about my talents.
The midget needs to quit smoking and ban that practice in North Korea altogether. Then he will have stood up for something. Even though he will appear to be sitting down.
Could any of these systems be able to get to ISIS, bad Islamic, or other bad guy systems? End of movie terrorists systems blow up, their money is lost to them, and Obama repeals some Executive Orders due to fear of Professor Turley’s Supreme Court performance.
Issac, came late to your post, but I liked it! Can mine fit in?
In defense of corporations, I love IBM as you know, and saw no “sausage making” other than not understanding success potential of personal computers. It’s still a big company, good to its employees and retirees.
Our politicians? There are good, honest people serving us. And then there’s the rest. We have to keep finding and supporting the good. If we don’t, nobody will run and I think many people on this site, educating the rest of us, would be good candidates. Anybody willing?
Barkin Dog Said At that January Wabash Pool – my best event was the breast stroke. This has served me well in the years since. I have a sense that it is the sort of thing one learns in Ferguson which passes on to others. My first girlfriend in high school is still raving about my talents.
lmao
My half blind guy for whom I am guide dog is considering buying a house on South Clay in Ferguson. It is not far from the Ferguson Library. I would not run as Republican or Democrat but as DogRepubliCrat. “Four legs good, two legs baaad!” is my campaign slogan.
Barkin Dog. South Clay is a beautiful well shaded street that I would love to live on myself. Good luck with that. You need to keep North County People in Line. Good luck with that especially 😉
For me the Korean War is not really over. No real peace treaty. I don’t trust anything that they do north of that Mason Dixon line over there. Then we have Sony in the picture. No pun intended. I do not trust them either. Sony should build a factory in Nanking, China to create jobs and make amends for what Japan did there in WWII.
One security issue that is surprising to me how little it is implemented is once a local area network is disconnected from the internet and no wireless is used it is very difficult to break into and requires someone on the inside to do this.
It is not difficult, in fact in some cases it is easier, to not have any connection of a critical system facing the internet. Convenience is the primary factor. But there are cases in which there needs through operational reasons to be connected hence the vulnerability rises.
There is some progress being made on extremely secure modes of data transfer involving quantum physics in which the system can determine if eavesdropping is occurring because at this level the information cannot be observed without changing it, thus the change becomes evident and means can be made instantly to halt the breech. This is a form of Observer Effect.
@ Darren you might like this if you don’t already have it
http://www.films.com/ecTitleDetail.aspx?TitleID=32440
I think we need to update from Bits and Bytes. They are infected beyond belief. Quantum Computers will be the way to go. They are huge now but so were the other ones at first 🙂
A little late, but great post Issac!
Any movie with this much fuss and hysteria is not worth a penny. Take it off your bucket list!
happy, Very effective ad! From what I read and hear there are no secure systems. Cyber war is coming. And, like many wars, it could start accidentally or by pretext. Hopefully this was not the Gulf of Tonkin.
Nick – if it is a inside job there is no secure system. An intranet can be secure otherwise.
Someone said:
“Smart money in geekdom is that Sony will not survive 2015”
Now WHAT if Sony paid someone to do this to them, intentionally?
Not to promote “The Interview,”. That’s really extremely lame to even ponder on a magnificently simplistic scale. But for reasons beyond your comprehension?
@universalbri
If the company is so wonderful and makes such great movies and we don’t understand anything, why did you leave your gateway unprotected. I wouldn’t download that movie for all the tea in china for all the viral malware soup clinging on it (lol) 🙂
Sony is stupid for not being protected and being a huge company like that
I saw a techie on CNN. He said this could have been started by a former employee and then NK piggybacked on it. The first releases by the hacker were about pay inequities, then insider stuff, then the damaging stuff about celebrities. It went from personal to public appeal. NK maybe saw someone have a way in and then piggybacked.
@ Nick Spinelli
https://www.facebook.com/thesimplepoint/posts/228549540543703
PIGGYBACKING!
Spoofing an established commercial has been attempted by many companies before. Here’s a highly effective one. It is effective because it makes the point simply and brilliantly; more importantly, it takes a dig at the very company whose ad has been spoofed!
What I do not understand is why the mainland Chinese like “The Interview.” The reviews of the movie are horrible. Anyone got a link to a Chinese review of the film?
http://www.mediaite.com/online/chinese-people-apparently-love-the-interview/
They like it for the right reasons.
The Intranet should keep business gateways private. And Paul C. Schulte – you are right – there is no privacy on the Internet.
Many of our more thoughtful fellow travelers – especially those of us who know a thing or three about reality aka deep politics, knew this was an inside job, and BRONCO BAMA knew it too. He just asked bibi for a favor.
Course many/most of the regulars here resorted to their fall-back position whenever faced with informed opinion: shoot the messenger.
Click on this link here for original message
https://answers.yahoo.com/question/index?qid=20141222104159AAA7MZH
“About two weeks ago, I logged into equipment in Japan where all internet based communication goes through.
All traffic in Asia to the United States goes through Japan.
I had still had administrative access to the equipment I had worked with when I was sent to Hong Kong and Singapore to optimize networks and software systems for both the NSA and for Prudential Real Estate and Relocation which Warren Buffet was in the process of purchasing.
In a relatively simple computer program I placed on the equipment which is used to communicate between Sony and the United States, I created something called a ‘spoofed’ log entry.
A spoofed log entry is a ‘fictionalized’ entry which has not really happened.
Anytime information was grabbed from Sony by legitimate users, I would randomly place a spoofed log entry which would make it appear like information was being sent to North Korea.
In a nutshell what this means is data was never stolen.
It took Sony’s administrators 3 days to figure out what happened.
By then, they were so mired in their lies they could not change course.
In any case.
NOTHING I DID was illegal.
I had legitimate administrative access to the equipment which have had little, if any maintenance since I last did work on them in 2009.”
I did not check this out but it is interesting that the hack turned up as intercompany and this person who is obviously disturbed is also obviously intelligent enough to have done it.
I did find this
http://www.bizjournals.com/losangeles/news/2012/10/31/buffets-berkshire-hathaway-buys.html
It is plausible that the midget from North Korea worked with a Sony employee to do the deeds. I don’t like the midget, North Korea or Sony.
@BarkinDog happypappies here from Hathaway Swim Team before that Bellefontaine on Fry Lane for short time on Larimore but didn’t like that much…. Enjoyed that trip down memory lane and was sighing before I scrolled your sigh. lol. They don’t make them like us anymore so we had to reincarnate I Transformed into a Butterfly Dog because that was my best stroke. I kicked everyones butt. lol.
Anyway I believe spoofing is piggybacking and I think that the little freak in Korea lives in an alternate reality peopled by shadowland creatures only he understands. I know for a fact that my lonely friend Q really probably did work for Sony and imagined himself a spy because he is mental and does have access. I don’t think any of these people are smart enough or credible enough to have enough imagination to pull this off as a grand scheme.
Just sayin……
Don’t give them credit where it’s not due you guys 😉