
Update on Sony Investigation - kanamekun
http://www.fbi.gov/news/pressrel/press-releases/update-on-sony-investigation
======
dmschulman
Some of the Sony leaks have demonstrated the company's ability to influence
the news cycle, giving them pull with certain news organizations and editors
to change or remove parts of a story.

I'm disappointed by the lack of evidence given by the FBI and other
departments investigating the attack that directly tie the incident to a
specific government or group of non-state actors. Many well-known security
professionals have given opinions contrary of the FBI's findings, stating that
it's not only difficult to determine the source of the attack but also
incredibly dangerous to attribute the attack to a specific government given so
little direct evidence.

There are so many aspects to this story that don't add up, but most
strikingly, the press's push to point the finger squarely at North Korea for
all this.

~~~
personZ
_Many well-known security professionals_

...who are pandering to a crowd, and based upon essentially no information at
all, but just the same sort of "I think" gut feeling notions that we see on
HN. While there should always be questions about government honesty, it's
rather incredible how far people will reach to find to clutch onto something
that backs whatever their initial knee-jerk opinion was, seen throughout the
comments here.

Quite a few comments are among the "they're making this up to go to war",
which is simply _incredible_ : Are people so far out of the loop on world
players or current events? The US in no universe will launch a military action
against a rogue, shells-pointed-at-Seoul, nuclear armed nation because they
hacked Sony. That premise alone is simply absurd.

Is the US trying to isolate North Korea? They're _already_ completely
isolated. I mean...do people understand the situation North Korea is in, and
the complete lack of tools to deal with this? The US gains literally nothing
pointing the finger at North Korea.

~~~
anfedorov
_The US gains literally nothing pointing the finger at North Korea._

It also loses nothing, which might be the case if Russia or China were behind
the attacks.

~~~
slipangel
Not true. Can you imagine the economic impact if this stands as a case study
on how lax security standards _could be_ at large, trusted private
institutions? That all it takes is one pissed-off employee with a cursory
background in computer security to cause billions of dollars in damages and
rampant fear?

It's much easier to address public fears with an easy scapegoat than to owe up
to the overall frailty of network-driven industry. Could you imagine the cost
of creating "the TSA of networks belonging to important private entities?"

~~~
csdrane
Part of me does wonder whether we're headed in that direction. See: Rainbow's
End, by Vernor Vinge.

What is the equilibrium in a world where state funded actors can anonymously
attack major companies / infrastructure components? I am not convinced that is
possible for a Sony to secure itself to such a level that it will not be
vulnerable to attacks by state actors.

~~~
jeremyjh
Not without actually - ya know - trying.

------
sillysaurus3
As far as I can tell, there are (EDIT: at least) three scenarios:

1\. The NSA is competent, and has verified that NK is responsible.

2\. The NSA is competent, and is lying about whether NK is responsible.

3\. The NSA is incompetent, and erroneously concluded that NK is responsible.

Since we know that the NSA is filled with highly competent people (based on
the quality of the people who periodically join the commercial world after a
stint at the NSA) we can probably consider 1 or 2 the most likely explanation.

Which do you believe, and why? Unless there is strong evidence, 1 seems the
most likely. It's also the simplest explanation.

Also, the reason I'm talking about the NSA even though the article is talking
about the FBI is because this surely falls under their umbrella, and the NSA
has the most powerful tools for verifying what happened. Other agencies would
seek answers from them, and the NSA's input would matter. For example, one
sentence starts, "As a result of our investigation, and in close collaboration
with other U.S. government departments and agencies, ..."

EDIT: Could we focus on the question? Which do you believe, and why? Please
feel free to add additional scenarios, but at least mention whether you
believe them and why they're likely.

~~~
samolang
4\. The NSA is incompetent, and correctly concluded that NK is responsible
using erroneous reasoning.

~~~
famousactress
Haha! Good catch. I've seen people unwittingly leverage this basic pattern
into entire executive careers :(

~~~
mikeash
It's basically a specialization of the base rate fallacy. If, say, idiots can
still be right by chance 10% of the time, and experts are right 90% of the
time, but only 10% of the population are experts, then lucky idiots will make
up fully half of the population of people who are right.

~~~
chavesn
10% is pretty generous for most of the work experts actually do, though.

Experts do many things, one of which is to occasionally make predictions,
where 10% might be more reasonable.

But, for work like imagining how a given goal can be realized, I would guess
an "idiot" could compose an achievable plan less than a fraction of a percent
of the time.

~~~
mikeash
I'm not sure. Computer experts? Yes, hard to get lucky there. Business
experts? Luck seems much more significant.

~~~
kbenson
It's all about having enough variables in the system so you can point to
something else as the cause when there is failure, and yourself as the cause
when there is success. With willful ignorance of reality, idiots can have a
success rate _much_ higher than 10%. :)

------
lygaret
It seems unfortunate to me that the Sony hack has now displaced the CIA
torture report completely in the national narrative. Whether purposefully
orchestrated or not, it sure seems like a useful coincidence.

~~~
drzaiusapelord
To be fair, its been a busy newsweek. The ruble collapsing, Putin's ridiculous
Q&A and befriending of North Korea, the Sony hack, Iran coming to the
negotiation table, a few days of no deaths in Ukraine, Australian terrorist
operation, UK VIP sex ring deaths, Hong Kong protestors being pushed out, etc.

The torture report is just more details on what happened 10 years ago. No one
is shocked or surprised. The guy in charge of all this left when the current
guy took office in 2008. If we're playing nation state PR trickery games, it
seems to be Russian and Chinese media outlets were really pushing the report
as a way to distract from their own domestic issues, their own domestic human
rights issues against their own citizens, and to continue to vilify the US as
it serves them domestically to deter people from their god given rights to
freedom, justice, and self-rule.

Of course, to many internet commentators, Russia and China never do dirty
tricks like these, only the US. Shame we can't have a more evolved view of
press release timing, news cycles, etc. Its just more anti-US conspiracy
theories while the rest of the world, especially dictatorial regimes, get a
free pass.

~~~
Intermernet
I'd just like to point out that the "Australian terrorist operation" turned
out to be one person with a previous history of violence and mental
instability, who has been disowned by every group he claimed some connection
with.

It wasn't so much a "Terrorist operation", as an act of horrible desperation
by an incredibly disturbed individual.

This is a perfect example of why "Terrorism" is a dangerous term. It has huge
definition creep.

~~~
madeofpalk
Well, walking past it every day on the way to work certainly gives me a bit of
terror

------
waterlesscloud
They sound a lot more certain than people here want to give them credit for.

"Intelligence officials “know very specifically who the attackers are,” said
one individual familiar with the investigation"

[http://www.washingtonpost.com/world/national-security/us-
att...](http://www.washingtonpost.com/world/national-security/us-attributes-
sony-attack-to-north-
korea/2014/12/19/fc3aec60-8790-11e4-a702-fa31ff4ae98e_story.html)

------
lukev
I can't believe so many people are rendering verdicts _sans evidence_ that the
FBI is wrong about this.

Look, I don't trust the FBI completely. But as of this point they're the only
people who have actually seen any of the pertinent evidence. Unless you have a
prior that they are actually MORE likely to be malicious than not, there's no
grounds to do anything but acknowledge their claim (with as much salt as your
please, of course).

------
swalsh
If we assume everything written here is the full truth, I think they need to
release some more technical details on the specifics of the hack.

If foreign governments are now a real threat, industry should have some
awareness of the methods being used so we can try and protect our own
infrastructure. Especially as this seems to indicate they are using software
that's at least somewhat known already.

------
pdkl95
The US government getting involved initially moved this from "Sony never
bothered paying for actual security" to "somebody is trying to take advantage
of the attack". When Obama promised a "proportional response, this drama
suddenly sounds like war drums.

So I guess the question is either who needs a war asap (follow the money?), or
who needs a war-sized distraction?

~~~
knorby
It is really quite safe to say that absolutely no one wants a war with N.
Korea. It would be one of the most horrific wars in history, and everyone in
the Defense department knows that. N. Korea has been looking to provoke
conflict for a while, and the US, or anyone, doesn't want them to escalate.
They have nukes.

------
shaaaaawn
Where is Japan in all this? If North Korea is in fact responsible, it seems
like Japan should be the one weighing a "proportional response". They are
certainly capable.

~~~
woodchuck64
Because the attack occurred on networks and computers belong to Sony Picture
Entertainment based in Culver City, CA.

------
hotgoldminer
The response is rather disturbing. It's like we're expanding the reach of N
Korean censors. My initial reaction to accusations of N Korean involvement was
to laugh it off. Seems like the sort of thing Russian teenagers would do quite
frankly.

------
bdowling
It is significant that this information is coming from the FBI and not the
Pentagon, CIA or NSA. It indicates that this will be treated as a domestic
criminal issue and not an act of war. Don't expect an overt military response.
Also, since US law doesn't apply to the North Korean government, don't expect
much to happen at all besides Sony continuing to cede to the demands of the
hackers.

~~~
pdkl95
FBI isn't about criminal issues anymore now that they got into the CIA/NSA
club about a year ago. In case you missed their change in direction, their new
mission statement says the primary function of the FBI is "national security",
not "law enforcement".

[https://www.techdirt.com/articles/20140106/00442525768/fbi-a...](https://www.techdirt.com/articles/20140106/00442525768/fbi-
admits-its-not-really-about-law-enforcement-any-more-ignores-lots-crimes-to-
focus-creating-fake-terror-plots.shtml)

~~~
firebones
FWIW, one of Obama's quotes today referred to the "criminals" behind the
attacks, which is a careful choice of words. It implies that it is not being
treated as a terrorist attack, and certainly dampens the rhetoric that this is
state sponsored. Criminal implies independent groups or possibly foreign
organized crime elements, but not necessarily state-sponsored.

------
alxndr
Brian Krebs has just posted his analysis of the incident and the FBI's
response: [http://krebsonsecurity.com/2014/12/fbi-north-korea-to-
blame-...](http://krebsonsecurity.com/2014/12/fbi-north-korea-to-blame-for-
sony-hack/)

------
JTon
The more I read about this blunder, the more I shake my head. Sony is really
dropping the ball

~~~
sarciszewski
To be fair, now FBI deserves some of the blame. I'd like to see exactly why
they believe this was a specifically Korean thing and not a "North Korea used
this same malware family they acquired elsewhere for their South Korea attack
earlier" situation.

[http://www.fbi.gov/news/pressrel/press-releases/update-on-
so...](http://www.fbi.gov/news/pressrel/press-releases/update-on-sony-
investigation)

Proposed Scenario:

    
    
        - Malware is developed independently
        - N Korean actors use a variant of it
        - GoP uses a variant of it
    
               A
            B     C
    

FBI hamfistedly assumes B -> C, not A->B and A->C.

~~~
watty
To be fair, the FBI is a big organization which employs many intelligent
individuals. It's very unlikely we know everything about this situation that
they do.

~~~
fragsworth
However, it is well-known that big U.S. government organizations regularly
come up with lies to serve their own interests.

I would take everything they say with a grain of salt.

~~~
rudolf0
You're right, but I don't think they would make this accusation purely due to
a mistake. In my opinion, there are 2 possibilities:

1\. The FBI knows who did it and is telling the truth by saying it's North
Korea. 2\. The FBI knows who did it and is lying by saying it's North Korea.

Personally I think they're telling the truth in this particular case.

------
maccam912
"FBI now has enough information to conclude that the North Korean government
is responsible for these actions"

Their reasons were along the lines of "attacks that look very similar were
from North Korea" but were those attacks conclusively linked? I'm also curious
how they decided it was the government there, not a rogue group of people.

------
at-fates-hands
The one thing I can't get off my mind is something I saw in another forum
related to InfoSec when the letter threatening the employees came out.

A Russian poster said, it was an odd use of the word "False" in the email,
since in English it's "Lies". He said when you translate the Russian word for
"Fake" or "Lies" it comes out as "False". Which, if you read the email and
substitute the word "Lies" for "False" in the two sentences where the word is
used, suddenly the meaning is totally clear.

Here is the email:

[http://variety.com/2014/film/news/hackers-threaten-sony-
empl...](http://variety.com/2014/film/news/hackers-threaten-sony-employees-in-
new-email-your-family-will-be-in-danger-1201372230/)

 _Removing Sony Pictures on earth is a very tiny work for our group which is a
worldwide organization. And what we have done so far is only a small part of
our further plan. It’s your false if you think this crisis will be over after
some time. All hope will leave you and Sony Pictures will collapse. This
situation is only due to Sony Pictures. Sony Pictures is responsible for
whatever the result is. Sony Pictures clings to what is good to nobody from
the beginning. It’s silly to expect in Sony Pictures to take off us. Sony
Pictures makes only useless efforts. One beside you can be our member.

Many things beyond imagination will happen at many places of the world. Our
agents find themselves act in necessary places. Please sign your name to
object the false of the company at the email address below if you don’t want
to suffer damage. If you don’t, not only you but your family will be in
danger.

Nobody can prevent us, but the only way is to follow our demand. If you want
to prevent us, make your company behave wisely._

Just something I keep coming back to in all of this.

~~~
un1xl0ser
One of the articles that was debunking the NK connection mentioned that the
language used in NK stems heavily from Russian in a variety of ways. So if
they took the use of false to mean lies and falsehoods it would make some kind
of sense.

------
peterwwillis
Questions to challenge this assertion (because come on, my grandmother is more
competent at digital forensics than the FBI):

    
    
      Technical analysis of the data deletion malware used in this attack revealed 
      links to other malware that the FBI knows North Korean actors previously developed.
      For example, there were similarities in specific lines of code,
    

Did the original NK's malware use lines of code from somewhere else, and could
this 'shared line of code' just be a very common line of code?

    
    
      encryption algorithms,
    

Encryption algorithms in common?! Oh, heavens! I use AES too! Maybe i'm a
North Korean hacker and I never knew it!

    
    
      data deletion methods,
    

Because there are North Korean ways of deleting things that nobody else uses
to delete things?

    
    
      and compromised networks.
    

If a network has been compromised by one person, it's probably been
compromised by several.

    
    
      The FBI also observed significant overlap between the infrastructure used
      in this attack and other malicious cyber activity the U.S. government has
      previously linked directly to North Korea.
    

Using the same questionable ways of 'linking' like the above, I presume.

    
    
      For example, the FBI discovered that several Internet protocol (IP) addresses
      associated with known North Korean infrastructure communicated with IP
      addresses that were hardcoded into the data deletion malware used in
      this attack.
    

THE SMOKING GUN! An IP address! And we all know those can't be spoofed! But
just to clarify: An IP of some NK hardware communicated with an IP that was
hardcoded in the malware. That 'hardcoded IP' could be a Google web server for
all we know.

    
    
      Separately, the tools used in the SPE attack have similarities to a
      cyber attack in March of last year against South Korean banks and media outlets,
      which was carried out by North Korea.
    

The _tools used_ are similar? They might have used Metasploit to hack a SK
bank, but that doesn't mean everyone who uses Metasploit is a NK hacker. And
off-handedly asserting NK did the SK bank hack is a bit of a hand-wavey move.

\--

It's clear that the FBI has no actual direct links or hard evidence. It has
amassed a set of random unrelated suspicious notes and decided this is enough
to be sure NK was the perpetrator.

And that's how law enforcement works in this country, folks. Some obscure
hokey details get paraded around as hard evidence so they can look like
they've done their job.

------
Everhusk
Obama's response to this today was very diplomatic and on point:
[http://www.bbc.com/news/world-us-
canada-30555997](http://www.bbc.com/news/world-us-canada-30555997) .

He mentions that we as an international community needs to establish better
internet and cyber operating rules, and I think we are slowly but steadily
heading to a decentralized internet as the answer.

The problem I see with decentralization is that non-technical people have
absolutely no idea what it even is or how it can help. However, the trend with
these major cyber breaches seems to be that they are occurring more frequently
and being more widespread. This may be a push towards educating the public on
the benefits of decentralizing information on the internet.

~~~
thrill
No politician ever sees _de_ centralization as the desired answer.

------
drawkbox
The 'Of Course' side of me is disappointed in this whole thing and how our
freedom is very weak when put on CEOs/corporations protecting self interest
first.

However the 'But Maybe...'and cynical side of me says Sony and the studios
will use this to attack file sharing, and a new cyber crime law somehow out of
this ([http://www.theverge.com/2014/12/19/7420823/mpaa-decries-
goog...](http://www.theverge.com/2014/12/19/7420823/mpaa-decries-googles-
shameful-attack-on-its-anti-piracy-program)).

Our hysteria at times just turns into loss of rights and freedoms for us, we
have to stop this manic, short-term thinking behavior.

------
coding4all
This confirms that the public mindset doesn't need evidence when it comes to
geopolitics. Over a decade later, and people still never ask for evidence.
#learn-nothing-ever

------
thieving_magpie
I just can't buy this explanation without evidence.

------
dkopi
"Who this was" is a lot less important than the question: "How can
corporations and individuals defend themselves in the future"

------
ihsw
This is a very serious allegation -- I certainly hope as much evidence as
possible is provided to the public before any punitive or compensatory
measures are taken.

But let's be honest, the perp is North Korea. Nobody in this whole process
will be stressing the need for transparency and restraint.

Looks like Sony's horrifying and insulting info-sec policies are going to be
swept under the rug.

------
OhHeyItsE
I have to admit - I'm dying to know just what it is that this group has on
Sony. They are completely back on their heels with this.

------
ChikkaChiChi
USS Maine, anyone?

The evidence and the release of statements about that evidence seems extremely
light, and way over the line of being dangerous.

~~~
mikeash
There are far better ways to drum up support for an invasion of North Korea
than a false-flag hacking of an entertainment company. All you'd really have
to do is wait a little while until they test another nuclear bomb or shell
South Korea again or sink another South Korean ship or anything of the sort,
and then take a hard line response instead of the standard "if we ignore them
maybe they'll go away" response. The idea that this was drummed up to start a
war makes no sense to me.

~~~
takeda
It's not about invading Korea, it's about justifying new laws that would
provide tighter control over the Internet as a way to "keep us secure".

------
sroerick
Out of curiousity, does anyone know any serious or credible infosec figures
who believe the attacks were perpetrated by North Korea?

All I've heard confirming this is from MPAA "cyberterrorism experts." And
George Clooney, whose statement regarding the Nixon origins of the name
"Guardians of Peace is also unverifiable.

------
pothibo
Am I the only one thinking that maybe the attack came from North Korea, but
the hackers originated from China? Maybe China even loaned the hackers?

I can't see how NK could have a hacker force when they are so behind in
technology. For hackers to be good, they need to be educated with technology.
That seems unlikely coming from NK.

~~~
bholzer
How do people keep getting this so wrong? North Korea recruits and trains
hackers.

[http://www.vocativ.com/world/north-korea/unit-121-the-
north-...](http://www.vocativ.com/world/north-korea/unit-121-the-north-korea-
hack-sony/)

~~~
pothibo
No need to be snarky. I'm not reading NK news everyday and I'm sure I was not
alone not knowing about that Unit 121.

Even so, this article actually raises more question than it answers. Was
Sony's security really weak or was the hack very clever? It may have been the
former and if so, some other people might have the same information for quite
some time now.

~~~
bholzer
Didn't mean to be snarky, I just keep seeing all of the "North Korea is behind
in technology" talk with not a whole lot of evidence to support it. Thinking
that any nation doesn't have the technological capability to perform some
complex hack is a little misguided, in my opinion. The average citizen may not
be up to snuff technologically, but these are governments we're talking about.

------
jauer
Now that USG has announced attribution, what kind of response is called for by
US doctrine?

~~~
lotsofmangos
I think the response is usually to make and release a comedy film about the
affair.

~~~
stillsut
At the very least, a documentary about filming the film _ala_
[http://en.wikipedia.org/wiki/Hearts_of_Darkness:_A_Filmmaker...](http://en.wikipedia.org/wiki/Hearts_of_Darkness:_A_Filmmaker%27s_Apocalypse)

------
kenesom1
Now that anti-prohibition measures are passing in various states - posing a
threat to the feds' cash cow (the "War on Drugs") - the feds are now trying to
stir up nonsense over supposed "cybercrime".

The intrusion in this case was most likely done by an insider, the feds
themselves, or a hacktivist group. The feds routinely break into private
systems and are known to go to great lengths to construct elaborate string
operations [1].

The timing of the press release is highly suspect. An investigation into an
international security breach can take months or years. The feds rarely
comment conclusively at the outset because such statements can compromise the
investigation. They've provided no evidence whatsoever to support their
claims.

Tipping off the purported culprit in this way by claiming to have identified
their tell-tale attack signature would make it harder to track future
breaches. (It's like publicly announcing that a suspect's phone is being
tapped.)

This press release violates standard operating procedure. And why haven't the
feds filed charges if the investigation is all "wrapped-up"?

If a foreign nation was involved, there's no evidence that's the case. NK has
been the subject of scathing media criticism in the west for years, but other
critics weren't targeted in this way.

As others have pointed out [2], the intruders initially demanded a cash
ransom. The theory that the attack was linked to a movie release was
originated and spread by the media.

[1] "The Terror Factory: Inside the FBI’s Manufactured War on Terror" \-
[http://trevoraaronson.com/book/](http://trevoraaronson.com/book/)

[2] [http://krebsonsecurity.com/2014/12/fbi-north-korea-to-
blame-...](http://krebsonsecurity.com/2014/12/fbi-north-korea-to-blame-for-
sony-hack/)

------
vasundhar
For Argument sake, What if this is another WMD, of NK which did not exist in
Iraq, and Did not Originate from NK. Not saying NK is not behind the attack,
but what if they are not?

Haven't we lost the hope and trust on Media and Agencies already?

------
sandworm
Relax, it's North Korea, the nation-state equivalent of the short bus. -Archer

~~~
Hytosys
Potentially irrelevant, but: I find this quote to be distasteful and offensive
(for hopefully obvious reasons). This and "you never go full retard" are two
quotes I think modernity could do without.

~~~
sandworm
Really? I didn't realize it had anything to do with that. I thought it was
simply about how the "short bus" looks like a normal bus from one angle, but
disproportionately small from another. As in, DPRK threats look scary but
really don't have much backing.

~~~
Malician
It refers to a smaller bus used to ferry students to special education
programs, with the implication that they're all dumb and so is the person
being insulted.

[http://en.wiktionary.org/wiki/ride_the_short_bus](http://en.wiktionary.org/wiki/ride_the_short_bus)

So, yeah, please don't use it :) (if you really want to see the context of the
common usage, you can do a google image search for "short bus".)

~~~
sandworm
That's really not how it's used around here (west coast canada). They aren't
associated with special needs kids. When I rode motorcycles at university the
term was used for any silly-looking vehicle. A Jeep TJ with a lift and big
rims, or a large truck with a tiny trailer would be called "short bus" if it
looked taller than long.

I think that was the context Archer meant. (s04e09 "The Honeymooners" when
Lana an Archer pose as newlyweds)

------
scardine
PHB: This situation is so embarrassing... We are so fired!!!

BOFH: We can blame North Korea. Aren't we about to launch a comedy about their
supreme leader?

PHB: Genius!!! (and left the room)

BOFH: Let me change the locale to Korean and recompile my virus!

------
billions
This is a political power grab by the FBI from the NSA.

------
Cakez0r
Several articles mention that the hackers have released stolen data, but I
can't seem to find any download links. Does anybody have a source?

~~~
anigbrowl
Fire up a Tor browser, it's probably all over the dark web. Part of me wants
to dig through it because I'm just nosey, but I don't need a new way to waste
time.

------
differentView
Or the FBI has their own agenda and knows other agencies won't contradict them
publicly once they announce North Korea is responsible.

------
kolev
Honestly, I think Sony did take a big risk with that movie. First, the movie
is total crap, and, now, because of all the noise, more people will watch than
it deserves when it gets released on DVDs, cable, and so on!

We know CIA and NSA do sabotages as well and have hacked the whole world
already - why do we think this right is reserved only for America and North
Korea and other countries are not allowed to do this when it serves their
interest?

~~~
jvagner
how do you know the movie is crap? it's probably at least as good as any seth
rogen movie. and seth rogen movies were good enough to get this one made.

for my money, it had a great trailer. the movie could be okay. it's easy to
pile on to the notion that the movie is crap, as it makes the proceedings even
more absurd. if the movie was good, then sony is somewhat vindicated, but we
can't imagine that to be the case, because sony has bungled every moment of
their response.

~~~
kolev
There are no good comedies these days. If you put a price tag on your life's
worth and then calculate the dollar value of an hour of it, will you invest
all that money into watching a crappy comedy, really? Although the time spent
watching may have some health benefits from the laughter, I think meeting
friends and having a social conversation, which is often accompanied with even
healthier laughter is time much better spent. I personally want to "invest" in
a movie only if it enriches me in some way. Unfortunately, these movies are so
rare nowadays.

------
mtimjones
Wake me up when these idiot hackers finally destroy the last bits of freedom
still available on the Internet.

------
marcusgarvey
Sony Pictures is a subsidiary of a Japanese company. Why should the U.S. and
not Japan take the lead?

------
franciscop
North Korea’s actions were intended to [...] suppress the right of American
citizens to express themselves.

This looks like a new war from an European point of view.

------
gcb0
why did they issued a update on that so fast? and none on the results of their
war on drugs?

;)

------
couchdive
I was going to comment, but North Korea suppressed my expression. Curses you
NK!

------
shit_parade
Why anyone would trust any statement made by the American government without
providing any supporting evidence is beyond me.

~~~
amckenna
It's probably not wise that they release malicious binaries or details about
foreign hacking infrastructure to the general public. That doesn't leave the
with much direct evidence they can release at this point. Remember, it is an
ongoing investigation and will be for quite some time considering the scope
and severity of the breach.

------
unclebucknasty
On one hand, it seems incredibly stupid to make a movie (comedy or no) about
assassinating a sitting national leader. They didn't even use a thinly-veiled
reference. They used his actual name.

Still, of course this response is unwarranted.

> _North Korea’s attack on SPE reaffirms that cyber threats pose one of the
> gravest national security dangers to the United States_

Ah, the real meat of the issue? Has anyone else noticed the drumbeat ramping
up in earnest for the next "War on fill-in-the-blank"? Sure, we all know that
the threats are real, but it strikes me that we're about to spin up the full
military/cyber-security complex, complete with its incessant fear-mongering,
revolving private/public beneficiaries, and trillion dollar budgets.

Something about repeating the same patterns ad infinitum in response to every
threat or perceived threat is just a bit exhausting.

~~~
uptown
"On one hand, it seems incredibly stupid to make a movie (comedy or no) about
assassinating a sitting national leader."

Quartz covered that angle:

[http://qz.com/315432/this-is-far-from-the-first-time-
hollywo...](http://qz.com/315432/this-is-far-from-the-first-time-hollywood-
has-killed-a-world-leader-on-screen/)

~~~
logfromblammo
_The Naked Gun: from the Files of Police Squad!_ , anyone?

The plot of that movie revolved around a professional baseball player
psychologically reconditioned to assassinate the Queen of Canada during a
game. Oddly enough, neither the Expos nor the Blue Jays were the visiting
team.

Interesting that the article only gave an honorable mention for the fistfight
where Lt. Drebin rubbed the birthmark off of Gorbachev's head.

------
Spearchucker
Queue an invasion of North Korea.

[Edit] Actually I shouldn't have posted that. Some reporter is going to see
this post, assume that I'm repeating something I heard from a reputable
source, put it on the front page, and the whole world will suddenly believe
that we were always going to invade Korea, because terrorism!!

~~~
rmrfrmrf
* Cue

