Tag Archives: CrowdStrike

Another Obama false flag: Cyber security experts say Sony hacking was an inside job

Sony Pictures Entertainment has reversed its prior decision to pull the movie The Interview, an action comedy about two American journalists (played by Seth Rogen and James Franco) who wrangled an interview with North Korea’s ruthless savage dictator Kim Jong Un, then assassinated Kim.

The Interview

Hackers who call themselves “Guardians of the Peace,” determined by federal investigators to be associated with the North Korea government, had hacked into Sony’s computers and leaked a trove of embarrassing emails. Then the hackers threatened to to carry out terrorist attacks against cinemas that screen The Interview, which originally was scheduled for release on December 25.

On Dec. 17, Sony buckled under pressure and took the unprecedented step of canceling the Dec. 25 release of the The Interview.

Obama and the F.B.I. accused North Korea of targeting Sony and pledged a “proportional response” just hours before North Korea’s Internet went dark without explanation.

But now Sony has reversed its decision.

The movie is being screened today in independent theaters across the United States. Beginning yesterday at 10 a.m. PT, the movie can also be downloaded from from Google Play, YouTube Movies, Xbox Video and the website SeetheInterview.com for $5.99, or $14.99 for an HD version.

Here’s a preview:

Sony’s reversal has led InfoWars to wonder if the whole thing is a marketing scam — “a cynical PR campaign from the start.”

Indeed, the New York Times reports:

A number of private security researchers are increasingly voicing doubts that the hack of Sony‘s computer systems was the work of North Korea…with some even likening the government’s claims to those of the Bush administration in the build-up to the Iraq war.

Fueling their suspicions is the fact that the [Obama] government based its findings, in large part, on evidence that it will not release, citing the ‘need to protect sensitive sources and methods.’ […]

“Essentially, we are being left in a position where we are expected to just take agency promises at face value,” Marc Rogers, a security researcher at CloudFlare, the mobile security company, wrote in a post Wednesday. “In the current climate, that is a big ask.”

Mr. Rogers, who doubles as the director of security operations for DefCon, an annual hacker convention, and others like Bruce Schneier, a prominent cryptographer and blogger, have been mining the meager evidence that has been publicly circulated, and argue that it is hardly conclusive.

For one, skeptics note that the few malware samples they have studied indicate the hackers routed their attack through computers all over the world. One of those computers, in Bolivia, had been used by the same group to hack targets in South Korea. But that computer, as well as others in Poland, Italy, Thailand, Singapore, Cyprus and the United States, were all freely available to anyone to use, which opens the list of suspects to anyone with an Internet connection and basic hacking skills.

For another, Sony’s attackers constructed their malware on computers configured with Korean language settings, but skeptics note that those settings could have been reset to deflect blame. They also note the attackers used commercial software wiping tools that could have been purchased by anyone.

They also point out that whoever attacked Sony had a keen understanding of its computer systems — the names of company servers and passwords were all hard-coded into the malware — suggesting the hackers were inside Sony before they launched their attack. Or it could even have been an inside job. […]

On Wednesday, one alternate theory emerged. Computational linguists at Taia Global, a cybersecurity consultancy, performed a linguistic analysis of the hackers’ online messages — which were all written in imperfect English — and concluded that based on translation errors and phrasing, the attackers are more likely to be Russian speakers than Korean speakers.

Such linguistic analysis is hardly foolproof. But the practice, known as stylometry, has been used to contest the authors behind some of history’s most disputed documents, from Shakespearean sonnets to the Federalist Papers.

[…] other private security researchers say their own research backs up the government’s claims. CrowdStrike, a California security firm that has been tracking the same group that attacked Sony since 2006, believes they are located in North Korea and have been hacking targets in South Korea for years.

But without more proof, skeptics are unlikely to simply demur to F.B.I. claims. “In the post-Watergate post-Snowden world, the USG can no longer simply say ‘trust us’,” Paul Rosenzweig, theDepartment of Homeland Security’s former deputy assistant secretary for policy, wrote on the Lawfare blog Wednesday. “Not with the U.S. public and not with other countries. Though the skepticism may not be warranted, it is real.”

In real life, Kim Jong Un, the obese grandson and son of North Korea’s previous dictators, Kim Il Sung and Kim Jong Il, lives a life of luxury and gluttony while his subjects starve to death. Kim the 3rd reportedly had his own uncle killed and fed to dogs.

See:

Update (Dec. 26, 2014):

Evidence is mounting that this Sony “hack” is another Obama admin. false flag.

1. Almost every cyber security expert now says the FBI is wrong: North Korea is not responsible for the hack; in fact, Pyongyang has denied it’s responsible. Instead, the hack most likely was a Sony inside job by someone named Lena. (Daily Mail) H/t FOTM’s CSM

2. The movie is panned by critics: The Interview received only an average 50% rating on Rotten Tomatoes.

3. Despite being panned by critics, but thanks to the mega publicity from the “hacking” and Sony’s initial withdrawal of the movie, The Interview played to packed cinemas across America on Christmas Day. (Daily Mail)

~Eowyn

Warning: Your ZTE smart phone has a security hole

zte-score-m-metropcs_xl

Do you own a ZTE smart phone?

If so, you should know that there’s a security hole in your phone that could allow others to control it!

Employees of ZTE chat on the roof of its headquarters in Shenzhen, Guangdong provinceZTE headquarters in Shenzhen, China. (Photo by Reuters’ Tyrone Siu)

Jeremy Wagstaff and Lee Chyen Yee report for Reuters:

ZTE Corp, the world’s No.4 handset vendor and one of two Chinese companies under U.S. scrutiny over security concerns, said one of its mobile phone models sold in the United States contains a vulnerability that researchers say could allow others to control the device.

The hole affects ZTE’s Score model that runs on Google Inc’s Android operating system and was described by one researcher as “highly unusual.”

“I’ve never seen it before,” said Dmitri Alperovitch, co-founder of cybersecurity firm, CrowdStrike. The hole, usually called a backdoor, allows anyone with the hardwired password to access the affected phone, he added.

ZTE and fellow Chinese telecommunications equipment manufacturer, Huawei Technologies Co Ltd, have been stymied in their attempts to expand in the United States over concerns they are linked to the Chinese government, though both companies have denied this.

Most such concerns have centered on the fear of backdoors or other security vulnerabilities in telecommunications infrastructure equipment rather than in consumer devices.

[In April 2012] a U.S. congressional panel singled out Huawei and ZTE by approving a measure designed to search and clear the U.S. nuclear-weapons complex of any technology produced by the two companies.

Reports of the ZTE vulnerability first surfaced … in an anonymous posting on the code-sharing website, pastebin.com. Others have since alleged that other ZTE models, including the Skate, also contain the vulnerability. The password is readily available online.

ZTE said it had confirmed the vulnerability on the Score phone, but denied it affected other models. “ZTE is actively working on a security patch and expects to send the update over-the-air to affected users in the very near future,” ZTE said in an emailed statement. “We strongly urge affected users to download and install the patch as soon as it is rolled out to their devices.”

Alperovitch said his team had researched the vulnerability and found that the backdoor was deliberate because it was being used as a way for ZTE to update the phone’s software. It is a question, he said, of whether the purpose was malicious or just sloppy programming. “It could very well be that they’re not very good developers or they could be doing this for nefarious purposes,” he said.

While security researchers have highlighted security holes in Android and other mobile operating systems, it is rare to find a vulnerability apparently inserted by the hardware manufacturer. “I have never seen this before. There are rumors about backdoors in Chinese equipment floating around,” Alperovitch said. “That’s why it’s so shocking to see it blatantly on a device.”

A Google spokesman declined to comment.

~Eowyn