1.26.2015

The Interview on Netflix - "They Hate Us, Because They Ain't Us-

Congratulations to the Sony hackers for making this movie more interesting than it otherwise would be. So I spent the entire movie trying to figure out what made Kim Jong-Un so mad.  Truthfully, the character that played the North Korean leader reminded me of a supervisor from long ago.  I mean, a lot.

For those who need a refresher, Kim Jong-Un, the real one, executed his ex-girlfriend for making porno, executed his uncle in a power struggle and supposedly embarrassed Sony executives because he didn't want this movie shown.  Read an earlier post on that.  Still, it made watching the movie that much more fun.

Many have panned The Interview, but they are all wrong.  It is funny and satirical.

The premise of the movie is that Kim Jong-Un, the deadly leader of North Korea, agrees to an interview with a television show on the level of Entertainment Tonight.  The host of that show is dumb, but with an instinct for pulling juicy tidbits from his guests.  The producer of the show is the brains, but feeling insecure because friends from school are doing "serious news."

The parallels to Dennis Rodman can't be ignored.  But I am not in favor of slamming on Dennis Rodman, after all, somebody has to be talking to the leader of North Korea, and right now he is it.  And given Kim Jong-Un's history with those close to him, it is no joke to think Mr. Rodman is taking his life in his hands with his diplomatic endeavors.

The pair are roundly mocked by media personalities for securing the interview with Kim Jong-Un.  That's where "They hate us, because they ain't us" is shouted a while, with some jumping around.  It has to be the take-away quote of the movie.

So the CIA gets them to agree to kill Kim Jong-Un, and hilarity ensues.  Kind of.  Some gross, disgusting, are-you-guys-in-eighth-grade humor, and the film drags a little towards the end, maybe because things blowing up and gun battles are what I call boring.  It's a good movie and you should watch it.

The other money quote: "You Americans keep making the same mistake."  Think on it.

I won't give away the ending - but it's a real finger-biter.  

1.21.2015

Broadchurch on Netflix

A really great detective series, even though it relies on old tropes like the seriously ill detective who is trying to redeem himself through the case investigation.

Even so, the story was so captivating, and unpredictable, it is one of those series that you will want to watch in a marathon.

It starts out like a commercial for small-town living: everyone says hello, is friendly, knows each other.  Then a thoroughly shocking event, the dead body of a boy found on the beach, disrupts relationships and trust.  And I guess the friendliness as well.

The female detective, Ellie Miller, a local, makes a transition from nice neighbor lady to a real detective with resistance and fight.  It's fun to watch her struggle between being a community member and looking at unpalatable information about people she knows, and then pursuing it.

The child actor who plays Tom Miller is superb.  His small expressions were so efficient and communicative.  That boy has a future in acting.

The ending is very surprising, but still ties into the whole story.

This show must be seen by all detective and mystery fans.  It is not going on a limb to say that Broadchurch is one of the best shows in this genre that I have ever seen.

12.22.2014

The Sony Hack - The Real Facts

"So to get a full picture you have to read a lot of very technical reports from the network security community. My understanding of the attack comes from reading (probably way too many) technical reports about it. I'll try and give the most readable sources here.

**November 24^th**

The first public notification of the hack came on [Reddit](http://www.reddit.com/r/hacking/comments/2n9zhv/i_used_to_work_for_sony_pictures_my_friend_still/). Within an hour [Deadline Hollywood](http://deadline.com/2014/11/sony-computers-hacked-skull-message-1201295288/) reported Sony had sent a memo to all employees warning of the hack. This was followed by a flurry of reporting then the release of [proof of the hack](http://pastebin.com/8HbbUSkr).

**November 26^th**

Three movies leak online, [the FBI begins investigating the breach](http://www.nbcnews.com/nightly-news/fbi-investigates-possible-north-korea-link-sony-hack-n259361). When the BBC asks North Korea if they were responsible they respond ["Wait and see"](http://www.bbc.com/news/world-asia-30283573).

**December 1^st**

The initial data leak. I won't post it here but it's still available if you look on torrent sites. [It's 26 GB of files and contained Social Security numbers, names, contact details, contact phone numbers, dates of birth, email addresses, employment benefits, workers compensation details, retirement and termination plans, employees previous work history, executive salaries, medical plans, dental plans, genders, employee IDs, sales reports, copies of passport information and receipts for travel of all Sony Pictures employees worldwide](http://www.identityfinder.com/us/Press/20141204210449). Much of this information notably "\HR\Benefits\Mayo Health\Mayo XEROX assessment feed" was stored in plaintext.

**December 3^rd**

The second data leak. This one garnered less press but contained was considerably more dangerous. It contained full security certificate information, internal and external account credentials, authentication credentials with plaintext passwords for systems such as the Sony YouTube page and UPS accounts. I've heard that much of this information was available because an IT director was comprised apparently he had no background in IT and was actually a marketing exec who reached the position (and thus higher salary) through corporate politics. You can see for example is was good at [naming files](http://i.imgur.com/GngopXj.png).

**December 4^th**

The FBI issued a confidential flash warning to the security departments of large American companies warning about a new malware called Destover Backdoor.

I can't post the notice itself (it's confidential) but I can post the [Symantec writeup](http://www.symantec.com/connect/blogs/destover-destructive-malware-has-links-attacks-south-korea) about it.

As people started to analyze the code sample provided we learned that it was [created on a computer using the Korean language](http://securelist.com/blog/research/67985/destover/) and included pictures with Sony's name written on a tombstone (meaning that it was a targeted attack). The picture also contained the text "We've already warned you, and this is just the beginning. We continue till our request be met." Note that no where did they say what their demands were though North Korea had previous threatened Sony over the release of The Interview.

We also learned [how to detect](https://malwr.com/analysis/MWZkZjU4Mjc1ZTNlNDQzN2FkOWFhNWI1NjNmYjk0Nzc/) the "Command and Control" modules of the code. Initially the virus just exposes the computers files and configures it to run a webserver. It also attempts to spread throughout the network targeting access to specific machines and ip addresses. Because these are hardcoded it means the attacker either had inside help or had previously penetrated Sony's network and gathered information. The malware only begins to broadcast back to the C&C servers once it's been launched—and deletion of data on the targeted network has already begun. This likely triggered by a hard coded time in the code. This type of malware is consistent with a watering hole or spear phishing attack. The C&C servers the malware connects to were used previous by a piece of malware known as DarkSeoul which North Korea used to attack South Korea previously.

**December 7^th**

Third data leak. This one contains all of Sony Pictures' financial information. Bloomberg [reports](http://www.bloomberg.com/news/2014-12-07/sony-s-darkseoul-breach-stretched-from-thai-hotel-to-hollywood.html) that the initial data breach occurred at a hotel in Thailand where a Sony executive was staying. This is likely the source of the inside information about Sony's network.

**December 8^th**

Another leak, this one was just posted to pastebin before quickly being taken down. This one contains the email archives of two executives: Steve Mosko, President of Sony Pictures Television and Amy Pascal, Co-Chairman, Sony Pictures Entertainment and Chairman, Sony Pictures Entertainment Motion Picture Group. There's some confusion about the authenticity of this post. The data leaked is authentic but it looks like it came from a different group than the first 3 leaks. It also specifically mentions The Interview, which previous leaks did not. Consensus of the security community seems to be that this was a copycat or disgruntled employee taking advantage of the situation.

Security company Kaspersky releases its [report](http://www.theregister.co.uk/2014/12/08/kaspersky_deets_on_sony_malware/) which shows the initial computer virus used in the attack is the same at that used in the Shamoon attack where North Korea went after Saudi Arabia. We are also told that three security certificates used a password of "password".

**December 10^th**

The next leak occurs. This one bears the signature of the first three leaks, meaning it is likely genuine. It includes information about Sony's anti-piracy efforts, entertainment deals in the works, internal procedures related to tracking torrents and other illegal downloading. It also contains a document that outlines Sony's cooperation with 5 major Internet Service Providers (ISPs) to collect full data for monitoring illegal downloads.

On the same day the attacker behind the December 8th leaks releases another set of emails, these belonging to Leah Weil, Senior Executive Vice President and General Counsel for Sony Pictures Entertainment. They seem to be trying to piggyback onto the real leak. This is completely off topic but I wanted to mention the through these emails we learned that George Clooney is apparently the only person working with or for Sony that understand information security.

News stories proliferate.

**December 13^th**

The next authentic leak. This one contains internal documents for tracking deals, expenditures, and revenue. It also contains information about the state of all deals Sony is currently working on. While previous leaks were initially seeded in China, this one was initially seeded in [Taipei, Taiwan](https://twitter.com/Mario_Greenly/status/544967851795562496).

At this point IT workers at Sony begin anonymously [talking to the press](http://uk.businessinsider.com/sony-insider-the-security-team-has-no-fing-clue-2014-12?r=US). They paint a picture of a company with an outdated network, lax security standards, and an unwillingness to hire quality professionals in IT and software development (believing top talent in these areas to be "too expensive"). They also describe a very traditional big corporate office environment in which things like "ass in chair" time spent at work is valued over results. Most promotions seem to be driven by office politics not talent.

**December 16^th**

There's been many media articles, speculation, theories, and controversy. For weeks Sony has been fighting the leaks via takedown notices, hacking of their own, and pleas in the media. They activate their "cybercrime" insurance which provides them with [$65 million in coverage](http://www.csoonline.com/article/2859535/business-continuity/breach-insurance-might-not-cover-losses-at-sony-pictures.html). They cancel most media appearances in promotion of the film.

**December 17^th**

A group of individuals makes threats of violence at US movie theaters which show The Interview. These are different in style, content, and tone than all communications from the actual hacker. They seem obviously fake, created by pranksters to take advantage of the tense situation. Regardless almost every theater chains pulls the movie from their schedule.

In an show of incredibly lazy journalism many media outlets (lead by Wired) publish stories stating that North Korea was not behind any of the hacking. These mix together the details of several attacks and treat all leaks (both credible and not) as coming from the same actor. At the same time more respectable media outlets like the NY Times, The Wall St. Journal, and The Washington Post publish stories stating that North Korea is "almost certainly" behind the attack and cite a litany of security professionals and confidential government sources.

While all the circumstantial evidence points to North Korea we do lack documented forensic trail that truly establishes some level of attribution with certainty.

**December 18^th**

Sony cancels The Interview.

They also quietly cancel "Pyongyang" another comedy starring Steve Carell. Produced by company New Regency and directed by Gore Verbinski, the story is based on a graphic novel and follows a Westerner that is accused of espionage in North Korea.

**December 19^th**

[The FBI firmly places the blame on North Korea](http://www.fbi.gov/news/pressrel/press-releases/update-on-sony-investigation).

Everyone rushes to put this in a political frame."

This is why no one trusts the media anymore. This is the best rundown of the Sony Hack that I've seen. Kudos to Reddit. Again.


Sent from my iPhone

12.21.2014

S Street Rising by Ruben Castaneda

"S Street Rising" is a striking and original book detailing Ruben Castaneda's experience as a Washington Post crime reporter covering the crack wars in Washington, DC - while being a crack addict himself.

What's so great about this book is it tells this story from many points of view:  his, as a crime reporter, a local preacher whose church was in the middle of an open-air drug market, a homicide detective whose insight and strategy turned around the unsolved murder rate for the city.  He details the types of people he interacted with while reporting on, and participating in, the crack epidemic in D.C.

This is a story well worth reading.  It reminds me of The Wire in its ability to turn a sprawling situation in the air so that a reader can take a look at all sides of what is going on. 

"S Street Rising" reminded me what living in this city was like in the late Eighties and early Nineties.  There were drive-by shootings all the time.  No place was safe.  I remember visiting a friend at Sixteenth and Harvard Streets, NW at one a.m. and having to run to the van of my friend and both of us getting into the same door because he was too afraid of the people hanging around to walk around and let himself in the drivers side door.

Another time we were driving home from somewhere and when we were stopped at a light two men with automatic guns approached the car and leaned in to see if the person they were obviously looking for was in the car.  They weren't, and the men backed off.

In law school, my classmates and I heard nightly gunfire just over the District line in PG County.  The driveways up to our apartment buildings were perfect for dealing drugs because you could see a police car driving up from a long way and get rid of the drugs. 

I was dangerous here in Washington, DC.  Crack ripped this city apart and a lot people died violently related to its sale. 

Ruben Castaneda's book brushes past some of Marion Barry's story.  "S Street Rising" tells of shady friends of the former Mayor, and implicates him in the cover up of a murder.

This book is a must-read for anyone who wants to understand Washington, D.C.

12.14.2014

Just Don't Tell Me You Are Surprised

So now you all are getting the blame for that "enhanced interrogation" bullshit. And what were you expecting? That torture was the new normal? Or that the super-WASPs would take the hit for this once people weren't afraid enough to look the other way?

You were played. Your leaders were greedy, short-sighted and stupid. I like to call them "the old goats."

From the beginning, there have been plans for a scapegoat. You.

Hopefully earlier warnings were heeded, or we can expect to see low level interrogators drug into the light and roasted.

It just seems to me that there has to be a large data trail leading to some of the people screaming about human rights now.

So I offer a word of caution to all. Don't make too much hay too loudly. It doesn't pay to be in the business of Truth in this town.

12.12.2014

What joke, no matter how many times you hear, makes you laugh?

I didn't want to believe my roommate was stealing from the transportation department, but when I got home, all the signs were there.


Sent from my iPhone

What joke, no matter how many times you hear, makes you laugh?

What's the difference between a dirty bus stop and a lobster with breast implants?

One's a crusty bus station and the other is a busty crustacean


Sent from my iPhone

What joke, no matter how many times you hear, makes you laugh?

There is a nudist colony for Communists. Two men were sitting on a balcony and one turned to the other and said, "Say, comrade, have you read Marx?" The other replied, "Yes, I think it must be these wicker chairs."


Sent from my iPhone

What joke, no matter how many times you hear, makes you laugh?

How did the world know communism was doomed?

There were a lot of red flags.


Sent from my iPhone

11.24.2014

Excellent Reddit Santa Story

From Redditor NG96:

" I was a primary school student, aged about 5.

Anyway, my primary school was a village school, so it was small. It had about 150-200 students. One Christmas, they decided to throw a Christmas party for the kids and parents. If you enjoyed hearing the song "diallo" playing on loop with the occasional sound of a parent bollocking their kid for drinking the Blue-coloured drinks, then this is your kind of thing.

Towards the end of the night, all the kids were high on food colouring, and it was time to meet "Santa" himself! We queued up patiently to sit on Santa's lap and tell him what we'd like for Christmas. It was my turn.

I sat on his lap and looked at his beard, and noticed that it had a string on it and it was wonky. I was like "You're not Santa! Your beard has a string on it!". The Santa had a sad look on his face, then he started a convincing sobbing "For thousands of years I had a fantastic beard. I don't have a real beard any more because somebody called Mr Johnson (my maths teacher who has a large beard and was very proud of) stole it. I asked him nicely if he could give it back, but he didn't listen. Maybe you and your friends can find Mr Johnson and get my beard back in time for next year?"

I was only 5 so I believed him, so I was fucking furious at Mr Johnson. The next time we had Maths after Christmas, me and most of my class gave him hell for stealing Santa's beard. We told him that we would not do our work until he gives Santa his beard back. The kids were furious, and Mr Johnson was even stricter than usual. After a few weeks of shit, he finally came into school without a beard. Anytime we asked him what happened to his beard he would tell us off. We assumed that he had given it back to Santa.

Here's the interesting part that I found out many years later: It turns out that the Santa was actually my English teacher Mr Brown, and he deliberately made the beard look fake. Why? Because Mr Johnson was banging Mr Brown's wife and Santa found out. Because of this, Mr Brown decided to get as many kids as he could to hate Mr Johnson. Mr Brown knew that Mr Johnson would either have to deal with children who hated him or he would have to shave off his beard that he loved dearly."