this post was submitted on 04 Apr 2024
123 points (91.8% liked)

Cybersecurity

5728 readers
148 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
all 50 comments
sorted by: hot top controversial new old
[–] [email protected] 72 points 7 months ago (2 children)

Vigilante hacker attacks foreign nation internet infrastructure on behalf of the U.S. without the U.S.'s consent and wants to encourage the U.S. to perform more similar cyber attacks, but witout the approval of the chain of command, without thinking of the repercussions on international relations.

I don't know, but this doesn't sond likea good idea.

[–] [email protected] 9 points 7 months ago* (last edited 7 months ago) (2 children)

It sounds like a Hollywood movie. "Hacker tattoos"? Single person took on an entire country? I dunno, something about this is off, like it's too juicy of a story for Wired to scrutinize it properly and there's really more (or less) to the story.

[–] [email protected] 8 points 7 months ago

Yeah, especially since the NSA or FBI or CIA has never accepted the dude's methods. And he's the only one giving his own testimoy about all of this. It's weird.

[–] Socsa 3 points 7 months ago

Are you saying you don't keep your pgp key tattooed on your face? How do people know if they are actually talking to you then?

[–] protozoan_ninja 31 points 7 months ago (1 children)

Something tells me the last thing the world needs from a cybersecurity standpoint is a leaner, meaner Pentagon that can launch cyberattacks faster than they can assess the likely impact

[–] pastermil 7 points 7 months ago (1 children)

You're saying it like they don't exist.

[–] protozoan_ninja 14 points 7 months ago* (last edited 7 months ago) (1 children)

In the article it states the average lead time for a Pentagon-organized cyberattack is six months.

The main point of the article is that this guy is basically trying to push the Pentagon to be more like him, a guy who took personal offense when a North Korean hacker tried to drive-by hack him then took the entire country offline without first considering whether or not they might retaliate against an actual lone wolf attacker, or whether this is a rational response as an individual to the existence of organized nation-state attackers.

Basically, he's lucky the Pentagon took an interest in him. The article points out that the officials he shared his attack with were well aware the main reason they couldn't do something similar is literally just bureaucracy. He's not offering anything new on a technical level, he just wants the Pentagon to shoot from the hip more often and worry less about the consequences of their actions.

TBH, probably everybody in the world would prefer the slower, less aggressive Pentagon we have now rather than one that goes around picking fights with every nation-state and group that pisses it off for like, any reason.

[–] [email protected] 22 points 7 months ago (4 children)

“cybersecurity entrepreneur with hacker tattoos on both arms“ what’s a hacker tattoo? Your IP address? This article was really short on how he did it.

[–] sugar_in_your_tea 18 points 7 months ago

Nah, the Kali Linux logo. Everyone knows using Kali makes you a hacker, and getting a kali tat gives you immediate hacker xp.

[–] [email protected] 12 points 7 months ago

Everyone knows that hacker tattoos enable their wearer to be able to do sick hacks. The better the tattoo, the better the hacker skill.

[–] [email protected] 12 points 7 months ago

Goatse qr code

[–] [email protected] 3 points 7 months ago

There is a picture in the article. Its his previous handle and a what looks like a md5 hash along his entire left arm from hand to shoulder.

[–] CryptoKitten 15 points 7 months ago

He took down all of it, like the whole three computers?

[–] burrito 5 points 7 months ago

Their IP address range is hilariously small at 1024 addresses total (175.45.176.0/22). That's about one IP address for every 24,400 people.

[–] [email protected] 4 points 7 months ago (1 children)

DPRK has a reputation for using assassination and kidnapping on foreign soil. It’s probably not as bad as taking on a Mexican drug cartel, organized crime, or Donald Trump, but it’s still something I’d probably want to keep on the DL.

[–] [email protected] -2 points 7 months ago (1 children)

DPRK has a reputation for using assassination and kidnapping on foreign soil.

US has a history of that with a lot more deaths, so we should thank hackers who attack US infrastructure.

[–] [email protected] 5 points 7 months ago

Do you just enjoy doing hot takes or trolling?

Nowhere did I imply that the DPRK’s practices justify the attack - that’s left to individuals to think about for themselves. I was saying that their tendency to engage in covert ops against individuals outside of their own borders means that, if I were the hacker, I wouldn’t want my name publicly known. The same goes for the US - even more so. I would expect that someone who managed to disable significant parts of the US internet infrastructure not to then immediately publish their identity.

[–] [email protected] 3 points 7 months ago

I'm sure this had absolutely no benefit beyond pissing off the few DPRK citizens who have intranet access. What a dick

[–] [email protected] 1 points 7 months ago

Tiday, he's a healthy young man, next week he'll die of a sudden and mysterious heart attack.

[–] [email protected] 0 points 7 months ago (2 children)

Wait north korea has internet ? Is it all used by kim lol ?

[–] [email protected] 10 points 7 months ago

North Korea has a lot...just none of the citizens can use or know about it.

[–] [email protected] 4 points 7 months ago

how do you think they conducted their state-sponsored hacks then?