Yappy North Korea demands attention, and we should stop giving it to them

Pyongyang wants you to know that it didn’t hack Sony but it’s also SUPER MAD about “The Interview” and it will WREAK TERRIBLE VENGEANCE on all of us for such a flagrant insult:

While steadfastly denying involvement in the hack, North Korea accused U.S. President Barack Obama of calling for “symmetric counteraction.”

“The DPRK has already launched the toughest counteraction. Nothing is more serious miscalculation than guessing that just a single movie production company is the target of this counteraction. Our target is all the citadels of the U.S. imperialists who earned the bitterest grudge of all Koreans,” a report on state-run KCNA read.

“Our toughest counteraction will be boldly taken against the White House, the Pentagon and the whole U.S. mainland, the cesspool of terrorism,” the report said, adding that “fighters for justice” including the “Guardians of Peace” — a group that claimed responsibility for the Sony attack — “are sharpening bayonets not only in the U.S. mainland but in all other parts of the world.”

Have you ever heard of “little dog syndrome”? It’s the tendency for little dogs to behave aggressively with people and bigger dogs, which people usually ascribe to some kind of dog inferiority complex but is actually caused by owners indulging behavior in their little dogs that they would never allow in a bigger dog. DPRK has the geopolitical version of little dog syndrome. The Kim dynasty has run the country so deep into the shit that there’s really no way out at this point. A North Korean person’s average life expectancy at birth has dropped 5 years over the past 3 decades. Their people live in destitution while the ruling class pilfers whatever it can to wrap itself in luxury and opulence. Potential contenders for the throne (or whatever) are being purged like it’s the 17th century Ottoman Empire or something. Plus, militarily they can’t really hurt anybody else, and the higher echelons of the ruling group know this. They’re a very tiny toy breed in the global dog show. Consequently, just as many small dogs tend to yap and growl a lot, North Korea’s leaders tend to yap from time to time about their military might and their plans to unleash it on the rest of the planet in some catastrophic way.

Think about it, though: even if DPRK really was behind this hack (which is still an open question for a lot of cyber-security experts), it means that the country put its cyber resources into an effort to embarrass some executives at a movie production company for making a film that pokes fun at Dear Leader. That’s, uh, chilling. Real evil genius-type stuff. Continue reading

Read Jamelle Bouie on police and protesters

I’ve been trying to think of what to say about the tragic and senseless murder of those two NYPD officers in Brooklyn last night, or the one who was killed in Florida, and about the people who are now using those deaths as an excuse to attack the Michael Brown and Eric Garner protesters, but I wouldn’t be able to convey my thoughts any better than this:

Nothing here should be a surprise. Despite what these police organizations and their allies allege, there isn’t an anti-police movement in this country, or at least, none of any significance. The people demonstrating for Eric Garner and Michael Brown aren’t against police, they are for better policing. They want departments to treat their communities with respect, and they want accountability for officers who kill their neighbors without justification. When criminals kill law-abiding citizens, they’re punished. When criminals kill cops, they’re punished. But when cops kill citizens, the system breaks down and no one is held accountable. That is what people are protesting.

Given the dangers inherent to being a police officer—and the extent to which most cops are trying to do the best they can—it’s actually understandable that cops are a little angry with official and unofficial criticism. But they should know it comes with the territory. For all the leeway they receive, the police aren’t an inviolable force; they’re part of a public trust, accountable to elected leaders and the people who choose them. And in the same way that police have a responsibility to protect and secure the law, citizens have a responsibility to hold improper conduct to account.

Saturday Night Tunes: Ready for Freddie

As of last week, we’ve covered four seminal albums from the hard bop era that have one common thread running through them, but we haven’t talked about that thread. The albums are Wayne Shorter’s Speak No Evil, Eric Dolphy’s Out to Lunch!, Herbie Hancock’s Maiden Voyage, and Oliver Nelson’s The Blues and the Abstract Truth, and the common thread is that you can find Freddie Hubbard’s trumpet on each of them (hat-tip to Wikipedia for pointing this out to me).

Freddie Hubbard died in 2008 after a 50 year active career that ranks for longevity, impact, and artistry alongside the career of any jazz musician you care to name. The four albums I mentioned above are truly four of the finest jazz albums of the 1960s, and Hubbard’s own Ready for Freddie is a fifth. It was Hubbard’s fourth album as a leader on the Blue Note label, recorded and released in 1961. Alongside Hubbard on trumpet is two-thirds of John Coltrane’s regular rhythm section (McCoy Tyner on piano and Elvin Jones on drums), Art Davis on bass, Wayne Shorter on tenor saxophone (who was Hubbard’s bandmate in the Jazz Messengers at this point), and Kiane Zawadi (billed here under his birth name, Bernard McKinney), who I’m pretty sure is the only professional jazz euphonium player in history. There were five tunes on the album, three of them written by Hubbard and one by Shorter, with one standard:

“Arietis” is written by Hubbard and named for the constellation Aries. It’s an uptempo number that makes great use of the three horns in the melody. For me the highlight is Zawadi’s solo, but that might be because it’s the first time I’d ever heard a euphonium playing jazz. It’s cool:

The standard here is “Weaver of Dreams,” written by Jack Elliot and Victor Young. It’s a nice ballad and a great showcase for Hubbard’s tone and range:

Shorter contributed “Marie Antoinette,” a relaxed swinging number that again gets a lot of mileage out of the full-sounding horn section in the melody:

“Birdlike” is exactly what it sounds like: a tribute to Charlie Parker. It’s the high point of the album for me. You can hear Parker’s phrasing in the melody and all the soloists really get into this one:

“Crisis” is another Hubbard composition that, per the liner notes, “came from Freddie’s desire to express in music some of the spiraling tension of all our lives under the growing shadow of the bomb.” I don’t get that myself, but I’m too young to have lived under the growing shadow of the bomb, so what do I know? It’s a great tune, constantly changing feel:

The undisclosed evidence better be good

Yesterday I noted that it’s still not clear to a lot of observers that North Korea is actually behind the Sony Pictures hack. Around the time I was writing that post, the FBI was releasing a statement definitively laying responsibility for the hack at Pyongyang’s door. Here’s their case:

As a result of our investigation, and in close collaboration with other U.S. Government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:

- Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.

- The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.

- Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea

All I’m saying is that the stuff the FBI didn’t share must be airtight, because what they did share is pretty weak sauce for criminal work. But don’t take my word for it:

As security researcher Brian Honan put it to me earlier: “I still don’t see anything that in a court would convict North Korea beyond reasonable doubt.”

First, the FBI says its analysis spotted distinct similarities between the type of malware used in the Sony Pictures hack and code used in an attack on South Korea last year.

Suspicious, yes, but well short of being a smoking gun. When any malware is discovered, it is shared around many experts for analysis – any attacker could simply reversion the code for their own use, like a cover version of a song.

This has happened in the past – most notably with Stuxnet, a cyber-attack malware believed to have been developed by the US, which was later repurposed by (it is believed) the Russians.

So we turn to another, better clue: IP addresses – known to be part of “North Korean infrastructure” – formed part of the malware too.

This suggests the attack may have been controlled by people who have acted for North Korea in the past.

But what the FBI is very careful not to say is whether it thinks the attack was controlled from within North Korea itself – although in a press conference President Barack Obama did say there was no indication of another nation state being part of the hacking.

The FBI’s case, at least what they’re willing to reveal publicly, boils down to similarities between the code used in this hack and in previous hacks known to have originated from North Korea, and the use of North Korean infrastructure. But the code could easily have been copied by another actor and the infrastructure could be accessed remotely, so neither of these things is real proof. The thread that ties it up is motive; we know the DPRK was mad about “The Interview,” and the hackers made that film the centerpiece of their demands, ergo it was North Korea. Except the hackers didn’t say a word about “The Interview” for two weeks, and only latched on to it as their cause after the media brought it up:

Mr Rogers is one of several security experts to questions the use of The Interview as the obvious motive for the hack. It was not until the media made the link, Mr Rogers notes, that the hackers started mentioning the film.

Up until that point, it was all about taking on the company, with language that hinted more at a grudge than a political statement.

“When you look at the malware it includes bits and pieces from Sony’s internal network and the whole thing feels more like someone who had an issue with Sony,” Mr Rogers said.

“They were dumping some of the most valuable information right at the start almost as if they wanted to hurt Sony.”

There better be some real smoking cyber-gun in whatever the FBI isn’t telling us, because this stuff is all circumstantial and run through with holes. It also doesn’t rise to the standard of cyberterrorism or cyberwarfare, at least not according to the most commonly used definitions (although there might be an argument to be made that those definitions are antiquated).

Good news in Iraq, terrible news in Syria

Iraq’s Kurds have reportedly finally broken ISIS’s encirclement of Mount Sinjar and rescued the Yazidis who have been struggling to stay alive there. That’s clearly an excellent thing, even if relief efforts are currently being hampered by mines that ISIS laid in the area. Also good, presumably, are reports that three top ISIS leaders in Iraq have been killed in U.S. and allied airstrikes: deputy leader Haji Mutazz, military commander Abd al-Basit, and Radwin Talib, the group’s governor of Mosul. I say “presumably” because high-profile jihadis tend to “die” multiple times before they actually get got, so you can’t necessarily believe reports like these, and because even when the death reports are accurate it’s often the case that the dead men’s roles within the organization aren’t exactly what they were initially reported to be. Mutazz’s death, for example, brings ISIS into the long and venerable tradition of America killing “Al-Qaeda number 2s” (it was “number 3s” until we got Bin Laden), many of whom may not actually have been number 2 (or 3) in the organization when we killed them.

Meanwhile on the other front of the fight against ISIS, Bashar al-Assad continues to demonstrate why he’ll never rule a united Syria again. After a group of rebels led by AQ-affiliate Jabhat al-Nusra (and reportedly including elements of the Free Syrian Army, the guys America has been arming because they’re moderates, not extremists like, uh, Jabhat al-Nusra) captured two Syrian army bases in Idlib, Assad responded by…indiscriminately targeting civilians all over the country, particularly in Homs. It’s called winning hearts and minds, folks.

Simple Answers to Simple Questions, 19 December 2014 #2

At Al Jazeera, Michael Pizzi asks:

putin 2015

No. Well, I hate talking in absolutes about the future, so let’s go with “most likely not, at least not without some conciliatory moves by the West.”

"I swear, it's like you don't know me at all!"

“I swear, it’s like you people don’t know me at all!”

Pizzi makes a good case for why almost anybody else would back down in Putin’s situation:

But the collapse of the ruble will put him under pressure at home in the early months of 2015. Russians are reportedly swarming automobile dealers and foreign retailers like IKEA, hoping to cash out before the currency devalues further. Putin has shrugged off questions about the economy, saying he has a plan to fix it, though he did not specify what it is. If public support begins to slip, Putin could try to seek a face-saving compromise in Ukraine. As Romanov puts it, “they can endure great difficulty, but Russians are not masochists.”

Russia’s economy, which has been teetering for a while now as the situation in Ukraine and the related Western sanctions imposed on Russian banks and businessmen have caused foreign investors to start pulling out of Russia, has officially collapsed, at least if you go by Wonkblog’s Matt O’Brien, thanks to the sharp drop in oil prices. Russian banks project the economy will shrink at least 4.5% next year if oil stays around $60/barrel. Russia’s central bank just jacked up interest rates to try and salvage the value of the ruble, an attempt that failed miserably and left the country with higher interest rates and a currency that’s still only worth about half what it was worth in July. At this point they’re probably in an inflationary cycle, where high inflation further weakens the economy, which causes more inflation which further weakens the economy, which causes more inflation and on and on. Because of the sanctions, the Russians can’t get an emergency loan from Western banks, and O’Brien is surely correct when he says that they won’t go to the IMF for a bailout because the IMF will insist that they stop whatever they’re doing in eastern Ukraine and maybe also in Abkhazia. Worse, the Russian government just today announced that it was bailing out its banks to the tune of billions of dollars, because the banks are no longer apparently able to obtain foreign currency with which to pay back their foreign loans.

Seems like this would probably be a good time to stop doing those things anyway and go get some financial help. But you’d actually be on firmer ground predicting that Putin will keep on keeping on or even escalate things in 2015, because he’ss never been shy about asserting himself when times get rough. Continue reading

Simple Answers to Simple Questions, 19 December 2014 #1

Over at EvenTheLiberalAlthoughNowItsActuallyDead New Republic, Yishai Schwartz takes a break from cheering on the killing of children in Gaza and hilariously overreacting to recent developments with respect to Cuba to ask this question:

tnr sony

The answer is simple but multi-part:

  1. Apart from the government saying “trust us, it’s North Korea” (which, you know, fool me once…) it’s still actually unclear against whom we should be retaliating. Really, really unclear. Schwartz argues that the government was “dithering” for all those weeks when it wouldn’t declare North Korea responsible for the attack, but how can it be dithering when it’s still not clear that North Korea was responsible?
  2. It’s not really the government’s job to wage war, even cyber-war, on behalf of the property rights of a single private corporation, particularly when that corporation can’t be bothered to take the most basic steps to protect its own property. I know, I know, it’s about artistic expression and freedom of speech, not property! And those principles are important! But both could be protected if Sony were to release “The Interview” online or via video on demand! The fact that they’re refusing to do that tells you that it’s really not about principle as far as they’re concerned.
  3. It’s not at all clear what “retaliation” looks like here, which I guess could be a sign of “poor planning” but is really a function of this particular case. Aside from not actually knowing who was behind the attack or how much of the fallout was essentially Sony’s fault for its terrible security practices, what would the nature of the retaliation be? Do you target a North Korean corporation in a tit-for-tat move? If so, uh, good luck finding a “North Korean corporation.” Should we levy sanctions against North Korea, put them back on the terrorist sponsor list? Yeah, isolating a country that’s already completely isolated, that should do the trick! If we can make the poorest country on the face of the Earth incrementally poorer, they’ll definitely end this behavior that they may not even have perpetrated in the first place.

Now, let’s dive a little deeper. Continue reading