Hacker News new | ask | show | jobs
by hexpeek 284 days ago
I’ve heard that in North Korea it is difficult for ordinary people to learn or own a computer. It is assumed that a small number of elite operatives are selected and trained to carry out such tasks, and it is somewhat surprising that they possess the latest technology and conduct hacking.
5 comments
asdff 284 days ago
If anything the hackers in north korea are probably world class if the government is getting their students into focused training programs early in their schooling. Western nations have nothing equivalent due to schooling being generalist and undergrad and grad school not really introducing you to the sort of work you'd actually do on the job as a hacker. 22 year old western hacker for a 3 letter agency is going to have maybe a 6 month softball tangentially related internship of experience under their belt while the north korean might have years and years by that point.
link
awesome_dude 284 days ago
> 22 year old western hacker for a 3 letter agency is going to have maybe a 6 month softball tangentially related internship of experience under their belt while the north korean might have years and years by that point.

I was with you right up until this bit

The agencies concerned tend to recruit people that have demonstrated ability in that field, and they've usually got it with "self-directed" training :)

link
asdff 283 days ago
Lurking forums and irc is probably a terrible way to train a hacker than a dedicated program that introduces you to the tools you'd be using on the job right away. Even today people don't even like hiring self taught engineers anymore like 20 years ago, when there are many more people today who have gone through legitimate education programs.

The one hacker I met in my life went to West Point and had no experience they didn't gain from being placed in their program after graduating with decent test scores.

link
Joel_Mckay 284 days ago
State sponsored thieves are not a talent pool that anyone wants in a trusted position.

The fact is there were only around 40 unique hacks ever invented, and people simply adapt these into new zero day exploits. Notably, this is now mostly a fully automated process.

If people want in, they will get in eventually. =3

x C62=:K6 J@F 2C6 AC66>AE:G6=J 5:D28C66:?8 H:E9 E96 DFCAC:D:?8=J =@H 6DE:>2E6 @7 6IA=@:E E2I@?@>J[ 3FE 9F>2? DE2E:DE:42= 3692G:@C :D 2=D@ ?@E 2D 4@>A=6I 2D >2?J 36=:6G6]

link
vntok 284 days ago
ChatGPT decoded the ROT47 text immediately from a simple prompt: "Decode this string sent by some random pompous guy on Hacker News: [raw string]".

If robots want in, they will get in eventually too, apparently.

link
KyleBerezin 284 days ago
No need for insults, I found it fun. ROTs are easy to detect because they usually still have word-length chunks, and common repeating symbols. In this case the '6's ('e's). This is something a language oriented AI is going to be very good at detecting. It's great demo of why hashing is so important.

If you don't see repeating symbols, it could be a running key, like a Vigenèr cipher.

link
Joel_Mckay 284 days ago
It was a simple way to highlight impulsive behavior common in modern users, and the trivial encoding function should be obvious to those who are minimally empathetic. Ask the LLM handler if being lied to makes people feel worse than getting robbed... then consider if you would hire such individuals.

If you are ever unsure of someones motives, than politely ask for context. Have a wonderful day =3

https://en.wikipedia.org/wiki/List_of_cognitive_biases#Causa...

link
bgwalter 284 days ago
What is the impulsive behavior? Do you have a zero day in some ROT-47 decoder? Or perhaps a zero day in the file command in case a user creates a file containing the string and runs the command on it? Or is the string both a valid ROT-47 string and a valid executable on some platform?

> If you are ever unsure of someones motives, than politely ask for context.

Asking for context.

link
theshrike79 283 days ago
https://gchq.github.io/CyberChef/#recipe=ROT47(47)&input=eCB...

CyberChef did it fully locally with a ready-made recipe :D

link
JumpCrisscross 284 days ago
> State sponsored thieves are not a talent pool that anyone wants in a trusted position

Why? They’re intelligent, crafty and able to make trade-offs.

Empirically, ex-spies have a solid history in reaching commanding positions in politics and business.

link
Joel_Mckay 284 days ago
It is complicated, but Moral Development theory does cover the phenomena of why some won't understand until they personally grow through the stages of development.

Have a great day. =3

https://en.wikipedia.org/wiki/Lawrence_Kohlberg's_stages_of_...

link
jgilias 284 days ago
Reading up on it made me realize that a certain well known orange person is really on Stage 2 of moral development. That explains a lot.

But also gives hope. I mean, it’s rare that adults fail to advance from pre-conventional phases, so it must be super rare to have such a confluence of factors that puts someone like that in the given job.

link
JumpCrisscross 283 days ago
Spies do tough work for not that much pay. (Certainly less than they can earn in the private sector.)

They’re starting from a position of duty. Given the stakes the questions they’re tasked with operate at, I’d guess they tend to be in the postconventional regime more than most people.

link
Ray20 283 days ago
> Empirically, ex-spies have a solid history in reaching commanding positions in politics and business.

But it's not because someone wants them there. It's because they can demand the position they want.

link
JumpCrisscross 283 days ago
> it's not because someone wants them there. It's because they can demand the position they want

Zero evidence of this. And if they can demand that position from one, they can demand favors from others. I would count a background in espionage to be a net positive in a hiring process, provided dismissal was on good terms.

link
mr_toad 283 days ago
> Empirically, ex-spies have a solid history in reaching commanding positions in politics and business.

The only examples I can think of are Putin and George HW Bush.

link
stingraycharles 284 days ago
I always understood that these hacks are one of the main ways for North Korea to actually earn money in other currencies, as they’ve been barred from trading with pretty much the entire world.
link
ummonk 284 days ago
North Korean teams tend to perform very well in coding contests, so it’s a safe bet that North Korea is quite good at nurturing a small slice of elite computing talent.
link
SoftTalker 284 days ago
They just identify talented individuals and send them to schools in China or elsewhere to learn the latest tech.
link
richardfeynman 284 days ago
source? interesting if true.
link
yesfitz 283 days ago
"Major North Korean universities, such as the Kim Il-sung University and the Pyongyang University of Foreign Studies, send a few dozen exchange students to Peking University and other top-ranked Chinese universities each year."[1][2]

"North Korean hackers are sent vocationally to Shenyang, China for special training. They are trained to deploy malware of all types onto computers, computer networks, and servers."[3][4]

1: https://en.wikipedia.org/wiki/Koreans_in_China#North_Koreans...

2: https://web.archive.org/web/20090114201016/http://news.xinhu...

3: https://en.wikipedia.org/wiki/Lazarus_Group#Education

4: https://web.archive.org/web/20180621134306/https://www.scmp....

link
IAmBroom 283 days ago
Why would you doubt it?

The brightest students of most nations are often sent abroad to enrich their countries with knowledge from the great universities. NK is almost unique in its inability to do this at non-Chinese great universities, so that is the only viable route.

link
richardfeynman 282 days ago
I would doubt it because North Korea has extremely strict controls on who exits the country for any reason, but especially for education. I know this has happened before (for example Kim Jung Un studied in Switzerland under a false name when he was a kid), but it's extremely rare, and runs contrary to the North Korean philosphy of Juche, self-reliance.
link
Ray20 284 days ago
> somewhat surprising that they possess the latest technology and conduct hacking.

Why does this surprise you? As you said, selecting capable people is not a problem. And then these capable people get the best possible motivation. I would say it is expected to get qualified hackers in such conditions, who are proficient in all latest technologies.

link
maxk42 283 days ago
...which explains the link to China. NK natives probably do not typically have access to computers or the open internet, but the children of certain elites are educated in China. There may even be a collaborative effort between the two states.
link