Because freedom in North Korea would be the worstest thing ever.

Yeah, because Flash drives are such a secure way to move data...

I'm assuming that Sony, being a very large multinational company, has a very large Intranet, which means at various points its going to be traversing the open Internet at various points.

Unless you're advocating Sony lay down its own fiber and then turn off its gateway routers....

I'd be interested in knowing the details of the attack. Was it a "social engineering" attack of some kind (ie. a virus-laden email that someone with high privileges opened)? Was it a vulnerability in their networks? I've heard someone with high level admin privileges had their account hacked, but in what way was it done?

The organization I work for is a contractor for the government of a North American jurisdiction, and yesterday morning I started getting reports that some sort of virus-laden emails were flowing out of this government's networks. Sure enough, within a half an hour, I got emails from a contact I have within this particularly agency, with an attached ZIP file with an SCR file inside. That has to be one of the oldest ways that malware has been transmitted in Windows system, I saw my first virus-laden SCR file somewhere around 1997-1998.

Apparently this critter is so new that by the time we checked, only a few AV companies had caught on to it. Even worse in some ways is that it appears that it made its debut on the very government servers in question, making me think this was a targeted attack. So you have a combination of a brand new virus of some kind that won't get caught by the scanners, lax email rules that allow the opening and execution of executable file types (not that blocking EXE variants doesn't mean some bastard won't be firing off a compromised PDF at an unpatched system), and users who through a combination of laziness and ignorance happily take the final step.

With this particular attack, there would have been no problem if Outlook had been configured not to open these kinds of attachments, and in an Active Directory environment, that's pretty trivial, so some of the blame has to go to this government agency's IT team. But still, even with the best safeguards, where users just happily click on any old attachment, it doesn't exactly take a rare alignment of the stars to have malware planted in a network. Sure, it won't have root privileges and won't be able to propagate itself via more sophisticated means, but it appears in this case it didn't need to.

So I do agree to some point that there are finite limits to what any person or organization can do to secure itself against a determined and directed attack. But there are ways to make such attacks much more difficult, and more quickly captured before they wreak too much harm.

The minute Microsoft made Activesync sufficiently robust, BB's cause célèbre evaporated.

Remember when RIM opened up its network so the Saudi and Indian governments could spy on BB users....

Judging by sales, that group is pretty damned small and it is very questionable that it is large enough to keep the company afloat.

*sigh*

The conversation was about it being so very cheap to roll out SSL because its trivial to get free SSL certificates. I'm not criticising StartSSL, I'm simply stating that it *isn't* trivial to get wildcard certificates. So the whole "you should use SSL everywhere coz it's free" premise kinda falls down there, since it isn't in fact free.

Go pump BB's stock somewhere else.

Thank goodness a movie like Life of Brian wasn't released in these knee-trembling times.

I can imagine what is going through the heads of many Korean War vets, that MacArthur should have been allowed to march right into Manchuria.

North Korea really hasn't even proven it has a missile that reliably reach Japan. The country is a total basket case run by a violent, completely detached dynasty. It represents a significant regional threat, but if it were to ever do anything truly belligerent, China would yank support and the regime would collapse.

That, to my mind, is the chief threat of North Korea, that when the Kims finally do lose grip, the regime's collapse will be violent for North Koreans and their neighbors.

Indeed. Of all the groups that make threats against the West, NK seems the one least likely to have the ability or desire to actually attack a Western target. I cannot imagine the fires of hell that would reign down on North Korea should it be demonstrated to be behind mass murders in the United States.

It boggles my mind that anyone seriously believes North Korea is going to start mounting attacks on North American theaters should they screen this film.

So if some nice upstanding code monkey makes a few changes to, say, OpenSSL, the minute he uploads it to the repository, the Australian police are going to come down on him like a ton of bricks?

Meanwhile, some batshit crazy Iranian refugee can buy a gun...

Except that in-situ is an English word. It's origins are Latin, but then again, so is a vast amount of the English vocabulary.

We have these things called dictionaries. Rather than demonstrating intense stupidity, inform yourself first.

Oh right, this is /., where ignorance is a matter of pride.