First of all, you say, "North Korea didn't hack Sony," as if it is an indisputable, known fact. It is not -- by any stretch of the imagination.
The fact is, it cannot be proven either way in a public forum, or without having independent access to evidence which proves -- from a social, not technical, standpoint -- how the attack originated. Since neither of those are possible, the MOST that can be accurate stated is that no one, in a public context, can definitively demonstrate for certain who hacked Sony.
Blameless in your scenario is the only entity actually responsible, which is that entity that attacked Sony in the first place.
Whether that is the DPRK, someone directed by the DPRK, someone else entirely, or a combination of the above, your larger point appears to be that somehow the US is to blame for a US subsidiary of a Japanese corporation getting hacked -- or perhaps simply for existing.
As a bonus, you could blame Sony for saying its security controls weren't strong enough, while still reserving enough blame for the US as the only "jackass".
Many of the same slashdotters who accept "experts" who claim NK didn't hack Sony will readily accept as truth that it was "obviously" the US that attacked NK, even though there is even less objective proof of that, and could just as easily be some Anonymous offshoot, or any number of other organizations, or even North Korea itself.
See the logical disconnect, here?
For those now jumping on the "North Korea didn't hack Sony" bandwagon that some security "experts" are leading for their own political or ideological reasons, including using rationales as puzzling and pedestrian as source IP addresses of the attacks being elsewhere, some comments:
Attribution in cyber is hard, and the general public is never going to know the classified intelligence that went into making an attribution determination, and experts -- actual and self-appointed -- will make claims about what they think occurred.
With cyber, you could have nation-states, terrorists organizations, or even activist hacking groups attacking other nation-states, companies, or organizations, for any number of motives, and making it appear, from a social and technical standpoint, that the attack originated from and/or was ordered by another entity entirely.
That's a HUGE problem, but there are ways to mitigate it. A Sony "insider" may indeed -- wittingly or unwittingly -- have been key in pulling off this hack. That doesn't mean that DPRK wasn't involved. I am not making a formal statement one way or the other; just saying that the public won't be privy to the specific attribution rationale.
Also, any offensive cyber action that isn't totally worthless is going to attempt to mask or completely divert attention from its true origins (unless part of the strategic intent is to make it clear who did it), or at a minimum maintain some semblance of deniability.
At some point you have to apply Occam's razor and ask who benefits.
And for those riding the kooky "This is all a big marketing scam by Sony" train:
So, you're saying that Sony leaked thousands of extremely embarrassing and in some cases damaging internal documents and emails that will probably result in the CEO of Sony Pictures Entertainment being ousted, including private and statutorily-protected personal health information of employees, and issued terroristic messages threatening 9/11-style attacks at US movie theaters, committing dozens to hundreds of federal felonies, while derailing any hopes for a mass release and instead having it end up on YouTube for rental, all to promote one of hundreds of second-rate movies?
Am I the only one who read this initially thinking that "supercharger" meant a pump that forces compressed air into an internal combustion engine?
Not my choice, we got them in a deal with a VC. And I will tell you from experience that they're not all great programmers. A *few* of them were very good programmers, most of them were OK, and a few were very *bad* programmers. Just like everyone else. The idea that the H1B program just brings in technical giants is pure fantasy. This isn't 1980; if a CS genius living in Bangalore wants to work he doesn't have to come to the US anymore, there are good opportunities for him at home..
H1B brings in a cross section of inexperienced programmers and kicks them out of the country once they've gained some experience. I have nothing against bringing more foreign talent into the US, but it should be with an eye to encouraging permanent residency. I think if you sponsor an H1B and he goes home, you should have to wait a couple years before you replace him. Then companies will be pickier about who they bring over.
I have to say, managing a team of H1Bs was very rewarding, not necessarily from a technical standpoint but from a cultural standpoint. Because I had to learn about each programmer on my team and the way things are done in his culture, I think I became closer to a lot of them than I would have to a team of Americans.
Are they guaranteeing throughput? Then it's meaningless for most folks. It's like putting tires rated for 200 MPH on your care and assuming it will now go 200 MPH.
Presidents, governors and mayors all do this kind of thing -- call up private businesses and ask them to do stuff. The mayor may call a local business and ask it to reconsider withdrawing its sponsorship of the local youth baseball league. The governor might call up union leaders and senior management in a strike, particularly if it affects things lots of people need like transit or health care.
This is the exercise of *soft* power, of influence rather than of compulsion. Obama can't call Apple and compel them to change their stance. But he can call Tim Cook and *persuade* him, possibly with more success than Michael Lynton, particuarly given that the two may be having some kind of dispute. Ego *does* play a role in CEO decision making.
I actually use yellow tinted goggles after 6PM this time of year. The sunlight is so short and weak this time of year my sleep schedule gets totally messed up. When that happens in the summer I just get up in the middle of the night and work until bedtime, but that doesn't work here in December because there's not enough light during the day to get synced up.
So I try to go outdoors every day for an hour around noon, particularly if its overcast. And I wear those stupid goggles after 6PM, which is a PITA but beats lying in bed awake all night only to fall asleep at noon.
The particular pair I use (Uvex S1933X) cost only $8 and are, surprisingly, optically pretty good. There's slight distortion at the edge-of-field but they're fine in the center of the field. They don't actually block much blue light, but by looking at color swatches I've determined the cut off violet quite dramatically. When I put them on, all those irritating "blue" LEDS (which are actually violet) simply disappear. You can be looking straight at one with these puppies on and you'd never know it was lit, much less annoyingly bright. Subjectively, my eyes feel less tired too, although the lenses need frequent cleaning.
Another thing I find useful is a word processor called FocusWriter. It can edit ODT files, but it ignores all the color styling and hides all the Windows controls. The intent is to eliminate writing distractions, but I find it useful to eliminate blue-violet light exposure. I set the display background to black and the text background to amber, and those are the only colors on screen. I'd pay good money for an epaper ereader with an amber backlight. As for tablets, Amazon's Kindle App doesn't give you any nighttime-friendly options; the best is black text on sepia, but it's far too bright. Moon+ Reader is a good alternative for ePub files; Cool Reader is a GPL'd ebook reader that can be configured for comfortable nighttime reading, although it's UI isn't quite as polished as Moon+ Reader.
And it turns out that it wouldn't be the first time the firm did this. Sony started out as a radio repair shop in a bombed-out department store.
They don't weigh, not because the rule doesn't apply, but because people don't go very far above the limit often enough to bother breaking out the scales. Take a look at the thing. Even if it weren't a cannon, I think they'd break the scales out for that.