The Marmot's Hole

Korea... in Blog Format

Author: R. Elgin (page 1 of 59)

DNS Poisoning and Script Attacks – Made in China

Some website owners are baffled by what amounts to DOS attacks on their sites since they originate from China.  Why should some site that has nothing to do with things Chinese be subject to attacks that route back to the PRC?:

Software designer Craig Hockenberry noticed something very strange was happening to his small corporate website. . .  one morning last month: traffic had suddenly spiked to extremely high levels—equivalent to more than double the amount of data transmitted when Kim Kardashian’s naked photos were published last year. The reason, he quickly discovered, was that China’s Great Firewall—the elaborate machinery that China’s government uses to censor the internet—was redirecting enormous amounts of bogus traffic to his site, which designs online icons, quickly swamping his servers. (cite)

This resulting denial-of-service (DOS) attack happens due to something referred to as “DNS poisoning” when servers (in China) that keep the addresses of sites are used to redirect traffic away from certain sites that a deemed sensitive to government personnel, they redirect inquiries to completely different sites deliberately. The result is a mass of traffic is directed to one site, which can quickly overload their servers.

South Korea is not immune to this sort of Chinese DNS poisoning either, China has also done the same thing to South Korean Government sites in the past. As shown below, at one time, Chinese web users were unwittingly used to DDOS a Korean Government website – just because (cite).  Even French sites have been hosed by the Great Firewall – no where is now safe.

Korean gov DNS poisoning

Even now, an American company’s site – GitHub – has been subject to just such an attack, which appears to be a deliberate attempt by the PRC Government to prevent Chinese net users from gaining access to their GitHub tools that would allow users to view sites and information on the internet that has been censored behind the “Great Firewall” in China:

The attack on San Francisco-based GitHub Inc., a service used by programmers and major tech firms world-wide to develop software, appears to underscore how China’s Internet censors increasingly reach outside the country to clamp down on content they find objectionable. . . Specifically, the traffic was directed to two GitHub pages that linked to copies of websites banned in China, the experts said. One page was run by Greatfire.org, which helps Chinese users circumvent government censorship, while the other linked to a copy of the New York Times ’s Chinese language website.

Likewise, there are certain things related to South Korea that are off-limits to the average Chinese citizen as can be seen here.

Another variation of this DNS poisoning involves scripts to reroute traffic.  The basic pattern of this sort of attack is as follows:

  • An innocent user browses the internet from outside China
  • One website the user visits loads an analytics script – a sequence of instructions – from a server in China, for example Baidu, something that often used by web admins to track visitor statistics
  • The web browser’s request for the Baidu script is detected by Chinese equipment as it enters the country
  • A fake response is sent out from within China instead of the actual Baidu Analytics script. This fake response is a malicious script that tells the user’s browser to continuously reload two specific pages on GitHub.com

(Cite)

A News Report Worthy of A Movie Script

Thanks to Kim Hyung-Eun (JoongAng Ilbo) this news report of a fire turns out to be a cross between a detective-mystery and tragedy.

The  “Hunminjeongeum” or “The Proper Sounds for the Instruction of the People” was written  so that the common people illiterate in hanja could accurately and easily read and write the Korean language. It was announced in Volume 102 of the Annals of King Sejong, and its formal supposed publication date, October 9, 1446 ( Hangul Day). The Annals place its creation to the  25th year of Sejong’s reign, 1443~1444 thereof.  The book has two parts: the Yeui section, which explains why Hangul was created, and the Haerye section, which details the principles, usage and gives examples of the writing system but the Haerye section is far more rare, thus very much sought after by collectors.

The story begins in 2008 when Bae Ik-gi notified the government that he had a copy of “Hunminjeongeum” with the Haerye section intact.
Curators found this to be true and noted the book even contained footnotes missing from the version that was known, however, there was a problem:

an antique dealer Jo Yong-hun claimed that Bae had stolen the book from him: “Bae bought several ancient books from me at the price of 300,000 won [$272] and sneaked ‘Hunminjeongeum’ into the books,” Jo said while filing civil and criminal lawsuits against Bae. Jo won the civil suit in 2012 and announced in May that year that he would donate the book to the state. The CHA even held a donation ceremony with Jo – ironically without the presence of the artifact, as only Bae knew where it was . . .

Jo passed away and the government held Bae but Bae never revealed where the book was and would not reveal where it was until the government cleared him of charges, saying the world will never see the book, yet – he was reportedly seen running into the burning house with a small hammer, attacking a portion of a wall . . .

. . . Gwangheung Temple in Andong, North Gyeongsang, has been arguing that one of Korea’s most notorious antique thieves, surnamed Seo, stole a group of artifacts kept inside a Buddhist statue in the temple in 1999 and that the book was (originally) one of the items.

and the house burned.

burning

If there were a love interest, this would make a great movie but there was little love to be found therein and more so is the tragedy.

An Evil Twin, Christian Hostages and Media Players that Can Get A Person Killed

Saenuri Party Chairman Kim Moo-sung has an evil twin.

He sounds like him and talks just like him and he is calling women to ask for money and is getting it.

The real Saenuri Party Chairman Kim Moo-sung is not amused, especially since he is not getting a cut and has warned people that this phone twin of his is evil and is actually a scam artist:

A number of people told me they received a phone call from me asking for money. Fortunately many did not wire the money as demanded to a bank account…The victims told me that the suspect’s voice and the way he talks on the phone were identical to mine.

Remember, if your phone rings and it is Kim Moo-sung asking for money, hang up on him.

The DPRK has taken prisoner two South Koreans in Dandong, China (not North Korea).

The DPRK alleges that the two are spies for South Korea but it turns out they are affiliated with a church around Dandong, thus this might explain why DPRK agents were allowed to apprehend the two South Korean citizens in Dandong, China – the same city that Kevin and Julia Garratt (Canadian couple that ran a coffeeshop) lived in.

What is the fifty-dollar gadget that can get a person killed in North Korea?

How about a hand-held media player called a Notel that can play DVDs or video files from memory sticks?

People are exchanging South Korean soaps, pop music, Hollywood films and news programs, all of which are expressly prohibited by the Pyongyang regime, according to North Korean defectors, activists and recent visitors to the isolated country. “The North Korean government takes their national ideology extremely seriously, so the spread of all this media that competes with their propaganda is a big and growing problem for them,” said Sokeel Park of Liberty in North Korea (LiNK), an organization that works with defectors.

South Korea Is To Join the AIIB

Though certain people thought I was “alarmist” in describing the earlier visit of Chinese President Xi and the PRC’s efforts to engage South Korea in the Asian Infrastructure Investment Bank (AIIB), South Korea has announced their intention to join the Chinese-lead bank. (link)

Supposedly Seoul has asked for improvement in the governing structure of the bank and other safeguards, which has been done.

Currently both Australia and Japan are considering whether or not to join as well.

From Russia, With Very Little in the Way of Love

Other than the PRC intervention during the Korean War, in Korea, Russia has had a rather devious hand in Korean affairs since attempting to install a proxy in Korea (Kim Il Sung) and now Putin’s Russia has decided to be friends with the DPRK, however, it becomes apparent that Russia had sold an SS-N-6 submarine-launched ballistic missile several years ago, which the North Koreans promptly have been reverse engineering and are now attempting to develop a submarine-launched ballistic missile (SLBM) based upon the Russian-supplied version, thus it is a disingenuous Russia that complains about South Korea installing a THAAD system in their country, complaining that it is “destablizing” . Russia and the PRC have helped create a potentially destablizing situation in Asia through their selling of weapons technology to the DPRK but, this did not stop the Russian Government from talking garbage:

. . . Such a development (regional THAAD defense) cannot but cause concern about the destructive influence of the United States’ global missile defense on international security . . .

Though the Russians have lost much through their aggression in the Ukraine, they are not above playing the perennial spoiler by using the DPRK as a proxy, befriending them simply to spite other countries like America .

As for the latest insult to humanity that is Russian foreign policy nowadays, Russia has invited Chinese and North Korean leaders to attend their WWII anniversary in Moscow, which might be one reason why Chancellor Merkel has decided to skip the event.

Also, over time, I’ve read quite a few comments from people that claim that the US would have been more active in dealing with the DPRK if they had oil – well guess what?

They’ve might have lots of oil too and a good bit more of natural resources that could keep a Kim Dynasty in power for a long time – that is, if they can get it out of the ground and without the direct help of China or dealing with commodity price fluctuations.

Open Thread, March 22 – The Late Edition

Using Smartphones to Rob Us?

robbers_and_shiz

Imagine that there was a better way to help crooks steal more money . . .

Well, now there is a new way to do just that. Apple developed a new way to pay for things by using the iPhone and a new payment system called Apple Pay.  The idea is that when a person goes into a store, instead of using a credit card, they can pay, using their iPhone,  however there is a problem with this.

Brian Krebs, a touted authority on security in today’s online world says “Apple Pay makes it possible for cyber thieves to buy high-priced merchandise from brick-and-mortar stores using stolen credit and debit card numbers that were heretofore only useful for online fraud.” (cite) The banks that Apple has partnered with are now feeling this increase in fraud (6% and growing) and the pressure is on Apple to fix this though the problem is not really their’s to fix.  To be fair, the real real weak point in security is the bank since what is really happening is stolen credit cards are being put into Apple Pay and the banks are not catching this.  Remember all of those stolen credit cards from the Target credit card heist? Apple Pay allows theives to use this stolen information in a  new way (cite).  Avivah Litan (a fraud analyst with Gartner Inc.) believes that this problem will only become worse:

. . . This problem is only going to get worse as Samsung/LoopPay and the MCX/CurrentC (supported by Walmart, BestBuy and many other major retailers) release their mobile payment systems, without the customer data advantages Apple has in their relatively closed environment.

Samsung has wooed the same bank partners Apple did to start a mobile payment service (Samsung Pay), they have released the Galaxy 6 phone as being a means to conduct mobile payments (it is a nice phone too) and they released a security layer for Android called Knox, which enables the user to securely pay for things with their smartphone (preferably their Galaxy phone).  Samsung’s Knox was even certified as being safe and secure by a part of the American Government (the guys that want backdoors into everything).  Knox had been compromised, however Samsung is working to address this problem and has made progress,  Samsung wants their cyberpayment software to use a magnetic card reader, which is not encouraging since credit cards with magnetic strips are known enablers of credit card fraud. (cite and cite)   Samsung will also waive fees for using their mobile payment system, which does encourage use.

Business does make for unusual alliances, and so Blackberry and IBM have come together with Samsung to create SecuTablet – a modified Samsung Galaxy Tab S 10.5 bundled with security management software and a hardware encryption module, however the normally 500.00 USD Samsung phone becomes a 2,250.00 USD device called SecuTablet! (cite) This sort of device is not for the casual user that wants to buy something though, rather it is intended to be for environments that require better security (government, etc.).

Though Apple and Samsung may eventually perfect secure devices, the banks are still the biggest source of security worries, especially when they continue to use cards with magnetic strips or a chip and PIN system that has been hacked.  Even now, the Korean banking industry is finally getting around to blocking the use of mag-stripe plastic cards, in all Korean ATMs, from May.  (cite) There are still reports of credit card information being stolen by infected POP systems in business.  One place that has seen a rise in credit card fraud is Aspen, Colorado, since Aspen has so many holiday visitors from everywhere.  As one Aspen police detective notes:

A lot of these network intrusions are coming from the Ukraine, Russia, North Korea and China . . . It all comes down to the information stored on credit cards. Once a card is scanned at a business that information is sent to a server. If it’s infected with malware, that server sends the credit card information to criminals.

Considering how more and more large businesses are having their fee processing system infected with malware and how inept banks are at dealing with credit card fraud, companies like Apple and Samsung may eventually become more trustworthy than banks, especially if they don’t gouge their customers with processing fees and are more secure than banks are now in their transactions.

Happy Faces Make A Good Photo

presidential_hugs

I supplied captions to illustrate just what I think makes this photograph – courtesy of the JoongAng Ilbo (front page) – so good for me.  Click on the photo for the full-sized version.

Open Thread, March 7, 2015

Ceremony for the first full moon of Spring.

Ceremony for the first full moon of Spring.

Do you know what North Korean sounds like?  It’s South Korean with a Boston accent.

Conan O’Brien playing “Call of Duty”

Anti-Corruption Law Passed – Weasels Ride Woodpeckers – End Times Are Near

woodpecker_rider

These are strange days indeed – The National Assembly (South Korea) actually passed an anti-corruption law that calls for up to three years in prison for journalists, teachers and public servants (?) who accept single cash donations or gifts valued at more than a million won, or about $910 (USD).  When I read this and see photos like the one above, I am wondering if the eschaton is at hand.

Chejudo and the Influx of Chinese Money

Choe Sang-hun has an interesting article on the effect of so many Chinese pouring into Chejudo and the local government’s own policies that makes it easier for foreigners to buy property, though the influx of Chinese has pushed the price of property there up higher than before:

Although Chinese-owned land in Jeju is still less than 1 percent, it has grown to 2,050 acres last year from just five acres in 2009. More than 70 percent of $6.1 billion in foreign investments in Jeju announced between 2010 and last year came from China

jejuweddingThe local government has even advertised in the PRC for wedding tours.  Jeju Tourism Organization has been working with five tourism companies to create wedding tour programs for customers from the mainland. (cite) According to the link, “350,000 overseas tourists have visited Chejudo and just over half, or about 190,000, have come from China, which is approximately 180% up from last year.

Another Wall Street Journal article explains some of the reasons why travel to and investment in Chejudo is growing in popularity for Chinese (cite):

. . .Jeju is a one-hour flight from Shanghai and 2½ hours from Beijing. “The major reason for most people to travel to Jeju is that it’s visa-free. And the price for group travel is so cheap,” said Willa Wu, a Hangzhou, China, businesswoman who has traveled to Jeju several times.

The Choe article is here.

Bitter, Sweet Seoul – A Movie

bittersweet seoulMuch thanks to Colin Marshall, who mentions this film Bitter, Sweet Seoul:

an hour-long film made by Park Chan-wook, his brother Park Chan-kyong (together they form the filmmaking unit known as PARKing CHANce), and 141 different contributors from all walks of life who submitted their own footage of Seoul . . .

The whole film is available – at the above link – for viewing.

Open Thread – Valentine’s Day Edition

So He *Did* Intervene in The Election

Get_smart

For those that remember the story of Won Sei-hoon, former director of the NIS, that carried out a Tweeter campaign to bolster Park Guen-hye’s presidential campaign, it may come as a suprise that  the previous district court ruling that determined there was not enough proof that he tried to intervene in the election, was thrown out.

Won, instead won a brand-new go-to-jail card for three years:

The Seoul High Court, on Monday, dismissed the lower court’s decision and said he had also violated election laws. “It is fair to say Won had the intention to intervene in the election,”
(Judge Kim Sang-hwan)

I guess no one asked if anyone instructed him to do this, though Won was quoted as saying he did what he did “for the safety of my country and its people”.  Likewise, one might also say that the Seoul High Court overthrew the previous ruling for the integrity of the country and its people.

Older posts

© 2015 The Marmot's Hole

Theme by Anders NorenUp ↑