>P4x notes that while his attacks at times disrupted all websites hosted in the country and access from abroad to any other internet services hosted there, they didn’t cut off North Koreans’ outbound access to the rest of the internet.
Did this achieve anything or did he just push them to patch vulnerabilities that could have been put to better use?
Almost certainly the latter. Chances are good "allied" states like the US or S.Korea, with their cybersecurity budgets many times larger than either N.Korea or any private firm or group, also already knew about these and many other vulnerabilities, and were saving them for an emergency response in case N.Korea attacks someone in the region; instead this irregular has just burned this part of that puzzle for no gain except making himself into a peacetime media darling for magazines shortsighted enough to fawn over him like Wired. This is also why they say no plan survives contact with the enemy.
nah, I used commonly known memory exhaustion denial of service vulns ONLY. There were other vulns but I did not reveal those publicly ;-). In other words, no operations were affected or compromised here.
check out my twitter @_hyp3ri0n and tell me to post something (discreet please) to prove it’s me.
>In other words, no operations were affected or compromised here.
How do you know this? Did you check it with the NSA, or Cyber Command, or the CIA, or literally anyone before running your "attack"? Will they confirm this discussion? If you're going to make the claim of truly being on the US side of the Pacific theater, it'd be nice to have a little concrete evidence of such. I don't particularly care what vulns you use at all; what I care about is that you're wise enough with any of them to not push us into the tragedy of the commons for your own short-term gain. (For similar reasons I also do not particularly care what someone who passed beneath the intelligence ceiling for writing in wired magazine has to say about you. This is like a university professor trying to claim an interview in the campus student paper as a citation of their work.)
If they were "commonly known", then you exploiting them seems even more, not less, likely to have removed them from stockpiles, no? Because the North Koreans were clearly not going to fix them on their own anytime soon (because they hadn't bothered to all that time), until you came along and offered free pentesting services; while those vulns were even more likely to have already been included in stockpiles (being so well known).
>P4x notes that while his attacks at times disrupted all websites hosted in the country and access from abroad to any other internet services hosted there, they didn’t cut off North Koreans’ outbound access to the rest of the internet.
Did this achieve anything or did he just push them to patch vulnerabilities that could have been put to better use?