I find this answer highly implausible, not the least because maintaining cover doesn't count as dissing ("I infiltrated the org by telling them the lies they wanted to hear" is hacking 101). Also, North Koreans aren't dumb.
I find some people's attitude to NK hackers slightly schizophrenic: either they are a credible threat or they are amateurs. Which one is it?
> Dissing Kim is something that is not currently widely permitted in NK
This wouldn't be "widely", this would be a specific interaction with a hostile foreigner for the purpose of infiltrating them. It's not the same as being allowed to say this to fellow North Koreans.
> Not saying no one from NK never will, but so far almost everyone will immediately stop the conversation at this point.
Legitimate candidates would at this point too, so as a tactic this is useless.
> I find some people's attitude to NK hackers slightly schizophrenic: either they are a credible threat or they are amateurs. Which one is it?
I have no clue whether the proposed approach works, but there's a pretty coherent model that explains how it could, no schizophrenia needed: They are competent people in a cult.
Being unable/unwilling to diss Dear Leader even when it's advantageous to do so is very typical cult stuff. In fact, it's sort of why cults are dangerous. They compel people to do maladaptive things in service of the "ideals" of the group/leader.
This applies both to the spy directly (perhaps they would personally be unwilling to say such a thing), but also to their entire chain of command. Cults by their nature are not good at passing nuanced instruction like "you can say bad things about Dear Leader under these circumstances." Just because you're willing to diss KJU to get in the door doesn't mean you know your entire chain of superiors are cool with it.
So you're saying NK agents are completely different to, say, Soviet era agents, who could and would say anything as long as it furthered their mission?
Ok, fair enough. In common perception of NK, they do seem bizarre, not like the Soviets during the Cold War.
I think it's unwise to dismiss them as lunatics incapable of deceit. If I were a NK agent, I'd work towards this notion, "NK are incapable of lying if it would diss their leader, that's how we get them!". In fact, I would spread this notion in Reddit, like the OP mentioned.
By the way, this still leaves the easy way out of "why are you asking about Kim Jong Un in a job interview, is it because I'm Korean? I'd like to speak to your HR department please".
I'm just guessing but comparing the NK hacker to a late Cold War era Soviet professional spy is the wrong comparison. Maybe the closer comparison is asking a Soviet party member belonging to the professional middle class with a bit of spy training during the Great Purges to talk negatively about Stalin out of the blue.
Yeah I never got the impression that Soviets were as successfully isolated from the world as North Koreans are. But I’m not an expert on the matter!
I mean, I totally agree that this should not be relayed as a working method to identify spies haha. Just that it’s not beyond believability it’d work in some circumstances.
I am saying they are both a credible threat and many are amateurs. Those are not mutually exclusive.
You are talking about North Korea attackers from a theoretical point of view. For many people dealing with them is just a normal part of work. It's not an unknown that needs to be worked out logically from an armchair.
I'm saying this as someone who personally chatted with a North Korea persona that later tried to drop exploits on people, and the persona belonged to hacking group with at least one 50 million dollar heist. I've also seen the screenshots on many chats with North Koreans.
I don't consider screenshots evidence of anything, so I'll completely disregard that bit.
I'm curious about your personal experience though. Did you try this tactic, and did it work? And how sure are you these weren't random hackers or trolls, but actual NK agents?
> many are amateurs
So basically this would only get rid of the amateurs, low hanging fruit that would have been caught soon enough anyway, and do a "natural selection" of only the non-stupid NK hackers to infiltrate your org?
> And how sure are you these weren't random hackers or trolls, but actual NK agents?
"Agents" is way too big of a word. Just cogs in a corporate theft machine.
There's a lot of reasons I'm sure, but the biggest is because before a hack they asked for help doing something simple with a crypto address that was later used to test run the 50 million dollar theft that was North Korea. And also trying to drop North Korean linked malware is another data point.
This also hits my point about both dangerous and amateurs. They pulled off pretty sophisticated heist but, had to ask for help, asked for help using a crypto address tied to the theft, and blew the cover on an identity they had been building up for a year.
Here's a twitter thread I put together of both my conversation and others with this particular account:
I find some people's attitude to NK hackers slightly schizophrenic: either they are a credible threat or they are amateurs. Which one is it?
> Dissing Kim is something that is not currently widely permitted in NK
This wouldn't be "widely", this would be a specific interaction with a hostile foreigner for the purpose of infiltrating them. It's not the same as being allowed to say this to fellow North Koreans.
> Not saying no one from NK never will, but so far almost everyone will immediately stop the conversation at this point.
Legitimate candidates would at this point too, so as a tactic this is useless.