You must log in or # to comment.
It sounds more like they’re just using this as an excuse to justify their keystroke speed monitoring software, and using “He was a NORF KOREAN SPY!” as an excuse for when they fire employees for failing to meet their WPM typing quota.
I’ve heard of a few places in the news that have had secret DPRK employees, and the whole spy angle doesn’t really make sense when you realize they basically never do any actual spying, they just do the work that’s required of them and send the money back through various remittance services usually through China or SEA countries.
The tipoff for a lot of these places is either a lot of weird changes to their direct deposit info in a short period of time (indicating laundering through different banks/remittance services), or having odd behaviour during video calls/interviews; sometimes they’ll hire someone in the usa to be their face, and one case I’ve read about apparently used an AI generated voice and filter.
110ms is not barely perceptible thats unplayable for some games
That’s because you know when you pressed the key and you expect an immediate response. I still don’t understand how it would be noticed in the context of IT work.
If they have a remote login to a pc physically located in the country they claim to be working from i could see it.
How so?
Maybe for fighting games. Pretty much anything else it doesn’t matter much
MOBA and FPS suffer pretty heavily at high double digits
FPS maybe. Moba isn’t really a problem. Yes the gamefeel is way better at low ping, but 200-300 ping maybe makes a couple of tricks impossible, definitely doesn’t cause any real problems.
200 ping was definitely the upper limit for league of legends ime. 225-250ish ms and a lot of skillshots became unreactable
rambling about ping on Pokemon unite, so putting it under spoiler
I guess with moba is that it makes certain classes, tricks and play styles less viable, and if you’re playing casually then gamefeel is mlre important than toughing it out for grinding rank. My reference point is Pokemon Unite.
Speedsters (fragile jungle, melee combo, high skill floor and ceiling class) became frustrating to play at 100fps and above, because if you miss a combo, the game doesn’t register a hit in time, or get stunned out of a move and can’t full heal (remove status conditions including stun) then you’re done for.
Between 100 and 150, ranged auto-attackers are basically fine so long as they pre-run from threats early, trick-shot attackers have to compensate for lag/doubly lead their target.
150 and above, my experience was that the only playable classes were supporters (AOE healers/buffs) and defenders (CC) which just have to worry about position between allies and enemies.
150 and above yes it’s playable but it feels sluggish and isn’t enjoyable. On Pokemon Unite, the Oceania playerbase isn’t large enough so I was often dropped into SE Asia servers and my winrate would tank, so I stopped playing, and I wasn’t willing to play exclusively defenders/supports to prop up my WR on SEA servers
I knkw for gamers here this may be more or less kf an issue depending on their preferences or what they play. My friends who play moba and fps complain at much lower ping than i do :/
Maybe it’s just a netcode difference. In league it’s literally like a single digit number of individual tricks didn’t work at insanely high ping. Like one combo on one out of 150 characters.
I used to play online games in the global south with triple digit ping as normal (I sucked ass)
I’m in a global north metropole and sometimes get single-digit ping (I still suck ass)
United across borders
Me playing with 180 and up when playing most games. 140 is great ping for me tbh and the only time I got 110 or less is counter strike.
I’m so sorry :(
I sort of got used to the experience even though it was frustating but I don’t play multiplayer much anymore because anticheat does not always work on linux :/
this fascinating new case of North Koreans trying to infiltrate U.S. organizations to raise hard currency for the Democratic People’s Republic of Korea (DPRK),
They were… working? In exchange for money? Oh god the horror!
Actually hilarious line
Assuming this is true, A: why the fuck does Amazon have that level of surveillance on their tech staff? And B: Isn’t DPRK supposed to be a starving, impoverished, technologically backwards country?
This isn’t the win they think it is.
They probably survey their staff on productivity levels and to make sure nobody documents stuff that’d make the company look bad. That is my guess.
Normally, a U.S.-based remote worker’s computer would send keystroke data within tens of milliseconds.
How does Amazon know when they actually pressed the key?
“I asked him via Slack how the project was progressing, and it took 800 ms for him to start typing a reply! We expect no less than 300 ms here at Amazon.”
Easiest way I can come up with would be to have the keylogger send timestamps with the keystrokes, which would be compared with the time at the server that receives them.
The system time on computers is typically off by a couple seconds.
I can understand how the server could measure the latency by pinging the computer, but that doesn’t involve keystrokes at all.
Pretty wild how easily all these comrades in the DPRK are getting hired. Maybe they should run a course on gaming the hiring process. I bet they’d make bank.
The problem of North Koreans infiltrating U.S. corporations for profit, mischief, and more is undoubtedly a serious one.
North Korean mischief
…and more?
“Ohh nooo…look at all of these workers that keep maliciously infiltrating us without us knowing about it…I guess we better cut them off without paying them for any of their work… 
”That’s easily circumvented by routing the traffic through a proxy in the region. Sloppy. Should’ve had a server they routed it through inside the US.
Um not really? They claim that they detected it because of the high ping, that’s a network infra and speed of light limitation. All a proxy would have done was make the ping worse.
They tracked down the corporate issued laptop to Arizona where it was allegedly being remotely controlled. From there the article doesn’t say how they identified it as North Korean, maybe it was coming from a North Korean IP or maybe it wasn’t but they already have a group setup to find North Korean remote workers so that’s what they decided it was.
Amazon’s success can be almost entirely credited to the fact that it is actively looking for DPRK impostors, warns its Chief Security Officer. “If we hadn’t been looking for the DPRK workers,”
Whoever it was, was already busted when it was tracked to Arizona so again a proxy wouldn’t have avoided detection
All a proxy would have done was make the ping worse.
They can’t know what the ping between Korea and the US proxy is if all they see is the US proxy. What they get is just the data from that server to Amazon.
Had they been using a proxy instead of remotely controlling the laptop directly, only the proxy would have been found. Amazon would have hit an investigative wall without a police warrant to demand that information from the server owners (which could be set up independently too), they would not have this for a private investigation.
Thinking about it more this story smells. They’re clearly not being truthful about some part. If it was a remote controlled laptop from Arizona the time between a keystroke on the laptop and Amazon receiving it should be normal.
If the remote controlled laptop part is true that would be because Amazon only allows company issued devices to access the VPN (and then access internal resources) which lines up with my experience. To get around that and not have to use the corp laptop they would have to crack whatever secure endpoint attestation Amazon is using to connect to the VPN. Then they’d have to reverse engineer and spoof all the spyware (that’s doing shit like apparently precisely tracking every keystroke). Because without the spyware checking in reporting normal they’d probably detect it even faster. After that’s done you’re right they’d obviously want to use a proxy but again that doesn’t seem at all why they were caught and getting to the point of being able to just directly connect to Amazon’s VPN through a proxy would be a heavy lift requiring a very sophisticated attacker.
The corporate laptop is probably very locked down and I bet Amazon actually caught this from the remote control software being detected by some local security scanner that wasn’t properly circumvented.
I suspect what they did here was recover the laptop and capture the collaborator while managing to ensure that the remote worker who was logging into that laptop was unaware of its capture.
Then at that point they could then measure the ping between the laptop and the DPRK worker in order to find the location of the person logging into it.
There’s still information missing about how they would have caught the collaborator though.
I’m no expert but I’ve worked with people who’ve accessed our corporate VPN while abroad in another global north country and that raised alarm bells. Surely Amazon is at least as careful as my rinkydink org, and would’ve blocked a request from DPRK, no?
Just speculating since the article’s light on details but I’ll bet they had to VPN to get on Amazon’s net in the first place, and that’s where the latency was introduced. Not sure how you’d work backwards to DPRK from there but again I’m not an expert.
The article could be light on details cause it’s entirely made up.
North Korean “infiltrators” are getting hired at amazon as remote workers to raise money for the DPRK because if their poor and starving state could just get a little money into their evil anti-money communist society then they could build anti-freedom missiles and finally invade the free world.
The DPRK is partnered with China and Russia and they’ve had decades to rebuild after the holocaust. They have more security now than they ever have. Money isn’t the whole point and only way to do shit in the DPRK. Their issues come from a capitalist monarchy belt with a massively widespread reign of influence. Whoever’s idea it was that they need to apply for jobs at Amazon like common USian peasants probably got hired after the cuts to our propaganda department.
I read it more as a data exfiltration thing vs fundraising, but that’s also compatible with your point, I think, and taking the article at face value is for sure unwise. Thanks.
Yeah if any of it happened at all I find it way more probable that it was some sophisticated labor arbitrage where remote workers apply to “US based” jobs for the US wage scale. Why else would Amazon be spending money to prevent those " 1,800 DPRK infiltration attempts"
