• mwguy@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    7 months ago

    In other words, China, Malaysia, Korea, etc. – somewhere in Asia.

    The Shadow Broker’s leaks showed that state actors had whole tool suites to ensure that the product appeared like it was coming from a different location. Given that those tools have been leaked since 2016 and the concept is even older; relying on metadata like timezones, character set, etc… to make determinations about location is unreliable at best.