Having trouble keeping track of who was supposedly behind the hacking attack on Sony Pictures? You’re not alone. While law enforcement officials at the FBI and at the White House continue to insist that North Korea was “centrally involved” in the attack, numerous competing theories have emerged involving unhappy Sony insiders and Russian gangsters, among others.
Now, with a few clicks, you can conjure up an authoritative-looking page with “evidence” to support your favorite scenario. The Sony Hack Attribution Generator shifts the blame for the hack to another randomly generated party every time you refresh the page. One minute it’s North Korea, the next minute it’s organized criminals in Romania, a random employee or mobsters in the U.S., complete with IP addresses and links to Google Map images of where the “hackers” are.
It’s a joke, of course, a bit of pointed hacker humor commenting on the difficulty of “attribution,” always among the toughest problems in investigating computer crimes. Evidence, always scant, can and typically does point in multiple directions, and smart attackers often leave false clues meant to mislead. Numerous experts have sought to poke holes in the FBI’s findings. (For the record, the FBI has firmly stuck to its guns.)
“You’re probably avoiding the discussion because you’re ashamed to admit that you don’t know what happened and you don’t want to look amateurish in the eyes of your peers,” a Data Driven Security blog post explaining the site reads. “You probably spent the holidays hoping that your family wouldn’t bring up the subject and force you to take a position on the attribution.”
Rudis, who calls the site an “overly detailed joke,” created it with another collaborator, Kevin Thompson, a risk and intelligence researcher with Verizon. Alex Pinto, a security researcher and data scientist, came up with the idea.
In crafting the joke, they used some real data. The random “evidence” used to attribute responsibility for the Sony hack is taken from information used in Verizon’s Data Breach Investigations Report, an annual accounting of hacking attacks around the world, and the Veris Community Database, an open effort to catalog breaches. What’s the point of that? “You’ll know that your story is at least kind of plausible too!” they write.
This article originally appeared on Recode.net.