PDA

View Full Version : Have ya'll heard of this yet?



Diametric
September 22nd, 2010, 07:35 PM
http://news.yahoo.com/s/csm/327178

Also, the man quoted in the article can be found here: http://www.langner.com/en/index.htm

Makes for some interesting thoughts - would love to see how the code worked.

Cheers.

Phrea
September 22nd, 2010, 09:09 PM
Frightning, to say the least.

[coolest name tho]

EDIT: I feel like I just read the summary of a great sci-fi book and/or movie.

Ctrl-Alt-F1
September 22nd, 2010, 09:25 PM
Yeah, I heard about that before. It's both awe inspiring and terrifying.

Just a heads up: your thread title was very non-descriptive.

Dustin2128
September 22nd, 2010, 09:45 PM
hm, I remember hearing something about stuxnet, but I usually just glaze over malware articles. Quite interesting indeed.

Ocxic
September 22nd, 2010, 10:44 PM
Say hello the the beginning of SKYNET.

Rasa1111
September 22nd, 2010, 10:54 PM
yeah interesting...

grab yer "tinfoil hats"..
http://www.abovetopsecret.com/forum/thread613059/pg1...
lol

NCLI
September 22nd, 2010, 10:55 PM
Sounds like an impressive piece of code! I really hope it has managed to destroy that plant, building more nuclear weapons is bad.

I guess the creator is probably Israel.

t0p
September 22nd, 2010, 11:20 PM
I call BS on this. Does anyone here honestly believe that anything mission-critical at Bushehr is accessible from the internet? If Bushehr is involved in the creation of nuclear weapons (and please remember, people, that is an if - there's absolutely no proof that Bushehr is processing nuclear materials for anything other than power stations - if there were proof, the US or Israel would have bombed the place already)... if Bushehr is involved in weaponizing nuclear materials, all of its mission-critical systems would be seriously segregated from the internet; the only way to get this Stuxnet thing on there would be via the sneakernet (http://en.wikipedia.org/wiki/Sneakernet) - ie by someone going there and physically inserting it via USB stick or whatever. And if the US could do that, there would have been a meltdown or something at the facility. Why mess with computers if you can just walk into the facility with unauthorized hardware in your pocket?

EDIT: Just thought I'd better make it clear, I'm not doubting the existence of Stuxnet - it's got quite a bit of (rather hyperbolic) coverage in the tech press and blogosphere - it's just this Bushehr angle that I'm dissing as stoopid. The US military might leave internet-facing systems without security (as in the Gary McKinnon affair (http://en.wikipedia.org/wiki/Gary_Mckinnon)) but that doesn't mean the rest of the world protects its secrets in the same way.

Rasa1111
September 22nd, 2010, 11:26 PM
Sounds like an impressive piece of code! I really hope it has managed to destroy that plant, building more nuclear weapons is bad.

I guess the creator is probably Israel.


lol, I was kinda thinking something similar,
but didnt want to say..

[tinfoil hat on]
It is kind of "exciting" ...in a way... [or am i just messed up?]. :lol:

If this got into the "right hands".. or was even created by them.. [who knows?] lol...

good things could be done with it,
for the Planet, and humanity as a whole.

but bad things could also be done..

guess we just have to trust the Universe knows what it's doing...

and besides...
if it was Israel ~ we might as well be honest and say it was [also] the U.S. lol
[/tinfoil hat off]

:popcorn:

themusicalduck
September 22nd, 2010, 11:27 PM
the only way to get this Stuxnet thing on there would be via the sneakernet (http://en.wikipedia.org/wiki/Sneakernet) - ie by someone going there and physically inserting it via USB stick or whatever. And if the US could do that, there would have been a meltdown or something at the facility. Why mess with computers if you can just walk into the facility with unauthorized hardware in your pocket?

According to the article, that's exactly how it's being spread.

Engineers are walking around unkowingly with infected USB sticks and plugging them into a system. That system then infects any other USB sticks that are plugged into it.

t0p
September 22nd, 2010, 11:41 PM
According to the article, that's exactly how it's being spread.

Engineers are walking around unkowingly with infected USB sticks and plugging them into a system. That system then infects any other USB sticks that are plugged into it.

Yes, I read the article too. Maybe you posted before I posted my clarifying edit: I can't believe Iranian security at Bushehr would be so lax (if the facility actually is involved in the creation of nuclear weapons.

On re-reading my original posting, I can see where the confusion came from. My fault. Let me re-state what I meant to say:

If Bushrehr is doing what's claimed by the US and its friends, sneakernet would be the only way for malware to be introduced to the facility. And if Bushehr is a nuclear weapons facility, I find it unbelievable that security would be so lax as to allow it in.

Of course, "high-security" facilities are often more insecure than my own home network. But I still call BS on the Stuxnet-Bushrehr claims. Only time will tell who's right.

EDIT: One more thing I gotta add: if a country or other military organization is behind Stuxnet, why would they use this unpredictable, vulnerable, reverse-engineerable method to take out Bushehr? There could be a pretend "terrorist" attack to destroy the facility, or cruise missiles, or any number of more accurate and effective methods. Sure, Iran would blame the US and/or Israel. And sure, Iran would not believe the US and Israel's denials. But if Stuxnet does target and destroy Bushehr, Iran will blame the USA and Israel. And Iran will not believe the US and Israel's denials.

So why use an unpredictable method like Stuxnet rather than a nice big bomb? Just think, as Stuxnet spreads from one network to another, many of the US's enemies will obtain the code. They will probably be able to reverse-engineer it, and use it against the US or Israel or whoever. Does the US or Israel really want to give its enemies such a formidable weapon?

Rasa1111
September 22nd, 2010, 11:44 PM
yeah t0p,
it could simply be more made up media BS.
it's what they do best.. make sit up. lol

BigCityCat
September 22nd, 2010, 11:59 PM
http://news.yahoo.com/s/csm/327178

Very interesting article!


"What we're seeing with Stuxnet is the first view of something new that doesn't need outside guidance by a human – but can still take control of your infrastructure," says Michael Assante, former chief of industrial control systems cyber security research at the US Department of Energy's Idaho National Laboratory. "This is the first direct example of weaponized software, highly customized and designed to find a particular target."

"I'd agree with the classification of this as a weapon," Jonathan Pollet, CEO of Red Tiger Security and an industrial control system security expert, says in an e-mail.

Very interesting article!

BigCityCat
September 23rd, 2010, 12:08 AM
Why the hell is there a thumbs down on this thread?

Dustin2128
September 23rd, 2010, 12:14 AM
well, considering what humans have done with their planet so far, I for one, welcome our new robot overlords.

howefield
September 23rd, 2010, 12:20 AM
Why the hell is there a thumbs down on this thread?

Maybe because it has been discussed for a few hours already, although it was hard to tell from the thread title.

Threads merged.

Paul820
September 23rd, 2010, 12:35 AM
You see what happens when people go too far. I can see this backfiring badly in the future. :(

Someone will do bad things with it, that's if it's true of course.

BigCityCat
September 23rd, 2010, 12:38 AM
Maybe because it has been discussed for a few hours already, although it was hard to tell from the thread title.

Threads merged.

Yeh I didn't see that. I did look before I posted it.

Khakilang
September 23rd, 2010, 09:34 AM
If stuxnet can disable a nuclear weapon with just a USB pen drive it is so much the better than using another nuclear weapon to destroy it. Less destruction to the environment.

matthewbpt
September 23rd, 2010, 10:50 AM
Sounds like an amazing piece of code, though I would think that the computer running the control program would have too much security to allow someone to just plug in a usb stick into it, the target assumed is really just speculation. Wouldn't something like this usually be controlled from a mainframe or some sort of supercomputer? These kind of computers typically don't run Windows do they... This is a Windows virus right?

@TOP: Well the advantage of this kind of attack is it's complete openness, the attacked have no idea who and where it came from. Also less casualties I imagine, and if somehow there is a hug explosions with thousands of casualties, the country or the international community doesn't know who to blame. Sounds like quite a big advantage for the attacker.

NCLI
September 23rd, 2010, 11:17 AM
Sounds like an amazing piece of code, though I would think that the computer running the control program would have too much security to allow someone to just plug in a usb stick into it, the target assumed is really just speculation. Wouldn't something like this usually be controlled from a mainframe or some sort of supercomputer? These kind of computers typically don't run Windows do they... This is a Windows virus right?
No, it is a virus targeted to the special OS, possibly Linux-based, if anything, that Samsung uses in their industrial control system. Also, you forget to take into account that the person who inserted the USB drive probably did it unknowingly, and it may even have been the guy responsible for setting up the security of the system, so the virus may have gotten in before there was any security.

xir_
September 23rd, 2010, 12:43 PM
Less destruction to the environment.

And people?

grahammechanical
September 23rd, 2010, 12:56 PM
Can we connect this with a recent post about Microsoft having a patent on what it calls Mobile applications on USB memory sticks? I am just teasing the conspiracy theorists among us. But a USB stick with a supposedly pirated copy of a MS operating system that actually causes the person's computer to do loopy things, is an interesting idea. Oh, I just remembered. The loopy things bit was not part of the patent. Pity. :)

undecim
September 23rd, 2010, 02:09 PM
I call BS on this. Does anyone here honestly believe that anything mission-critical at Bushehr is accessible from the internet?
[SNIP]


Worms don't have to spread through the internet. They can infect USB drives or other external media. I'm sure there were computers used to control parts of the plant, and It's not far fetched to say an employee plugged a flash drive into one of those computers.

EDIT: In fact, read the article.

Unlike most malware, Stuxnet is not intended to help someone make money or steal proprietary data. Industrial control systems experts now have concluded, after nearly four months spent reverse engineering Stuxnet, that the world faces a new breed of malware that could become a template for attackers wishing to launch digital strikes at physical targets worldwide. Internet link not required.

Rasa1111
September 23rd, 2010, 08:11 PM
And people?

People cause the destruction.

Karma balances it all out. :KS

Mr. Picklesworth
September 23rd, 2010, 09:17 PM
Sounds like an impressive piece of code! I really hope it has managed to destroy that plant, building more nuclear weapons is bad.

At risk of making this a political thread, have you considered the possibility you are being fed propaganda which has affected your judgement here? I'm getting the strong sense that a lot of FUD is flying around, aiming to justify a future takeover of Iran. It smells like a better orchestrated version of the Iraq thing. They're letting it stew for a bit longer so the whole “Iran is evil and wants to kill us” idea gets settled in.

This situation also has the unfortunate (or fortunate, depending on who you ask) side-effect of villainizing nuclear power plants as legitimate sources of energy.

cprofitt
September 24th, 2010, 01:14 AM
When we talk about such subversive plots...

Would it not make sense that the creator of the virus would have the highest 'infection' rate... to throw off suspicion?

uRock
September 24th, 2010, 01:31 AM
At risk of making this a political thread, have you considered the possibility you are being fed propaganda which has affected your judgement here? I'm getting the strong sense that a lot of FUD is flying around, aiming to justify a future takeover of Iran. It smells like a better orchestrated version of the Iraq thing. They're letting it stew for a bit longer so the whole “Iran is evil and wants to kill us” thing gets settled in.

This situation also has the unfortunate (or fortunate, depending on who you ask) side-effect of villainizing nuclear power plants as legitimate sources of energy.
I agree totally. It is too bad that the US doesn't pursue new nuclear power plants instead of going backwards and building coal fueled plants.