Iran Arrests Alleged Spies Over Stuxnet Worm 261
kaptink writes "Reports surfacing from Iran claim 'nuclear spies' have been arrested over the infection at the Busheher nuclear station, which opened in August. According to Intelligence Minister Heydar Moslehi, because Stuxnet is so sophisticated, cost so much to write and uses two stolen security certificates, he believes only a national intelligence agency or a huge private company could have devised it, calling them 'enemies' spy services."
The country that cried wolf (Score:5, Insightful)
They may be right this time, but who will believe them? For those living under a rock, I'm referring to the 3 American hikers who allegedly strayed over the border from Kurdish Iraq, two of which are still being held as spies.
Re:They cried wolf because ... (Score:3, Informative)
They arrested "The Usual Suspects".
Re: (Score:2, Insightful)
Just the actions, manerisms and behavior of the woman since she was freed already has CIA written all over them. Put that together with the propaganda and where they were and I'
Re:The country that cried wolf (Score:5, Insightful)
Why in the hell would the CIA send three very obviously non-Iranian looking Americans hiking around the Iranian border?
You're an idiot to think they have anything to do with the CIA. They are were "caught" after visiting the Ahmed Awa waterfall, which happens to be only a few miles from the Iranian border. They are nothing more than a bunch of hippie activists who were stupid enough to wander into a questionable area.
Re: (Score:3, Insightful)
"No one does."
Never underestimate human stupidity. If they weren't spies, they should have been shot for being idiots.
No USian not on government or military business has any reason to be where they were.
Re:The country that cried wolf (Score:5, Interesting)
Except maybe for the beautiful landscape and friendly people? Unlike most commenters here, I did hike in Iran. There are no maps there, or trails, you just have to go by spoken directions ("take a taxi to XYZ and then head south for two days"). Which means you can get horribly lost.
And info on the safety situation can be just as fuzzy, people in the cities (worldwide) have no idea what the situation in the mountain is, but will give you their personal fabricated opinion as a fact.
Personally I would be most worried about anti personel mines that are scattered throughout the border region. Against Iraqi troops, fugitives, and smugglers.
But Iraq is a big country, and can be hell on one spot and perfectly safe on another. As a matter of fact, just spoke someone last week who had just returned from a climbing trip in Afghanistan. Not being a couch potatoe does not equal to being a CIA agent
Re: (Score:3, Informative)
When I was in Iraq in the Army, there were several cars searched by my unit where the drivers were basically tourists from American and Canada. This was Ramadi in 2006, which blew our minds. It's like...um, you do know these people will kill you, right? Between the IEDs, insurgents, or accidentally driving too close too fast near US troops....fuck that. But there they were, and on their way they were sent.
Re: (Score:2)
did you use "intensive" intentionally in your sig, just to piss people off?
Because that's still a stupid reason to do it, and the alternative is you really don't know it should be "intents and purposes."
Comment removed (Score:4, Insightful)
Re: (Score:2, Insightful)
Use, "hikers.". Sure. Keep telling yourself and everybody else they were hikers, I'm suee you will eventually believe it.
Hikers do not scout out the border regions of Iraq and Iran. Undercover spies do.
For that matter (Score:4, Insightful)
Who says they didn't do it themselves? I mean since all we've got is weak, conspiracy theory level evidence, let's go for a double secret reverse conspiracy theory: Iran wrote Stuxnet. Their nuclear program was not going as well as they'd hoped. It was faced with setbacks they didn't want to have to acknowledge. Also, they'd really been hoping for an Israeli air strike. That would give them justification on many levels. However everyone was just bitching about it and doing things via diplomatic channels, nobody was attacking. They had nobody but themselves to blame for their problems, and the Jews were not being evil like they should.
So they write Stuxnet. It'll unleash some havoc in general in western countries which is nice and guarantees news time, but gives them a good excuse as to why their shit isn't done on time. However they don't want it to actually damage anything really important. Also they can't very well go telling people "Ummm secure your shit against this," since it has to be clandestine. So they add a "do not infect" code. They can then stick that code on the systems they need to be actually safe. They make it an obtuse Jewish reference to cast possible suspicion is Israel.
They let it lose, havoc happens it is big news. Iran says "Ahhh, this has broken our nuclear shit! Those evil Zionists!" They get to play the victim, they have a good explanation as to why things aren't on schedule, they get to arrest people they don't like, etc.
There you go. Another flimsy conspiracy theory that also fits the very limited available evidence. Hopefully this demonstrates precisely why rushing to assumptions of conspiracies based on minimal evidence is such a bad idea.
Re:For that matter (Score:4, Insightful)
Another flimsy conspiracy theory that also fits the very limited available evidence. Hopefully this demonstrates precisely why rushing to assumptions of conspiracies based on minimal evidence is such a bad idea.
Exactly what part of Iran's foreign relations over the last 30+ years would be considered "a good idea"?
For all the stupid stuff that we Americans might be responsible for, from the Shah to funding Iraq during their war with Iran, Iran has consistently been run by fanatics for decades, and the only reasons that they have not been bombed off the map is that they are a major producer of oil. They all but openly support terrorist organizations all over the globe, and their leadership *obviously* does not reflect the will of the people. I just hope that we figure out how to reduce our dependence on their oil quickly, so that when their citizens finally do rise up into civil war, it won't cause a major worldwide recession/depression. And I hope we stay out of it and just let them settle it themselves.
How come Iran can do it when others can't? (Score:5, Funny)
See the thing is Iran is so efficient on on catching crooks (whether they are actually guilty of the crime the are charged with or not) while the rest of the world seems to lag way behind.
Why?
Re: (Score:3, Funny)
Well that's pretty easy. You just need to wave your arms a lot, scream they're evil Jews and you're all set.
Re:How come Iran can do it when others can't? (Score:5, Interesting)
Allah is one weird entity. Apparently, under traditional Muslim belief, Allah is so other that one can never communicate with It directly. Errr...so how do they explain Muhammad? Dunno. Anyhow, Muslims are fond of saying "if Allah wills it" to apply to any of their wishes. Okay, so..this Allah entity, he apparently willed Jews to create modern Israel? Or the Saudi royal family? Or forces making Muslims "victims" in the modern world? The schism between Sunnis and Shi'ites? What about the Alawis, Sufis, or any of the other innumerable Islamic sects?
If Allah is so just, how to explain the status of women in the Islamic world? What about the infidels? Islam is supposed to be a tolerant religion. Okay, where are the Christian churches in Saudi Arabia or the Jewish Temples? How come the Ba'hai are persecuted in Iran? What's with the Fatwas for killing whomever the Fatwa-er deems deserving of death? If Allah is It's cracked up to be, how come It cannot defend Its own turf and must rely on Muslims to do Its dirty work? And if It is so other, how can Muslims be relied on to interpret what It wants?
Re:How come Iran can do it when others can't? (Score:5, Informative)
Allah is one weird entity. Apparently, under traditional Muslim belief, Allah is so other that one can never communicate with It directly. Errr...so how do they explain Muhammad? Dunno.
I'm not religious, but I'm a student of religion. According to legend, Muhammad was recited the passages of the Koran by the arch-angel Gabriel (acting as an intermediary of sorts I suppose). I don't believe Muhammad ever talked directly to god.
Anyhow, Muslims are fond of saying "if Allah wills it" to apply to any of their wishes. Okay, so..this Allah entity, he apparently willed Jews to create modern Israel? Or the Saudi royal family? Or forces making Muslims "victims" in the modern world? The schism between Sunnis and Shi'ites? What about the Alawis, Sufis, or any of the other innumerable Islamic sects?
The same B.S. so many other religious espouse... "God works in mysterious ways." It's childishly easy to come up with a reason for god letting these things happen. Persecution as a test of faith. Let an enemy rise to power so they have someone to conquer and become stronger. Etc. etc. Typically it's all "test of faith" as the usual reason.
If Allah is so just, how to explain the status of women in the Islamic world? What about the infidels? Islam is supposed to be a tolerant religion. Okay, where are the Christian churches in Saudi Arabia or the Jewish Temples? How come the Ba'hai are persecuted in Iran? What's with the Fatwas for killing whomever the Fatwa-er deems deserving of death? If Allah is It's cracked up to be, how come It cannot defend Its own turf and must rely on Muslims to do Its dirty work? And if It is so other, how can Muslims be relied on to interpret what It wants?
Women get the short end of the stick because, well, it's a power and control thing. Lots of religions had it (and still have it), although Islam is the only major religion that suppresses so many minority and women's rights so egregiously.
As for why Muslims have to do God's dirty work, well... the same reason that the Crusaders did god's work (in their view). If there is a god he's either unwilling or unable to influence the world on a large scale.
As for the inconsistencies in logic, well, that's Religion 101 for you. Logical fallacies left and right. Thankfully the majority of Muslims are moderates, otherwise we'd have car bombs and Jihadists everywhere. After all, you don't see evangelical Christians blowing up Planned Parenthoods and headshotting abortion doctors every day, do you?
Re:How come Iran can do it when others can't? (Score:5, Informative)
...otherwise we'd have car bombs and Jihadists everywhere. After all, you don't see evangelical Christians blowing up Planned Parenthoods and headshotting abortion doctors every day, do you?
Dunno. We're pushing nearly 18k terrorist attacks by muslims since 9/11, that's quite a few. And if you take a look in various parts of the APCR where it's supposed to be moderate, you sure do see a lot of jihadi's, public whipping, and 'ankle' laws.
And well, you don't. Mostly because mainstream christianty keeps evangelical's in check, they might spout the crazy but the rest don't let them go any further.
Re: (Score:3, Funny)
After all, you don't see evangelical Christians blowing up Planned Parenthoods and headshotting abortion doctors every day, do you?
Sounds like an awesome Counterstrike mod!
Re:How come Iran can do it when others can't? (Score:5, Insightful)
Re: (Score:2)
See the thing is Iran is so efficient on on catching crooks (whether they are actually guilty of the crime the are charged with or not) while the rest of the world seems to lag way behind.
How is this different than Japan's forced confessions?
Re:The country that cried wolf (Score:5, Funny)
I don't know what they allege that those they have arrested have done
They're probably charged with 'Breathing Iranian Air without Governmental Permission' which usually results in a sentence that prevents them from becoming repeat offenders.
Re: (Score:2)
Any bets on a couple of kid hackers being uncovered as the real authors after a few more weeks of news reports about how it was all spies?
Sure there was some inside info needed but I can imagine some overly nationalist hacker in america, israel or elsewhere chipping away at something like this for years and gathering the needed info.
Re: (Score:2)
Show me that kid hacker which has access to a SCADA system and can pinch a valid digital certificate.
I have a special deal for you if you can show said kid and the kid. There are quite a few places where I can submit your resume for a nice commission.
Re: (Score:2)
You'd be surprised at how good the Script Kiddies have become. While I agree that it's unlikely that there's a couple of them at the bottom of this, mainly because there's no payoff for them to be doing it- it definitely is not outside of the realm of reality for the reasons you state.
Re: (Score:2, Insightful)
Svartalf? You shillin' dude?
Do you understand what you just stated? Script Kiddies don't become competent with time or practice .. that's why they're called 'Script Kiddies'
Re: (Score:2)
Any bets on a couple of kid hackers being uncovered as the real authors after a few more weeks of news reports about how it was all spies?
"Sources close to Iranian intelligence services reported today that they allegedly suspect two elite Zionist hacker-spies, codenamed "Trinity" and "Neo", one of which reportedly compromised the US IRS d-base, basing this suspicion on intelligence it said was gathered from Western sources. Also reportedly wanted for interrogation is someone that they can only identify by t
"For all intensive purposes" (Score:2, Funny)
That woosh noise you herd mint something.
Re: (Score:3, Funny)
Bah! (Score:5, Insightful)
Re:Bah! (Score:4, Insightful)
Re:Bah! (Score:5, Interesting)
A catastrophic meltdown benefits nobody. It wouldn't be sufficient to wipe out all of Iran's military capabilities and it would likely cause them to reflexively strike Israel. Not good.
It would destroy their plant, their centrifuges, and their current ability to enrich uranium, and would give them a giant, expensive mess to clean up. They know if their plant were to be destroyed they would be seen internationally as stupid buffoons incapable of safely executing nuclear tasks, when their goal is to be seen as a mature modern nuclear power who should be taken seriously.
A meltdown would likely cost them ten years to recover from, and the current regime may be too fragile to survive it.
Iran is not a completely crazy country. Sure, the leadership is run by corrupt figures who use religious zealotry to organize the poor in order to remain in power, but that's no different than many Western countries. But many Iranians are middle class kinds of people, not the raving lunatics who want to nuke the rest of the world like they portray on TV. It's certainly possible that if the current leaders were to stumble on the national stage that the poor might see them for who they are, and violently remove them from power.
Re:Bah! (Score:5, Funny)
Re: (Score:2, Insightful)
Sure, the leadership is run by corrupt figures who use religious zealotry to organize the poor in order to remain in power, but that's no different than many Western countries.
The Republicans are doing a hell of a job - just look at how they took over the TEA Party. The religious nuts are pushing out the libertarians and are ruining something that had a lot of potential.
Re:Bah! (Score:4, Informative)
The tea party has never been a grass roots org. Launched by a stock exchange trader on CNBC throwing a fit, and funded by Dick Armey's Freedom Works; the tea party has always been the Republican Party.
Re: (Score:3, Insightful)
"The religious nuts are pushing out the libertarians and are ruining something that had a lot of potential."
WHAT Libertarians? All two or three of them? There have never been any secular rightists in the US who matter, sad to say.
Anyone awake knew the Tea Party was a front group for the rich, whose foot soldiers are the Religious Right. That was never in question.
"Value Voters", my happy ass! Bible Nazis in a Rovian Rerun (and mostly minus Rove) with a massive money infusion from the Koch Brothers is what t
Re:Bah! Silly (Score:4, Interesting)
What was started by people who just wanted their constitution back, of course has drawn attempts from all over to co-opt it in some way. Duh....don't you know how things work?
Even on NPR...they had an "interview" with a Texas woman who was a real tea party organizer, and cut in with some dude who was one of those religious wing nuts (only a member of the tea party, so he said) who basically, right there on the air threatened that if the tea party didn't go his way (org of family something or other) they'd pull out. She said, fine -- you are welcome here, it's a big tent, but nope, we're not going to push your particular cause for you, why not go try and convince the NRA to push laws against abortion -- you're in the wrong place.
Though NPR is showing signs of seeing blood in the water and not as much a cheerleader of the current majority in government as before, this was their big attempt to discredit the tea party, and it failed pretty badly I think.
When something like that comes from nowhere and threatens the incumbency machine that is the rebuplocrats -- sure, there's going to be a s**t storm of attempts to discredit it, again, doh.
If either the dems or the repubs were "for the people" would there be the mickey mouse copyright law? Would pot still be illegal? Wouldn't someone at least have gone to jail over the economic issues? I'm too lazy to type the other five hundred examples, do some homework.
You might not like the tea party, and for sure it has collected some whack jobs -- big tents do that.
Wouldn't a bunch of crazy incompetents do a better job than the current batch of well connected thieves?
I rest my case.
Re: (Score:3, Insightful)
Do any planks in the Tea Party platform address any of these in a positive way?
Re: (Score:2)
Re: (Score:2)
"It would destroy their plant, their centrifuges, and their current ability to enrich uranium"
How? Do you seriously think that they are located next to the reactor?
Re: (Score:2)
I never said "reactor". I said "plant".
The enrichment plant is the building (or buildings) that contains the centrifuges, and the centrifuges are the devices located in the plant that they use to enrich the uranium. Yes, I seriously think that if stuxnet causes a coordinated series of centrifuges to fail, that the plant where they enrich the uranium will be seriously damaged by the release of uranium hexafluoride and it will be very difficult to contain and clean up.
Re: (Score:2)
Iran is not a completely crazy country. Sure, the leadership is run by corrupt figures who use religious zealotry to organize the poor in order to remain in power, but that's no different than many Western countries. But many Iranians are middle class kinds of people, not the raving lunatics who want to nuke the rest of the world like they portray on TV. It's certainly possible that if the current leaders were to stumble on the national stage that the poor might see them for who they are, and violently remove them from power.
Wow. This sounds like you live in Iran, since you know so much.
You do live in Iran, don't you?
I mean, you've at least been to Iran once, haven't you?
Ah, I see.
Re: (Score:2)
I know some Iranians, and one used to be in my family. We talked. He certainly wasn't a crazy, and simply wished he could go back home to visit his family. He fled during the revolution (instead of "serving" the aforementioned corrupt and/or crazy people) and could not risk going back, but he certainly stayed in touch.
But nice ad hominem attack -- "if you're not Iranian, you can only be ignorant." When you wrote this, did you have some kind of point, or are you just yet another bigot who doesn't like ha
Re: (Score:3, Interesting)
Iran is not a completely crazy country. Sure, the leadership is run by corrupt figures who use religious zealotry to organize the poor in order to remain in power, but that's no different than many Western countries. But many Iranians are middle class kinds of people, not the raving lunatics who want to nuke the rest of the world like they portray on TV. It's certainly possible that if the current leaders were to stumble on the national stage that the poor might see them for who they are, and violently remove them from power.
Wow. This sounds like you live in Iran, since you know so much.
You do live in Iran, don't you?
I mean, you've at least been to Iran once, haven't you?
Ah, I see.
I've been to Iran three times since 2003, and I can agree with the person that you are responding to. I've been to three major cities - Tehran, Esfahan, and Shiraz. I do have relatives there, so I may be biased. The majority of the people that I've met and spoken to are moderates who are stuck under the thumb of an oppressive regime. Every time they try protest, the government mobilizes their armed thugs to quash it. And since weapons are banned in Iran, the citizens have no means of defending themselves.
It
Re: (Score:3, Informative)
Re:Bah! (Score:4, Interesting)
This newsarticle is pure BS. The attack didn't target Bushehr: when Stuxnet became public, Bushehr wasn't even online yet. Stuxnet targeted the iraniane Uranium enrichment facilities in Natanz and presumable other, secret, places. Those all use Siemens PLCs too and the code in Stuxnet for the PLCs is actually geared to break those centrifugues. It's also a much more sensible target IT wise: all the centrifuges are controlled by the same PLCs, the same programs running on each PLC for each centrifuge.
Corroberating this is that in early 2009 shortly after Stuxnet was known, Iran publically suffered a big setback in nuclear enrichment and the government official in charge of the nuclear program was let go.
So Stuxnet was successful in its mission to disrupt the nuclear program and heads rolled in Iran while some unspecified intelligence agencies got high fives all around.
Re:Bah! (Score:5, Insightful)
Your post is more or less the wired article linked to a last week. Nataz was certainly targeted by Stuxnet. That said, the news article isn't BS. The news article is reflecting what the Iranians are doing: using Stuxnet to arrest and jail undesirables and furthering their "us vs them" ideology that keeps them in power. Any accident at any plant going forward will not be a sign of incompetence but a sign that western powers are targeting Iranians.
Anyone that pissed off someone in power at Bushehr is now a spy and will be executed. They'll also probably arrest some foreigners and use them to trade for real spies of their own caught overseas. That's how these oppressive regimes work. Theocracy isnt a valid form of government.
Re:Bah! (Score:5, Funny)
Nuclear reactors are built with multiple redundancy to the point that failure is inconceivable.
You keep using that word. I do not think it means what you think it means.
Re: (Score:2)
Thank you for the laugh. Was the Princess Bride reference intentional?
http://www.imdb.com/title/tt0093779/quotes
This being Slashdot, I can pretty much guarantee that it was. And it was perfectly executed.
strangely like the princess bride. (Score:2)
"only a national intelligence agency" (Score:5, Insightful)
So called security experts - most of them in fact peddlers of software who depend on the fear of malware for their incomes - are not unbiased commentators. Remember how USL claimed that Unix was too complicated for Berkeley grad students to have replicated without copying their proprietary code? And SCO claimed that Linux couldn't possibly be that good without belonging to them? In fact, there's no software "so sophisticated" that it can't be produced by a bunch of sufficiently dedicated geeks.
It's an argument particularly appealing to conspiracy theorists - look at how the authors of "The Holy Blood and The Holy Grail" insisted that no-one would expend the effort to forge the documents they relied on, even after the hoax was admitted. You just can't judge this kind of thing on that basis.
Re: (Score:2)
Only, this is exactly how you WOULD do it if you were to use a botnet component in an information warfare strategy. I direct you to the excellent work of Charlie Miller.. who worked for the NSA and has DONE this type of work before (information warfare against foreign governments). Much of his paper is just plain logic/reason as well. Think about it. Especially with the stolen certificates. If I have stolen certs those are BIG playing cards. Like sitting on golden 0-days. You don't whip those out until you
Re: (Score:2)
Whoops: https://www.defcon.org/images/defcon-18/dc-18-presentations/Miller/DEFCON-18-Miller-Cyberwar.pdf [defcon.org]
And sometimes (Score:3, Insightful)
One guy produces some REALLY sophisticated stuff. One of my favorites, though admittedly obscure examples, is Kega. It is a Sega Genesis emulator written by one guy, Steve Snake, in his spare time. It has gone through many iterations, but back when it was KGen was an amazingly good emulator. So good, in fact, that Sega called him and asked if he'd mind coming and writing an emulator for them for their Smash Pack. That's right, rather than having their array of people do it, they hired one guy because he was
Re: (Score:2)
...thus invalidating the certificates owned by those two companies and any drivers signed by them ...only in those cases where CRLs are checked. I wouldn't be surprised if quite a few systems would remain vulnerable almost indefinitely due to the fact that not everything checks these.
Eh.. (Score:5, Insightful)
Rest assured, you'll never catch those in charge. I doubt there are names on it. Maybe an agency, but they aren't going to be dumb enough to step into Iran. Iran is simply using these arrests as as political tool to further their own goals.
Re: (Score:3, Interesting)
It was never the claim that these arrested people are the ones who wrote the virus.
The article is quite thin on details, but I assume they arrested people they blame on espionage within the plant; either people with access to the computers (do we know if the infection was via internet or via flash drives?), or those who had detailed knowledge of what specific machinery/PLCs were installed and could pass it on to whomever wrote the custom-tailored virus.
Instead of knee-jerk saying Iran is arresting for polit
Re: (Score:2)
Well, it's not really a knee jerk reaction as much as "it was true the last 10 times they did it, so it's probably a pretty good bet this time, too".
Re: (Score:2)
That's a bad way to look at things. We still have trials for repeat criminals, because despite a long record of convictions, they can still be innocent of the specific crime in question.
Re: (Score:2)
We also have 3 strikes laws for when it becomes a pattern...
And to be a bit on topic, when someone says things like "our goal is to wipe Israel off the map" and "the United States government planned the 9/11 attacks" he deserves to lose credibility in what he says in the future.
Re: (Score:2)
That's actually a bit OFF topic. We're talking about Iran, not its figurehead president. (Figurehead in that the Presidency has no control over the military nor over Parliament nor the Guardian Council)
Yes, Ahmadinejad said the US government planned 9/11, which is repugnant enough but I can see his rational basis for trying to make the claim; he's trying to be a populist like Hugo Chavez. Repugnant, but not stupid.
However, he didn't say "our goal is to wipe Israel off the map." He said (in Farsi) "The Imam
Re: (Score:2)
Re: (Score:2)
Except for the YouTube video of them being stoned. As in people tossing large rocks to hit them in the head, vs. some enjoyable afternoon activity.
In immortal words of our own politicians (Score:2)
never waste a good crisis.
A good way to clean out those who were not toeing the line properly. I am sure a few foes will vanish. I am sure the UN's Human Rights Council or whatever that farce is now called will not bat an eye, well maybe they will find a way to blame Jews for it.
Wonder if they used U.S. criteria? (Score:2)
That "possession is proof of the crime" is an attribute of the legal system here, and it is getting ever cheaper to use it to your benefit: Where once you had to drop some serious cash buying coke to plant on your targets, now you just link them to an autodownloader that drops some child porn on their computer(s). You don't even have to run the risk of linking yourself to the incident by ratting 'em out...some eager-beaver IT type or an automated sent
Scapegoat lottery (Score:2)
I wouldn't like to be the name in the telephone directory that the pin landed on when identifying the 'spies'.
Phillip.
More to come? (Score:2)
More to come?
We Americans haven't had such good luck in Iran. The Shah was a wipe. Look where that left us.
So now, they have in their possession a virus specifically designed to take down infrastructure. Doesn't Iran have computer specialists too? How long before they simply reverse-engineer this virus and use it against us? Against Israel? Their neighbors?
Reminds me of the Viet Cong digging up our landmines only to replant them in our own path. Cheap, effective and has the "value added" aspect--the enemy f
Re: (Score:3, Interesting)
FTA
Admittedly I didn't know much about Stuxnet until after reading more about it and it seems to me just yet another windows virus that hasn't until now been discovered and mistakenly spread via contractors laptops.
There's a lot of hype over this nuclear reactor however the fact of the matter is that it was only one of many infected areas and the rest of it
Re: (Score:2)
I mean think about when was the last time the US government could do dick with computers? The US government was broken into by some retard in the UK using default passwords. How can people seriously believe the US government could come out with something like this.
Considering this was done by taking advantage of a hardcoded and well published default username and password I'd say anyone could be behind it ... including the US government.
Re: (Score:2)
I just want to add something on to my original post but I'll reply to your posting instead..
The US government is having trouble filling it's security expert positions. It's IT czar is a position no one really wanted. It's US army screwed its own root DNS server for 18 hours.
Does that really sound like the kind of government or the kind of country that could pull this kind of thing off?
I'm not trying to make this sound like a US sucks posting just simply highlighting the fact that is the past decade the US g
Re: (Score:2)
My point is that the US government has neither.
Re: (Score:2)
Good defense =/= good offence. To secure the goverment network you need thousands of IT pros, maybe even tens of thousands, while an attack like stuxnet only needs a small team of highly competent people. which of those two seems easier?
Well, you're correct of course ... but all that means is that anyone on the planet could be responsible.
Re: (Score:2)
Most viruses don't go looking around for PLC software. They tend to either be done for fame or for money, and these days it seems to be mostly money. I can't think of another virus comparable to Stuxnet.
Re: (Score:2)
I can't either- because there's none else like it right at the moment.
Re: (Score:2)
spread via contractors laptops.
A PLC can be programmed with a pendant or with a laptop. After someone uses a laptop for the purpose, they will tell you where to put the pendant.
Re:They don't say who they think it is (Score:5, Informative)
Admittedly I didn't know much about Stuxnet until after reading more about it and it seems to me just yet another windows virus that hasn't until now been discovered and mistakenly spread via contractors laptops. . . .
Seems to me that this worm wasn't designed for a specific target and is like any other virus..
From what I've read, it was specifically written to infect Siemens controllers, root them so it could change the control algorithms while displaying the proper algorithms when polled. The controllers are located at each piece of equipment, typically running independently, each with a minimal OS, if any. They are connected in a local network to allow communication and central monitoring and adjustment.. Stuxnet only used Windows vulnerabilities as a vector to get onto the front-end workstations in order to load into the controllers through the local network.
not "just yet another windows virus" (Score:2)
I expect you're trolling, but you got modded up so...
NO.
Just one single 0-day exploit is out of the ordinary. Of course every exploit becomes public this way, so it's not unheard of. Four 0-day exploits is shocking. It has never happened before. They are some pretty ideal exploits too, suggesting that the attacker has enough that he can pick and choose.
There were two driver signing keys, both normally used by legit companies. These keys were stolen (spy or malware), cracked, or obtained by government demand
Re: (Score:2)
Why am I trolling? Oh yes, it's very complicated however it's still spread via basic flaws with windows, hence why it is yet another windows virus. For example, why does a windows machine require security certificates for a music player? Why is this thing connected to the internet if it's so vital?
You also seem to be operating under the assumption that this thing was put together recently. It could have been silently operating for years, hence its complexity and size.
Obscure hardware? Not really since it ha
Re: (Score:2)
It's not just another virus as you surmise. It's designed explicitly to attack SCADA systems that were designed run on embedded Windows based boxes- it uses exploits that're specific to those types of systems to propagate.
It's not a lot of hype. All it takes to screw up a graphite or light water moderated reactor is do the wrong thing at the right time- Chernobyl and Three Mile Island happened because of operator error in overriding things controlled by SCADA like systems. With a SCADA system controlling
Re:They don't say who they think it is (Score:5, Interesting)
Iran is a ratified signatory to the Nuclear Non-Profileration Treaty, so: they certainly don't have the right to develop nuclear weapons or even nuclear facilities except with IAEA oversight. Iran's nuclear activity is pretty clearly in contravention of this (they built a nuclear facility in secret near Qom [wikipedia.org], for example), and there are now several UN sanctions in force against Iran because of this.
Is it 'Western hubris' to demand that a country abide by treaties it ratified? Especially a treaty on a matter as important as nuclear armament...
The reason the West is so hostile to the possibility of a nuclear Iran is that the only peaceful doctrine nuclear weapons allow, MAD [wikipedia.org], assumes rational actors on all sides. In Iran that rationality might well be subservient to theology.
Re: (Score:2)
Exactly. And the NPT provides a mechanism for backing out. Let them declare publicly that they wish to do this, so everyone knows exactly what they are about.
Re: (Score:2)
I guess they're staying in the NPT so that their facility in Bushehr can be legitimately maintained by Russia. What Russia gains from this isn't very clear to me, though.
Re: (Score:2)
I guess they just want to have a horse in the (Middle East) race, even if their horse is batshit crazy.
Re: (Score:2)
"Is it 'Western hubris' to demand that a country abide by treaties it ratified?"
Yes.
All treaties are 100% fairly balanced (Score:2)
Just ask the native americans
Re: (Score:2)
If one party has giant pile of nukes, and the other doesn't, why *should* the treaty be balanced?
Re: (Score:2)
If one party has giant pile of nukes, and the other doesn't, why *should* the treaty be balanced?
Why *shouldn't* the party that doesn't have a giant pile of nukes want to balance it?
Re: (Score:2)
If one party has giant pile of nukes, and the other doesn't, why *should* the treaty be balanced?
Why *shouldn't* the party that doesn't have a giant pile of nukes want to balance it?
Why *should* the party that does have a giant pile of nukes let them?
Re: (Score:2)
In other words everyone is doing what they should do. The powerful party is doing all it can to oppress the weaker party. The weaker party is doing all it can to escape the thumb of oppression.
Nothing to see here?
Re:They don't say who they think it is (Score:4, Insightful)
I know it is a rhetorical question, but it has to be said. Given that the United States signed over 29 nation-to-nation treaties with the people of Lakotah, and gravely violated every last one, as well as every single nation-to-nation treaty made with the other captive nations of North America, it seems rather hypocritical to me this very same nation complains about breaches of treaties by others.
Bullshit: what about Pakistan and Israel? (Score:4, Insightful)
The reason the West is so hostile to the possibility of a nuclear Iran is that the only peaceful doctrine nuclear weapons allow, MAD, assumes rational actors on all sides. In Iran that rationality might well be subservient to theology.
Both Pakistan and Israel are western allies with direct US funding for their military. Both have nuclear weapons. Both are filled with religious nutcases. Both have refused to sign the NPT.
Vilifying Iran is a sideshow to the real issue of nuclear proliferation. If the West wants to be taken seriously for nuclear disarmament, it should bring Israel, Pakistan, and India to the table to make the Middle East nuclear free. Iran is doing what any reasonable state would do after seeing what happened to Iraq versus North Korea and Pakistan: If you want to avoid a US invasion, the first step is to get nuclear weapons as a deterrent.
Re: (Score:2)
That's funny. I can't remember the last time Israel threatened to vaporize everyone in the middle east, europe or the US and Canada. But Iran has, and Pakistan has openly threatened to nuke India on several occasions. Israel seems quite happy to follow the MAD doctrine(considering arab nations have launched 6-8 wars of extermination against it in the last 70 years), and arab nations are happy to let everything burn including themselves.
Your thinking, doesn't hold water in reality.
Re: (Score:3, Informative)
I can't remember the last time Israel threatened to vaporize everyone in the middle east, europe or the US and Canada. But Iran has
Bullshit. Where's your citation?
Pakistan has openly threatened to nuke India on several occasions
Pakistan is a US ally. Why are they trusted with nuclear weapons?
considering arab nations have launched 6-8 wars of extermination against it in the last 70 years.
1967 - Israel launches a surprise attack on Egypt, Syria, and Jordan. They take the Sinai, the Golan Heights, the West Bank, and the Gaza Strip.
1967-70 - Egypt attacks Israeli positions in the Sinai.
1973 - Egypt and Syra launch a surprise attack on Israel in the Golan Heights and the Sinai.
1982 - Israel invades Lebanon in reprisal for an assassination attempt on Israel's ambassador to the UK
2006 - Israel invades
Re:Bullshit: what about Pakistan and Israel? (Score:4, Informative)
Israel is noticeably, quite literally, greener than its neighbours.
That's why they deserve that land, they take better care of it.
Bullshit. Israel is destroying it - this "making the desert bloom" crap is destroying the water aquifers there which is one of reasons Israel is pulling so many provocative actions with Lebanon, they want an opportunity to seize access to the Litani river.
The Palestinians have literally spent centuries developing olive grove orchards which are very sustainable in desert climes. Then "settlers" bulldoze them down and plant Orange groves and other such water intensive plants such as Celery, exhausting the local aquifers, leaving just a fraction of water they've pissed in for the Palestinians.
Re: (Score:2)
Iran as a country, maybe not. But its current leaders, especially Ahmadinejad, are NOT rational nor pragmatic.
Re: (Score:2)
So far they haven't broken the treaty. Have they broken their word? Yes, by building the Qom facility when they told the IAEA they would announce any new developments.
By building a nuclear facility in secret they have broken the treaty. That's what the sanctions are about.
Iran is not stupid and not that crazy; they are rational and pragmatic.
The regime appears to be locked in a power struggle between the 'regular government' (for lack of a better term) and the Revolutionary Guard. Last week's on the media [onthemedia.org] has a good analysis on how Iran has now become a dangerous place even for those who vocally support its policies because of this. Regimes that feel threatened in their existence are generally not known for the rationality of their
Re: (Score:3, Informative)
No, they didn't break the treaty. Iran is only required by the NPT to inform the IAEA 6 months before such a site goes operational. Iran insists that no nuclear enrichment had yet taken place at Qom. Despite being caught red-handed by the US for having the plant, once Iran publicly confirmed its existence they informed the IAEA that they would soon be enriching from there in the future. Like I said, they broke their word, not the treaty.
I wasn't going for moral relativism, I was faulting the people who kee
Re: (Score:2)
No, they didn't break the treaty. Iran is only required by the NPT to inform the IAEA 6 months before such a site goes operational. Iran insists that no nuclear enrichment had yet taken place at Qom. Despite being caught red-handed by the US for having the plant, once Iran publicly confirmed its existence they informed the IAEA that they would soon be enriching from there in the future. Like I said, they broke their word, not the treaty.
Sure, but accepting that reasoning would mean accepting Iran's own definition of whether or not they're breaking the NPT.
I wasn't going for moral relativism, I was faulting the people who keep spouting that "Iran is irrational" because of religion. It isn't, and there are other parties more apocalypticly-minded than Iran is.
True, the danger in Iran isn't millenarianism. It's the fact that the people who are leading the various factions won't have anything to lose once they feel their power (and by extension their very lives) is at stake.
Re: (Score:2)
American's only abide by their treaties when its convenient and profitable for them to do so.
Nice generalization there. What usually happens is that we refuse to become signatories to treaties that have no benefit to us, regardless of (ahem) "world opinion" on the matter. That is our right, and in fact we have honored treaties that cost us a great deal: the first Gulf War for example.
Regardless of whether or not you believe that Iran's signing of the Nuclear Non-Proliferation Treat has any merit or any validity, they are current signatories. Period. End of statement. They also have the option of
Re: (Score:2)
Oh I dunno, I'd put Moody's and S&P ahead in any such list of bodies.
Re: (Score:3, Interesting)
First, the Iranians were stupid enough to get hit with this, since they apparently didn't have appropriate IT policies in place to prevent malware. Secondly, they apparently didn't have the know-how to figure out what Stuxnet actually did. Finally, several months later, when someone pointed out what it did, they use it as an excuse to arrest some guys that they didn't like.
Triple Fail.
Well our own govt keeps getting hit with quite sophisticated attacks originating in China. The difference appears to be that China is mostly just stealing technology at this point, but if they decide to turn hostile they are probably deep enough into our systems to cause serious infrastructure damage.