Flame: The Massive Stuxnet-Level Malware Sweeping the Middle East 224
An anonymous reader writes "Wired is reporting on a massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation. Kaspersky Lab, the company that discovered the malware, has a FAQ with more details."
Re:Kaspersky Again (Score:5, Insightful)
What about keeping the general population informed about what the world is up to? You know, so that the electorate can make electoral decisions based on actual information rather than fear-mongering? Or is this just an outdated concept, and we should let our politicians just tell us what we should worry about?
Re:Is public disclosure and analysis a good idea? (Score:4, Insightful)
Re:Kaspersky Again (Score:5, Insightful)
Why should they care about 'national intelligence' as it pertains to other countries? They have no duty to protect whoever created this. Hell, until they've done the analysis, they don't even know who the hell it is.
If you have code out there that's an attack vector, it's a vulnerability for everyone. If someone repurposed the attack, it's something which can be exploited.
Do you think people should have laid low on the topic of the Sony rootkit on CDs because, clearly they were justified?
I don't buy your argument -- security researchers are looking for vulnerabilities we could all be subject to.
National intelligence be damned ... how the hell are you supposed to know what is being targeted and by whom? Did China write this? The US? Russia? Tuvalu?
That's like saying people should stop worrying if the police are breaking laws because they're doing it for our own good. Then ends don't always justify the means.
Re:Kaspersky Again (Score:5, Insightful)
Re:Seriously?? (Score:5, Insightful)
Yeah, just like all the spying and such that went on between the US and Soviet Union - everytime someone was caught it ended up in a new world war.
Oh wait no it didn't. Just because the tools changed doesn't mean much else has. This sort of thing has gone on as long as nations have existed (if not longer), and will go on. If any of this is new or exciting for you, you need to get out more.
Enemy nations spy on each other. Friendly nations spy on each other. It's what nations do. It's not a "ZOMG this proves (nation I hate) is evil!" material.
Re:Kaspersky Again (Score:4, Insightful)
Should the details of the latest stealth aircraft technology be publicly disclosed so voters can make informed decisions? The latest in radar-absorbing paint, if it exists in a usable form? Nuclear weapon design details (the important details, not the general info that's already public)? Every detail of the President's personal security? Come on. Some things are relevant enough to the political process that voters must be informed. Other things are not, and secrecy is critically important for some of them.
Ok I'll say it. If you don't want something to go public DON'T post it on the internet.
Stealth technology is fucking secret. You don't see the details on the internet do you ?
Secret is secret, putting something on the internet is everything except secret.
Re:A Step in the Right Direction (Score:4, Insightful)
Well, hard to say if it's realy a weapon, but if so I also approve.
Think about it: this may well be a war, an agreessive confilct between twonations, one of which has nuclear weapons, and the other is close. And how many casualties so far? How many cities levelled? This is a good weapon, as weapons go!
Sure, eventually we'll be attacked by the same, and there will be casualties, but it somehow seems less dangerous to civilians than dropping skyscrapers.
Re:A Step in the Right Direction (Score:5, Insightful)
Kaspersky discovered the malware about two weeks ago after the United Nations' International Telecommunications Union asked the Lab to look into reports in April that computers belonging to the Iranian Oil Ministry and the Iranian National Oil Company had been hit with malware that was stealing and deleting information from the systems.
Why do you jump to the conclusion that if it is targeting Iran it must be a good thing? Do you ever question what you see in the media? What if it was written by programmers hired by wall streeters that were trying to gain an upper hand on the oil market, thereby basically stealing money from the Iranians and from you? Still a good thing? This is probably not the case, but that's just it: until we find out all of the details we need to keep our minds open and quizzical, and question who is feeding us what bullshit and why.
Propaganda is getting more and more sophisticated; it is coming at you from all directions. I'm not saying be paranoid, just to realize that most media that gets presented to you has a purpose. Once in a while see if you can divine that purpose.
Try some critical thinking.
Re:Kaspersky Again (Score:5, Insightful)
Liberty is less threatened by foreign evildoers than by domestic injustice. Laws that stack the deck, and laws that are selectively enforced, are what any lovers of freedom should fear.
It's not secret technology that protects us. Freedom's only hope is a people that won't take crap from their government.
I think armed revolution would be a stupid and counterproductive idea. But bloodless or bloody, technical tactical details of the hardware we've bought with our own money could be handy to know.
Of course it's not as simple as I portray it, but progress and freedom depend on transparency, warfare and tyranny depend on secrecy. When so much is secret, even our laws, we must ask ourselves if our priorities are straight.
Re:FAQs /.ed (Score:5, Insightful)
The story also states:
its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals â" marking it as yet another tool in the growing arsenal of cyberweaponry.
What I don't understand is why a massive and technically complex piece of malware necessarily has to be written by a "nation-state"? There are no really smart hackers around that might want to do something like this for the challenge? One might think that a smart hacker might want to point the smoking gun in a different direction?
Explain, please.
Re:A Step in the Right Direction (Score:3, Insightful)
Wait.
Do you seriously believe Iran will eventually attack the USA?
For real? Do you think Khamenei will, someday, wake up, drink his coffee and say "What a nice day! I'll deploy the long-range missile technology I don't have to blow up a location half the planet away from me, just because Rush Limbaugh said I probably would do it."?
Re:A Step in the Right Direction (Score:5, Insightful)
Since Iran support/sponsors terrorists and has enough nuclear material to make an estimated five nuclear weapons (although the material may be slightly too crude to weaponize at the moment),
I'd bet the malware was developed either in Israel or the USA...probably Israel with USA support. This could create problems but I think this is a good move.
I think you should work on your premise there. I don't know which terrorists you speak of. The US and Isreal support terrorists ("freedom fighters") when it is in their interest. Both have large amounts of nuclear weapons. Aren't you applying double standards here? How do you know Iran are the evil guys here (just because they are being portrayed as such in the media)? Iranian leadership is whacky, but it isn't warmongering.
Comment removed (Score:3, Insightful)
Right... (Score:0, Insightful)
- Massive, extremely sophisticated spyware is detected on computers in a few Middle East countries; dubbed "Flame", it is suposed to be similar to the infamous (well, at least for some) Stuxnet malware.
- It is not stated that, the origin of the spyware is a North American government.
- The only company that makes a public announcement about this spyware is Kaspersky Lab, a Russian security company, although the spyware in question is supposed to have been "out there" since 2007.
- Kaspersky Lab (KL) made the public announcement, however they do not provide scanner/remover for Flame; in fact, a Flame search at the KL site returns no hits.
Are we to believe that other AV compenies did not know about it? Why is it that no major AV software reports it? Why is it that no Flame remover is publicly available yet?
Re:FAQs /.ed (Score:3, Insightful)
Not only that, a lone man can only do so much
You massively underestimate the capabilities of determined individuals. One guy on his own reinvented Unix. Napoleon *almost* subjugated all of Asia. Larry Wall invented the world of perl.
Given the chance, I could fix this for Iran by myself, but it'll take a while to train subordinates. Debian wheezy or squeeze?
Re:FAQs /.ed (Score:5, Insightful)
In the case of Stuxnet, your average hacker doesn't have access to nuclear centrifuge controllers to develop and debug on. For code that is as finely tuned as it was, you need a development lab that includes the target systems or at least true simulations thereof.
For something like Flame, with it being as targeted as it is, you'd expect something similar.
Re:FAQs /.ed (Score:5, Insightful)
Assuming you're talking about Linus and Linux, he had a LITTLE bit of help along the way.
Napoleon didn't almost subjugate anything without the resources of one of the world's most powerful nation states.
Larry Wall also had quite a bit of help from others making Perl what it is today.
Nice job picking examples that make the GPs point though.