Stuxnet Worm Claimed To Be Devastating In Iran 390
sciencewatcher writes "At debka.com, a website associated with intelligence communities focusing on the Middle East, the claim is made that Tehran this week secretly appealed to a number of computer security experts in West and East Europe with offers of handsome fees for consultations on ways to exorcise the Stuxnet worm spreading havoc through the computer networks and administrative software of its most important industrial complexes and military command centers."
Re:why don't they (Score:4, Informative)
Or computer systems certified for safety-critical installations, instead of Windows which flat out says not to use it for that in the EULA?
Treat anything from Debka cautiously (Score:5, Informative)
This site has a lot of seemingly tantalizing information, but a lot of it is BS. It reported that one of Saddam's palaces had huge glass covered aquariums where sharks would swim under your feet. Now that all the palaces have been 'visited', there have been no reports of any such thing.
Re:So what's the word, people. (Score:5, Informative)
(and which they most likely had to pirate because there are export restrictions against iran).
For the US -- there's nothing stopping me selling computer software to Iran, unless that software is of military/nuclear/etc use (you can see the full details of what's not allowed here (the PDF) [businesslink.gov.uk]).
Re:Anyone else find that site a litte skeevy? (Score:2, Informative)
Re:So what's the word, people. (Score:5, Informative)
For example this story [ynetnews.com], note that its from 2009 but still make a pretty good description of how stuxnet works. Google or following the links on stuxnet news stories will bring up other possible links to Israel.
Re:Millions? (Score:3, Informative)
I mean really, when Seimens or some other industrial supplier comes in, do they automatically say, "Oh, we need to have this connected to the internet for critical software updates." ? Do they use Microsoft's updating methods?
I can't speak for Siemens' method of updating that type of software but I know that for the MRI console software they make (for the Siemens MRIs) we have a VPN between the console and Siemens directly. No full internet access required.
Re:So what's the word, people. (Score:5, Informative)
Crypto in U.S. law was removed from the munitions classification back in 1996 by then President Clinton.
Shortly thereafter one of the exemptions granted was for open source. If the source code was freely available, you don't need an export license.
Re:So what's the word, people. (Score:5, Informative)
Re:d3ac0n - The Stupidity Is Sickening (Score:3, Informative)
Re:why don't they (Score:5, Informative)
Also (Score:5, Informative)
Most modern reactor designs have a difficult time going critical. They are made such that if coolant goes away, they stop working. Depending on the kind of fuel you use you can set it up so that when the coolant goes away the excess heat causes things to spread out and thus the reaction slows. It gets hot, but not hot enough to melt down. Not fool proof, nothing is of course, but makes it pretty hard for things to go critical even in a worst case scenario.
It also should be noted that often the SCRAM systems go beyond that. The rods will have springs behind them to force them in quicker, and there are usually secondary systems to drive them in as well, should the primaries fail.
Over all, the world did a pretty good job learning from the problems of early reactors and it is pretty hard to cause a meltdown these days, with a modern reactor design at least.
Do remember that the people who build these have a large vested interest in making sure they DON'T go critical, even in adverse situations. Safeties are taken seriously.
Re:Hilarious US Media Lies About Iran (Score:3, Informative)
My Karma speaks for itself, and I fully understand the weight and value of your opinion.
Re:Also (Score:5, Informative)
All power reactors in the world today go critical as part of their normal operation. That's why they can sustain a chain reaction. However, they are all designed in such a way that their criticality is not sufficient to allow the reactor to remain critical without the contribution from so called delayed-neutrons. These are neutrons emitted by the fission products some time after the fission event. It's because the release of these neutrons is much slower than the release of fission neutrons that it is possible to build a stable nuclear reactor. Without them the reactor would either be sub-critical and hence not produce any power without an external neutron source, or it would be prompt-critical, which pretty much means you would not be able to control the rate of the chain reaction rapidly enough to prevent dangerous power fluctuations.
Modern pressurized water reactors typically can't go prompt critical, since the quantity of relatively low enriched uranium is too small.
Re:Spreading havoc? (Score:5, Informative)
This is just pure lie, see proves below... (Score:5, Informative)
All this quotes are pure lies:
search for "must expel Arabs and take" in
http://en.wikiquote.org/wiki/David_Ben-Gurion [wikiquote.org]
search for "We must use terror, assassination, intimidation"
http://www.camera.org/index.asp?x_context=22&x_article=775 [camera.org]
etc...
some arab supported seem to just LOVE using lies as the best weapon.
Re:So what's the word, people. (Score:3, Informative)
Microsoft is an American company. Hence, US export restrictions apply to Microsft Windows - irrespective of where you happen to be.
Microsoft can't export it, and others can't buy it from Microsoft and then export it to Iran without also violating US law. Now those non-US folk mightn't care about that (though once the US supplier finds out they can't keep legally keep supplying), but it does violate the licensing on the software from Microsoft and hence all copies of Microsoft Windows do not have valid licenses which makes them pirated software by definition.
Re:Spreading havoc? (Score:3, Informative)
How would the worm know if an input tied to turbine RPM or if it is some other device?
It wouldn't know that speficially, but it modifies a block that is used to control a process that requires a very fast response. There aren't very many applications that would require that block so most programmers wouldn't bother programming and tuning it and interrupting the normal logic scan unless they really needed it.
To me it seems that Stuxnet is trying to slow the response time of the block it modifies and of the PLC overall. If you were trying to control your oven's heating element by changing the current you allowed it to draw in response to input from a thermocouple, and I could slow down the calculation you were using to determine the current change, I could cause the oven to overrun the temp. If that were a turbine I could cause it to overspeed, or a pressure vessel to overpressure, etc etc. Just that one change would cause 'havoc' to whatever process it was controlling. The process is guaranteed to be time sensitive regardless of what it is.
Do specific inputs on a PLC got specific ports?
No. But a good programmer can often figure out details of the process just by watching the logic run. I can look at the constants used for a PID instruction and know whether it is controlling a heating element based on input from a Type J thermocouple...for instance.
Or do you just have generic A/D and GPIO ports?
Generally an input to a PLC will have an address like I:1.0/0. That would indicate a discrete input card was present in the first slot of the PLC's chassis and that the wires from this particular input landed on the first input point. Most are 16 bit IO so you'd have I:1.0/0 through I:1.0/15, then I:2.0/0 and so on.
A discrete output would be O:1.0/0. You'd regonize analog IO because it would be used in the logic at the bit level. IO for modern PLCs is typically modular and can be arranged in any order.
You wouldn't know what specifically the was at the end of the wires (a button or a 2 position switch or whatever) but you might be able to figure it out.
Re:Spreading havoc? (Score:2, Informative)
The second version (Stuxnet-B or Stuxnet!lnk), uses the zero-day
See the links for more detail - it's quite fascinating (also from a technical perspective).
Re:Perhaps it's just me... (Score:5, Informative)
Go fuck yourself.
Re:So what's the word, people. (Score:3, Informative)
Funny you should bring up Homeland Security. That bill was the most God awful piece of crap that they landed in the Executive Branches lap that has ever come out of Congress.
http://www.dhs.gov/xlibrary/assets/hr_5005_enr.pdf [dhs.gov]
Just look through the table of contents and you can see the Congressional micro-management going on. I remember the change, being in FEMA at the time, and it was terrible to endure. That bill needs to be revisited to remove FEMA from DHS for many reasons (including waste, fraud and abuse) and given a much smaller budget. It needs to become a coordinating agency between federal, state and local law enforcement agencies and the intelligence gathering communities. DHS needs to get out of the disaster business. DHS raiding of FEMA money and more importantly staff resources is a big part of why they are flailing about ineffectually on just about every disaster they try to run.
Another reason the agency is impotent is the micro-management Congress has enforced on this agency through this bill. DHS is a paranoid and schizophrenic agency. It is fragmented into so many compartments it is little wonder why they are ineffective.
Re:This is just pure lie, see proves below... (Score:3, Informative)
A fair number of the GPs quotes seem to come from mepja.org [mepja.org], or at least are among those also quoted there.
I find both the original references, and the refutation links interesting.
The first refutation link is to a wiki (wikiquote), which one can imagine being subject to propaganda struggles on popular pages. The second refutation link describes the quote being refuted as from some entirely different sources than the GP's. One can't help but wonder, when a quote is attributed to different sources. Of course, the GP's quotes are from sources obscure enough that researching them becomes more than an idle moment's diversion from work as well.
The parent's CAMERA.org link is to a page debunking a few particular "sources of misinformation". It is hard to tell, from the sidelines, whether they've cherry-picked particular statements that are provably false, or whether they have chosen a small set of examples fitting a larger pattern. The sources quoted, as well as those used for verification, are obscure beyond the idle endeavor.
But in as much as I have no first hand evidence, and no experience with any of the sources or organizations involved, I have no basis to place trust in either side. CAMERA evidently has its stated goals, as described:
Columbia Journalism Review [cjr.org]
CAMERA's stated policies. [camera.org]
I would have more trust if they were an academic organization, or if they were interested in busting myths about both Israelis AND Arabs/Palestinians, instead of being specifically a defense of one side.
And this, really, exhausts how far I'm willing to research a set of topics I have no personal stake or influence in, on whim alone. Someone wants to compensate me for my time, I'd develop more interest in chasing down these quotes.
But it does show that you can trust quotes only as far as your personal knowledge, and your sphere of trust goes.