Slashdot Mirror
Iran Arrests Alleged Spies Over Stuxnet Worm
kaptink writes "Reports surfacing from Iran claim 'nuclear spies' have been arrested over the infection at the Busheher nuclear station, which opened in August. According to Intelligence Minister Heydar Moslehi, because Stuxnet is so sophisticated, cost so much to write and uses two stolen security certificates, he believes only a national intelligence agency or a huge private company could have devised it, calling them 'enemies' spy services."
They may be right this time, but who will believe them? For those living under a rock, I'm referring to the 3 American hikers who allegedly strayed over the border from Kurdish Iraq, two of which are still being held as spies.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
If it were targeted at Iran's nuclear sites by a hostile foreign government, they'd have been a lot more stealthy about it and waited until the thing was in operation to trigger a catastrophic melt-down. I'm sure that the reason it's most prevalent in Iran is due to lax security practices and not some conspiracy against them.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I haven't heard anyone arguing against it being written by a foreign nation or major company, but I wonder why they arrested spies for it though. I thought the whole point of releasing the worm in the wild was to be able to infect from anywhere, with no need to directly get into the facilities, or even Iraq itself for that matter.
Although they don't say who it is, it's pretty clear they are trying to lay this on Israel and America.
And, to be honest, they probably wouldn't be too far off the mark.
That we think that Iran doesn't have the right to develop their own nuclear power generation plants without international oversight is pure hubris on our part.
Then you're their spy!
The Iranian intelligence services gotta look like they're doing something and catching someone.
RIP America
July 4, 1776 - September 11, 2001
So called security experts - most of them in fact peddlers of software who depend on the fear of malware for their incomes - are not unbiased commentators. Remember how USL claimed that Unix was too complicated for Berkeley grad students to have replicated without copying their proprietary code? And SCO claimed that Linux couldn't possibly be that good without belonging to them? In fact, there's no software "so sophisticated" that it can't be produced by a bunch of sufficiently dedicated geeks.
It's an argument particularly appealing to conspiracy theorists - look at how the authors of "The Holy Blood and The Holy Grail" insisted that no-one would expend the effort to forge the documents they relied on, even after the hoax was admitted. You just can't judge this kind of thing on that basis.
Rest assured, you'll never catch those in charge. I doubt there are names on it. Maybe an agency, but they aren't going to be dumb enough to step into Iran. Iran is simply using these arrests as as political tool to further their own goals.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
You're a moron and a tool.
Try and bust be for Libel or Slander.
See the thing is Iran is so efficient on on catching crooks (whether they are actually guilty of the crime the are charged with or not) while the rest of the world seems to lag way behind.
Why?
Muchas Gracias, Señor Edward Snowden !
"Reports surfacing from Iran claim 'nuclear spies' have been arrested over the infection at the Busheher nuclear station, which opened in August.
The Iranian gov't already claimed that the Busheher nuclear station wasn't affected at all.
It's all lies.
You couldn't be bothered to spelled 'alleged' correctly in a *headline*.
They arrested "The Usual Suspects".
This reminds me of the scene ending with Vizzini calling Wesley a fool and then falling over dead. Perhaps the same will happen with Iran.
Why didn't Iran revoke those certificates as soon as they realized they were missing?
Damn, that little green worm graphic is cute.
I'm always suspicious when there are claims of multiple arrests after something like this, especially when there is no real explanation of how they found them. It's not like they had video footage of the "spies" planting the malware. It's more like "Oh, we look really silly, let's round up the usual suspects and charge them with something, so it looks like we are on the case!"
Yes, its an industrial automation system by
Siemens, AG, but the software runs on Windows.
I wouldn't trust Windows to fly an airliner; would
you trust it to run your nuclear plant or a
hydro station?
Wanna bet that Windows has NSA "back doors?"
They are nuts to run American Windows.
As in, you have the worm, so you created or spread it?
That "possession is proof of the crime" is an attribute of the legal system here, and it is getting ever cheaper to use it to your benefit: Where once you had to drop some serious cash buying coke to plant on your targets, now you just link them to an autodownloader that drops some child porn on their computer(s). You don't even have to run the risk of linking yourself to the incident by ratting 'em out...some eager-beaver IT type or an automated sentry program will usually do it for you.
The possibilities in a state such as Iran which has even more "Thou shalt nots!!!" than we do (at this time) and a legal system that is even more "conservative" than ours is (at this time) are...staggering.
Orwell: "In a Time of Universal Deceit, telling the Truth is a Revolutionary Act"
That woosh noise you herd mint something.
No brain, no pain.
Just ask the native americans
*DrugCheese rants*
Bottom line is that it is extremly difficult to leave no trace whatsoever. Very costly to develop. And Israel is known to sometimes to dirty operation which leave traces but works. Methink you are attributing much too much hability to the various governement in question. True there is no good evidence Israel did it, but your "argument by incredulity" is really stupid. For fuck sake, we are speaking of the country which used british pasport to make its dirty work and was CAUGHT red handed on it.
I wouldn't like to be the name in the telephone directory that the pin landed on when identifying the 'spies'.
Phillip.
Property for sale in Nice, France
I expect you're trolling, but you got modded up so...
NO.
Just one single 0-day exploit is out of the ordinary. Of course every exploit becomes public this way, so it's not unheard of. Four 0-day exploits is shocking. It has never happened before. They are some pretty ideal exploits too, suggesting that the attacker has enough that he can pick and choose.
There were two driver signing keys, both normally used by legit companies. These keys were stolen (spy or malware), cracked, or obtained by government demand. Two of them!! I don't think this has ever happened for even one key before, never mind two.
Obscure hardware used to control a factory is manipulated. That's never been publicly seen before.
As an extra bonus, pretty much all anti-virus software is soundly defeated. This includes behavior-analysis types, not just signature-based types.
Alledged? Did they catch them up on a cliff?
More to come?
We Americans haven't had such good luck in Iran. The Shah was a wipe. Look where that left us.
So now, they have in their possession a virus specifically designed to take down infrastructure. Doesn't Iran have computer specialists too? How long before they simply reverse-engineer this virus and use it against us? Against Israel? Their neighbors?
Reminds me of the Viet Cong digging up our landmines only to replant them in our own path. Cheap, effective and has the "value added" aspect--the enemy foots the bill for their own destruction.
First, the Iranians were stupid enough to get hit with this, since they apparently didn't have appropriate IT policies in place to prevent malware. Secondly, they apparently didn't have the know-how to figure out what Stuxnet actually did. Finally, several months later, when someone pointed out what it did, they use it as an excuse to arrest some guys that they didn't like.
Triple Fail.
We have included Iran as one of the three members of the "axis of evil". It seems to me that paranoia is a reasonable response to the United States.
I don't know if the hikers were spies or innocent students. I don't know if stuxnet was designed to target Iran's nuclear facilities. But I don't blame them for being suspicious.
If the United States were less dictatorial and militaristic in it's policies, I think we would have a lot less trouble with foreign governments.
The reason the West is so hostile to the possibility of a nuclear Iran is that the only peaceful doctrine nuclear weapons allow, MAD, assumes rational actors on all sides. In Iran that rationality might well be subservient to theology.
Both Pakistan and Israel are western allies with direct US funding for their military. Both have nuclear weapons. Both are filled with religious nutcases. Both have refused to sign the NPT.
Vilifying Iran is a sideshow to the real issue of nuclear proliferation. If the West wants to be taken seriously for nuclear disarmament, it should bring Israel, Pakistan, and India to the table to make the Middle East nuclear free. Iran is doing what any reasonable state would do after seeing what happened to Iraq versus North Korea and Pakistan: If you want to avoid a US invasion, the first step is to get nuclear weapons as a deterrent.
"...there's no software "so sophisticated" that it can't be produced by a bunch of sufficiently dedicated geeks." - by ebcdic (39948) on Saturday October 02, @01:38PM (#33771008)
Per my subject-line above, I'll wholeheartedly agree on that account, & with only 1 "minor reservation": That is that you have to get that 'band of geeks' together to do so, & they have to be skilled enough (and usually 1 guy is NOT enough, you need a larger team to do all that parts of a larger/largish app (purely relative term, but in this case? Let's use Operating Systems OR "enterprise class" systems)).
Plus, those self-same "squad of geeks" has to have the TIME (this is a real killer for many folks today) to be able to work on such projects. This is WHY "commercial software" does so well, & so fast (especially for drivers work) - folks get PAID to do the work, & this is massive incentive (after all, usually? No pay = NO LIVE etc./et al).
APK
P.S.=> Again, you spoke the truth here as well:
"So called security experts - most of them in fact peddlers of software who depend on the fear of malware for their incomes - are not unbiased commentators. Remember how USL claimed that Unix was too complicated for Berkeley grad students to have replicated without copying their proprietary code? And SCO claimed that Linux couldn't possibly be that good without belonging to them?" - by ebcdic (39948) on Saturday October 02, @01:38PM (#33771008)
Right again: They're only protecting their own best interests & will usually put down the competition at any cost, right or wrong...
Yes, in keeping with my OS example above?
For example/For instance - MS does this to Linux (or has) but, the "vice-a-versa" is true as well w/ the "Penguinista" putting down MS stuff ALL the time (especially here, lol)...
However, imo & experience/observations @ least, the fact is that nowadays?
MS stuff is good (E.G.-> Server 2008/Windows7), Linux stuff (KUbuntu 10.4.1) is good! Really good... on BOTH sides no less!
However - I still find that Linux stuff is only ALMOST as "solid" as Windows stuff for users!
(For most equipment? Linux is great, especially "generic stuff")
However, sometimes you run into an "exotic" piece that creates an "exception to that rule above" (just as I have, with a Promise SuperTrak Ex8350 128mb Intel IOP SubProcessor Caching RAID controller that doesn't have a native driver on the KUbuntu DVD distro 10.4.1 latest that I like for instance)) nowadays... apk
never waste a good crisis.
A good way to clean out those who were not toeing the line properly. I am sure a few foes will vanish. I am sure the UN's Human Rights Council or whatever that farce is now called will not bat an eye, well maybe they will find a way to blame Jews for it.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
Check who those keys belong to. Not exactly the Intels of this world and yet even being Intel protecting a very valuable key that the content industry relies on, isn't enough to protect it.
See, you fall exactly into the trap the parent talks about. "Ooh, it must be complex, it must be a conspiracy!"
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
One guy produces some REALLY sophisticated stuff. One of my favorites, though admittedly obscure examples, is Kega. It is a Sega Genesis emulator written by one guy, Steve Snake, in his spare time. It has gone through many iterations, but back when it was KGen was an amazingly good emulator. So good, in fact, that Sega called him and asked if he'd mind coming and writing an emulator for them for their Smash Pack. That's right, rather than having their array of people do it, they hired one guy because he was already good at it. He did that (Sega gave him access to hardware documents and such to help) and then went back on making free emulators for everyone.
Just one guy working in his free time and he's done a better job than anyone else, and a job so good Sega figured it was easier/cheaper/better to just hire him.
Now that doesn't mean this worm was written by one guy, or a couple of guys, or anything like that. It is just intended to demonstrate that there are some extremely talented individuals out there. In fact it turns out that most high quality programs are written by relatively few people. Programming isn't like digging a ditch, doubling the number of people won't double the speed. You'll find situations, like many games, where there was one lead developer, and maybe 5 other developers under them that wrote most of it. There may have been others that helped on specific things (often in the form of a library that was licensed), but it isn't like there were just hundreds of people thrown at the problem. They'd just step on each others toes. Instead you have a few, highly skilled, people who work on a project.
Now as that applies to this worm you might notice that in no way do governments have a monopoly on good programmers. The opposite in fact, the best tend to be in the private industry. You also might note there are good programmers that do some shady things. Cracking would be an excellent example. It is pretty tricky work. You have to debug and work on a program all in assembly, without the source, to strip out the protection code. You sometimes have to emulate the functions of hardware dongles, you have to get around code traps put there to stop a debugger (tying in to the same interrupts and so on). Not straight forward, not low skill, yet done ALL the time.
All this demonstrates is that there are indeed people out there who have the skill necessary to make a complex worm. They don't have to be working for a government.
The Intel Key probably wasn't leaked, most folks have concluded it was in fact mathematically derived from a load of player keys that had been ripped from their devices (or software).
Who says they didn't do it themselves? I mean since all we've got is weak, conspiracy theory level evidence, let's go for a double secret reverse conspiracy theory: Iran wrote Stuxnet. Their nuclear program was not going as well as they'd hoped. It was faced with setbacks they didn't want to have to acknowledge. Also, they'd really been hoping for an Israeli air strike. That would give them justification on many levels. However everyone was just bitching about it and doing things via diplomatic channels, nobody was attacking. They had nobody but themselves to blame for their problems, and the Jews were not being evil like they should.
So they write Stuxnet. It'll unleash some havoc in general in western countries which is nice and guarantees news time, but gives them a good excuse as to why their shit isn't done on time. However they don't want it to actually damage anything really important. Also they can't very well go telling people "Ummm secure your shit against this," since it has to be clandestine. So they add a "do not infect" code. They can then stick that code on the systems they need to be actually safe. They make it an obtuse Jewish reference to cast possible suspicion is Israel.
They let it lose, havoc happens it is big news. Iran says "Ahhh, this has broken our nuclear shit! Those evil Zionists!" They get to play the victim, they have a good explanation as to why things aren't on schedule, they get to arrest people they don't like, etc.
There you go. Another flimsy conspiracy theory that also fits the very limited available evidence. Hopefully this demonstrates precisely why rushing to assumptions of conspiracies based on minimal evidence is such a bad idea.
Russia gains money. It might not be significant on a national level, but it likely involves businesses that senior government officials are involved in.
I want more Stuxnet attacks on Iran's nuke programme. No invasions, no occupations, no Americans in the line of fire. Way cheaper than any of that, and probably more effective.
Instead of invading enemies, attacking the infrastructure that produces their threats is a much better way to conduct international conflict. I want more of this, and less of the 20th Century wars.
--
make install -not war
What was started by people who just wanted their constitution back, of course has drawn attempts from all over to co-opt it in some way. Duh....don't you know how things work?
Even on NPR...they had an "interview" with a Texas woman who was a real tea party organizer, and cut in with some dude who was one of those religious wing nuts (only a member of the tea party, so he said) who basically, right there on the air threatened that if the tea party didn't go his way (org of family something or other) they'd pull out. She said, fine -- you are welcome here, it's a big tent, but nope, we're not going to push your particular cause for you, why not go try and convince the NRA to push laws against abortion -- you're in the wrong place.
Though NPR is showing signs of seeing blood in the water and not as much a cheerleader of the current majority in government as before, this was their big attempt to discredit the tea party, and it failed pretty badly I think.
When something like that comes from nowhere and threatens the incumbency machine that is the rebuplocrats -- sure, there's going to be a s**t storm of attempts to discredit it, again, doh.
If either the dems or the repubs were "for the people" would there be the mickey mouse copyright law? Would pot still be illegal? Wouldn't someone at least have gone to jail over the economic issues? I'm too lazy to type the other five hundred examples, do some homework.
You might not like the tea party, and for sure it has collected some whack jobs -- big tents do that.
Wouldn't a bunch of crazy incompetents do a better job than the current batch of well connected thieves?
I rest my case.
Why guess when you can know? Measure!
<darkhumor> So, a Jew, a Coptic Christian, and a gay dude? </darkhumor>
Random Thoughts From A Diseased Mind (Not For Dummies)
The Iranian troops may have unknowingly crossed the border to grab them. Or they may have done it on purpose. We don't have satellite imagery or a GPS record of the event, it is all he said/she said from people who didn't have good tracking hardware on them. Mistakes happen.
To me it sounds like a combination of dumb hikers and dumb troops. The hikers ought to have known better than to be on the border of a hostile nation. Of course hikers are good at doing things they ought not to do (like climb mountains you need oxygen tanks to survive). The troops ought to have just told them to turn around and go back. Instead the grabbed them. Maybe they were ordered to, maybe even ordered to cross the border to do so. Maybe they were just gung ho, as troops often are.
Whatever the case once it happened Iran could very well say "Oops, our bad, shouldn't have done that." Not only do they not need the diplomatic flack, but totalitarian regimes are very big on the "We can do no wrong," thing. So they have to accuse them of being spies because, if it were true, then their actions would be justified (unless the crossed the border but they say they didn't of course."
Either way the parent is right. You REALLY think these people were spies? Ya right. A drone would have been able to get much better imagery, been perfectly legal, and something they could have done nothing about.
the USA raised the "Terror Threat Level" for Europe because ... [suspence and drum roll] ... the China PM is visiting! ... "purify their natural bodily fluids" in accordance with ... Christan [Bishop Elve in Georgia]... precepes.
This means that U.S.A. Caucasian citizens should never talk to an Asian, or else fear that they will be the target of a smeer campaign by the U.S.A. to
Hardy har har.
However we find other troubling tid bits : "only a national intelligence agency" this means the U.S.A. Central Intelligence Agency "or a huge private company" this means Microsoft -- the "or" should have been "and" "could have devised it," meaning the worm that has targeted the Iranian nuclear reactor and sites connected to it.
So this is "Obama's America"?
We need, desperately, an assination squad!
Good night {the final night] my half-black prince, as the sniper and spotter from the U.S.A. Army Department take aim on your pityful head.
Toodles
Do any planks in the Tea Party platform address any of these in a positive way?
I listened to that interview. The woman was from Waco, and the "gentleman" was from Tupelo, MS. I'm not a conservative or a tea party member, but the interview actually made me respect the tea party more and specifically her representative. The guy from Tupelo kept baiting her and she didn't go for it. I do not think that NPR deliberately tried to discredit the tea party or anything like that - in fact, I believe they were hoping for an honest and clean debate but got fooled by the guy from Family Council or whatever it was.
Anyway, I'd just like to point out that I don't think NPR is the "liberal sword-arm" that so many conservatives seem to think it is, and that the interview actually served your interests, believe it or not.
Captcha is "comrade". Just...no.
Yes, they do.
The Tea Party is all about the constitution. None of that stuff is in the document, therefore, as per the constitution, it falls upon the state and local governments to decide what to do, or in the case of the mickey mouse copyright act, no one should have done anything.
You have no idea what the Tea Party movement is all about. If you did, you'd likely be voting for their candidates as they are the only people around who actually represent We The People.
Thanks for listening.
"Wouldn't a bunch of crazy incompetents do a better job than the current batch of well connected thieves?"
The "crazy incompetents" are FUNDED BY the well-connected thieves who have decisively demonstrated their intelligence dwarfs that of their pawns! (Sourcewatch makes for entertaining reading.) The "crazy incompetents" will get affirmation. Their backers will get power, which is different.
It doesn't matter what you, personally, are "not", for you are a soldier for something else. That "something else" has destroyed most campaign finance accountability and dumps millions of dollars into TP candidates. Altruism it ain't! They aren't trying to buy more influence for the public good:
LOVE the background painting!:
http://www.newyorker.com/reporting/2010/08/30/100830fa_fact_mayer
The Koch brothers and the like will get what they want, TP partisans have no choice but to give it to them, and TP adherents will never be interested in changing that relationship because their binary choice is Republican/Teapublican or Democrat. The game was over before it started. Sucks, too bad, so sad.
That's the beauty (and it IS beautiful, a work of political art) of the strategy. The UNWITTING participation of the well-intentioned in a movement that affirms them (and caters to _some_ of their genuine, reasonable concerns!) makes them an effective political weapon. The Christian Dominionists so grossly outnumber the secularists that it makes the secular Libertarians an ornamental joke.
I live in the heart of Tea Party country, and this is dead accurate:
http://www.rollingstone.com/politics/news/17390/210904
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
"We The People."
If that definition is restricted to Scared, Old, and White, you might have a point.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
Don't give me any of that recycled, dumbed down bullshit you hand to everyone else. You're either too unethical to care or too dumb to know that you're full of shit.
Palestinian has always meant people who lived in Palestine. There are Palestinians who are not Muslim or Arab. Here's an article from 1903 about establishing a Jewish state in Palestine, and bringing Zionism to Jerusalem. Here's a link to 1200 newspaper references to "palestinian refugee" before 1966. Here's a link to an article written in 1868 that refers to the land of Palestine.
What "provocative actions in Lebanon"? Monitoring Hezbollah's violations of the UN resolution that prevents it from operating in south Lebanon?
In June 2005, an Israel Defence Force paratroop unit operating near the Shebaa Farms engaged three Lebanese it identified as Hezbollah special force members, killing one. Videotapes recovered by the paratroopers contained footage of the three recording detailed accounts of the area and "fooling around".
http://en.wikipedia.org/wiki/2006_Lebanon_War
Keep in mind, this is fooling around on land that Israel took by force in 1967. There's a reason it's still disputed.
Israel handles its water problems by efficient irrigation and water desalination (which in both it is a world leader) much better than any country in the region, and willingly shares its knowledge and expertise. Trying to blame it for the world's problems is nothing new.
Israel has fucked up it's water supply. Do you know who I learned that from? The Israeli government.
The agricultural sector has suffered most because of the crisis. Due to the shortage, water allocations to the sector had to be reduced drastically causing a reduction in the agricultural productivity.
The current crisis has led to the realization that a master plan for policy, institutional and operational changes is required to stabilize the situation and to improve Israel's water balance with a long-term perspective.
That report was from 2002. Recently the Jerusalem Post had this to say: "We are witnessing an incomprehensible ongoing failure to conserve existing resources."
"people who just wanted their constitution back". As someone who was in the tea party since the beginning, could you please clarify WTF this means?
Tea-party members have this near universal implied reverence for Jeffersonian agrarianism/state rights and always seem to forget that this wasn't exactly a one sided argument. In fact by the time of the Farewell Address Washington seemed to be favoring Hamilton/Federalism and a national bank. We had a series of "founding fathers" that repeatedly favored the expansion of the federal government's powers and all sorts of programs of federal spending under the "Necessary and Proper" clause.
"Internal Improvements", a standing army/navy, the power to go to war without an act of congress, a centralized bank, these issues were all debated by the "founding fathers" and federalism won. How can one then argue that the New Deal/National Health Care is so clearly unconstitutional when the original authors were perpetually uncertain of what was in or out of bounds?
We can argue that the policies may be unsound, but many people will reasonably be offended by the implication that only members of one side of the discussion can be "true patriots".