Antivirus Firms Out of Their League With Stuxnet, Flame
Hugh Pickens writes "Mikko Hypponen, Chief Research Officer of software security company F-Secure, writes that when his company heard about Flame, they went digging through their archive for related samples of malware and were surprised to find that they already had samples of Flame, dating back to 2010 and 2011, that they were unaware they possessed. 'What this means is that all of us had missed detecting this malware for two years, or more. That's a spectacular failure for our company, and for the antivirus industry in general.' Why weren't Flame, Stuxnet, and Duqu detected earlier? The answer isn't encouraging for the future of cyberwar. All three were most likely developed by a Western intelligence agency as part of covert operations that weren't meant to be discovered and the fact that the malware evaded detection proves how well the attackers did their job. In the case of Stuxnet and DuQu, they used digitally signed components to make their malware appear to be trustworthy applications and instead of trying to protect their code with custom packers and obfuscation engines — which might have drawn suspicion to them — they hid in plain sight. In the case of Flame, the attackers used SQLite, SSH, SSL and LUA libraries that made the code look more like a business database system than a piece of malware. 'The truth is, consumer-grade antivirus products can't protect against targeted malware created by well-resourced nation-states with bulging budgets,' writes Hypponen, adding that it's highly likely there are other similar attacks already underway that we haven't detected yet because simply put, attacks like these work. 'Flame was a failure for the antivirus industry. We really should have been able to do better. But we didn't. We were out of our league, in our own game.'"
Or, put another way, "extraordinary claims require extraordinary evidence."
Do you mean to say that *I* need to post citations? If so, There is an extraordinary amount of evidence freely available to you. You don't get immunizations from the Gates Foundation unless you pledge to provide strong IP protection for Big Pharma to the point where even if your people are dying the World Bank will fuck your ass all day and all night with sand for lube if you make the medication yourself or buy it from an unlicensed producer. This is directly incompatible with their stated goal of wiping out certain diseases, since if you don't wipe them out everywhere they'll just hang out and wait for your resistance to go away and come back... or better yet, mutate into something else that you can still get. Ashcroft gave Microsoft a free pass without explanation after they were found to have basically fucked everyone in the world. The Gates foundation has been shown to make for-profit investments in businesses literally killing the same people they're immunizing. When this came out (see "Dark cloud over good works of gates foundation") they announced that they would review their investments on their website. That announcement disappeared after less than 24 hours and was replaced by a statement saying they weren't going to review anything because it was difficult. Yeah, saving the world is hard. Especially if you're not fucking trying.
Microsoft is a wholly owned subsidiary of Fucking You Hard, a No Liability Corporation. The other members are all pretty obvious, too... RIAA, MPAA, Monsanto, DuPont, BP, FMC, PGE, ATT, GM, etc etc. Corporations which have violated both their charter and every possible law and which have the protection of federal, state, and local government. Come on, you know who they are. Don't be a dolt.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"