Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Say Flame and Stuxnet Share Common Authors

Posted by samzenpus on from the who's-to-blame? dept.

Trailrunner7 writes "Researchers digging through the code of the recently discovered Flame worm say they have come across a wealth of evidence that suggests Flame and the now-famous Stuxnet worm share a common origin. Researchers from Kaspersky Lab say that a critical module that the Flame worm used to spread is identical to a module used by Stuxnet.a, an early variant of the Stuxnet worm that began circulating in 2009, more than a year before a later variant of the worm was discovered by antivirus researchers at the Belarussian firm VirusBlokAda. The claims are the most direct, to date, that link the Flame malware, which attacked Iranian oil facilities, with Stuxnet, which is believed to have targeted Iran's uranium-enrichment facility at Natanz. If true, they suggest a widespread and multi-year campaign of offensive cyber attacks against multiple targets within that country."

114 comments

  1. Yeah, no shit by crazyjj · · Score: 5, Insightful

    If true, they suggest a widespread and multi-year campaign of offensive cyber attacks against multiple targets within that country

    What's next, researchers discovering that the recent spate of assassinations of Iranian nuclear scientists are SOMEHOW connected?

    Anyone who hasn't realized (or *claims* not to have realized) by now that there has been an elaborate, multi-year shadow war by the CIA/Mossad trying to sabotage the Iranian nuclear program is either willfully-blind, retarded, or a shill. Christ, Mossad and the CIA barely even bother to *HIDE* it anymore. Everyone in their right mind knew what was really going on the second Stuxnet was dissected. And they certainly realized it the first time mysterious guys on a motorcycle attached a magnetic bomb to the car of a guy who just happened to also be a prominent nuclear scientist in Iran.

    Of course, some willfully-blind, retarded shill out there is going to reply to this and say that those scientists killed themselves and that Stuxnet and Flame were actually created by Iran in an incredibly convoluted attempt to gain world sympathy. Such is true delusion.

    --
    What political party do you join when you don't like Bible-thumpers *or* hippies?
    1. Re:Yeah, no shit by Anonymous Coward · · Score: 0, Flamebait

      Sir, I have read and pondered your post. At this time there is only one commentary which occurs to me: niggers.

    2. Re:Yeah, no shit by Anonymous Coward · · Score: 1

      Yet we ignore/deny the Iranian "not so shadow" war in Eritria, Somalia, Iraq, Afghanistan, Syria, Lebanon and Palistine?

    3. Re:Yeah, no shit by ColdWetDog · · Score: 5, Funny

      Christ, Mossad and the CIA barely even bother to *HIDE* it anymore

      Wait. What?

      OK, the CIA and Mossad I get. Fine. That's what they do.

      But Jesus?

      What's he doing getting into electronic warfare? I thought he was supposed to be a nice guy, turn the other cheek and all that?

      --
      Faster! Faster! Faster would be better!
    4. Re:Yeah, no shit by jandrese · · Score: 3, Interesting

      I don't think there are too many people who are overly skeptical of who made Stuxnet and Flame. The primary arguments seemed to be "Israel or the US, or Israel AND the US?" It seems pretty clear that both of these were a backdoor solution to a problem they felt could not be solved by diplomatic or economic means. Nuclear nonproliferation is something the world as a whole has been very bad at in the past, this could be one of the few success stories.

      --

      I read the internet for the articles.
    5. Re:Yeah, no shit by Anonymous Coward · · Score: 1

      Is there any evidence that this has done anything but slow them down a tad? I haven't actually seen the proof that we've been able to stop them or even have the capability of permanently stopping them short of overthrowing the leadership or wiping out the country.

    6. Re:Yeah, no shit by JoshuaZ · · Score: 1
      Obviously some sort of shadow war is going on here. But your assumptions about the agencies involved seems lacking. Both the US and Israel have relevant agencies other than the CIA and the Mossad. Similarly, it wouldn't surprise me much of Britain was involved in this.

      Of course, some willfully-blind, retarded shill out there is going to reply to this and say that those scientists killed themselves and that Stuxnet and Flame were actually created by Iran in an incredibly convoluted attempt to gain world sympathy

      This is possibly the most ridiculous strawman I've seen yet. Can you point to anyone who has claimed that Stuxnet was made by Iran?

    7. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      But what gives them the right to do this but have their own nuclear weapons?

      Especially given the fact that doing all of this could really give a person a reason to hate you and want to nuke you. Say that in the end, it actually all just is for the energy and to be as independent from other countries as possible on energy needs, the damage that the US and Israel caused here (if they were both behind it) would for both those countries be plenty of reason to declare war on Iran and possibly nuke it.

    8. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      I wish I had mod points. Thanks for the laugh.

    9. Re:Yeah, no shit by crazyjj · · Score: 1

      Go into any thread from the early days of Stuxnet and you'll find people claiming this and many other silly theories (to dismiss the obvious conclusion). Another one of the more prominent theories is that Russia and/or Saudi Arabia made it. Russia--because it was Russian contractors who infected the first PLC's in Iran. And Saudi Arabia because they supposedly have more to lose than Israel if Iran goes nuclear. Anything to absolve the most glaringly obvious culprits, of course. I suspect there was/is more than a little shilling going on in such threads.

      --
      What political party do you join when you don't like Bible-thumpers *or* hippies?
    10. Re:Yeah, no shit by Anonymous Coward · · Score: 1

      Anyone who hasn't realized (or *claims* not to have realized) by now that there has been an elaborate, multi-year shadow war by the CIA/Mossad trying to sabotage the Iranian nuclear program is either willfully-blind, retarded, or a shill. Christ, Mossad and the CIA barely even bother to *HIDE* it anymore.

      Actually, they hid their activities EXTREMELY well.

      But the Obama administration made it public, probably as an election ploy.

    11. Re:Yeah, no shit by Anonymous Coward · · Score: 4, Funny

      OP was referring to the young brother Jeezus Christ, not the better known Jesus H. Christ.

      Jesus vs. Jeezus.

    12. Re:Yeah, no shit by crazyjj · · Score: 0

      Actually, they hid their activities EXTREMELY well.

      No they didn't. Everyone with half a functioning brain knew that Mossad and the U.S. have been behind these activities from the beginning.

      --
      What political party do you join when you don't like Bible-thumpers *or* hippies?
    13. Re:Yeah, no shit by Baloroth · · Score: 2

      Trolls will do what trolls do, which is claim crazy theories to get attention and "argue" with people. It's better to ignore them (although the theory about Russia making it is certainly *possible*, just not likely).

      Most people have realized from day 1 that the US and/or Israel was responsible, but their governments would never officially admit to it.

      --
      "None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
    14. Re:Yeah, no shit by JuiceWagon · · Score: 2

      You insensitive clod!!! - I'm a willfully-blind, retarded shill

    15. Re:Yeah, no shit by CanHasDIY · · Score: 0

      Those people have obviously never heard Occam's Razor.

      --
      An enigma, wrapped in a riddle, shrouded in bacon and cheese
    16. Re:Yeah, no shit by CanHasDIY · · Score: 0

      Actually, they hid their activities EXTREMELY well.

      No they didn't. Everyone with half a functioning brain knew that Mossad and the U.S. have been behind these activities from the beginning.

      You have obviously never dealt with people who still believe there's a difference between D and R, especially during an election year.

      If R supporters think they can blame the D, no matter how insanely ridiculous the rationale, they will. Same goes for the inverse.


      "Half a functioning brain" is giving them far too much credit.

      --
      An enigma, wrapped in a riddle, shrouded in bacon and cheese
    17. Re:Yeah, no shit by jandrese · · Score: 3, Informative

      Slowing them down is more than the UN, NATO, economic sanctions, political posturing, or anything else has done. Slow down the program enough and maybe there will be time for political reform to bubble up from the bottom. The last elections in Iran drew a lot of anger from the populace, we can only hope that the latent anger eventually boils over and goes full Egypt given enough time. Direct military intervention (regime change) is just not practical, so you do what you can. Anything we can do to hold back the day when Jerusalem is a radioactive crater is a win in my book. Sure it's possible, and maybe even likely, that Mahmoud Ahmadinejad was just blowing smoke with his promises to wipe Israel off of the map, but it's a big gamble when you're talking about the lives of 7.5 million people are on the line.

      --

      I read the internet for the articles.
    18. Re:Yeah, no shit by MrNJ · · Score: 1

      Perhaps those with "half a functioning brain" do in fact treat their assumptions as facts. Especially when the assumptions agree with their prejudices.

      The rest of us, i.e. those with a fully functioning brain, allow for multiple possible scenarios - at least until there's some proof to narrow them down.

      --
      I don't respond to or upvote ACs
    19. Re:Yeah, no shit by cayenne8 · · Score: 1

      Didn't the US do this to the Soviets during the cold war too? Something embedded into the hardware sold to the Russians that messed up a factory or plant for nuclear power/weapons?

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    20. Re:Yeah, no shit by msauve · · Score: 1

      "Those people have obviously never heard Occam's Razor."

      Heard it? I didn't even know it was an electric razor!

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    21. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      The rest of us, i.e. those with a fully functioning brain, allow for multiple possible scenarios - at least until there's some proof to narrow them down.

      Nonsense, those women were obviously witches, which is why we burned them.

    22. Re:Yeah, no shit by cayenne8 · · Score: 1

      No they didn't. Everyone with half a functioning brain knew that Mossad and the U.S. have been behind these activities from the beginning.

      Well, at least till security breaches in the US, there was at least plausible deny-ability...

      Fscking govt. types in power today..have let enough information loose out there, pretty much destroy that.

      What happened to the "loose lips sink ships" mentality to covert ops?

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    23. Re:Yeah, no shit by sl4shd0rk · · Score: 0

      Those scientists killed themselves and Stuxnet and Flame were actually created by Iran in an incredibly convoluted attempt to gain world sympathy.

      --
      Join the Slashcott! Feb 10 thru Feb 17!
    24. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      No need to make false claims. We killed those nuke whores who were providing for cash the knowledge necessary to attack the west in the name of Allah. We should be proud. This is war. Did you hear of courageous soldiers in WWII pulling off some risky mission, then being apologetic about it? No. There is an actual issue here. Is man endowed with rights from the Creator? Meant to be free? To develop fully and master the world? Or is man a worm subject to the psychotic fantasies of Sharia law and under the shadow of Satan-Allah?

    25. Re:Yeah, no shit by ShanghaiBill · · Score: 3, Informative

      Didn't the US do this to the Soviets during the cold war too? Something embedded into the hardware sold to the Russians that messed up a factory or plant for nuclear power/weapons?

      Supposedly the CIA put a bug in some gas pipeline SCADA software that caused a major explosion in Siberia. There is some doubt about whether this really happened. More info here: Siberian Pipeline Sabotage.

    26. Re:Yeah, no shit by LordLimecat · · Score: 3, Insightful

      Ignorance abounds. If turn the other cheek was an expression of defiance, what about the immediately following verse of giving your cloak too?

    27. Re:Yeah, no shit by houghi · · Score: 2

      But Jesus? What's he doing getting into electronic warfare?

      I am not sure, but when I see how many politicians thank Him, I would guess a lot.

      --
      Don't fight for your country, if your country does not fight for you.
    28. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      What happened to the "loose lips sink ships" mentality to covert ops?

      That ship has sailed.

    29. Re:Yeah, no shit by Anonymous Coward · · Score: 1

      >Mossad and the U.S. have been behind these activities from the beginning.

      *citation needed

      you super-believing its true doesnt make it any less of an unfounded statement than anything else.

    30. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      Did they float?

    31. Re:Yeah, no shit by Raenex · · Score: 1

      Go into any thread from the early days of Stuxnet and you'll find people claiming this and many other silly theories (to dismiss the obvious conclusion).

      OK, here's an early story: http://it.slashdot.org/story/10/09/26/1736224/stuxnet-infects-30000-industrial-computers-in-iran

      I looked at 40 comments rated 3 or higher, and not one mentioned that this was a false flag attack used to gain sympathy. About as close as it came was one person mentioning the possibility of dissidents within Iran.

      Another one of the more prominent theories is that Russia and/or Saudi Arabia made it. Russia--because it was Russian contractors who infected the first PLC's in Iran. And Saudi Arabia because they supposedly have more to lose than Israel if Iran goes nuclear.

      Now you're backpedalling. Those are at least plausible theories, unlike your ridiculous strawman: "Of course, some willfully-blind, retarded shill out there is going to reply to this and say that those scientists killed themselves and that Stuxnet and Flame were actually created by Iran in an incredibly convoluted attempt to gain world sympathy. Such is true delusion."

    32. Re:Yeah, no shit by Maudib · · Score: 0

      The assassinations appear to be the Mossad + MEK.

      http://rockcenter.msnbc.msn.com/_news/2012/02/09/10354553-israel-teams-with-terror-group-to-kill-irans-nuclear-scientists-us-officials-tell-nbc-news?lite

      I would be surprised if the CIA was involved with the MEK directly. My guess the U.S. provides intel and support with drones and looks the other way while Israel does the dirty work with Stuxnet/Flame/Assassinations.

      Israel even seems to want credit for Stuxnet:
      http://www.theatlanticwire.com/global/2012/06/israeli-spies-want-credit-stuxnet/53354/

      Its a really nice surprise to see a competent covert operation against a target that deserves it. I honestly didn't think our government or Israel's had it in them anymore.

    33. Re:Yeah, no shit by crazyjj · · Score: 1

      They are. Deal with it. Accept it.

      --
      What political party do you join when you don't like Bible-thumpers *or* hippies?
    34. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      Wasnt the CIA, it was more likely the NSA....they are the US's civilian agency in-charge of cryptography and electronic surveillance ......

    35. Re:Yeah, no shit by Anonymous Coward · · Score: 1

      it wouldn't surprise me much of Britain was involved in this.

      The thing which bothers me most is that people seem so happy to put a Western bow on this and call it quits. The fact is, most every nation around Iran has secretly gone to the US, France, and Britain to bomb the shit out of Iran to prevent them from becoming a regional nuclear power. We know this because of the leaks provided by Wikileaks. The fact is, its far, far more rational to believe this is a large multinational ploy by some dozen countries or so, whereby the US and Isreal just happen to be some of the most prominent players.

      Exactly which agencies are involved will likely never be known, but chances are, the number of countries involved far exceeds just the US and Isreal; be it directly or indirectly.

    36. Re:Yeah, no shit by Anonymous Coward · · Score: 1

      Well, he was a Jewish carpenter. You could look at the death and resurrection story as a simple spy extraction.

    37. Re:Yeah, no shit by ravenshrike · · Score: 1

      WAS certainly possible, given Obama's election year "leaks" it's pretty much definitely the US and Israel.

    38. Re:Yeah, no shit by JoshuaZ · · Score: 1

      Doubtful. Flame was in a lot of the neighboring countries not just Iran, which helps rule out most Middle-Eastern countries as being involved. Moreover, intelligence agencies don't like to spread things around that much because it makes leaks much more likely. The US and Israel would almost certainly not be willing to do that much with the various Islamic countries agencies simply because they won't trust them much. The technical capability involved in both Stuxnet and Flame are immense and it isn't clear that these other countries could offer the US and Israel much in the way of real assistance (the most likely such countries Egypt and Saudi Arabia just don't have that much in the way of high tech hackers). Of course those countries have likely provided the US intelligence which helped in the design of Stuxnet, but actual construction and delivery of the payload it is unlikely that any of them had much to do with it.

    39. Re:Yeah, no shit by shiftless · · Score: 1

      Slowing them down is more than the UN, NATO, economic sanctions, political posturing, or anything else has done.

      At what cost?

    40. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      It blew up a significant number of their centrifuges, so yes, it slowed them down. And often when one blew up it took other nearby ones with it, so all in all, this technique goes in the win column.

    41. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      Occams Razor on this one: I believe it more likely that obsolete Soviet industrial design, poor maintenance, and feckless human oversight were the cause of this situation.

    42. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      > large multinational ploy by

      The large multinational ploy was when everyone stood around saying, "Tut, tut, how deplorably HORRID" when it happened and trying not to look too pleased.

    43. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      >But the Obama administration made it public

      Wrong: after the press printed the story based on leaks (which are now being pursued quite vigorously, go read up on how pissed off the congressional intelligence committees are about this program being leak), the US was forced to comment and, knowing that the standard "neither confirm nor deny" wouldn't cut it, admitted what everybody thought was true. That is not the same as "making it public".

    44. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      To be fair everyone knows it was the US government.
      But there is basically no hard proof.

    45. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      No they didn't. Everyone with half a functioning brain knew that Mossad and the U.S. have been behind these activities from the beginning.

      It was suspected by many, but there was no actual proof.

    46. Re:Yeah, no shit by cycleflight · · Score: 0

      Nah, it's clearly documented that that was done by Islamic terrorists.

      --
      "...And who wants to make buttprints in the sands of time?" ~Bob Moawad
    47. Re:Yeah, no shit by Monchanger · · Score: 2

      Doesn't evidence of a common developer on two different projects rule out the US government as a suspect?

      Among the many reasons government software takes so long to build, the most painful to me as a programmer was that they still hadn't been required to consider code reuse.

    48. Re:Yeah, no shit by Will.Woodhull · · Score: 1

      Well, stuxnet and Flame becoming public are really the first evidence that someone is putting teeth into the Nuclear Non-Proliferation Treaty (which is now something like 40 years old, with over 150 countries signing on to it).

      If one or two more incidents like these happen over the next year or so, I think pragmatists in Iran's government and any other nation that is considering developing their own nuclear weapons program will make sure their governments do not waste any resources on an impossible objective. It would be one thing to spend a chunk of your GNP on gaining bragging rights as a nuclear power; it is something else again to throw that wealth into a black hole from which nothing of use will come forth.

      If you want to look for the governments that put together the stuxnet-Flame cooperative, start by looking at the strongest proponents of the NNPT. The USA, Russia, the UK, France, etc.

      --
      Will
    49. Re:Yeah, no shit by Anonymous Coward · · Score: 0

      Well he is a Jew, from Judea, so maybe he was recruited into Mossad?

    50. Re:Yeah, no shit by Will.Woodhull · · Score: 1

      At what cost?

      Since we are talking about acts of war, both in Iran's stated objectives wrt USA and other nations, and the USA led response of imposing war time embargos on trade with Iran, the cost needs to be measured in the context of war.

      Number of dead from these attacks (including attackers, defenders, and collateral deaths): minimal.

      Amount of war material drawn from stockpiles or inventory needed to support this attack: minimal.

      Cost of disruption of civilian economic activities of these attacks: For the attackers, minimal. For Iran, significant wrt computer techs and other assets needed to cleanse and defend infrastructure systems, but this is not the kind of expense that the typical Iranian civilian would see in an increase in cost of living, etc.

      So, the short answer is that the cost of this program, if it is properly managed to keep it on target, is minimal to everything, except Iran's program to become a nuclear bully nation.

      --
      Will
    51. Re:Yeah, no shit by Will.Woodhull · · Score: 1

      Bullshit.

      Israel is not a signatory to the Nuclear Non Proliferation Treaty. And these cyberwarfare attacks have all the earmarks of the NNPT nations putting some teeth into that treaty.

      Think of the old Big Four who dominated world politics for 25 years after World War II: USA, Russia, Britain, and France. Together they have the capability of mounting this kind of cyberwarfare, it is in all their interests to do so, and they have the experience in clandestine operations to pull this off.

      Israel could not do this on its own, and would never be invited to join the party.

      --
      Will
    52. Re:Yeah, no shit by shiftless · · Score: 1

      The rest of us, i.e. those with a fully functioning brain, allow for multiple possible scenarios - at least until there's some proof to narrow them down.

      And those of us with a fully functioning brain, an IQ above room temperature, AND knowledge of all the entities involved, KNOW this is Israel working in concert with the CIA.

      What "proof" are you expecting to suddenly pop up out of nowhere that this CLANDESTINE operation is occurring and we are responsible?

      Why in the world would China or Russia attack the Middle East and Iran specifically? Those are the only two other entities in the world capable of pulling off such an attack.

      Use your brain.

    53. Re:Yeah, no shit by shiftless · · Score: 1

      G.W., is that you?

    54. Re:Yeah, no shit by shiftless · · Score: 1

      Can you explain to me again why these Iranian scientists "deserved" to be blown up in a fiery explosions in the middle of traffic, surrounded by thousands of other innocent souls who witnessed the murder? Last I checked, Iran has never attacked or invaded anyone. The U.S., on the other hand....

    55. Re:Yeah, no shit by bill_mcgonigle · · Score: 1

      the first time mysterious guys on a motorcycle attached a magnetic bomb to the car of a guy who just happened to also be a prominent nuclear scientist in Iran.

      And just happened to be a major internal opposition leader, and a university professor who was not involved in the country's nuclear program.

      From folks inside Iran - yes, there are outside agencies doing targeted assassinations, and yes, the Iranian government is using it as cover to take care of some of their own 'problems' as well.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  2. Mexico's Banking Sector by Anonymous Coward · · Score: 2, Funny

    Based on an anagram of "Flame and Stuxnet", I expect the next target to be Mexico's banking sector: Tamale Funds Next.

    1. Re:Mexico's Banking Sector by sycodon · · Score: 2

      Dumping my shares of The Tamale Funds now.

      Too bad because they were pretty hot!

      --
      When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
    2. Re:Mexico's Banking Sector by Anonymous Coward · · Score: 0

      "Named Flatus Next"?

    3. Re:Mexico's Banking Sector by Culture20 · · Score: 1

      There's another interpretation, and based in that, I'm eagerly awaiting a new NeXT. I may even learn Spanish if I have to.

  3. The two big differences... by jd · · Score: 2

    ...between germ warfare and malware warfare is that the anthrax bombs tested out in Scotland never affected areas outside the impact crater and it costs a lot to genetically modify a bacterium.

    In contrast, most of the world's true psychopaths have access to coders capable of modifying Stuxnet or Flame to do things never intended by the original author, and both have been found globally.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    1. Re:The two big differences... by Anonymous Coward · · Score: 0

      This is just plain stupid. Even assuming you have the sample to work with, the disassembly effort would take upwards of a year very easily (probably much longer [do you have any idea how long it takes to make sense of 20Mb of binary code with no source code?]). Why on earth would a 'gobermint' capable of doing this waste time disassembling the code, so see if there are portions they can salvage for their own nefarious purposes, when they could use that time to actually write one of their own - one where they know what each individual piece actually does?
      Rest assured, the only source of future non-trivial Stuxnet/Flame variants is the authors themselves (until the source code becomes available at least - and something tells me that's unlikely).

    2. Re:The two big differences... by jd · · Score: 1

      I'll list your inanites. I won't bother replying to them, since you're too braindead to comprehend.

      1. Since when are the competent hackers in government?
      2. Since when are paranoid populaces immune to wanting to do something destructive?
      3. Since when have to-source disassemblers (been around for 20+ years) magically vanished?
      4. Since when have competent assembly coders needed disassemblers anyway? (20 megs is very small - a couple week's work with no distractions)
      5. Since when have Black Hats ever given a damn about whether they're producing non-trivial variants of something, if a trivial variant does whatever job they want to do?
      6. Why the hell are there so many stupid people in the world?! For chrissakes, it's replies like yours that make me wish the legal minimum IQ for procreation was 150.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    3. Re:The two big differences... by Taco+Cowboy · · Score: 1

      Can't argue with most of what you've written, but ...

      1. Since when are the competent hackers in government?

      There are, and a lot of 'em who are working for gov are very competent

      Can't tell you how I know, tho
       

      --
      Muchas Gracias, Señor Edward Snowden !
  4. Could it be an entity with a TLA? by G3ckoG33k · · Score: 1

    Could it be an entity with a TLA?

  5. Waste of Time by Anonymous Coward · · Score: 0, Insightful

    They shouldn't be wasting time on deciphering the virus.

    Just wait a few more months and the Obama Administration will leak the details

  6. Obviously by StripedCow · · Score: 2

    They all copied the code from Oracle. They'd better be prepared for a huge fine or a sales ban.

    --
    If Pandora's box is destined to be opened, *I* want to be the one to open it.
    1. Re:Obviously by ColdWetDog · · Score: 4, Funny

      They all copied the code from Oracle. They'd better be prepared for a huge fine or a sales ban.

      No they didn't. Stuxnet and Flame actually work.

      QED.

      --
      Faster! Faster! Faster would be better!
    2. Re:Obviously by Anonymous Coward · · Score: 0

      No, they copied it all from SCO.

  7. Common authorship, or open source code? by Anonymous Coward · · Score: 0

    Crowdleaks is claiming to have decompiled the Stuxnet source code - albeit quite awhile after Flame is said to have been found in the wild.

  8. US Government connection by cdrguru · · Score: 2

    It seems that a lot of people are trying to pin Stuxnet firmly on the US Government, current administration. So far it seems to be mostly "unnamed knowledgable sources" which could be BS - but things could get more credible.

    At some point our friends in Iran are likely to decide that Stuxnet cost them millions of dollars and years of work and the US is responsible. If, or when, they come to this conclusion I would expect something quite overt from Iran to show up. Possibly as a retalitory cyber attack, possibly something as crude as blowing up a few buildings full of people. Something that is assured to cost the US more than a few million dollars. Obviously there is very little that can be done to stop such an attack - especially if it came in the form of something like Weather Bug with people clamoring to figure out how to install it in spite of what ever controls, warning and blocks put in their way. Ever seen someone in a business with all locked-down users (no Admin rights) call the help desk to ask if they could have someone install Weather Bug for them? Yeah, like that.

    My guess is that the US isn't backpedaling fast enough to convince the world that it isn't responsible for Stuxnet... so I'd expect retaliation before the end of the year. What would be the point of doing it to a lame-duck president? So probably before November. Of course Iran might decide that Obama is preferrable to Romney and wait until after the election assuming (rightly so) that a successful attack would bring down the government.

    1. Re:US Government connection by ColdWetDog · · Score: 1

      It seems that a lot of people are trying to pin Stuxnet firmly on the US Government, current administration. So far it seems to be mostly "unnamed knowledgable sources" which could be BS - but things could get more credible.

      Somebody lock you in the closet again? It's been out for weeks.**

      Possibly as a retalitory cyber attack, possibly something as crude as blowing up a few buildings full of people. Something that is assured to cost the US more than a few million dollars. Obviously there is very little that can be done to stop such an attack - especially if it came in the form of something like Weather Bug with people clamoring to figure out how to install it in spite of what ever controls, warning and blocks put in their way. Ever seen someone in a business with all locked-down users (no Admin rights) call the help desk to ask if they could have someone install Weather Bug for them? Yeah, like that.

      You do realize that there are many, many folks - in the US, in Israel, in Saudi Arabia and all over the world who are simply drooling with pleasure over the mere thought of an Iranian first strike. That opens the floodgates for all sorts of nastyness and it will be all the fault of the Iranians. In fact, if one were so disposed, one could argue that all of the posturing and bluffing we're doing is largely to get Iran to frizzle bad enough to lash out.

      ** random citation - do a quick search and find this and more including some really entertaining counter-counter-conspiracy tales

      --
      Faster! Faster! Faster would be better!
    2. Re:US Government connection by Mabhatter · · Score: 1

      This is the problem with government too big for its britches. You can't entirely blame Obama. Bush and Cheney made a focused effort to rig the security structure for twenty years... Huge numbers only have their jobs because Bush pulled strings and they only got them by being "true believers". The President gets the options the armed forces give him... The "whole truth" is only what you can prove.

      So much of what the US security structure is paranoid about exists only in their own minds. They have SO MANY black ops in the shadows trying to find secret ways around international treaties and running shadowops they don't REALLY have any clue what the "real world" is any more. They are so focused on boogiemen of their OWN inventions they can't just play by the rules anymore.

    3. Re:US Government connection by Nidi62 · · Score: 1

      This is the problem with government too big for its britches. You can't entirely blame Obama. Bush and Cheney made a focused effort to rig the security structure for twenty years...

      Uhh, if you're going back 20 years, then you're forgetting a name in there. I'll give you a hint: it starts with C and chases about as many women as Hugh Heffner

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
  9. The really scary thing by Lulu+of+the+Lotus-Ea · · Score: 1

    I'm not actually much concerned about Iran's nuclear program. Deterrence and MAD actually worked pretty well during the Cold War, and if Iran had nukes (which there isn't any evidence they are actually developing, but there's just enough of a hint of that to have some possible deterrent effect) the chance of Israel launching a war of aggression would be less.

    But it scares the shit out of me to think that Iran is running WINDOWS on sensitive installations, for Uranium processing (even for reactors it is not exactly *safe* material) or other important security/safety functions. If this stupidity exists elsewhere in the world, we live in a VERY SCARY world (like most of the people in the world, probably, I don't live that many miles from a nuclear plant).

    --
    Buy Text Processing in Python
    1. Re:The really scary thing by i.r.id10t · · Score: 1, Insightful

      MAD only works when all parties involved are relatively sane, and when there is proper security to keep the goodies out of the hands of folks who aren't sane...

      IOW, I don't think that MAD is a good deterrent for an extremist religious fundie...

      --
      Don't blame me, I voted for Kodos
    2. Re:The really scary thing by cpu6502 · · Score: 3, Insightful

      To describe 10 million Iranians as "insane" smacks of anti-persian racism. It's the same kind of nonsense people said about blacks during WW2 ("They are not sane or intelligent enough to handle big equipment like tanks or planes.").

      --
      My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
    3. Re:The really scary thing by ColdWetDog · · Score: 1

      we live in a VERY SCARY world

      You're just coming to this conclusion now?

      Did your doctor stop one of your meds or something?

      --
      Faster! Faster! Faster would be better!
    4. Re:The really scary thing by Anonymous Coward · · Score: 1

      I thought he was referring to the leadership, not every single citizen of the country. But hey, your prejudice can blind you just as much as anyone else.

    5. Re:The really scary thing by Anonymous Coward · · Score: 0

      To describe 10 million Iranians as "insane" smacks of anti-persian racism.

      And when you make baseless accusations against i.r.id10t? What would that be? Probably makes you appear Forest Gump stupid or something like that.

      Tell me, would you have accused i.r.id10t of some sort of anti-Russian racism if we were talking about Russia losing nukes?

    6. Re:The really scary thing by nedlohs · · Score: 1

      You think it takes 10 million agreeing to do something for it to happen? Why 10 million? How do you think they'll pick them?

      I guess in your strange fantasy world where it takes the agreement of 10 million people for anything to be done, then sure nothing is likely to happen. In the real world though there's a handful of religious leaders at the top and a handful of military leaders under them who can do things without getting 10 million people to agree.

    7. Re:The really scary thing by JDG1980 · · Score: 1

      MAD only works when all parties involved are relatively sane, and when there is proper security to keep the goodies out of the hands of folks who aren't sane...

      It worked against Stalin and Mao. I think it's a fairly high burden of proof to claim that a national leader is crazier and/or more evil than those two.

    8. Re:The really scary thing by bobbied · · Score: 2

      But it scares the shit out of me to think that Iran is running WINDOWS on sensitive installations, for Uranium processing (even for reactors it is not exactly *safe* material) or other important security/safety functions. If this stupidity exists elsewhere in the world, we live in a VERY SCARY world (like most of the people in the world, probably, I don't live that many miles from a nuclear plant).

      Iran is free to use Windows for what ever they choose and it's fine by me. Just don't run Windows to control the nuke plant in my backyard.

      The really scary thing is that folks actually believe that MAD (a Cold War stance) is a good strategy for dealing with Iran... The US generally already has the ability to turn the bulk of Iran in to glass and it doesn't seem to be bothering them. Now you are suggesting that we simply allow them to develop the ability to do the same to the US? Doesn't seem like a good idea to me, given their rhetoric (not to mention their actual activity) in the region and the US's obvious disinterest in engaging IRAN beyond just disrupting their nuclear progress.

      But who are we kidding... Iran is destine to be as relevant as North Korea if the sanctions now in place are continued for a few years. (A big IF). Yea, it would be a huge mess if a war started, but could the outcome be in question? The longer we can keep sanctions working, the less of a mess it becomes, so while I'm not a MAD proponent, I am a "wait and see" advocate, assuming Iran doesn't do something stupid, like shooting at some aircraft carrier going though the straights or trying to shutdown oil shipping.

      I think the Iranians know that a full out war with the US would not end well for them, so they have so far only threatened to escalate the conflict. The wild card here is Israel. If Israel decides that the risk of a nuclear blast over Tel Aviv is getting to great for them, you can bet that Iran will soon loose the ability by direct strikes if necessary. The risk being that the whole middle east would come apart at the seams and the US would get drawn into a wider conflict. This is my greatest worry, not that they choose to run Windows based computers

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    9. Re:The really scary thing by Anonymous Coward · · Score: 0

      To describe 10 million Iranians as "insane" smacks of anti-persian racism.

      I don't think that the parent was saying that, however in this case, the shoe does fit.

      You may not be aware, but they hate us (non-muslims, Westerners). I don't necessarily blame them - I've seen photos of the Middle East. It looks like it sucks balls over there. If I lived there, I'd be pissed off all of the time too.

    10. Re:The really scary thing by cpu6502 · · Score: 1

      Except the leaders (both the president and the higher-level Ayatollah) have both started they have no interest in attacking Israel..... probably because they know it would be suicide (mutually assured destruction). We also have religious people running Pakistan and India, but I don't see them nuking one another. The MAD Stalemate works.

      --
      My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
    11. Re:The really scary thing by cpu6502 · · Score: 1

      >>>I don't think that MAD is a good deterrent for an extremist religious fundie...

      We have "extremist religious fundies" running Pakistan and India, but I don't see them nuking one another. You claim the MAD Stalemate does not work in that case, but clearly it's working just fine.

      --
      My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
    12. Re:The really scary thing by cold+fjord · · Score: 1

      To describe 10 million Iranians as "insane" smacks of anti-persian racism.

      Could you list a few of the suicide bombings that black Americans carried out in WW2, including against the United States? Any like the Beirut bombing? - The 1983 Marine Barracks Bombing: Connecting the Dots

      Iran’s End Times Documentary

      It's the same kind of nonsense people said about blacks during WW2 ("They are not sane or intelligent enough to handle big equipment like tanks or planes.").

      92nd Infantry Division, 784th Tank Battalion, 761st Tank Battalion , , 858th Engineer Aviation Battalion

      Tuskegee Airmen

      --
      much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
    13. Re:The really scary thing by shiftless · · Score: 1

      I thought he was referring to the leadership, not every single citizen of the country.

      Does that make his ignorance less profoundly stupid? Does it make him less of a government tool?

    14. Re:The really scary thing by shiftless · · Score: 1

      In the real world though there's a handful of religious leaders at the top and a handful of military leaders under them who can do things without getting 10 million people to agree.

      So basically, just like the United States.

    15. Re:The really scary thing by shiftless · · Score: 1

      You may not be aware, but they hate us (non-muslims, Westerners). I don't necessarily blame them - I've seen photos of the Middle East. It looks like it sucks balls over there. If I lived there, I'd be pissed off all of the time too.

      I thought all the dumb asses quit spouting the "they hate us for our freedoms" bullshit years ago. Now it's "they hate us for our trees and water"?

      What a fucking moron.

      Maybe you should look at MORE pictures of the "Middle East" some time. It's not just one big desert. There is a shitload of spots over there that are wonderful places to live.

      Again:

      What a fucking moron.

  10. The funny thing is by mwfischer · · Score: 1

    They keep plugging these systems into the internet.

    1. Re:The funny thing is by sound+vision · · Score: 1

      Although it's possible their nuclear centrifuges weren't physically airgapped from the internet, Stuxnet was also designed to spread via removable media. There was an article in the Weekly Standard a couple years ago that presented a theory I find more likely, which is that infected USB flash sticks were planted in/around Iran, and one of those (or a drive that had subsequently become infected) made its way to the nuclear facility and was plugged into a machine there.

  11. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  12. Kaspersky by FlynnMP3 · · Score: 3, Interesting

    Isn't anybody else besides Kaspersky discovering these things? On the one hand, it is in their best interest to find out as much as they can about this new kind of virus. On the other hand, I get a bit nervous when there appears to be only 1 source for information.

    1. Re:Kaspersky by Anonymous Coward · · Score: 1

      I would imagine that it was to do with the fact that Kaspersky is a Russian company. If you were a country with a malware infestation that wasn't on friendly terms with the US you probably would not want to bring an American company in to look at the problems you're having.

    2. Re:Kaspersky by Anonymous Coward · · Score: 0

      Kaspersky came public with it first. They were directly contacted by the Iranian oil ministry when a computer mysteriously erased critical files.

      Symantec and other companies have all released interim analysis's of it.

    3. Re:Kaspersky by Anonymous Coward · · Score: 0

      I'm sure the NSA knows, why don't you ask them?

    4. Re:Kaspersky by Anonymous Coward · · Score: 1

      Soon after 9/11 I remember some thread on a virus by the FBI based on code from a rogue virus (I forgot the name but may be Magic or Lantis or something like that). At that time several major companies like Norton and McAfee were asked to ignore it.

      They may have received similar requests regarding the latest viruses. Think of how many alternative methods are still unused or unactivated. It would be unusual for the people behind Flame to disable it without having several back-up plans.

      In the coming years our desktops will be less and less secure because of such practices. Bad guys and malaware writers can code too...

    5. Re:Kaspersky by Alarash · · Score: 1

      What I'm wondering about is: if one of the component of Flame was a known variant of Stuxnet, why didn't the Kaspersky AV engine, or anybody else's that sell AV or IPS to the affected countries, detect it?

    6. Re:Kaspersky by Mia'cova · · Score: 2

      It was hiding in plain sight. It was signed with valid certificates which essentially white listed it.

    7. Re:Kaspersky by Jazari · · Score: 1

      (I forgot the name but may be Magic or Lantis or something like that).

      You're talking about http://en.wikipedia.org/wiki/Magic_Lantern_(software)

    8. Re:Kaspersky by Alarash · · Score: 1

      So even a known signature, as long as it's digitally signed, will not be blocked? Interesting.

    9. Re:Kaspersky by Magada · · Score: 1

      One component of one early variant of Stuxnet is also a component of a variant of Flame.

      There is no time for people to analyze all the malware anymore. Instead, there are automated detection and signing routines.

      When you read about the earliest variants of Stuxnet dating from 2008, that is not the time at which they were written, it is the time when a virus signature was added to a database by someone's detection engines.

      So, a particular file was tagged at that time as "virus". No one looked further into it. Whenever something dropped that particular file, the new something was also tagged as "virus" and promptly ignored, because they were rarely seen in the wild. In this manner, a number of components of Stuxnet (and then, Flame) WERE being detected, but no-one connected the dots, as it were, until now.

      --
      Something bad is coming when people are suddenly anxious to tell the truth.
  13. Doesn't work though by aaaaaaargh! · · Score: 1

    As noble as the underlying motives might be, I simply find it hard to believe that bullying souvereign nation states or their governments can have positive net effects in the long turn.

    1. Re:Doesn't work though by Anonymous Coward · · Score: 0

      In that case the US should stop doing that and use their money more effectively.

  14. You scapegoating is out of date by publiclurker · · Score: 0

    teabaggers stopped the "but, but, but Clinton" blather as soon as they figured out that they could blame a minority for all of their troubles. I take it you haven't been watching your daily indoctrination from Fox.

    1. Re:You scapegoating is out of date by Nidi62 · · Score: 1

      Nice try, but I have never watched Fox News

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
  15. Coincidence? by Anonymous Coward · · Score: 2, Funny

    A primary focus for Bill Gates in years just prior to his retirement: Windows vulnerabilities. Bill Gates retired from Microsoft in June 2008 at the ripe old age of 52. Stuxnet and Flame were released shortly afterward. What did he know and when did he know it?

  16. less credible every time they speak... by Anonymous Coward · · Score: 0

    The connection between Duqu and Stuxnet is still dubious for the same reason as this one: code re-use does not mean common authorship. Kaspersky is completely out on a limb (still) with the last Duqu-Stuxnet connection, and this one is total conjecture.

    Vague connection from the use of the similar tools for similar kinds of attack? Yeah.
    Common code? Some.
    Common aims? No.
    Common targets? No, only a possible regional commonality.
    Common skills in development? No.
    Common timelines? No.
    Same developers? Hardly.
    Same operators? Are you high?

  17. well, DUH! by Thud457 · · Score: 1

    This is what we're paying the CIA for.
    If the possibility existed and they didn't take advantage of it, then they'd wouldn't be doing their duty.
    I take this as a rare sign that our guys are actually taking care of what needs to be done regardless of whatever manufactured distraction the politicians blather on about.

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  18. Killing it with fire! by modi123 · · Score: 1

    Man... how awesome was this picture for the meme world? He's going all "Prometheus" on that side of a dock!

    Thank you to the news staffers who decided to insert that image!

  19. intelligment design: by Thud457 · · Score: 1

    You don't believe that Jayzus caused Stuxnet to spontaneously generate in the bowels of the intarwebs because Jehova 1 didn't want Iran nuking his chosen people?

    You probably also don't believe that the matrix has become sentient and is using stuxnet to communicate with the space aliens.

    What a sad, gray world you inhabit.

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  20. gravity's sundae by Thud457 · · Score: 1

    I simply find it hard to believe that bullying souvereign nation states or their governments can have positive net effects in the long turn.

    But

    Bananas are an excellent source of vitamin B6, soluble fiber, and contain moderate amounts of vitamin C, manganese and potassium.

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff