Slashdot Mirror
Schneier Calls US Stuxnet Cyberattack a 'Destabilizing and Dangerous' Action
alphadogg writes "Revelations by The New York Times that President Barack Obama in his role as commander in chief ordered the Stuxnet cyberattack against Iran's uranium-enrichment facility two years ago in cahoots with Israel is generating controversy, with Washington in an uproar over national-security leaks. But the important question is whether this covert action of sabotage against Iran, the first known major cyberattack authorized by a U.S. president, is the right course for the country to take. Are secret cyberattacks helping the U.S. solve geopolitical problems or actually making things worse? Bruce Schneier, whose most recent book is 'Liars and Outliers,' argues the U.S. made a mistake with Stuxnet, and he discusses why it's important for the world to tackle cyber-arms control now."
How could contributing to the spread of clever computer-intrusion technologies(both with things like Stuxnet, and with the pernicious habit of doing business with the sort of slimy vulnerability-sellers whose customers want to exploit, not patch, them), possibly be a bad idea for a country whose citizens, businesses, government, and R&D capabilities are overwhelmingly dependent on computerized infrastructure?
That's crazy talk.
I voted for Obama based on two things: I hated how George Bush increased deficits recklessly and I hated how the Republican cavalierly meddled in other country's affairs using military might.
I feel like a fool.
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
Is there really proof that it was the U.S.? I mean besides that awesome author who has 7 sources which want to stay hidden and that "Of course it was the U.S.!" attitude...
The U.S. made a mistake with Iran with that stupid "Axis of Evil" speech. I'm still not sure why that speech isn't recognized as one of the biggest diplomatic blunders in recent history. First of all, lumping Iran and North Korea in with Iraq (who Bush planned to invade) served no good purpose. It was basically an open threat to Iran and North Korea that we were going to invade them next. And, not surprisingly, both responded by ramping up their nuclear weapons programs to a feverish pace (since nukes are basically the only way to ensure that the U.S. can't invade).
Iran was actually getting pretty moderate before that speech, even sending open condolences and holding vigils after 9-11, with fairly moderate leadership. After the speech we get Ahmadinejad and and full-on nuke program. Smart move, George.
What political party do you join when you don't like Bible-thumpers *or* hippies?
How could contributing to the spread of clever computer-intrusion technologies(both with things like Stuxnet, and with the pernicious habit of doing business with the sort of slimy vulnerability-sellers whose customers want to exploit, not patch, them), possibly be a bad idea for a country whose citizens, businesses, government, and R&D capabilities are overwhelmingly dependent on computerized infrastructure?
I have to disagree with you here. To ensure that your businesses and citizens and government and infrastructure are sound, you should always be investigating modes for attacks and publishing them. My logic is that if the United States Government is able to develop this, then so is China's, Russia's, India's, etc so get it out in the open already. In fact, your claim almost seems to advocate security through obscurity. If you want to ensure that people aren't pilfering data without your knowledge, publish your exploits and what you see as "contributing to the spread of clever computer-intrusion technologies" could just as well be seen as "telling SCADA and other makers to pull their heads out of their asses and fix this." Also, your statements can apply to every single country now, even third world countries are largely dependent on networking hardware to function.
... "destabilizing and dangerous" is a definition of what you can expect the repercussions to be.
The reason this is a "destabilizing and dangerous" action was because it was effective -- not because the US Government secretly given hackers a bunch of ways to hack every computer ever made. Also, the US kind of lost the "moral high ground" now when someone hacks their nuclear facilities with the intent of disabling our capabilities. Use an effective cyber attack against a nation state that does not have similar capabilities
My work here is dung.
all countries are doing this, and have been doing this, for years
i never understood this "single out the USA for what everyone does" nonsense
it seems like a defect in one's ability to keep perspective to me
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Bruce Schneier is NOT a diplomat and has fuck all experience in dealing with international affairs. And what sort of Diplomacy are we supposed to use when "Stern Letter Writing", "UN Inspections" and threats fail? Obama showed quite a bit of creativity and tact in performing an elaborate Cyber-Attack that left our best Security Researchers stumped for months and seems to have worked quite well in derailing their bomb making efforts.
Would Schneier prefer we have gone ahead with Israel's agenda and bombed the suspected weapons making facilities and risked killing people -- even civilians? Or is he just the sort of Freedom Loving Pacifist that would have us dawdling around writing more "Sternly Worded Letters" until Iran finally trotted out a bomb and wiped out an entire city full of people?
Smart move, George.
Intentional move, with successful outcome. The POTUS needs an outside enemy so the people will forget to debate internal issues.
Iran was actually getting pretty moderate before that speech, even sending open condolences and holding vigils after 9-11, with fairly moderate leadership. After the speech we get Ahmadinejad and and full-on nuke program. Smart move, George.
You are flat out wrong. The candle light vigils held for 9-11 victims were entirely citizen events and had nothing to do with the government. I have two Iranian citizens as good friends and they are completely different people than Ahmadinejad and, worse, their nutjob supreme leader. Your insinuation that Iran the nation state sent open condolences and held vigils after 9-11 is laughable and erroneous -- some of the leadership did condemn the attacks but that's as far as it went. Hate the nation not the national. Hate the religion not the religious.
Your blame on George is also largely misplaced. They had deals with Russia to improve their nuke program long before him and the leaders have always wanted the ultimate weapon. I know life would be simpler if everything was George W. Bush's fault but, unfortunately for you, we must face reality.
My work here is dung.
There is only one source who says they have "evidence" and keeps pointing the finger at the US and Israel about Stuxnet, Flame, and other Trojans, and that is Kaspersky, which is a Russian AV company. Nobody else out there, be it Panda, Symantec, McAfee, or independent researchers makes these conclusions. It might just be me, but it appears that there might be a political agenda here.
Russia has a lot to gain by making the US appear at fault for these Trojans. There is a battle now for who runs the Net, either the US or the UN. With enough propaganda, it is possible they can wrest control of the Internet from ICANN. Result: You think SOPA/PIPA were bad, now think of some country you never lived in dictating the rules and fees for your website in your own country. Post a snide comment about the rulers in Thailand, in a few hours, your domain and IP have been pulled. Unlike the US which caves into international pressure and is smart enough to not fool around with anti-US sites (Pravda, Al-Jazeera), there is no stopping a UN backed replacement for the ICANN to do whatever it pleases. Unlike the US where the paid for fat-cats will back off when sites like Google shut down, China and Russia don't kowtow to public opinion, and PIPA/SOPA/ACTA and all that other stuff can easily become the de facto world law just because the one ruling body says so.
I wonder if that Nobel Peace Prize burns in his hand yet.
First of all, lumping Iran and North Korea in with Iraq (who Bush planned to invade) served no good purpose.
It makes good theater. Destro, Cobra Commander and Zartan all had different aims and ambitions, but they pretty much just got lumped together as Bad Guys too. The American public dislikes subtlety.
It would be colossally foolish to sign such a treaty.
I can not imagine such a treaty being ratified.
Therefore, baton down the hatches a storm is coming.
The real mistake was getting caught, or was it? The article says "Stuxnet didn't just damage the Natanz nuclear facility; it damaged the U.S.'s credibility as a fair arbiter and force for peace in cyberspace"
Was the US government ever seen as a "fair arbiter and force for peace in cyberspace". Yes, many Americans played that role, but the official government?
Deterrence only works if the other side thinks that you have better weapons and will use them. It's entirely possible that "Getting Caught" was a calculated risk, planned from the beginning. Unofficial channels may have sent the messge, "We were easy on you this time, back off, or next time we take off the gloves." Certainly, after you get caught, that's the way you want to spin it.
All ideas^H^H^H^H^Hprocesses in this post are Patent Pending. (as well as the process of patenting all postings)
The pacific portion of WWII ended because we annihilated two cities - civilians and all - and threatened to to turn the island of Japan into a wasteland. War sucks, and shouldn't need to exist, but it does. Good? Bad? Think of it this way - do you want to be the country that doesn't have nuclear weapons because they're "against the rules," or do you want to have them because - rules or not - people are much less likely to fuck with you if they know you can destroy them?
Is it just my observation, or are there way too many stupid people in the world?
Schneier is a fool, nothing can stop cyber warfare because there is no way of monitoring it. With all other weapons treaties you have some chance of verifying them but all cyber warefare needs is a laptop and a WiFi hotspot. So it is coming and we all know it. Good time to buy shares in secure products and cyber security businesses.
Sometimes I find it astonishing how naive people can be. And if you see a vulnerability in scum like Kim Barking Mad Teapots North Korea or Ahmadinejad's Iran then we should be doing our best to take them out now whilst we still can.
Facts are history now plebs have politics for religion on social media.
The U.S. made a mistake with Iran with that stupid "Axis of Evil" speech. I'm still not sure why that speech isn't recognized as one of the biggest diplomatic blunders in recent history. First of all, lumping Iran and North Korea in with Iraq (who Bush planned to invade) served no good purpose. It was basically an open threat to Iran and North Korea that we were going to invade them next. And, not surprisingly, both responded by ramping up their nuclear weapons programs to a feverish pace (since nukes are basically the only way to ensure that the U.S. can't invade).
Iran was actually getting pretty moderate before that speech, even sending open condolences and holding vigils after 9-11, with fairly moderate leadership. After the speech we get Ahmadinejad and and full-on nuke program. Smart move, George.
Agreed. But instead of being shunned for being the author of one of the most damaging speeches in American foreign policy history he gets a blog, a contributors spot on CNN, and gets to publish seven books.
http://www.thedailybeast.com/davidfrum.html
Schneier goes commando! Every day!
This was just a routine Cloak and Dagger Op. During the Cold War the CIA and KGB did "monkey wrench" ops like this all the time. Most of the time they didn't bother telling the Prez... So he couldn't accidentally apologize!
In the grand scheme from the Prez point of view, this was the right way to go. Americans aren't really willing to start another war, and the intel in Iran's Nuclear program is so sensational and political the truth is long lost. The CIA wants to throw a digital wrench in the works that Iran claims don't exist is better than letting Israel invade their airspace with US made planes again. Iran isn't being honest with neighbors like Syria either, so "outrage" over breaking something they claimed they wernt doing is minimal.
The bigger problem is that the military and other orgs are utterly irresponsible With their "toys". They ended up giving foreign hackers something high-end and new to hack our OWN computers with. This leads to looking for "terrorists" under every beach towel because there is all this irresponsible stuff going on even the President and industry leaders aren't warned is coming.... Because these idiots turned stuff loose and tried to cover it up.
And if you see a vulnerability in scum like Kim Barking Mad Teapots North Korea or Ahmadinejad's Iran then we should be doing our best to take them out now whilst we still can.
Which is exactly the mind set that got us into this position. Neither Iran nor North Korea would be such a big problem for us now if we hadn't sponsored a coup in one, and used the other as a proxy during the Cold War.
The way we deal with them today will set the stage for the next 50-100 years. We can keep fucking with them, or we can work on decreasing tensions.
Give me Classic Slashdot or give me death!
Has the US formally declared war on Iran?
Or as Scotty said, "the more you overengineer the plumbing, the easier it is to stop up the drain."
Free Martian Whores!
I wish I had mod points. A million times this.
The US regularly commits acts that if committed against us would cause a full-scale war. It's unacceptable. If you're in power and you abuse those around you, guess what happens when you start losing power and they gain it?
"With great power comes great responsibility." The US over the past 60 years has demonstrated the responsibility of a small child.
As a young person, I'm just trying to be optomistic the future -- because I really do think this country is fucked.
The US regularly commits acts that if committed against us would cause a full-scale war. It's unacceptable.
It's international politics. It's always been that way and always will be, despite the howling of a few Utopian dreamers. Get over it.
The parent doesn't have a crystal ball, and he's got his head right up his ass about Korea. China was an ally of ours during WWII, and as a way of saying "Thanks for kicking the Japs out of our country" they invaded another Ally of ours, Korea. It didn't have jack shit to do with the cold war. Oh, and just FYI that war never ended, NK still claims the South as their land in rebellion, and is still demanding unconditional surrender. You should go study some world history.
No, not even that. They wouldn't be so intent on nuclear weapons if Bush hadn't named them a part of the "Axis of Evil" that included Saddam Hussein's Iraq at the time. Considering what happened to Iraq (and Afghanistan, but not to Pakistan), pursuing nuclear weapons was their only choice.
"If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
That's assuming tensions can be decreased. That's assuming if we decrease pressure, Iran or North Korea would back down. The problem with your assumptions is it assumes everybody is rational and by the same things. In case you haven't noticed, not everybody is. In Iran's case, religion is a big factor. Mutually assured destruction, to people who regularly strap explosives to their chests, is not a deterrent but rather an incentive. In North Korea's case, you have a teenager in charge who has been brought up his whole life as some sort of Messiah. I would trust Rick Santorum or Sarah Palin with ICBMs before I would trust those two.
That's not entirely the modern problem. We had relations relatively stabilized under Clinton. When Bush II adopted the PNAC world view, severed our relations with NK and Iran, declared his axis of evil, then scaled his foreign policy based on access to nuclear weapons, that basically told every two-bit dictator on the planet that a nuclear arsenal is "U.S. Invasion"-bane. That completely contradicted the message we've been trying to communicate to 3rd world countries for 50 years; nuclear weapons are expensive, hard to secure, dangerous, incite regional arms races, and an irreversible strategic choice.
The new mantra (as perceived around the world) is the US wants nukes and doesn't want you to have them just in case we want to change your leadership. This is all a part of the horrible damage to our image that probably won't ever be righted.
I swear to God...I swear to God! That is NOT how you treat your human!
This wasn't reported in 'The Onion' it was reported in the 'New York Times', which has been a yellow DNC mouthpiece for decades. They are about as reputable as Fox News.
They ran this story to give Obama a boost in the polls. They needed no facts.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
And if you see a vulnerability in scum like Kim Barking Mad Teapots North Korea or Ahmadinejad's Iran then we should be doing our best to take them out now whilst we still can.
Which is exactly the mind set that got us into this position. Neither Iran nor North Korea would be such a big problem for us now if we hadn't sponsored a coup in one, and used the other as a proxy during the Cold War.
The way we deal with them today will set the stage for the next 50-100 years. We can keep fucking with them, or we can work on decreasing tensions.
This is absolutely astonishing. We "used" North Korea as a proxy? Really? Crawl out of your political cocoon for a minute, and look at the facts: North Korea is a pariah because it attempted an invasion of South Korea in 1950, supplied and backed by the Soviet Union and Maoist China. The Norks were a proxy, all right, but a proxy used as a weapon against the West and emerging Asian democracies by Stalin and Mao.You DO know this, right? Or are we going to get a conspiracy theory about it? And ever since, they've periodically attacked the South or US forces stationed there. The regime is infamous for kidnapping South Korean citizens for reasons as varied as the need for political prisoners to Kim Jong Il having the hots for a actress he saw in the South. The Norks are as institutionally brutal, corrupt, and totalitarian as any regime in history, and they got that way all on their own. Every time we try to "decrease tensions" with the North... giving them aid, etc... they abuse it, renege on their agreements, and inevitably attack the South in some manner. Did you forget that they sank a ship of the SK Navy a few years ago, literally because they could get away with it? That they just woke up one day and decided to shell South Korea last year?
You can debate the Iranian situation (though I think an Islamist government was inevitable no matter what policy we followed), but to somehow blame us for North Korea is the very height of what Jeanne Kirkpatrick used to call the "Blame America First" syndrome.
Life is hard, and the world is cruel
Have any of you calling me an idiot ever considered that the real enemy for Obama was Israel and the Congressional War Hawks who have been calling for Military Action against Iran for most the last decade?
By conducting this Cyber-Attack he not only derailed the Iranian Nuclear effort -- but he staved off Israel's promised Military Assault and quieted the voices at the Pentagon and Congress that were all for a Joint Offense with Israel against Iran.
Sometimes the "victory" isn't against the commonly perceived enemy -- but the enemy within. Personally, I applaud Obama for this effort. No blood was shed, no bullets fired or missiles launched and Israel's planned offensive did NOT happen and as such the US did not have to get involved in yet another war in the Mideast.
Sorry I had to spell it out for you -- but of course, the mob here who hopped on me to call me an idiot wer just utter idiots too stupid to see what I was talking about.
Maybe someday some of you will come to understand that just sitting there talking about it and writing letters only GOES SO FAR. At some point, action must be taken. And the action that Obama took was a far better action than Israel and some members of Congress wanted to conduct. Because if Obama hadn't done this, others would have made actions that would have forced the US to use traditional military action.