Slashdot Mirror
Iran and North Korea Team Up To Fight State-Sponsored Malware
An anonymous reader writes, quoting the article: "At the start of this month, news broke that Iran and North Korea have strengthened their ties, specifically by signing a number of cooperation agreements on science and technology. The two states signed the pact on Saturday, declaring that it represented a united front against Western powers. Ayatollah Ali Khamenei, Iran's Supreme Leader, told Kim Yong Nam, North Korea's ceremonial head of state, the two countries have common enemies and aligned goals. On Monday, security firm F-Secure weighed in on the discussion. The company believes Iran and North Korea may be interested in collaborating against government-sponsored malware attacks such as Duqu, Flame, and Stuxnet."
I'm guessing that was an unintended consequence of those malware programs. Unless there's an advantage I don't see with Iran and North Korea strengthening ties.
You think 1930s Germany and Italy working together was bad. This totally freaks me out.
Considering all the trade and economical sanction, and the collapsed economy, where does North Korea get its computers from? People in that country are starving, and they cannot afford computers. That reduces the talent pool for the malware defence team. Also I don't think communism ethos is compatible with hacker culture, so the people who get to use computers are as thick as wooden planks...
the enemy of my enemy is my friend who has a BSOD just like mine
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Out of curiosity: which Nazi innovations am I using right now?
I'm pretty sure they made up the word "Nazi", which you just used.
Sheesh, evil *and* a jerk. -- Jade
Oh, to be a fly on the wall when those two get together one weekend to install FreeBSD for the first time.
but this does not mean that enemies are just made up hoaxes
the venom from north korea and iran is real. just ask a japanese, or a syrian
this is where you lecture me on how these are peace loving harmless countries that have been turned into monsters, just to slake a thirst to spend money by an industrial complex in the usa
you know, there are actually real breathing human beings in north korea and iran who think and have their own ideas, completely of their own will and independent volition. some of their ideas come from concepts they dearly believe that are older than the united states' existence. not just cardboard cut out reflections of some western propaganda from decades ago from a dead cold war era. maybe you should conceptionalize the fantasty that there exists real people outside the usa with their own agenda that did not start in washington dc
some of them have agendas that carry some malice for peace on this earth, not just malice for the economies of the west. what they believe and think is their own original creation, and may require defeat on a battlefield
i say that not because i love drinking oil from the skulls of dead children, or whatever nonsense you believe about someone like myself who would say such a thing, but because i understand, unlike you, that menace does not only flow from one place in the world, and the usa is not the only country with a military industrial complex
in fact, if you want to see the most complete representation of the idea of a military industrial complex controlling a country in all avenues of power, try pyongyang. tehran, not so much, but the revolutionary guard there is trying its best to defang the mullahs and be more of a direct military industrial complex dominating a country, just like pyongyang
so if you oppose the idea of the military industrial complex, you oppose north korea. unless your supposed principles are not so much real principles, just a thin veneer for the same old tired tribalism of hating a country or nationality such as the usa just out of the same old tired empty chest thumping avarice you believe you are above somehow?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
And if it weren't for trying to break Nazi crypto, the Allies probably wouldn't have invented computers as we know them.
he didn't they and they didn't because someone, somewhere, opposed them. their visions were not fulfilled because they were not in an environment of no effective opposition, like, say 1930s economically devastated germany
so: do you think the cliques in power in tehran and north korea should be opposed? if not, why not?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
It's all pretty funny really. They have malware because they're heavy uses of American Software. ie They NEED their hated enemy to make their software.
Don't forget about grammar.
Anytime you done wrote a complete sentence with proper grammar means the grammar Nazis have won.
I could see an ironic twist to all of this. Iran and North Korea could end up pooling all of their resources and make really cutting-edge antivirus and antimalware software. We've seen other countries put government money behind a problem (ie. Japan funded research to make better car factories) and solve it in this way. And when Iran and North Korea make this wonderful new software the rest of the world might just line up to to buy it. Who knows what else they will innovate. We could be creating a monster here!
Yes, AC, of course... I know I shouldn't, but just a wee snack. As an American, I'm not very proud of the stupid things my government has done, for... oh, let's say the last 12 years or so. I voted against all of it, as did most of my friends, but its my country and I feel responsible when it screws up, even when it did it against my wishes or blessing (I'm guessing parents must feel this way about wayward children.)
That doesn't make America a bad place or Americans evil (well not all of us :-) There is plenty of dirty rotten to go around and some of the dirtiest and most rotten is coming from large monied interests in Western and Central Europe. The Saudis have been exporting the worst kind of Islamic poison for decades now. China has always been one of the top manufacturers of the most viscous weapons for international sale including mines designed to look like toys that children bring home and then explode killing the entire family. Like I said, there's plenty of rotten to go around. Fact is, wherever you find money grubbing, greedy, grind babies up for a buck scumbags, you find the kind of nasty I'm talking about, and sadly this in not a conversation limited by geography. There is sadly an abundance of human toxic waste on this planet and my guess is that I could find a couple examples of such talking with the same accent speak with, so hate America all you want, just remember, that we haven't got anything resembling a corner on the market of evil fscks.
Yeah, if you're doing anything that involves a satellite, there's some Nazi tech. Your country is holding back the dogs of war with nukes that contain Nazi tech. If you ever did anything that involved hypothermia, you have Dr. Mengele to thank, of course he got that very useful information by freezing hundred of Jews to death, which while useful makes it one of the hardest won pieces of medical information ever collected and forever Mengele a scumbag of monumental proportions.
In fact the Nazis were brilliant engineers and there are literally thousands of improvements in motors, cars, trains, heavy machinery, factories and engineering and applied sciences that are a permanent part of everything we do. That doesn't mean they weren't barbaric. It does mean that they produced some amazing technology in the headlong race to self destruction. Hmmmm, sound at all familiar?
What are they possibly going to do? They are outgunned in every respect - technologically, economically, and militarily by everyone who won't put up with their shit. Pre-WWII Germany had built itself back up to a manufacturing and academic (well, before they chased out the jewish PhDs) powerhouse. Meanwhile we've got the Mullahs afraid that people might actually learn things while at university and a North Korean populace that is reduced to eating grass every 10 years or so. Comparing Iran and North Korea to pre-war Nazi Germany doesn't even pass the belly laugh test.
Did you even see the ludicrous North Korean attempt at a supposed satellite launch? What about the photoshopped missile launch test from Iran?
Compare and contrast to the years between WWII and Yeltsin shelling Parliament when I would see maps in the Providence Journal of what would happen if a nuclear warhead detonated over Quonset Point Naval Air Station - an actual, credible, threat. That's what gets me about this "war on terrorism" and "axis of evil" bullshit which chews up trillions of dollars and ruins soldiers' lives for few actual results over imaginary threats to the US. We're supposed to soil our underwear over some technologically backwards regimes who don't even have actual long-range missiles and their medium range missiles leave much to be desired?
You want cyberwar? How about "accidentally" "dragging an anchor" over an undersea cable in the Persian Gulf or off the coast of North Korea? Because that's what our response is going to be if Iran and North Korea become offensive with malware botnets and they can do fuck-all about it. It's not like it hasn't happened before.
Threat? Please.
What fucking threat?
The people playing up this "threat" of Iran and North Korea are a bunch of pants-wetters and chickenhawks with only one thing in mind - making money off the unjustified fear and advancing the ideologies of PNAC and FPI banging the drums for boots-on-the-ground war with Iran and probably NK. Dan Senor isn't exactly a "potted plant" to take a term from Ollie North's lawyer.
Oh yeah, and guess who Dan Senor works for?
--
BMO
the venom from north korea and iran is real. just ask a japanese ....
Say what??
Ask Japanese about the Koreans?
For Your Information, it was the Japanese who invaded Korea multiple times throughout history
Not the other way around
Muchas Gracias, Señor Edward Snowden !
They should buy out McAfee. Everyone already hates McAfee so it'd be a perfect fit. By the way, nobody in human history has teamed up to stop malware in any form ever. They'd have to fire all their human employees and get rid of all their computers, lol.
While I'm all for throwing a monkey wrench in Iran's nuclear program, having used techniques like this legitimizes and raises awareness of them to an extent, and I would suggest that the US may be far more vulnerable to such techniques in the long run. I do wonder if it was a good idea....
Hello,
It is interesting in reading the article and comments here on Slashdot that no one has talked about the effect cooperation between Iran and North Korea would have on either accelerating the pace of malicious software deployed against these nation-states, or even worse, the use of other means to combat their nuclear ambitions.
The Stuxnet worm was designed to target a single specific network. Yes, it spread in other ways, but the payload it deployed would was engineered so that it would only work on the Natanz nuclear facility's network. That is an insane level of precision and it clearly shows the huge investment made by the attacker(s) to ensure that this "cyberweapon" could only be triggered by the correct environmental conditions. It costs money to develop the targeting, payload and telemetry systems to support that, and the attacker(s) are only going to make that type of investment in what has to have been a highly-speculative "cyberweapon" if they believe they are going to get some value out of it.
The value in malicious software like this (as well as in commercial spyware offerings, like FinFisher) is in their ability to perform without being detected by anti-malware software. As soon as that happens, the malicious software no longer has any value. The attacker may attempt to update their malicious software for a few generations, but once they are on the radar of anti-malware companies, samples of the new variants will make their way to the researchers at the anti-malware companies, possibly with metadata or telemetry that allows the point of origin to be identified. Which is not so good for plausible deniability. It is also possible that the countermeasures introduced to foil detection by anti-malware programs will introduce unforeseen errors into the malicious program, simply because it was not as fully tested as the original attack.
If one is to believe that the Stuxnet worm was jointly-created by the United States and Israeli to (1) degrade Iran's nuclear ambitions; and (2) as a means of delaying an attack by Israel on Iran than one has to wonder about what sort of options are to be considered if malicious software is no longer an option.
From the defender's point of view, Iran's response to the Flame malware was probably the most effective thing they could do to combat it: The Iranian CERT blasted out copies of it to anti-malware companies around the world, ensuring that detection would be added in a matter of hours. Anti-malware companies add detection of malicious software sent to them; that's what they do, after all.
The idea that an anti-malware company would not add detection for a threat because it may have been created by or used by a governmentâ"or they were told not to by their governmentâ"does not hold water. While anti-malware software may be thought of as an American or Western European creation, there are plenty of anti-malware companies in South America, the Middle East, Asia, Eastern Europe and other parts of the globe, and any anti-malware company that did not add detection for such a threat would be subject to speculation and scrutiny about why. It would be a tacit admission by the country the anti-malware company operated in that their government was responsible for the malware.
Maintaining plausible deniability means not blocking or otherwise interfering with the detection of malware by anti-malware companies, and when they respond to a threat in hours that may have taken weeks, months or even years to develop, well, you start looking for other ways to get more bang for your buck. My fear is the emphasis will be on the bang.
Regards,
Aryeh Goretsky
Dexter is a good dog.
Others have already made good points here.
Satellites and space stuff? Launch systems as we know them are largely the work of von Braun's team. Nazi tech!
Computers? The Z3 was not a particularly elegant machine, but it was the first programmable Turing-complete computer. Back in 1941. A good thing for the war that the Nazi leadership denied funding to upgrade the machine.
How about jet aircraft? The He 178 was the first one to fly. Designed by whom? Oh yeah, Nazis.
The StG 44 assault rifle made by the same damn Nazis was a new designed that influenced both the AK47 and M16. Speaking of weapons, the first military night vision device? Yep, also used by the Nazis and developed in Germany. Or how about their engineers making the first proper radar?
Things aren't as simple as saying the Nazis were horrible and lost the war, thus they provided no useful legacy. They had brilliant engineers and more than a few modern technologies contain innovations developed by Germany during that time. And that's not even considering the innovations that were later developed in the USA but by scientists brought over in Operation Paperclip.