Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Stuxnet Authors Made Key Errors

CmdrTaco posted more than 3 years ago | from the sorry-about-that dept.

Security 228

Trailrunner7 writes "There is a growing sentiment among security researchers that the programmers behind the Stuxnet attack may not have been the super-elite cadre of developers that they've been mythologized to be in the media. In fact, some experts say that Stuxnet could well have been far more effective and difficult to detect had the attackers not made a few elementary mistakes."

cancel ×

228 comments

Sorry! There are no comments related to the filter you selected.

Mundane detail (4, Funny)

vivin (671928) | more than 3 years ago | (#34922084)

Ok! Ok! I must have, I must have put a decimal point in the wrong place or something. Shit. I always do that. I always mess up some mundane detail.

Re:Mundane detail (0)

bhcompy (1877290) | more than 3 years ago | (#34922182)

I believe you have my damaged steam turbine

Re:Mundane detail (0)

JSG (82708) | more than 3 years ago | (#34922248)

Hilarious - perhaps you designed the Tacoma Narrows bridge.

Your comment clearly explains why I call myself a consultant and not an Engineer.

Cheers
Jon

Re:Mundane detail (4, Informative)

chinakow (83588) | more than 3 years ago | (#34922264)

This is not some mundane detail Michael!

Re:Mundane detail (-1)

Anonymous Coward | more than 3 years ago | (#34922808)

Hey, quit getting pissed at me. Alright? This was all your idea, bleephole!

Re:Mundane detail (0)

Anonymous Coward | more than 3 years ago | (#34923512)

federal pound-me-in-the-ass prison, here we come

I hate key errors (1)

IBitOBear (410965) | more than 3 years ago | (#34922606)

Especially when that causes the key to get stuck in the lock, or even break off... I only go to good key cutters if I want keys made without errors.

true (0)

Anonymous Coward | more than 3 years ago | (#34922092)

Like breaking the law to get something done that should have been attempted by diplomacy..

Re:true (1)

Anonymous Coward | more than 3 years ago | (#34922268)

Like breaking the law to get something done that should have been attempted by diplomacy.

Diplomacy was attempted. It failed. Repeatedly. For many years (decades ?).

Re:true (4, Insightful)

zach_the_lizard (1317619) | more than 3 years ago | (#34922530)

It might have something to do with assassinating the former democratic leader of Iran and installing an autocrat in his place, in addition to American belligerence in the area. See Mohammad Mosaddegh and the wars in Iraq and Afghanistan. If I were the Iranians, I would want nuclear weapons, too.

Re:true (2)

History's Coming To (1059484) | more than 3 years ago | (#34922686)

Suggesting it "failed" suggests that there is only one possible outcome, and it's the one you want. And that's not diplomacy.

Re:true (0)

Dishevel (1105119) | more than 3 years ago | (#34922754)

Then Iran can have Nuclear Weapons. The only thing I ask is that they can only be aimed at you.

Re:true (1)

Sulphur (1548251) | more than 3 years ago | (#34923406)

Then Iran can have Nuclear Weapons. The only thing I ask is that they can only be aimed at you.

Ask not what Iran can do for you, but what you can do for Iran.

Re:true (1)

0100010001010011 (652467) | more than 3 years ago | (#34923332)

Decades? Decades ago Iran was on our side. We were selling them weapons and intel. We installed a leader for them. There was no need for a 'diplomacy' decades ago.

Does anyone here think they could do all of that? (2, Insightful)

PatPending (953482) | more than 3 years ago | (#34922094)

"There are a lot of skills needed to write Stuxnet," he said. "Whoever did this needed to know WinCC programming, Step 7, they needed platform process knowledge, the ability to reverse engineer a number of file formats, kernel rootkit development and exploit development. That's a broad set of skills. Does anyone here think they could do all of that?"

May I have a show of /. hands, please?

Re:Does anyone here think they could do all of tha (0)

Anonymous Coward | more than 3 years ago | (#34922106)

No. But "we" can certainly /. a site (as is already the case here).

Re:Does anyone here think they could do all of tha (5, Insightful)

nonguru (1777998) | more than 3 years ago | (#34922388)

The comments within the article were more informative than the article itself. A number of commentators pointed out the context in which the Stuxnet developers were working and presumed tradeoffs in complexity behind covering their tracks versus achieving their objective. (Which by most accounts appears to have been successful at covering their tracks long enough to permanently damage the uranium centrifuges. Sounds like a solid achievement to me and not whatif conjecture on how good it could have been.) As usual the self-appointed /. experts assume that their "hive" hindsight knowledge could conquer the day. More likely you'd just flame one another over irrelevant technical details, and boast whose toolkit was bigger and more colourful.

Just point to the root.org paper (5, Informative)

Spyware23 (1260322) | more than 3 years ago | (#34922144)

This is the article worth pointing to on the subject: http://rdist.root.org/2011/01/17/stuxnet-is-embarrassing-not-amazing/ [root.org] , not the bullshit linkbait threatpost.com(MERCIAL) "article".

Re:Just point to the root.org paper (1)

Spyware23 (1260322) | more than 3 years ago | (#34922166)

This shouldn't have been a reply. My bad.

Re:Just point to the root.org paper (2)

countertrolling (1585477) | more than 3 years ago | (#34922950)

The aggregators are programmed to ignore articles that don't have a facebook, iphone or twitter icon.

Re:Does anyone here think they could do all of tha (1)

Monkeedude1212 (1560403) | more than 3 years ago | (#34922278)

I'll raise my hand but only slightly over my shoulder as I don't know EXACTLY what they mean by platform process knowledge, that seems too generic.

But just about everything else I've either gotten experience with or touched base somewhere.

Re:Does anyone here think they could do all of tha (2)

digitig (1056110) | more than 3 years ago | (#34922854)

And they probably skipped beta testing too. Oh, look, those same /. hands are still up...

Criticism is easy (4, Insightful)

mewsenews (251487) | more than 3 years ago | (#34922110)

It's pretty safe to assume at this point that Stuxnet was developed as an Israel/USA military collaboration. Spokespeople from both countries smirk before saying "no comment" when asked about it. That being said, hackers have huge egos. The types of hackers that present at security conferences even more so. It's tremendously easy for them to pick apart the worm several months after it was discovered and say "oh ho ho, it doesn't encrypt it's command and control communications!!" like they're smarter than the people that built it.

Re:Criticism is easy (4, Interesting)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#34922350)

Easy; but not always invalid. Encrypted command and control communications have been standard in the better purely monetary botnets for at least a few years now.

Everything is easier from the peanut gallery; but the notion that you have to be at least as good at your game as is a public-ally known strain of criminal in order to be considered for "super-spy" status seems like a very fair rule of thumb.

Re:Criticism is easy (4, Interesting)

peragrin (659227) | more than 3 years ago | (#34922498)

Smirking isn't a sign of guilt, but merely enjoying the outcome anyways.

Besides Russia has as much to lose. Think how many billions Russia loses if iran can make it's own fuel for the reactors Russia helped to build?

Re:Criticism is easy (4, Insightful)

timeOday (582209) | more than 3 years ago | (#34922572)

What I fail to see in the article is how the virus would have been any more effective had they used the entire bag of tricks. You use what you must, and save the rest for next time.

Fascinating... (4, Interesting)

RsG (809189) | more than 3 years ago | (#34922118)

For those who don't RTFAs, this one has something interesting, not mentioned in the summary. The analyst thought the worm might have started as something else and been re-purposed for sabotage. There might be two separate coder groups, one who made the original program and one who made it into a weapon. The latter group was apparently less skilled, though still would have needed a considerable breadth of knowledge.

Makes me wonder if the perpetrator might not be one of Iran's less advanced neighbours, instead of the US or Israel. After all, there are plenty of Middle Eastern nations who are worried about Iranian power and expansion. And there's two obvious suspects that would be blamed when it came to light.

Of course, it could also be that either American or Israeli coders were rushed, understaffed, over-compartmentalized or otherwise had the quality of their work reduced.

Re:Fascinating... (1, Funny)

Anonymous Coward | more than 3 years ago | (#34922332)

... or just sucked.

Re:Fascinating... (0)

Anonymous Coward | more than 3 years ago | (#34922378)

my guess would be that a good group developed it with the intend to damage iran, iran got further with their nuclear program then expected and deadline went forward a bit.

lets say you have to get the worm on the network, you may or may not need a person on the inside, maybe there was only one chance to get this in, during the delivery of part X, which had to be delivered earlier then expected.

i still am more inclined to believe it is government work, no idea which government, but USA/israel do not seem to be the nice guys in this case, they probably at the very least knew about it.

Why US and Israel ? (1)

Anonymous Coward | more than 3 years ago | (#34922384)

... Makes me wonder if the perpetrator might not be one of Iran's less advanced neighbours, instead of the US or Israel ...

I've always thought that it was politically expedient and sloppy to assume that the US or Israel was behind it. The equipment is not coming from either of these countries, neither are the technicians who have had onsite access. It is silly to assume that because some Europeans, the Russians and the Chinese are friendly to Iran that they are also OK with Iran obtaining nuclear weapons. Major powers want client-like states, not regional competitors. All major powers know that Iran is unstable and the makeup of its government in ten years is basically unknown. No one wants the current or some future Iranian government to be nuclear armed.

Re:Fascinating... (1)

antifoidulus (807088) | more than 3 years ago | (#34922410)

It could very well have even been a group inside Iran. The recent elections have shown that there are a large group of people opposed to the current regime, most of them youth. Ahmadinejad's main claim to power is that he is protecting Iran from a US invasion(which yet another reason why W's war to avenge daddy was a huge mistake), if he can be shown to be inept at protecting Iran's military interests then he can conceivably be thrown out.

Re:Fascinating... (1)

cowboy76Spain (815442) | more than 3 years ago | (#34923196)

Probably a critical group from inside Iran won't have the knowledge of how to operate the centrifugues, let alone doing it stealthy and through commands in a virus...

Whoever did this had first hand access to Siemens inner secrets

Also, even in "moderate" groups, I don't think there are many who hate an Iranian A-Bomb. Probably many would be willing to not get it in exchange for better relations/foreign support/avoiding the expenses, but I don't think it is the biggest concern about their government.

Re:Fascinating... (1)

antifoidulus (807088) | more than 3 years ago | (#34923338)

All you would need is one rogue engineer, not all that improbable.

Also, even in "moderate" groups, I don't think there are many who hate an Iranian A-Bomb. Probably many would be willing to not get it in exchange for better relations/foreign support/avoiding the expenses, but I don't think it is the biggest concern about their government.

Thats the brilliance of it, they may be trying to publicly humiliate the regime. They want to show the people that the regime is so incompetent it cannot possibly be trusted with building the bomb.

Obvious really (1)

Alimony Pakhdan (1855364) | more than 3 years ago | (#34922424)

Those who have been so quick to blame the US or Israeli governments based on what really amounted to non-evidence probably wont be convinced by this though. It is so much easier to put on a tin foil hat and rave about Three Letter Agencies or Zionist Occupation Government conspiracies (which IMO is what the NYT did as well).

Re:Obvious really (4, Insightful)

zach_the_lizard (1317619) | more than 3 years ago | (#34922620)

Right, because all of those who think the US or Israel was behind it have to be raving lunatic conspiracy theorists and anti-Semites. Whether they did it or not, the US and Israel certainly have the motive, and the Israelis have been speaking openly about military action. It is not merely the NYT who suspects the Israelis and Americans; officials from both countries have had smirks when asked about Stuxnet, which has fueled speculation. I'm undecided, but one doesn't have to be mad to list the US and Israel as possible suspects.

Re:Obvious really (1)

Haedrian (1676506) | more than 3 years ago | (#34922766)

Can't really say though. Its a good way of ensuring that people might fear you.

Like Israel's nukes. The leaders don't want to claim whether they have or haven't gotten nukes, so everyone just assumes they do. They don't actually need them anymore.

Re:Obvious really (2)

Alimony Pakhdan (1855364) | more than 3 years ago | (#34923516)

Plenty of state actors and state connected actors have an interest and or motive here. Other journalists have pointed this out with better supporting research. To default to the US & Israel as prime suspects is essentially swallowing Ahmadinejad's whargarbl hook, line and sinker.

Re:Obvious really (1)

darkpixel2k (623900) | more than 3 years ago | (#34923574)

officials from both countries have had smirks when asked about Stuxnet, which has fueled speculation.

I'm not saying it was or wasn't--but that statement is hardly logical. Are you telling me the droids talking to the press were actually in on the action and therefore smirking? Most places use public information officers who are low-level droids programmed to say 'No comment'. If you did something bad, you definitely don't tell your PIO "Yeah--I totally fscked up" and then follow it up with "There are the cameras, go lie.". You give your PIO the 'official' story and point them towards the cameras.

updating (0)

Anonymous Coward | more than 3 years ago | (#34922448)

I think it was an automatic update - rollout program that really really sucked.

Re:Fascinating... (1)

Plugh (27537) | more than 3 years ago | (#34922580)

Two words: Government Job

Re:Fascinating... (1)

phantomcircuit (938963) | more than 3 years ago | (#34922706)

The analysis is retarded. The worm didn't use sophisticated protection mechanisms because those significantly increase the likelihood the the payload wont ever get executed.

Obviously in a situation like this trying to add obfuscation is entirely useless, either the payload is executed and the damage done or it's not.

Re:Fascinating... (0)

Anonymous Coward | more than 3 years ago | (#34923404)

or they did this for plausible deniability

Mundane details screwed up? (2)

SuperKendall (25149) | more than 3 years ago | (#34922132)

Screwed up details that reveal it could have been built better?

Well that proves a government was behind it!

If the NY Times had just revealed it was Chinese.. (3, Insightful)

matty619 (630957) | more than 3 years ago | (#34922152)

I'm guessing had it come out that it was of Chinese origin, we'd be inundated with articles about how the Chinese are so much smarter than everyone else because the code is just so darned perfect, only the scary Red Chinese could have pulled it off....and America's days are numbered....duck and cover.

But when it's the US/Israel? Meh...it's not that good.

Re: Remember where you are... (2)

Isaac Remuant (1891806) | more than 3 years ago | (#34922578)

Every news story in /. seems to conclude something wasn't really that good. Or at least, their users do.

'Amateur' mistakes? (1)

lostmongoose (1094523) | more than 3 years ago | (#34922178)

Seems to me, CIA/Mossad devs (if it is in fact one or both of them involved) could have purposely have done it this way to throw anyone trying to figure out who did it, off the trail. These researchers are proving that to be an effective method of dealing with possible tracking.

Re:'Amateur' mistakes? (1, Troll)

vbraga (228124) | more than 3 years ago | (#34922368)

Or it could be just the Flying Spaghetti Monster doing it for the lulz?

Re:'Amateur' mistakes? (1)

monkyyy (1901940) | more than 3 years ago | (#34922656)

but then again no one who be condoning stopping a war(nuke airnt fun) w/o killing; why risk the chance someone else will have the tools to kill millions

Re:'Amateur' mistakes? (1)

reilwin (1303589) | more than 3 years ago | (#34922840)

What says they don't have something else, much better hidden, while Stuxnet gets all the attention?
Maybe Stuxnet was meant to be discovered and cover the trail of another attack.

Doesn't that prove the US government is behind it? (-1, Troll)

erroneus (253617) | more than 3 years ago | (#34922196)

Israelis aren't reputed to make mistakes like these, but US government contractors are. You just have to love the government and its contractors. Hire a contractor and take the praise for making it happen or fire them to "fix the problem" when things don't work out.

Yeah, sure... (4, Interesting)

RichiH (749257) | more than 3 years ago | (#34922200)

1) From what I read, and I read a lot on that topic, Stuxnet is pretty damn awesome. The exploits alone are estimated to have been worth a seven to eight figure...
2) Secrecy might not have been a priority.
3) Maybe they wanted to be detected to drive a point home.
4) Mindgame question: What if Russia, China or someone else did it and wanted to frame the USA & Israel?

Re:Yeah, sure... (0)

Anonymous Coward | more than 3 years ago | (#34922234)

If the US had a less hostile foreign policy, the US would have more friends and fewer enemies and (4) wouldn't be so likely.

Re:Yeah, sure... (4, Insightful)

jmorris42 (1458) | more than 3 years ago | (#34922430)

> If the US had a less hostile foreign policy....

Bull. International relations ain't kindergarten. Our opponents have goals that are incompatible with ours, thus we are called opponents. Russia dreams of empire lost. China dreams of empire to come. Iran dreams of dominating the Middle East and restoring the glory of Persia as an atomic power. Meanwhile madmen in North Korea and Venezuela dream their mad dreams of power and glory. We have valid reasons to be working to thwart, slow and otherwise hinder those plans.

So tell me mr enlightened one, which one of those country's plans should we either get out of the way of or encourage. Or more bluntly, which of our allies should we throw under the bus to appease them. All of Eastern Europe? NATO? Taiwan? Israel? South Korea and Japan?

Meanwhile India and Brazil also are taking a larger place on the world's stage and we don't really mind. Hell, if you ask me carrying the 'White Man's Burden' is getting to not be worth it and we could use some other halfway sane players to step up and take an active role putting out diplomatic fires and cleaning up after natural disasters.

Re:Yeah, sure... (1)

tukang (1209392) | more than 3 years ago | (#34922906)

Russia dreams of empire lost. China dreams of empire to come. Iran dreams of dominating the Middle East and restoring the glory of Persia as an atomic power. Meanwhile madmen in North Korea and Venezuela dream their mad dreams of power and glory.

What does the US dream about?

Re:Yeah, sure... (1, Informative)

Anonymous Coward | more than 3 years ago | (#34923010)

Having sex with your mother

Re:Yeah, sure... (1)

Anonymous Coward | more than 3 years ago | (#34923138)

Strategic, economic, and military dominance for the next 100+ years?

Re:Yeah, sure... (-1, Flamebait)

jmorris42 (1458) | more than 3 years ago | (#34923212)

If I had to take a good guess and speak for the consensus opinion it would probably be to keep a lid on the various hotspots so as to avoid having to save the world a third time. And yea there is a strong undercurrent of seeing it as a duty to continue carrying on the 'White Man's Burden' after the Brits stumbled and became unable to do it any more while at the same time worrying that trying to civilize/police the world is what undone them.

Most Americans would really rather to be able to ignore the rest of the world but if we don't step up who will? When all was lost and a dark age of despair was descending on the world Team America would be expected to come in again to save the motherfucking day so we figure it is easier to just keep the next World War from getting going. Yea a bunch of smelly hippies don't like that reality and call us 'imperialists' and such but until they can offer a better plan to keep the world from descending into madness they can just suck on our balls.

The above is why I said I (and believe most Americans) really wouldn't mind seeing a few of the more sane emerging powers step up their participation. It is the countries with conquest, empire and general mayhem on their minds that pose a problem for global stability, not any rising power to challenge the unipolar post cold war world.

Re:Yeah, sure... (1)

artor3 (1344997) | more than 3 years ago | (#34923270)

Russia dreams of empire lost. China dreams of empire to come. What does the US dream about? Empire continuing.

Re:Yeah, sure... (0)

Anonymous Coward | more than 3 years ago | (#34923510)

profit

Re:Yeah, sure... (1)

skirmish666 (1287122) | more than 3 years ago | (#34923608)

Pie.

Re:Yeah, sure... (4, Insightful)

DeadCatX2 (950953) | more than 3 years ago | (#34923144)

You're right, international relations isn't kindergarten. Of course, it doesn't help that the US has a long history of being the school bully.

Iran Contra sound familiar?

Even further back...the Shah of Iran?

The mujahideen of Afghanistan?

Selling Saddam the chemical weapons that we had him hanged for using?

The list goes on, but somehow I doubt that any revelation about the crazy fucked up shit we did to other nations will do anything to change your mind.

Re:Yeah, sure... (-1, Flamebait)

jmorris42 (1458) | more than 3 years ago | (#34923268)

Not at all. Of course we have done a lot of underhanded stuff. Welcome to International Relations in the real world as opposed to your textbook. There are no pure good or pure evil actors or actions. Just nations with conflicting goals, resources and all doing whatever they think is in their long term self interest.

Iran Contra was more an internal squabble in the US. Congress was shorting out the Executive's ability to conduct foreign policy so certain elements resorted to less than lilly white means to fund needed operations. As for the Shah, can you look back with the benefit of hindsight and say the Shah wasn't the right choice for us to have backed? Hello!

And Hell yes it was right, in the context of the Cold War, to back the Afgan rebels against the Russians. It was a major turning point in the Cold War. Do most solutions carry the seeds of another new problem? Yup. But nothing UBL could possibly do compares to the wholesale slaughter that the Cold War going Hot would have caused and giving the Afgans a helping hand helped bring the Cold War to a peaceful resolution.

As for Saddam, no I won't relitigate the depraved fantasies of the Bush Deranged. Hell, you probably still believe Saddam didn't have WMD and Cheney was involved in outting Plame.

Re:Yeah, sure... (1)

Sabriel (134364) | more than 3 years ago | (#34923244)

I suspect the AC meant the USA's foreign policy in general, not just versus their opponents. Since you mention throwing allies under buses, however, I note the US government is not without some history (at least post-WW2) when it comes to propping up tyrannies, toppling democracies, and throwing away opportunities to capitalise (no irony intended) on events that earned them respect and goodwill.

Now it's entirely possible, I suppose, that it did and does these things for good reasons still classified, but in the meantime it looks pretty bad from the admitted comfort of my allied armchair.

Re:Yeah, sure... (1)

AHuxley (892839) | more than 3 years ago | (#34922488)

Russia is more hands on, look at its own dissidents, press, NGO's, regional independence movements.
http://en.wikipedia.org/wiki/Alpha_Group [wikipedia.org]
China floods a country of interest with aid, cash, trade and friendly experts.
It then extracts needed raw materials for cents on the $ and the drops in the gift of clinics, roads, schools, wells, dams ect. Sort of like the US/UK/Russia did with less coup and arms sales.
Who deals with code? GCHQ, NSA, BND, CIA and their friends. From weak mass telco crypto products over decades to news about strange pipeline hardware.

eh, not really (0)

Anonymous Coward | more than 3 years ago | (#34922204)

Huh, in the way the article put it, it seems like it was designed not to look like a weapon but to look like a normal virus. Of course, we saw through that right away

So what were the mistakes...? (4, Interesting)

Jahava (946858) | more than 3 years ago | (#34922250)

Is there a good source for a technically in-depth list of the mistakes, rather than the vague "ignored several known techniques" summary crap the article discusses?

Re:So what were the mistakes...? (1)

mewsenews (251487) | more than 3 years ago | (#34923282)

The headline is Slashdot crap. The linked article and another article provided in these comments have security researchers pointing out ways in which Stuxnet could have been written better. This strokes their own egos and ironically provides free design advice to whoever wrote the thing in the first place when they go to create their next weapon.

Lowest cost bidders? (1)

whoever57 (658626) | more than 3 years ago | (#34922254)

Mistakes, well what do you expect from the lowest cost bidders for this government project?

Open source (3, Funny)

u19925 (613350) | more than 3 years ago | (#34922292)

The Sutxnet should have been developed using open source model. That way more experts would have seen the code and that would have eliminated all these errors. Maybe I should create a project in SourceForge.

you inSensitive clod! (-1)

Anonymous Coward | more than 3 years ago | (#34922300)

members al over start a holy war

conspiracy 101 (5, Interesting)

Anne Honime (828246) | more than 3 years ago | (#34922334)

It may very well be that the lack of proper cloaking was intentional, for at least two reasons : on the one hand, as long as the aim was reached, there was no need to reveal the full scope of expertise put behind it. Better keep still unknown cloaking techniques in case they may come handy in the future. On the second hand, stuxnet is certainly as much a psychological weapon as it is a technological one. What would be the interest to disrupt Iran's nuclear program if nobody knew what happened ? As such, it's a very good deterrent : any would be rogue third world country willing to go nuclear knows "someone" will take offense and knows that this "someone" has the abilities to bring their program down. But at this point, nobody can pinpoint who this "someone" may be with plausible certainty.

Re:conspiracy 101 (4, Insightful)

rm999 (775449) | more than 3 years ago | (#34923166)

Yes, Israel WANTS the world to know what happened, and they want the world to know they were involved. This is why Mossad has been gleefully and publicly showing off that Iran's nuclear weapon development has been pushed back years.

It is odd that a mission that was 100% successful (something even Iran won't deny) is being criticized for not being good enough. Maybe some researchers just wanted their names in the newspaper?

Re:conspiracy 101 (1)

pipedwho (1174327) | more than 3 years ago | (#34923330)

And as such, they now know to protect their networks with an appropriate 'air-gap' where critical infrastructure is concerned.

Re:conspiracy 101 (2)

Anne Honime (828246) | more than 3 years ago | (#34923392)

It wouldn't have saved them, because as far as I understood what I read, stuxnet used usb keys to replicate and target the systems. Air gap was already a well known practice, but it is based on the assumption no one will leak anything inside the protected part. But the (short) history of social engineering shows plentifully that's seldom the case. There are many ways to entice an accredited human being into breaking that kind of security. You can plant an operative, corrupt an operator, deceit a worker into plugging a "found" key, etc.

It's a government IT project (1)

jonbryce (703250) | more than 3 years ago | (#34922344)

It's a government IT project, of course it is going to be botched.

The lack of elementary mistakes? (1, Insightful)

AHuxley (892839) | more than 3 years ago | (#34922364)

Points to things been too good?
The Unabomber manifesto, the use of certain people and devices can point back to/expose groups eg http://en.wikipedia.org/wiki/Gladio_in_Italy [wikipedia.org]
The early use of a 'new' plastic explosive, a DNA sequence http://www.newscientist.com/article/dn2265-anthrax-attack-bug-identical-to-army-strain.html [newscientist.com] can all be tested. Could the code in a more perfect, more pure, quality form (as found in the wild) ever really point back to teaching methods or something geographical?
If its still highly effective on some levels, its fine, anything better could the residue of a state actor start to glow?

As always... (2, Insightful)

Anonymous Coward | more than 3 years ago | (#34922374)

It's much easier to highlight someone else's mistakes than create something that would stand up to the same scrutiny yourself.

Made To Be Discovered (1)

painandgreed (692585) | more than 3 years ago | (#34922380)

...or maybe the creators either didn't care if it was discovered or wanted it to be discovered. If it was Israel, the last time they decided to stop another countries nuclear program, they just flew jets over and bombed it. Not too much subtly in that. It could be that they wanted Iran to eventually find it just so they'd know. Saber rattling does little good if nobody can hear the saber or know who's doing it. Perhaps somebody thought it was more important to let Iran know they were out there and would try and stop the program, than let a long term plan go into effect that would would harm but not actually stop the program.

Re:Made To Be Discovered (1)

ColdWetDog (752185) | more than 3 years ago | (#34922720)

Dr. Strangelove: Of course, the whole point of a Doomsday Machine is lost, if you *keep* it a *secret*! Why didn't you tell the world, EH?

Ambassador de Sadesky: It was to be announced at the Party Congress on Monday. As you know, the Premier loves surprises.

Tradeoffs... (1)

osu-neko (2604) | more than 3 years ago | (#34922432)

Security of any sort is always about tradeoffs -- you can always make things more secure, but is the cost (in dollars or convenience) worth the effort? The same general principle applies to the kind of things that could have been done to Stuxnet that the author of this article talks about. He presents the conclusion that they simply ran out of time, but overlooks the more likely answer: that they decided the extra time wouldn't be worth the extra benefit. Sure, some of those things might have delayed its discovery, but they would have also delayed its initial deployment. Even if there was no hard deadline, it's not clear that the benefit here would be worth the cost.

Time constraints (1)

Nimey (114278) | more than 3 years ago | (#34922452)

Was it more important to have a really amazing virus, or was it more important to get something "good enough" out the door in time?

I think Stuxnet did pretty well at its intended purpose.

Re:Time constraints (1)

monkyyy (1901940) | more than 3 years ago | (#34922744)

id agree it could have taken a full year to do all that, wikipedia wasn't around when everyone else was trying to make nukes
and a year + basic understanding how it works could have gotten them the secret that took all of ww2 to find

Lawson doesn't really get it (1)

Alimony Pakhdan (1855364) | more than 3 years ago | (#34922528)

FTA:

"Rather than being proud of its stealth and targeting, the authors should be embarrassed at their amateur approach to hiding the payload. I really hope it wasn’t written by the USA because I’d like to think our elite cyberweapon developers at least know what Bulgarian teenagers did back in the early 90s," Lawson said. "First, there appears to be no special obfuscation. Sure, there are your standard routines for hiding from AV tools, XOR masking, and installing a rootkit. But Stuxnet does no better at this than any other malware discovered last year. It does not use virtual machine-based obfuscation, novel techniques for anti-debugging, or anything else to make it different from the hundreds of malware samples found every day."

If the goal was to disrupt or disable part of Iran's nuclear program and the goal was achieved, what is the point of being 1337?

Re:Lawson doesn't really get it (1)

monkyyy (1901940) | more than 3 years ago | (#34922804)

for the lawlz? cant think of a better reason to be l33t, but then again is there a better reason to do anything

Somebody has set us up the Stuxnet (1)

syousef (465911) | more than 3 years ago | (#34922776)

What you say?

Wait... (1)

Anonymous Coward | more than 3 years ago | (#34922856)

I thought it was "proven' that the US and Israelis wrote it, only days ago on /.

Re:Wait... (1)

Skidborg (1585365) | more than 3 years ago | (#34922938)

Proof is only as reliable as the people who leak you the information.

Sounds familiar (1)

Anonymous Coward | more than 3 years ago | (#34922860)

Did someone outsource the development to India?

Re:Sounds familiar (1)

PPH (736903) | more than 3 years ago | (#34923432)

Not India.

The clue was the popup that said, "All your centrifuge are belong to us!"

To Summerize (0)

Anonymous Coward | more than 3 years ago | (#34922900)

* found several indications that the code itself is not very well done
* found that the code was fairly low quality.
* There were too many mistakes made.
* There's a lot that went wrong,
* They were all logic flaws

I wish they would have provided us geeks some examples!
I guess we'll just have to take their word on it.

Mechanical engineers (1)

danhaas (891773) | more than 3 years ago | (#34922964)

The last part of the development of Stuxnet was the live test on the centrifuge, probably coordinated by a mechanical engineer. And we, mechanical engineers, usually don't know jack about programming.

Re:Mechanical engineers (1)

Dachannien (617929) | more than 3 years ago | (#34923164)

No kidding. It's a wonder the damn thing wasn't written in Fortran.

Sure, they should have crowdsourced it (0)

Anonymous Coward | more than 3 years ago | (#34923040)

Severe case of WWIC [ftrain.com] .

Actually I think they've done a decent job. Setting back Iran's nuclear weapons program has been the greatest military achievement for years. I just wonder why all these security experts are so eager now to help the antisemites get rid of the bug. Something to put on their CV in case the power balance changes? Oh, wait. That's the Kaspersky blog. No more questions.

Non-western (1)

jason.sweet (1272826) | more than 3 years ago | (#34923104)

This was probably not a western state. There were too many mistakes made.

Does this mean I'm really Chinese?

Of course! (0)

Anonymous Coward | more than 3 years ago | (#34923228)

They forgot to use comments! Obviously, this eliminates more than half of the world's coders.

If You're Not Embarrassed By The First Version .. (0)

Anonymous Coward | more than 3 years ago | (#34923376)

Of Your Product, You’ve Launched Too Late ... Reid Hoffman
 

So ... (1)

PPH (736903) | more than 3 years ago | (#34923388)

... when can we expect the first service pack?

We needed this one to be noticed (1)

stuxey (1979152) | more than 3 years ago | (#34923478)

to distract from the other one.

Well obviously... (1)

Y-Crate (540566) | more than 3 years ago | (#34923636)

They didn't release it under the GPL.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?